diff --git a/bin/v-add-mail-account-fwd-only b/bin/v-add-mail-account-fwd-only index 303ab79f6..5be21965c 100755 --- a/bin/v-add-mail-account-fwd-only +++ b/bin/v-add-mail-account-fwd-only @@ -56,7 +56,7 @@ fi # Adding account to fwd_only if [[ "$MAIL_SYSTEM" =~ exim ]]; then - echo "$account" > $HOMEDIR/$user/conf/mail/$domain/fwd_only + echo "$account" >> $HOMEDIR/$user/conf/mail/$domain/fwd_only chown -R $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain/fwd_only fi diff --git a/install/debian/templates/web/apache2/basedir.stpl b/install/debian/templates/web/apache2/basedir.stpl index 96de57af7..269c09711 100755 --- a/install/debian/templates/web/apache2/basedir.stpl +++ b/install/debian/templates/web/apache2/basedir.stpl @@ -15,7 +15,9 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/debian/templates/web/apache2/basedir.tpl b/install/debian/templates/web/apache2/basedir.tpl index 07ec38c98..c24b12796 100755 --- a/install/debian/templates/web/apache2/basedir.tpl +++ b/install/debian/templates/web/apache2/basedir.tpl @@ -14,7 +14,9 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/rhel/templates/web/httpd/basedir.stpl b/install/rhel/templates/web/httpd/basedir.stpl index d568276df..cd4a8c88c 100755 --- a/install/rhel/templates/web/httpd/basedir.stpl +++ b/install/rhel/templates/web/httpd/basedir.stpl @@ -15,7 +15,9 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/rhel/templates/web/httpd/basedir.tpl b/install/rhel/templates/web/httpd/basedir.tpl index 41b77334a..94288db02 100755 --- a/install/rhel/templates/web/httpd/basedir.tpl +++ b/install/rhel/templates/web/httpd/basedir.tpl @@ -14,7 +14,9 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/ubuntu/sudoers.conf b/install/ubuntu/sudoers.conf deleted file mode 100644 index 0e3058d18..000000000 --- a/install/ubuntu/sudoers.conf +++ /dev/null @@ -1,31 +0,0 @@ -# -# This file MUST be edited with the 'visudo' command as root. -# -# Please consider adding local content in /etc/sudoers.d/ instead of -# directly modifying this file. -# -# See the man page for details on how to write a sudoers file. -# -Defaults env_reset -Defaults mail_badpass -Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" -Defaults env_keep="VESTA" - -# Host alias specification - -# User alias specification - -# Cmnd alias specification - -# User privilege specification -root ALL=(ALL:ALL) ALL - -# Members of the admin group may gain root privileges -%admin ALL=(ALL) ALL - -# Allow members of group sudo to execute any command -%sudo ALL=(ALL:ALL) ALL - -# See sudoers(5) for more information on "#include" directives: - -#includedir /etc/sudoers.d diff --git a/install/ubuntu/sudoers.vestacp.conf b/install/ubuntu/sudoers.vestacp.conf new file mode 100644 index 000000000..fc1782282 --- /dev/null +++ b/install/ubuntu/sudoers.vestacp.conf @@ -0,0 +1 @@ +Defaults env_keep="VESTA" diff --git a/install/ubuntu/templates/web/apache2/basedir.stpl b/install/ubuntu/templates/web/apache2/basedir.stpl index 96de57af7..269c09711 100755 --- a/install/ubuntu/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/templates/web/apache2/basedir.stpl @@ -15,7 +15,9 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/ubuntu/templates/web/apache2/basedir.tpl b/install/ubuntu/templates/web/apache2/basedir.tpl index 07ec38c98..c24b12796 100755 --- a/install/ubuntu/templates/web/apache2/basedir.tpl +++ b/install/ubuntu/templates/web/apache2/basedir.tpl @@ -14,7 +14,9 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh index cc461577a..7f05f58df 100644 --- a/install/vst-install-ubuntu.sh +++ b/install/vst-install-ubuntu.sh @@ -300,11 +300,6 @@ mkdir -p $vst_backups/bind mkdir -p $vst_backups/vesta mkdir -p $vst_backups/home -# Backup sudoers -if [ -e '/etc/sudoers' ]; then - cp /etc/sudoers $vst_backups/ -fi - # Backup nginx service nginx stop > /dev/null 2>&1 if [ -e '/etc/nginx/nginx.conf' ]; then @@ -535,9 +530,9 @@ echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile echo "/sbin/nologin" >> /etc/shells # Sudo configuration -wget $CHOST/$VERSION/sudoers.conf -O /etc/sudoers +wget $CHOST/$VERSION/sudoers.vestacp.conf -O /etc/sudoers.d/vestacp wget $CHOST/$VERSION/sudoers.admin.conf -O /etc/sudoers.d/admin -chmod 440 /etc/sudoers +chmod 440 /etc/sudoers.d/vestacp chmod 440 /etc/sudoers.d/admin # NTP Synchronization diff --git a/src/bash_coding_style.txt b/src/bash_coding_style.txt index 4cf1e6221..e8fed9dc4 100644 --- a/src/bash_coding_style.txt +++ b/src/bash_coding_style.txt @@ -5,7 +5,7 @@ Contents: 1. Introduction 2. Naming Convention - 3. Coments + 3. Comments 4. Coding Styles 5. Basic formating 6. If, For, and While @@ -41,7 +41,7 @@ Contents: } # -3. Coments +3. Comments The total length of a line (including comment) must not exceed more than 80 characters. Every file must be documented with an introductory comment that provides shorthand information on the file name and its contents. diff --git a/src/v-check-user-password.c b/src/v-check-user-password.c index 38fcad4ff..1cca5717c 100755 --- a/src/v-check-user-password.c +++ b/src/v-check-user-password.c @@ -45,10 +45,16 @@ int main (int argc, char** argv) { /* open log file */ FILE* pFile = fopen ("/usr/local/vesta/log/auth.log","a+"); if (NULL == pFile) { - printf("Error: can not open file %s \n", argv[0]); + printf("Error: can not open file /usr/local/vesta/log/auth.log \n"); exit(12); } + int len = 0; + if(strlen(argv[1]) >= 100) { + printf("Too long username\n"); + exit(1); + } + /* parse user argument */ struct passwd* userinfo = getpwnam(argv[1]); if (NULL != userinfo) { diff --git a/web/api/index.php b/web/api/index.php index c0b420dbe..c938512a5 100644 --- a/web/api/index.php +++ b/web/api/index.php @@ -14,10 +14,11 @@ if (isset($_POST['user']) || isset($_POST['hash'])) { $v_user = escapeshellarg($_POST['user']); $v_password = escapeshellarg($_POST['password']); - exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." '".$_SERVER["REMOTE_ADDR"]."'", $output, $auth_code); + $v_ip_addr = escapeshellarg($_SERVER["REMOTE_ADDR"]); + exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." '".$v_ip_addr."'", $output, $auth_code); } else { $key = '/usr/local/vesta/data/keys/' . basename($_POST['hash']); - if (file_exists($key)) { + if (file_exists($key) && is_file($key)) { $auth_code = '0'; } } diff --git a/web/templates/admin/add_ip.html b/web/templates/admin/add_ip.html index 94ec74230..23a679336 100644 --- a/web/templates/admin/add_ip.html +++ b/web/templates/admin/add_ip.html @@ -147,4 +147,4 @@ - +