Enable sftp by default.

bin/v-add-sys-sftp-jail

@@ -9,11 +9,8 @@
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 
-# Importing system environment  as we run this script
-# mostly by cron which do not read it by itself
-source /etc/profile
-
 # Includes
+source /etc/profile
 source $HESTIA/func/main.sh
 source $HESTIA/conf/hestia.conf
 
@@ -22,10 +19,6 @@ source $HESTIA/conf/hestia.conf
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-if [ -z "$SFTPJAIL_KEY" ]; then
-    exit
-fi
-
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-user

@@ -204,9 +204,7 @@ if [ -x "$HESTIA/data/packages/$package.sh" ]; then
 fi
 
 # Adding jailed sftp env
-if [ ! -z "$SFTPJAIL_KEY" ]; then
-    $BIN/v-add-user-sftp-jail $user
-fi
+$BIN/v-add-user-sftp-jail $user
 
 # Logging
 log_history "added system user $user" '' 'admin'

bin/v-add-user-sftp-jail

@@ -23,9 +23,6 @@ source $HESTIA/conf/hestia.conf
 
 check_args '1' "$#" 'USER'
 is_format_valid 'user'
-if [ -z "$SFTPJAIL_KEY" ]; then
-    exit
-fi
 user_str=$(grep "^$user:" /etc/passwd |egrep "rssh|nologin")
 if [ -z "$user_str" ]; then
     exit

bin/v-add-web-domain-ftp

@@ -92,9 +92,7 @@ echo "$ftp_user:$password" | /usr/sbin/chpasswd
 ftp_md5=$(awk -v user=$ftp_user -F : 'user == $1 {print $2}' /etc/shadow)
 
 # Adding jailed sftp env
-if [ ! -z "$SFTPJAIL_KEY" ]; then
-    $BIN/v-add-user-sftp-jail $ftp_user
-fi
+$BIN/v-add-user-sftp-jail $ftp_user
 
 
 #----------------------------------------------------------#

bin/v-change-user-shell

@@ -40,12 +40,10 @@ shell_path=$(grep -w "$shell" /etc/shells | head -n1)
 shell=$(basename $shell_path)
 
 # Adding jailed sftp env
-if [ ! -z "$SFTPJAIL_KEY" ]; then
-    if [[ "$shell" =~ nologin ]] || [[ "$shell" =~ rssh ]]; then
-        $BIN/v-add-user-sftp-jail $user >/dev/null 2>&1
-    else
-        $BIN/v-delete-user-sftp-jail $user >/dev/null 2>&1
-    fi
+if [[ "$shell" =~ nologin ]] || [[ "$shell" =~ rssh ]]; then
+    $BIN/v-add-user-sftp-jail $user >/dev/null 2>&1
+else
+    $BIN/v-delete-user-sftp-jail $user >/dev/null 2>&1
 fi
 
 

bin/v-delete-sys-sftp-jail

@@ -22,10 +22,6 @@ source $HESTIA/conf/hestia.conf
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-#if [ -z "$SFTPJAIL_KEY" ]; then
-#    exit
-#fi
-
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-delete-user

@@ -75,9 +75,7 @@ sed -i "/ $user$/d" $HESTIA/data/queue/disk.pipe
 sed -i "/ $user$/d" $HESTIA/data/queue/traffic.pipe
 
 # Deleting sftp jail
-if [ ! -z "$SFTPJAIL_KEY" ]; then
-    $BIN/v-delete-user-sftp-jail $user
-fi
+$BIN/v-delete-user-sftp-jail $user
 
 # Deleting system user
 /usr/sbin/userdel -f $user >> /dev/null 2>&1

bin/v-delete-web-domain-ftp

@@ -57,9 +57,7 @@ if [ "$?" != 0 ]; then
 fi
 
 # Deleting sftp jail
-if [ ! -z "$SFTPJAIL_KEY" ]; then
-    $BINv-delete-user-sftp-jail $ftp_user
-fi
+$BINv-delete-user-sftp-jail $ftp_user
 
 
 #----------------------------------------------------------#

bin/v-list-sys-config

@@ -41,8 +41,6 @@ json_list() {
         "DISK_QUOTA": "'$DISK_QUOTA'",
         "FIREWALL_SYSTEM": "'$FIREWALL_SYSTEM'",
         "FIREWALL_EXTENSION": "'$FIREWALL_EXTENSION'",
-        "FILEMANAGER_KEY": "'$FILEMANAGER_KEY'",
-        "SFTPJAIL_KEY": "'$SFTPJAIL_KEY'",
         "REPOSITORY": "'$REPOSITORY'",
         "VERSION": "'$VERSION'",
         "LANGUAGE": "'$LANGUAGE'",
@@ -126,15 +124,6 @@ shell_list() {
     if [ ! -z "$DISK_QUOTA" ]; then
         echo "Disk Quota:     $DISK_QUOTA"
     fi
-    if [ ! -z "$FILEMANAGER_KEY" ]; then
-        echo "FileManager:    $FILEMANAGER_KEY"
-    fi
-    if [ ! -z "$SFTPJAIL_KEY" ]; then
-        echo "SFTP Chroot:    $SFTPJAIL_KEY"
-    fi
-    if [ ! -z "$SOFTACULOUS" ]; then
-        echo "Softaculous:    $SOFTACULOUS"
-    fi
     if [ ! -z "$LANGUAGE" ] && [ "$LANGUAGE" != 'en' ]; then
         echo "Language:       $LANGUAGE"
     fi
@@ -149,9 +138,8 @@ plain_list() {
     echo -ne "$ANTIVIRUS_SYSTEM\t$ANTISPAM_SYSTEM\t$DB_SYSTEM\t"
     echo -ne "$DNS_SYSTEM\t$DNS_CLUSTER\t$STATS_SYSTEM\t$BACKUP_SYSTEM\t"
     echo -ne "$CRON_SYSTEM\t$DISK_QUOTA\t$FIREWALL_SYSTEM\t"
-    echo -ne "$FIREWALL_EXTENSION\t$FILEMANAGER_KEY\t$SFTPJAIL_KEY\t"
-    echo -ne "$REPOSITORY\t$VERSION\t$LANGUAGE\t$BACKUP_GZIP\t$BACKUP\t"
-    echo -e "$MAIL_URL\t$DB_PMA_URL\t$DB_PGA_URL"
+    echo -ne "$FIREWALL_EXTENSION\t$REPOSITORY\t$VERSION\t$LANGUAGE\t"
+    echo -e "$BACKUP_GZIP\t$BACKUP\t$MAIL_URL\t$DB_PMA_URL\t$DB_PGA_URL"
 }
 
 
@@ -163,19 +151,18 @@ csv_list() {
     echo -n "'ANTIVIRUS_SYSTEM','ANTISPAM_SYSTEM','DB_SYSTEM',"
     echo -n "'DNS_SYSTEM','DNS_CLUSTER','STATS_SYSTEM','BACKUP_SYSTEM',"
     echo -n "'CRON_SYSTEM','DISK_QUOTA','FIREWALL_SYSTEM',"
-    echo -n "'FIREWALL_EXTENSION','FILEMANAGER_KEY','SFTPJAIL_KEY',"
-    echo -n "'REPOSITORY','VERSION','LANGUAGE','BACKUP_GZIP','BACKUP',"
-    echo -n "'MAIL_URL','DB_PMA_URL','DB_PGA_URL'"
+    echo -n "'FIREWALL_EXTENSION','REPOSITORY',"
+    echo -n "'VERSION','LANGUAGE','BACKUP_GZIP','BACKUP','MAIL_URL',"
+    echo -n "'DB_PMA_URL','DB_PGA_URL'"
     echo
     echo -n "'$WEB_SYSTEM','$WEB_RGROUPS','$WEB_PORT','$WEB_SSL',"
     echo -n "'$WEB_SSL_PORT','$WEB_BACKEND','$PROXY_SYSTEM','$PROXY_PORT',"
     echo -n "'$PROXY_SSL_PORT','$FTP_SYSTEM','$MAIL_SYSTEM','$IMAP_SYSTEM',"
     echo -n "'$ANTIVIRUS_SYSTEM','$ANTISPAM_SYSTEM','$DB_SYSTEM',"
     echo -n "'$DNS_SYSTEM','$DNS_CLUSTER','$STATS_SYSTEM','$BACKUP_SYSTEM',"
-    echo -n "'$CRON_SYSTEM','$DISK_QUOTA','$FIREWALL_SYSTEM',"
-    echo -n "'$FIREWALL_EXTENSION','$FILEMANAGER_KEY','$SFTPJAIL_KEY',"
-    echo -n "'$REPOSITORY','$VERSION','$LANGUAGE','$BACKUP_GZIP','$BACKUP',"
-    echo -n "'$MAIL_URL','$DB_PMA_URL','$DB_PGA_URL', '$SOFTACULOUS'"
+    echo -n "'$CRON_SYSTEM','$DISK_QUOTA','$FIREWALL_SYSTEM','$REPOSITORY',"
+    echo -n "'$FIREWALL_EXTENSION','$VERSION','$LANGUAGE','$BACKUP_GZIP',"
+    echo -n "'$BACKUP','$MAIL_URL','$DB_PMA_URL','$DB_PGA_URL'"
     echo
 }
 

install/hst-install-debian.sh

@@ -1608,6 +1608,10 @@ check_result $? "can't create admin user"
 $HESTIA/bin/v-change-user-shell admin nologin
 $HESTIA/bin/v-change-user-language admin $lang
 
+# Enable sftp jail
+$HESTIA/bin/v-add-sys-sftp-jail > /dev/null 2>&1
+check_result $? "can't enable sftp jail"
+
 # Roundcube permissions fix
 if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
     if [ ! -d "/var/log/roundcube" ]; then

install/hst-install-ubuntu.sh

@@ -1546,6 +1546,10 @@ if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then
     groupdel admin > /dev/null 2>&1
 fi
 
+# Enable sftp jail
+$HESTIA/bin/v-add-sys-sftp-jail > /dev/null 2>&1
+check_result $? "can't enable sftp jail"
+
 # Adding Hestia admin account
 $HESTIA/bin/v-add-user admin $vpass $email default System Administrator
 check_result $? "can't create admin user"

install/upgrade/0.9.8-29.sh

@@ -14,7 +14,6 @@ source /usr/local/hestia/func/main.sh
 mkdir -p $HESTIA_BACKUP/templates/
 mkdir -p $HESTIA_BACKUP/packages/
 
-
 echo "(*) Upgrading to Hestia Control Panel v$VERSION..."
 
 # Generating dhparam.
@@ -178,3 +177,6 @@ done
 echo "(*) Setting awstats as default web statistics backend..."
 apt purge webalizer -y > /dev/null 2>&1
 sed -i "s/STATS_SYSTEM='webalizer,awstats'/STATS_SYSTEM='awstats'/g" $HESTIA/conf/hestia.conf
+
+# Run sftp jail once
+$HESTIA/bin/v-add-sys-sftp-jail

web/download/file/index.php

@@ -1,33 +0,0 @@
-<?php
-include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
-
-if ((!isset($_SESSION['FILEMANAGER_KEY'])) || (empty($_SESSION['FILEMANAGER_KEY']))) {
-    header("Location: /login/");
-    exit;
-}
-
-$user = $_SESSION['user'];
-if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
-    $user = $_SESSION['look'];
-}
-
-$path = $_REQUEST['path'];
-if (!empty($path)) {
-    set_time_limit(0);
-	if (ob_get_level()) {
-	  ob_end_clean();
-	}	
-    header("Content-type: application/octet-stream");
-    header("Content-Transfer-Encoding: binary");
-    header("Content-disposition: attachment;filename=".basename($path));
-	$output = '';
-	exec(HESTIA_CMD . "v-check-fs-permission " . $user . " " . escapeshellarg($path), $output, $return_var);
-	if ($return_var != 0) {
-	  print 'Error while opening file'; // todo: handle this more styled
-	  exit;
-	}
-	readfile($path);
-    exit;
-} else {
-    die('File not found');
-}

web/view/file/index.php

@@ -1,43 +0,0 @@
-<?php 
-
-include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
-
-if ((!isset($_SESSION['FILEMANAGER_KEY'])) || (empty($_SESSION['FILEMANAGER_KEY']))) {
-    header("Location: /login/");
-    exit;
-}
-
-$user = $_SESSION['user'];
-if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
-    $user=$_SESSION['look'];
-}
-
-if (!empty($_REQUEST['path'])) {
-    $path = htmlspecialchars($_REQUEST['path'], ENT_QUOTES, 'UTF-8');
-    if (!empty($_REQUEST['raw'])) {
-        header('content-type: image/jpeg');
-        passthru (HESTIA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg($path));
-        exit;
-    }
-}
-else {
-    die('File not found');
-}
-
-?>
-<!DOCTYPE html>
-<html>
-    <head>
-        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-        <title>fotorama</title>
-    <script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
-    <link href="//cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.2/fotorama.css" rel="stylesheet">
-    <script src="//cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.2/fotorama.js"></script>
-    </head>
-    <body>
-        <div style="background-color: #eee; /*display: inline-block; vertical-align: middle;*/ height: 100%; text-align: center; /*position: absolute; /*top: 50%; left: 50%; margin-top: -50px; margin-left: -50px;  /*data-maxheight="100%" data-maxwidth="100%" */"
-    class="fotoram" data-fit="scaledown" data-allowfullscreen="true" data-nav="false">
-         <img src="/view/file/?path=<?=$path?>&raw=true" style="background: #3A6F9A; vertical-align: middle;  /*max-height: 25px; max-width: 160px;*/" />
-        </div>
-    </body>
-</html>