Home Explore Help
Sign In
yosoyhendrix
/
hestiacp
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 3d8e57ed5d
Branches Tags
hestiacp
/
bin
/
v-run-cli-cmd

v-run-cli-cmd 2.1 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879 
  1. #!/bin/bash
    2. 

  2. # info: run cli command
    3. 

  3. # options: USER CMD [ARG...]
    4. 

  4. # labels: hestia
    5. 

  5. #
    6. 

  6. # example: v-run-cli-cmd user composer require package
    7. 

  7. #
    8. 

  8. # The function runs a limited list of cli commands with dropped privileges as the specific hestia user
    9. 

  9. 

  10. user=$1
    11. 

  11. clicmd=$2
    12. 

  12. 

  13. # Includes
    14. 

  14. # shellcheck source=/usr/local/hestia/func/main.sh
    15. 

  15. source $HESTIA/func/main.sh
    16. 

  16. 

  17. #----------------------------------------------------------#
    18. 

  18. #                    Verifications                         #
    19. 

  19. #----------------------------------------------------------#
    20. 

  20. 

  21. check_args '2' "$#" 'USER CMD [ARGS]'
    22. 

  22. is_format_valid 'user'
    23. 

  23. is_object_valid 'user' 'USER' "$user"
    24. 

  24. 

  25. # Checking user homedir
    26. 

  26. homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
    27. 

  27. if [ -z $homedir ]; then
    28. 

  28.     check_result $E_NOTEXIST "Error: user home directory doesn't exist"
    29. 

  29. fi
    30. 

  30. 

  31. if [ "$clicmd" = "composer" ]; then
    32. 

  32.     clicmd="$homedir/.composer/composer"
    33. 

  33. fi
    34. 

  34. 

  35. if [ -z "$(which "$clicmd")" ]; then
    36. 

  36.     check_result $E_NOTEXIST "Error: Cli command does not exist"
    37. 

  37. fi
    38. 

  38. basecmd="$(basename "$clicmd")"
    39. 

  39. 

  40. if [ "$basecmd" != 'ps'         -a \
    41. 

  41.      "$basecmd" != 'ls'         -a \
    42. 

  42.      "$basecmd" != 'tar'        -a \
    43. 

  43.      "$basecmd" != 'zip'        -a \
    44. 

  44.      "$basecmd" != 'unzip'      -a \
    45. 

  45.      "$basecmd" != 'gzip'       -a \
    46. 

  46.      "$basecmd" != 'gunzip'     -a \
    47. 

  47.      "$basecmd" != 'mkdir'      -a \
    48. 

  48.      "$basecmd" != 'find'       -a \
    49. 

  49.      "$basecmd" != 'id'         -a \
    50. 

  50.      "$basecmd" != 'grep'       -a \
    51. 

  51.      "$basecmd" != 'egrep'      -a \
    52. 

  52.      "$basecmd" != 'sed'        -a \
    53. 

  53.      "$basecmd" != 'cat'        -a \
    54. 

  54.      "$basecmd" != 'php5.6'     -a \
    55. 

  55.      "$basecmd" != 'php7.0'     -a \
    56. 

  56.      "$basecmd" != 'php7.1'     -a \
    57. 

  57.      "$basecmd" != 'php7.2'     -a \
    58. 

  58.      "$basecmd" != 'php7.3'     -a \
    59. 

  59.      "$basecmd" != 'php7.4'     -a \
    60. 

  60.      "$basecmd" != 'php'        -a \
    61. 

  61.      "$basecmd" != 'composer' ]; then
    62. 

  62.     check_result $E_FORBIDEN "Error: Cli command not enabled"
    63. 

  63. fi
    64. 

  64. 

  65. all_scriptargs=("$@")
    66. 

  66. for ((I=3; I <= $# ; I++)); do
    67. 

  67.     cmdArgs="$cmdArgs ${all_scriptargs[${I}-1]}"
    68. 

  68. done
    69. 

  69. 

  70. runuser -u "$user" -- $clicmd $cmdArgs
    71. 

  71. if [ $? -ne 0 ]; then 
    72. 

  72.     echo "Error: cmd exited with errors"
    73. 

  73.     exit 3
    74. 

  74. fi
    75. 

  75. 

  76. # Logging
    77. 

  77. log_event "$OK" "$ARGUMENTS"
    78. 

  78. 

  79. exit
    80.