diff --git a/bin/v-add-mail-account-fwd-only b/bin/v-add-mail-account-fwd-only index 303ab79f..5be21965 100755 --- a/bin/v-add-mail-account-fwd-only +++ b/bin/v-add-mail-account-fwd-only @@ -56,7 +56,7 @@ fi # Adding account to fwd_only if [[ "$MAIL_SYSTEM" =~ exim ]]; then - echo "$account" > $HOMEDIR/$user/conf/mail/$domain/fwd_only + echo "$account" >> $HOMEDIR/$user/conf/mail/$domain/fwd_only chown -R $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain/fwd_only fi diff --git a/install/debian/templates/web/apache2/basedir.stpl b/install/debian/templates/web/apache2/basedir.stpl index 96de57af..269c0971 100755 --- a/install/debian/templates/web/apache2/basedir.stpl +++ b/install/debian/templates/web/apache2/basedir.stpl @@ -15,7 +15,9 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/debian/templates/web/apache2/basedir.tpl b/install/debian/templates/web/apache2/basedir.tpl index 07ec38c9..c24b1279 100755 --- a/install/debian/templates/web/apache2/basedir.tpl +++ b/install/debian/templates/web/apache2/basedir.tpl @@ -14,7 +14,9 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/rhel/templates/web/httpd/basedir.stpl b/install/rhel/templates/web/httpd/basedir.stpl index d568276d..cd4a8c88 100755 --- a/install/rhel/templates/web/httpd/basedir.stpl +++ b/install/rhel/templates/web/httpd/basedir.stpl @@ -15,7 +15,9 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/rhel/templates/web/httpd/basedir.tpl b/install/rhel/templates/web/httpd/basedir.tpl index 41b77334..94288db0 100755 --- a/install/rhel/templates/web/httpd/basedir.tpl +++ b/install/rhel/templates/web/httpd/basedir.tpl @@ -14,7 +14,9 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/ubuntu/sudoers.conf b/install/ubuntu/sudoers.conf deleted file mode 100644 index 0e3058d1..00000000 --- a/install/ubuntu/sudoers.conf +++ /dev/null @@ -1,31 +0,0 @@ -# -# This file MUST be edited with the 'visudo' command as root. -# -# Please consider adding local content in /etc/sudoers.d/ instead of -# directly modifying this file. -# -# See the man page for details on how to write a sudoers file. -# -Defaults env_reset -Defaults mail_badpass -Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" -Defaults env_keep="VESTA" - -# Host alias specification - -# User alias specification - -# Cmnd alias specification - -# User privilege specification -root ALL=(ALL:ALL) ALL - -# Members of the admin group may gain root privileges -%admin ALL=(ALL) ALL - -# Allow members of group sudo to execute any command -%sudo ALL=(ALL:ALL) ALL - -# See sudoers(5) for more information on "#include" directives: - -#includedir /etc/sudoers.d diff --git a/install/ubuntu/sudoers.vestacp.conf b/install/ubuntu/sudoers.vestacp.conf new file mode 100644 index 00000000..fc178228 --- /dev/null +++ b/install/ubuntu/sudoers.vestacp.conf @@ -0,0 +1 @@ +Defaults env_keep="VESTA" diff --git a/install/ubuntu/templates/web/apache2/basedir.stpl b/install/ubuntu/templates/web/apache2/basedir.stpl index 96de57af..269c0971 100755 --- a/install/ubuntu/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/templates/web/apache2/basedir.stpl @@ -15,7 +15,9 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/ubuntu/templates/web/apache2/basedir.tpl b/install/ubuntu/templates/web/apache2/basedir.tpl index 07ec38c9..c24b1279 100755 --- a/install/ubuntu/templates/web/apache2/basedir.tpl +++ b/install/ubuntu/templates/web/apache2/basedir.tpl @@ -14,7 +14,9 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh index cc461577..7f05f58d 100644 --- a/install/vst-install-ubuntu.sh +++ b/install/vst-install-ubuntu.sh @@ -300,11 +300,6 @@ mkdir -p $vst_backups/bind mkdir -p $vst_backups/vesta mkdir -p $vst_backups/home -# Backup sudoers -if [ -e '/etc/sudoers' ]; then - cp /etc/sudoers $vst_backups/ -fi - # Backup nginx service nginx stop > /dev/null 2>&1 if [ -e '/etc/nginx/nginx.conf' ]; then @@ -535,9 +530,9 @@ echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile echo "/sbin/nologin" >> /etc/shells # Sudo configuration -wget $CHOST/$VERSION/sudoers.conf -O /etc/sudoers +wget $CHOST/$VERSION/sudoers.vestacp.conf -O /etc/sudoers.d/vestacp wget $CHOST/$VERSION/sudoers.admin.conf -O /etc/sudoers.d/admin -chmod 440 /etc/sudoers +chmod 440 /etc/sudoers.d/vestacp chmod 440 /etc/sudoers.d/admin # NTP Synchronization diff --git a/src/bash_coding_style.txt b/src/bash_coding_style.txt index 4cf1e622..e8fed9dc 100644 --- a/src/bash_coding_style.txt +++ b/src/bash_coding_style.txt @@ -5,7 +5,7 @@ Contents: 1. Introduction 2. Naming Convention - 3. Coments + 3. Comments 4. Coding Styles 5. Basic formating 6. If, For, and While @@ -41,7 +41,7 @@ Contents: } # -3. Coments +3. Comments The total length of a line (including comment) must not exceed more than 80 characters. Every file must be documented with an introductory comment that provides shorthand information on the file name and its contents. diff --git a/src/v-check-user-password.c b/src/v-check-user-password.c index 38fcad4f..1cca5717 100755 --- a/src/v-check-user-password.c +++ b/src/v-check-user-password.c @@ -45,10 +45,16 @@ int main (int argc, char** argv) { /* open log file */ FILE* pFile = fopen ("/usr/local/vesta/log/auth.log","a+"); if (NULL == pFile) { - printf("Error: can not open file %s \n", argv[0]); + printf("Error: can not open file /usr/local/vesta/log/auth.log \n"); exit(12); } + int len = 0; + if(strlen(argv[1]) >= 100) { + printf("Too long username\n"); + exit(1); + } + /* parse user argument */ struct passwd* userinfo = getpwnam(argv[1]); if (NULL != userinfo) { diff --git a/web/api/index.php b/web/api/index.php index c0b420db..c938512a 100644 --- a/web/api/index.php +++ b/web/api/index.php @@ -14,10 +14,11 @@ if (isset($_POST['user']) || isset($_POST['hash'])) { $v_user = escapeshellarg($_POST['user']); $v_password = escapeshellarg($_POST['password']); - exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." '".$_SERVER["REMOTE_ADDR"]."'", $output, $auth_code); + $v_ip_addr = escapeshellarg($_SERVER["REMOTE_ADDR"]); + exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." '".$v_ip_addr."'", $output, $auth_code); } else { $key = '/usr/local/vesta/data/keys/' . basename($_POST['hash']); - if (file_exists($key)) { + if (file_exists($key) && is_file($key)) { $auth_code = '0'; } } diff --git a/web/templates/admin/add_ip.html b/web/templates/admin/add_ip.html index 94ec7423..23a67933 100644 --- a/web/templates/admin/add_ip.html +++ b/web/templates/admin/add_ip.html @@ -147,4 +147,4 @@ - +