You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
99 lines
2.6 KiB
99 lines
2.6 KiB
#!/bin/bash
|
|
# info: add user sftp jail
|
|
# options: USER [RESTART]
|
|
#
|
|
# example: v-add-user-sftp-jail admin
|
|
#
|
|
# This function enables sftp jailed environment
|
|
|
|
#----------------------------------------------------------#
|
|
# Variables & Functions #
|
|
#----------------------------------------------------------#
|
|
|
|
# Argument definition
|
|
user=$1
|
|
restart=$2
|
|
|
|
if [ "$user" == "puppet" ]; then
|
|
exit
|
|
fi
|
|
|
|
# Includes
|
|
# shellcheck source=/etc/hestiacp/hestia.conf
|
|
source /etc/hestiacp/hestia.conf
|
|
# shellcheck source=/usr/local/hestia/func/main.sh
|
|
source $HESTIA/func/main.sh
|
|
# load config file
|
|
source_conf "$HESTIA/conf/hestia.conf"
|
|
|
|
#----------------------------------------------------------#
|
|
# Verifications #
|
|
#----------------------------------------------------------#
|
|
|
|
check_args '1' "$#" 'USER'
|
|
is_format_valid 'user'
|
|
check=$(is_object_valid 'user' 'USER' "$user")
|
|
if [ $? -ne 0 ]; then
|
|
user_str=$(grep "^$user:" /etc/passwd | egrep "rssh|nologin")
|
|
#try to detect "owner" of the ftp_user if not found dont set it up
|
|
user_owner=$(echo $user_str | cut -f6 -d : | cut -f3 -d /)
|
|
is_object_valid 'user' 'USER' "$user_owner"
|
|
fi
|
|
user_str=$(grep "^$user:" /etc/passwd | egrep "rssh|nologin")
|
|
if [ -z "$user_str" ]; then
|
|
exit
|
|
fi
|
|
|
|
# Get current users and split into array
|
|
ssh_users=$(grep -A1 "^# Hestia SFTP Chroot" /etc/ssh/sshd_config | sed -n 2p | sed 's/Match User //')
|
|
IFS=',' read -r -a users <<< "$ssh_users"
|
|
|
|
# Check if jail exist
|
|
match_string="$ssh_users,"
|
|
if [[ "$match_string" =~ ,$user, ]]; then
|
|
if [[ -d /home/$user && -z "$(find /home/$user -user root -print -prune -o -prune)" ]]; then
|
|
chown root:root /home/$user
|
|
fi
|
|
exit
|
|
fi
|
|
|
|
# Perform verification if read-only mode is enabled
|
|
check_hestia_demo_mode
|
|
|
|
#----------------------------------------------------------#
|
|
# Action #
|
|
#----------------------------------------------------------#
|
|
|
|
# Add user to array
|
|
users+=($user)
|
|
|
|
# Write new user list to config
|
|
users=$(
|
|
IFS=','
|
|
echo "${users[*]// /|}"
|
|
IFS=$' \t\n'
|
|
)
|
|
sed -i "s/$ssh_users/$users/g" /etc/ssh/sshd_config
|
|
|
|
# Set home folder permission to root
|
|
if [ -d "/home/$user" ]; then
|
|
chown root:root /home/$user
|
|
fi
|
|
|
|
#----------------------------------------------------------#
|
|
# Hestia #
|
|
#----------------------------------------------------------#
|
|
|
|
# Restart ssh service
|
|
if [ "$restart" = 'no' ]; then
|
|
# Skip restart of SSH daemon
|
|
echo "" > /dev/null 2>&1
|
|
else
|
|
service ssh restart > /dev/null 2>&1
|
|
fi
|
|
|
|
# Logging
|
|
log_event "$OK" "$ARGUMENTS"
|
|
|
|
exit
|