HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Developers' Forum (http://www.howtoforge.com/forums/forumdisplay.php?f=18)
-   -   ISPC 2.2.9: Invalid user shell on Ubuntu/Debian (http://www.howtoforge.com/forums/showthread.php?t=9747)

martinfst 12th January 2007 12:41

ISPC 2.2.9: Invalid user shell on Ubuntu/Debian
 
Just figured that regular users are created by ISPConfig with a default shell of /dev/null. Unfortunately, this is invalid on Debian based systems, as the shell has to be an executable program/script. The most easy way I believe is to change the shell to /bin/false.

Looking at ISPConfig 2.2.9, I think the only place to modify this is in
Code:

/root/ispconfig/scripts/lib/classes/ispconfig_system.lib.php
and change the in function deactivateuser (lines 115 - 125) the shell, so the script will now look like:
PHP Code:

function deactivateuser($user_username){
  
$passwort str_rot13($this->getpasswd($user_username));
  
$user_attr $this->get_user_attributes($user_username);
  
$uid $user_attr["uid"];
  
$gid $user_attr["gid"];
  
$username $user_attr["name"];
  
$homedir $user_attr["homedir"];
  
$shell "/bin/false";                  //  <======= Change this line
  
$this->deluser($user_username);
  
$this->adduser($user_username$uid$gid$username$homedir$shell$passwort);


I believe this will work for any Linux distribution.

jnsc 12th January 2007 13:51

I think it's a good idea as /bin/false is also listed in /etc/shells, so there will be no problem with some ftp server who require a valid shell (listed in /etc/shells).

martinfst 12th January 2007 16:15

Yup, that's why I had to change it. FTP was not working.

martinfst 12th January 2007 20:39

Sorry for the noise
 
Wow, I believe I overlooked an essential point. The testuser I created did not have the ftp checkbox ticked. As such ISPC always did reset the shell back to /dev/null by means of the 30 minute cron scripts. Not having this tick for a user means KEEP OUT completely from this system. Which is exactly what it needs to do.

When setting the ftp tick box for this user, ISPC did set the shell to /bin/false as it should.

My humble apologies to the developers, as this function is doing what it supposed to do. Please ignore my suggestion to change the code. I'll stay low for a while .....:cool:

falko 13th January 2007 15:28

Quote:

Originally Posted by martinfst
Wow, I believe I overlooked an essential point. The testuser I created did not have the ftp checkbox ticked. As such ISPC always did reset the shell back to /dev/null by means of the 30 minute cron scripts. Not having this tick for a user means KEEP OUT completely from this system. Which is exactly what it needs to do.

When setting the ftp tick box for this user, ISPC did set the shell to /bin/false as it should.

My humble apologies to the developers, as this function is doing what it supposed to do. Please ignore my suggestion to change the code. I'll stay low for a while .....:cool:

That's right. If you give a user /bin/false as shell, he will have FTP access, no matter what you specify in the ISPConfig interface. Users without FTP access therefore get /dev/null as shell.


All times are GMT +2. The time now is 18:36.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.