12th January 2007, 13:41
|
|
Senior Member
|
|
Join Date: Dec 2006
Location: Hilversum, The Netherlands
Posts: 873
Thanks: 1
Thanked 14 Times in 13 Posts
|
|
ISPC 2.2.9: Invalid user shell on Ubuntu/Debian
Just figured that regular users are created by ISPConfig with a default shell of /dev/null. Unfortunately, this is invalid on Debian based systems, as the shell has to be an executable program/script. The most easy way I believe is to change the shell to /bin/false.
Looking at ISPConfig 2.2.9, I think the only place to modify this is in
Code:
/root/ispconfig/scripts/lib/classes/ispconfig_system.lib.php
and change the in function deactivateuser (lines 115 - 125) the shell, so the script will now look like:
PHP Code:
function deactivateuser($user_username){
$passwort = str_rot13($this->getpasswd($user_username));
$user_attr = $this->get_user_attributes($user_username);
$uid = $user_attr["uid"];
$gid = $user_attr["gid"];
$username = $user_attr["name"];
$homedir = $user_attr["homedir"];
$shell = "/bin/false"; // <======= Change this line
$this->deluser($user_username);
$this->adduser($user_username, $uid, $gid, $username, $homedir, $shell, $passwort);
}
I believe this will work for any Linux distribution.
|
12th January 2007, 14:51
|
|
rotaredoM
|
|
Join Date: Mar 2006
Location: Lausanne, Switzerland
Posts: 421
Thanks: 5
Thanked 24 Times in 24 Posts
|
|
I think it's a good idea as /bin/false is also listed in /etc/shells, so there will be no problem with some ftp server who require a valid shell (listed in /etc/shells).
|
12th January 2007, 17:15
|
|
Senior Member
|
|
Join Date: Dec 2006
Location: Hilversum, The Netherlands
Posts: 873
Thanks: 1
Thanked 14 Times in 13 Posts
|
|
Yup, that's why I had to change it. FTP was not working.
|
12th January 2007, 21:39
|
|
Senior Member
|
|
Join Date: Dec 2006
Location: Hilversum, The Netherlands
Posts: 873
Thanks: 1
Thanked 14 Times in 13 Posts
|
|
Sorry for the noise
Wow, I believe I overlooked an essential point. The testuser I created did not have the ftp checkbox ticked. As such ISPC always did reset the shell back to /dev/null by means of the 30 minute cron scripts. Not having this tick for a user means KEEP OUT completely from this system. Which is exactly what it needs to do.
When setting the ftp tick box for this user, ISPC did set the shell to /bin/false as it should.
My humble apologies to the developers, as this function is doing what it supposed to do. Please ignore my suggestion to change the code. I'll stay low for a while ..... 
|
13th January 2007, 16:28
|
|
Super Moderator
|
|
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 31,853
Thanks: 781
Thanked 1,558 Times in 1,477 Posts
|
|
Quote:
|
Originally Posted by martinfst
Wow, I believe I overlooked an essential point. The testuser I created did not have the ftp checkbox ticked. As such ISPC always did reset the shell back to /dev/null by means of the 30 minute cron scripts. Not having this tick for a user means KEEP OUT completely from this system. Which is exactly what it needs to do.
When setting the ftp tick box for this user, ISPC did set the shell to /bin/false as it should.
My humble apologies to the developers, as this function is doing what it supposed to do. Please ignore my suggestion to change the code. I'll stay low for a while ..... |
That's right. If you give a user /bin/false as shell, he will have FTP access, no matter what you specify in the ISPConfig interface. Users without FTP access therefore get /dev/null as shell.
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT +2. The time now is 07:13.
|
English | 
Deutsch
Recent comments
22 hours 41 min ago
1 day 3 hours ago
1 day 4 hours ago
1 day 4 hours ago
1 day 5 hours ago
1 day 7 hours ago
1 day 9 hours ago
1 day 10 hours ago
1 day 10 hours ago
1 day 11 hours ago