From 441dca4cc37d3de8644bbd3467110bb3d333787b Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Wed, 22 Aug 2012 05:35:23 -0400
Subject: [PATCH] Bugfix: Missing SQL statement in update SQL file

---
 server/plugins-available/shelluser_jailkit_plugin.inc.php |   40 +++++++++++++++++++++++++++++++++-------
 1 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php
index 86e92f6..322b1ba 100755
--- a/server/plugins-available/shelluser_jailkit_plugin.inc.php
+++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php
@@ -71,6 +71,7 @@
 		global $app, $conf;
 		
 		$app->uses('system');
+		$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$data['new']['parent_domain_id']);
 		
 		if($app->system->is_user($data['new']['username'])) {
 		
@@ -79,6 +80,8 @@
 		 	*/
 			if ($data['new']['chroot'] == "jailkit")
 			{
+				$app->system->web_folder_protection($web['document_root'],false);
+				
 				// load the server configuration options
 				$app->uses("getconf");
 				$this->data = $data;
@@ -94,10 +97,16 @@
 				//* call the ssh-rsa update function
 				$this->_setup_ssh_rsa();
 				
-				$command .= 'usermod -s /usr/sbin/jk_chrootsh -U '.escapeshellcmd($data['new']['username']);
+				//$command .= 'usermod -s /usr/sbin/jk_chrootsh -U '.escapeshellcmd($data['new']['username']);
+				//exec($command);
+				$app->system->usermod($data['new']['username'], 0, 0, '', '/usr/sbin/jk_chrootsh', '', '');
+				
+				//* Unlock user
+				$command = 'usermod -U '.escapeshellcmd($data['new']['username']);
 				exec($command);
 				
 				$this->_update_website_security_level();
+				$app->system->web_folder_protection($web['document_root'],true);
 			}
 		
 			$app->log("Jailkit Plugin -> insert username:".$data['new']['username'],LOGLEVEL_DEBUG);
@@ -113,6 +122,7 @@
 		global $app, $conf;
 		
 		$app->uses('system');
+		$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$data['new']['parent_domain_id']);
 		
 		if($app->system->is_user($data['new']['username'])) {
 		
@@ -121,6 +131,8 @@
 		 	*/
 			if ($data['new']['chroot'] == "jailkit")
 			{
+				$app->system->web_folder_protection($web['document_root'],false);
+				
 				// load the server configuration options
 				$app->uses("getconf");
 				$this->data = $data;
@@ -136,6 +148,8 @@
 				$this->_setup_ssh_rsa();
 				
 				$this->_update_website_security_level();
+				
+				$app->system->web_folder_protection($web['document_root'],true);
 			}
 		
 			$app->log("Jailkit Plugin -> update username:".$data['new']['username'],LOGLEVEL_DEBUG);
@@ -155,6 +169,8 @@
 		
 		$app->uses('system');
 		
+		$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$data['old']['parent_domain_id']);
+		
 		if ($data['old']['chroot'] == "jailkit")
 		{
 			$app->uses("getconf");
@@ -165,12 +181,16 @@
 			//commented out proved to be dangerous on config errors
 			//exec('rm -rf '.$data['old']['dir'].$jailkit_chroot_userhome);
 			
+			$app->system->web_folder_protection($web['document_root'],false);
+			
 			if(@is_dir($data['old']['dir'].$jailkit_chroot_userhome)) {
 				$command = 'userdel -f';
 				$command .= ' '.escapeshellcmd($data['old']['username']);
 				exec($command);
 				$app->log("Jailkit Plugin -> delete chroot home:".$data['old']['dir'].$jailkit_chroot_userhome,LOGLEVEL_DEBUG);
 			}
+			
+			$app->system->web_folder_protection($web['document_root'],true);
 			
 		}
 		
@@ -270,6 +290,7 @@
 			//* Change the homedir of the shell user and parent user
 			//* We have to do this manually as the usermod command fails 
 			//* when the user is logged in or a command is running under that user
+			/*
 			$passwd_file_array = file('/etc/passwd');
 			$passwd_out = '';
 			if(is_array($passwd_file_array)) {
@@ -286,8 +307,10 @@
 						$app->system->replaceLine('/etc/passwd',$line,$new_line,1,0);
 					}
 				}
-			}
+			}*/
 			
+			$app->system->usermod($this->data['new']['username'], 0, 0, $this->data['new']['dir'].'/.'.$jailkit_chroot_userhome, '/usr/sbin/jk_chrootsh');
+			$app->system->usermod($this->data['new']['puser'], 0, 0, $this->data['new']['dir'].'/.'.$jailkit_chroot_userhome, '/usr/sbin/jk_chrootsh');
 				
 			$this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG);
 						
@@ -318,9 +341,12 @@
 		$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$this->data['new']['parent_domain_id']);
 		
 		//* If the security level is set to high
-		if($web_config['security_level'] == 20) {
-			$this->_exec('chmod 755 '.escapeshellcmd($web["document_root"]));
-			$this->_exec('chown root:root '.escapeshellcmd($web["document_root"]));
+		if($web_config['security_level'] == 20 && is_array($web)) {
+			$app->system->web_folder_protection($web["document_root"],false);
+			$app->system->chmod($web["document_root"],0755);
+			$app->system->chown($web["document_root"],'root');
+			$app->system->chgrp($web["document_root"],'root');
+			$app->system->web_folder_protection($web["document_root"],true);
 		}
 		
 	}
@@ -376,9 +402,9 @@
 			if(is_file('/root/.ssh/authorized_keys')) file_put_contents($sshkeys, file_get_contents('/root/.ssh/authorized_keys'));
 		
 			// Remove duplicate keys
-			$existing_keys = file($sshkeys);
+			$existing_keys = @file($sshkeys);
 			$new_keys = explode("\n", $userkey);
-			$final_keys_arr = array_merge($existing_keys, $new_keys);
+			$final_keys_arr = @array_merge($existing_keys, $new_keys);
 			$new_final_keys_arr = array();
 			if(is_array($final_keys_arr) && !empty($final_keys_arr)){
 				foreach($final_keys_arr as $key => $val){

--
Gitblit v1.9.1