mirror of
https://github.com/serghey-rodin/vesta.git
synced 2025-01-24 11:43:02 -08:00
4348aab7ad
710 permission on /home/user/web (September 7 commit) is generating this Apache error on new users: Forbidden You don't have permission to access /index.php on this server. Server unable to read htaccess file, denying access to be safe
216 lines
5.2 KiB
Bash
Executable File
216 lines
5.2 KiB
Bash
Executable File
#!/bin/bash
|
|
# info: add system user
|
|
# options: USER PASSWORD EMAIL [PACKAGE] [FNAME] [LNAME]
|
|
#
|
|
# The function creates new user account.
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
# Variable&Function #
|
|
#----------------------------------------------------------#
|
|
|
|
# Argument definition
|
|
user=$1
|
|
password=$2; HIDE=2
|
|
email=$3
|
|
package=${4-default}
|
|
fname=$5
|
|
lname=$6
|
|
|
|
# Includes
|
|
source $VESTA/func/main.sh
|
|
source $VESTA/conf/vesta.conf
|
|
|
|
is_user_free() {
|
|
check_sysuser=$(cut -f 1 -d : /etc/passwd | grep "^$user$" )
|
|
if [ ! -z "$check_sysuser" ] || [ -e "$USER_DATA" ]; then
|
|
check_result $E_EXISTS "user $user exists"
|
|
fi
|
|
}
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
# Verifications #
|
|
#----------------------------------------------------------#
|
|
|
|
check_args '3' "$#" 'USER PASSWORD EMAIL [PACKAGE] [FNAME] [LNAME]'
|
|
is_format_valid 'user' 'email' 'package'
|
|
if [ ! -z "$fname" ]; then
|
|
is_format_valid 'fname' 'lname'
|
|
fi
|
|
is_user_free "$user"
|
|
is_password_valid
|
|
is_package_valid
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
# Action #
|
|
#----------------------------------------------------------#
|
|
|
|
# Parsing package data
|
|
pkg_data=$(cat $VESTA/data/packages/$package.pkg |egrep -v "TIME|DATE")
|
|
|
|
# Checking shell
|
|
shell_conf=$(echo "$pkg_data" | grep 'SHELL' | cut -f 2 -d \')
|
|
shell=$(grep -w "$shell_conf" /etc/shells |head -n1)
|
|
|
|
# Adding user
|
|
/usr/sbin/useradd "$user" -s "$shell" -c "$email" -m -d "$HOMEDIR/$user"
|
|
check_result $? "user creation failed" $E_INVALID
|
|
|
|
# Adding password
|
|
echo "$user:$password" | /usr/sbin/chpasswd
|
|
|
|
# Building directory tree
|
|
mkdir $HOMEDIR/$user/conf
|
|
|
|
if [ ! -z "$WEB_SYSTEM" ]; then
|
|
mkdir $HOMEDIR/$user/conf/web $HOMEDIR/$user/web $HOMEDIR/$user/tmp
|
|
chmod 751 $HOMEDIR/$user/conf/web
|
|
chmod 700 $HOMEDIR/$user/tmp
|
|
chown $user:$user $HOMEDIR/$user/web $HOMEDIR/$user/tmp
|
|
fi
|
|
|
|
if [ ! -z "$MAIL_SYSTEM" ]; then
|
|
mkdir $HOMEDIR/$user/conf/mail $HOMEDIR/$user/mail
|
|
chmod 751 $HOMEDIR/$user/mail
|
|
chmod 755 $HOMEDIR/$user/conf/mail
|
|
fi
|
|
|
|
if [ ! -z "$DNS_SYSTEM" ]; then
|
|
mkdir $HOMEDIR/$user/conf/dns
|
|
chmod 751 $HOMEDIR/$user/conf/dns
|
|
fi
|
|
|
|
# Set permissions
|
|
chmod a+x $HOMEDIR/$user
|
|
chattr +i $HOMEDIR/$user/conf
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
# Vesta #
|
|
#----------------------------------------------------------#
|
|
|
|
# Adding user dir
|
|
mkdir -p $USER_DATA/ssl $USER_DATA/dns $USER_DATA/mail
|
|
|
|
# Creating configuration files and pipes
|
|
touch $USER_DATA/backup.conf \
|
|
$USER_DATA/history.log \
|
|
$USER_DATA/stats.log \
|
|
$USER_DATA/web.conf \
|
|
$USER_DATA/dns.conf \
|
|
$USER_DATA/mail.conf \
|
|
$USER_DATA/db.conf \
|
|
$USER_DATA/cron.conf
|
|
|
|
chmod 770 $USER_DATA \
|
|
$USER_DATA/ssl \
|
|
$USER_DATA/dns \
|
|
$USER_DATA/mail
|
|
|
|
chmod 660 $USER_DATA/backup.conf \
|
|
$USER_DATA/history.log \
|
|
$USER_DATA/stats.log \
|
|
$USER_DATA/web.conf \
|
|
$USER_DATA/dns.conf \
|
|
$USER_DATA/mail.conf \
|
|
$USER_DATA/db.conf \
|
|
$USER_DATA/cron.conf
|
|
|
|
# Updating queue pipes
|
|
echo "$BIN/v-update-user-disk $user" >> $VESTA/data/queue/disk.pipe
|
|
if [ ! -z "$WEB_SYSTEM" ]; then
|
|
echo "$BIN/v-update-web-domains-traff $user" \
|
|
>> $VESTA/data/queue/traffic.pipe
|
|
echo "$BIN/v-update-web-domains-disk $user" >> $VESTA/data/queue/disk.pipe
|
|
fi
|
|
if [ ! -z "$MAIL_SYSTEM" ]; then
|
|
echo "$BIN/v-update-mail-domains-disk $user" >> $VESTA/data/queue/disk.pipe
|
|
fi
|
|
|
|
if [ ! -z "$DB_SYSTEM" ]; then
|
|
echo "$BIN/v-update-databases-disk $user" >> $VESTA/data/queue/disk.pipe
|
|
fi
|
|
|
|
# Generating timestamp
|
|
time_n_date=$(date +'%T %F')
|
|
time=$(echo "$time_n_date" |cut -f 1 -d \ )
|
|
date=$(echo "$time_n_date" |cut -f 2 -d \ )
|
|
|
|
# Filling user config
|
|
if [ "$user" != 'admin' ]; then
|
|
ip_avail=$($BIN/v-list-user-ips admin plain |grep -w shared|wc -l)
|
|
u_users=0
|
|
else
|
|
ip_avail=0
|
|
u_users=1
|
|
fi
|
|
|
|
echo "FNAME='$fname'
|
|
LNAME='$lname'
|
|
PACKAGE='$package'
|
|
$pkg_data
|
|
CONTACT='$email'
|
|
CRON_REPORTS='yes'
|
|
MD5='$(awk -v user=$user -F : 'user == $1 {print $2}' /etc/shadow)'
|
|
RKEY='$(generate_password)'
|
|
SUSPENDED='no'
|
|
SUSPENDED_USERS='0'
|
|
SUSPENDED_WEB='0'
|
|
SUSPENDED_DNS='0'
|
|
SUSPENDED_MAIL='0'
|
|
SUSPENDED_DB='0'
|
|
SUSPENDED_CRON='0'
|
|
IP_AVAIL='$ip_avail'
|
|
IP_OWNED='0'
|
|
U_USERS='$u_users'
|
|
U_DISK='0'
|
|
U_DISK_DIRS='0'
|
|
U_DISK_WEB='0'
|
|
U_DISK_MAIL='0'
|
|
U_DISK_DB='0'
|
|
U_BANDWIDTH='0'
|
|
U_WEB_DOMAINS='0'
|
|
U_WEB_SSL='0'
|
|
U_WEB_ALIASES='0'
|
|
U_DNS_DOMAINS='0'
|
|
U_DNS_RECORDS='0'
|
|
U_MAIL_DOMAINS='0'
|
|
U_MAIL_DKIM='0'
|
|
U_MAIL_ACCOUNTS='0'
|
|
U_DATABASES='0'
|
|
U_CRON_JOBS='0'
|
|
U_BACKUPS='0'
|
|
LANGUAGE=''
|
|
NOTIFICATIONS='no'
|
|
TIME='$time'
|
|
DATE='$date'" > $USER_DATA/user.conf
|
|
chmod 660 $USER_DATA/user.conf
|
|
|
|
# Updating quota
|
|
if [ "$DISK_QUOTA" = 'yes' ]; then
|
|
$BIN/v-update-user-quota "$user"
|
|
fi
|
|
|
|
# Updating admin counter
|
|
if [ "$user" != 'admin' ]; then
|
|
increase_user_value 'admin' '$U_USERS'
|
|
fi
|
|
|
|
# Run template trigger
|
|
if [ -x "$VESTA/data/packages/$package.sh" ]; then
|
|
$VESTA/data/packages/$package.sh "$user" "$email" "$fname" "$lname"
|
|
fi
|
|
|
|
# Adding jailed sftp env
|
|
if [ ! -z "$SFTPJAIL_KEY" ]; then
|
|
$BIN/v-add-user-sftp-jail $user
|
|
fi
|
|
|
|
# Logging
|
|
log_history "added system user $user" '' 'admin'
|
|
log_event "$OK" "$ARGUMENTS"
|
|
|
|
exit
|