Updated shell user scripts to be more fault tolerant.

tbrehm

2008-12-16 74ba4e9af03b0c2995039aaf8b4470872d38daeb

Updated shell user scripts to be more fault tolerant.

 server/plugins-available/shelluser_base_plugin.inc.php

@@ -72,23 +72,27 @@
        
        $app->uses('system');
        
        // Get the UID of the parent user
        $uid = intval($app->system->getuid($data['new']['puser']));
        if($uid > $this->min_uid) {
            $command = 'useradd';
            $command .= ' --home '.escapeshellcmd($data['new']['dir']);
            $command .= ' --gid '.escapeshellcmd($data['new']['pgroup']);
            $command .= ' --non-unique ';
            $command .= ' --password '.escapeshellcmd($data['new']['password']);
            $command .= ' --shell '.escapeshellcmd($data['new']['shell']);
            $command .= ' --uid '.escapeshellcmd($uid);
            $command .= ' '.escapeshellcmd($data['new']['username']);
        if($app->system->is_user($data['new']['puser'])) {
            // Get the UID of the parent user
            $uid = intval($app->system->getuid($data['new']['puser']));
            if($uid > $this->min_uid) {
                $command = 'useradd';
                $command .= ' --home '.escapeshellcmd($data['new']['dir']);
                $command .= ' --gid '.escapeshellcmd($data['new']['pgroup']);
                $command .= ' --non-unique ';
                $command .= ' --password '.escapeshellcmd($data['new']['password']);
                $command .= ' --shell '.escapeshellcmd($data['new']['shell']);
                $command .= ' --uid '.escapeshellcmd($uid);
                $command .= ' '.escapeshellcmd($data['new']['username']);
            
            exec($command);
            $app->log("Added shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG);
                exec($command);
                $app->log("Added shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG);
            
            } else {
                $app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
            }
        } else {
            $app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
            $app->log("Skippung insert of user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
        }
    }
    
@@ -97,25 +101,34 @@
        
        $app->uses('system');
        
        // Get the UID of the parent user
        $uid = intval($app->system->getuid($data['new']['puser']));
        if($uid > $this->min_uid) {
            $command = 'usermod';
            $command .= ' --home '.escapeshellcmd($data['new']['dir']);
            $command .= ' --gid '.escapeshellcmd($data['new']['pgroup']);
            // $command .= ' --non-unique ';
            $command .= ' --password '.escapeshellcmd($data['new']['password']);
            if($data['new']['chroot'] != 'jailkit') $command .= ' --shell '.escapeshellcmd($data['new']['shell']);
            // $command .= ' --uid '.escapeshellcmd($uid);
            $command .= ' --login '.escapeshellcmd($data['new']['username']);
            $command .= ' '.escapeshellcmd($data['old']['username']);
        if($app->system->is_user($data['new']['puser'])) {
            // Get the UID of the parent user
            $uid = intval($app->system->getuid($data['new']['puser']));
            if($uid > $this->min_uid) {
                // Check if the user that we want to update exists, if not, we insert it
                if($app->system->is_user($data['old']['username'])) {
                    $command = 'usermod';
                    $command .= ' --home '.escapeshellcmd($data['new']['dir']);
                    $command .= ' --gid '.escapeshellcmd($data['new']['pgroup']);
                    // $command .= ' --non-unique ';
                    $command .= ' --password '.escapeshellcmd($data['new']['password']);
                    if($data['new']['chroot'] != 'jailkit') $command .= ' --shell '.escapeshellcmd($data['new']['shell']);
                    // $command .= ' --uid '.escapeshellcmd($uid);
                    $command .= ' --login '.escapeshellcmd($data['new']['username']);
                    $command .= ' '.escapeshellcmd($data['old']['username']);
            
            exec($command);
            // $app->log("Updated shelluser: $command ",LOGLEVEL_DEBUG);
            $app->log("Updated shelluser: ".$data['old']['username'],LOGLEVEL_DEBUG);
			
                    exec($command);
                    // $app->log("Updated shelluser: $command ",LOGLEVEL_DEBUG);
                    $app->log("Updated shelluser: ".$data['old']['username'],LOGLEVEL_DEBUG);
                } else {
                    // The user does not exist, so we insert it now
                    $this->insert($event_name,$data);
                }
            } else {
                $app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
            }
        } else {
            $app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
            $app->log("Skippung update for user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
        }
    }
    
@@ -124,17 +137,21 @@
        
        $app->uses('system');
        
        // Get the UID of the user
        $userid = intval($app->system->getuid($data['old']['username']));
        if($userid > $this->min_uid) {
            $command = 'userdel';
            $command .= ' '.escapeshellcmd($data['old']['username']);
        if($app->system->is_user($data['old']['username'])) {
            // Get the UID of the user
            $userid = intval($app->system->getuid($data['old']['username']));
            if($userid > $this->min_uid) {
                $command = 'userdel';
                $command .= ' '.escapeshellcmd($data['old']['username']);
            
            exec($command);
            $app->log("Deleted shelluser: ".$data['old']['username'],LOGLEVEL_DEBUG);
                exec($command);
                $app->log("Deleted shelluser: ".$data['old']['username'],LOGLEVEL_DEBUG);
            
            } else {
                $app->log("UID = $userid for shelluser:".$data['old']['username']." not allowed.",LOGLEVEL_ERROR);
            }
        } else {
            $app->log("UID = $userid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
            $app->log("User:".$data['new']['username']." does not exist in in /etc/passwd, skipping delete.",LOGLEVEL_WARN);
        }
        
    }

 server/plugins-available/shelluser_jailkit_plugin.inc.php

@@ -70,22 +70,30 @@
    function insert($event_name,$data) {
        global $app, $conf;
        
        /**
         * Setup Jailkit Chroot System If Enabled 
         */
        if ($data['new']['chroot'] == "jailkit")
        {
            // load the server configuration options
            $app->uses("getconf");
            $this->data = $data;
            $this->app = $app;
            $this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');
			
            $this->_setup_jailkit_chroot();
            $this->_add_jailkit_user();
        }
        $app->uses('system');
        
        $app->log("Jalikit Plugin -> insert username:".$data['new']['username'],LOGLEVEL_DEBUG);
        if($app->system->is_user($data['new']['username'])) {
		
            /**
             * Setup Jailkit Chroot System If Enabled 
             */
            if ($data['new']['chroot'] == "jailkit")
            {
                // load the server configuration options
                $app->uses("getconf");
                $this->data = $data;
                $this->app = $app;
                $this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');
			
                $this->_setup_jailkit_chroot();
                $this->_add_jailkit_user();
            }
		
            $app->log("Jalikit Plugin -> insert username:".$data['new']['username'],LOGLEVEL_DEBUG);
			
        } else {
            $app->log("Jalikit Plugin -> insert username:".$data['new']['username']." skipped, the user does not exist.",LOGLEVEL_WARN);
        }
        
    }
    
@@ -93,22 +101,30 @@
    function update($event_name,$data) {
        global $app, $conf;
        
        /**
         * Setup Jailkit Chroot System If Enabled 
         */
        if ($data['new']['chroot'] == "jailkit")
        {
            // load the server configuration options
            $app->uses("getconf");
            $this->data = $data;
            $this->app = $app;
            $this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');
			
            $this->_setup_jailkit_chroot();
            $this->_add_jailkit_user();
        }
        $app->uses('system');
        
        $app->log("Jalikit Plugin -> update username:".$data['new']['username'],LOGLEVEL_DEBUG);
        if($app->system->is_user($data['new']['username'])) {
		
            /**
             * Setup Jailkit Chroot System If Enabled 
             */
            if ($data['new']['chroot'] == "jailkit")
            {
                // load the server configuration options
                $app->uses("getconf");
                $this->data = $data;
                $this->app = $app;
                $this->jailkit_config = $app->getconf->get_server_config($conf["server_id"], 'jailkit');
			
                $this->_setup_jailkit_chroot();
                $this->_add_jailkit_user();
            }
		
            $app->log("Jalikit Plugin -> update username:".$data['new']['username'],LOGLEVEL_DEBUG);
			
        } else {
            $app->log("Jalikit Plugin -> update username:".$data['new']['username']." skipped, the user does not exist.",LOGLEVEL_WARN);
        }
        
    }
    
@@ -119,6 +135,8 @@
    function delete($event_name,$data) {
        global $app, $conf;
        
        $app->uses('system');
		
        if ($data['old']['chroot'] == "jailkit")
        {
            $app->uses("getconf");