Navigation

Sidi · #1 16th August 2007, 17:06

Hi,

I thing I have found a litte bug in ISPConfig 2.3.12 (yes, I know it isn't
the latest, but I havn't seen this in the changelog):

If a reseller add a new (email-) user, ISPConfig doesn't seem to check if
this name already exists as an systemuser in /etc/passwd.

I had for example a user "martin" with UID 1000, ISPConfig uses UID's > 10000. A reseller had add an email-user "martin" which was added with UID 10318 and my old "martin" was deleted in the /etc/passwd.

Haven't checked yet if you also can delete such users as "uucp", "www-data" or even "root" this way.

regards,
martin

till · #2 16th August 2007, 17:36

ISPConfig does not delete or modify any users that had been there before ISPConfig was installed and you should not add any users manually after you installed ISPConfig.

ISPConfig uses for this a user blacklist: /home/admispconfig/ispconfig/users

You will not be able to create a user in ISPConfig that is listed on this blacklist.

Sidi · #3 16th August 2007, 17:49

Hi,

Oops, I have forgoten about the blacklist.
Hmm, strange the user "martin" isn't in there but he was definitely on the system before ISPConfig was installed, because it was the one user-account Debian always ask you to generate during the install (and therefor got UID 1000).

regards,
martin

till · #4 16th August 2007, 20:36

I have no Idea why it is missing then in the users file. I added this to the bugtracker and we will check if there is some bug in the installer.

Navigation

Facebook

News

Recent comments

Newsletter