v-delete-sys-sftp-jail 2.4 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788
  1. #!/bin/bash
  2. # info: delete system sftp jail
  3. # options: NONE
  4. #
  5. # The script disables sftp jailed environment
  6. #----------------------------------------------------------#
  7. # Variable&Function #
  8. #----------------------------------------------------------#
  9. # Importing system environment as we run this script
  10. # mostly by cron which do not read it by itself
  11. source /etc/profile
  12. # Includes
  13. source $VESTA/func/main.sh
  14. source $VESTA/conf/vesta.conf
  15. #----------------------------------------------------------#
  16. # Verifications #
  17. #----------------------------------------------------------#
  18. #if [ -z "$SFTPJAIL_KEY" ]; then
  19. # exit
  20. #fi
  21. #----------------------------------------------------------#
  22. # Action #
  23. #----------------------------------------------------------#
  24. # Checking users
  25. for user in $(grep "$HOMEDIR" /etc/passwd |cut -f 1 -d:); do
  26. $BIN/v-delete-user-sftp-jail $user
  27. done
  28. # Checking sshd directives
  29. config='/etc/ssh/sshd_config'
  30. sftp_n=$(grep -n "Subsystem.*sftp" $config |grep -v internal |grep ":#")
  31. sftp_i=$(grep -n "Subsystem.*sftp" $config |grep internal |grep -v ":#")
  32. # Backing up config
  33. cp $config $config.bak-$(date +%s)
  34. # Enabling normal sftp
  35. if [ ! -z "$sftp_n" ]; then
  36. fline=$(echo $sftp_n |cut -f 1 -d :)
  37. sed -i "${fline}s/#Subsystem/Subsystem sftp/" $config
  38. restart='yes'
  39. fi
  40. # Disabling jailed sftp
  41. if [ ! -z "$sftp_i" ]; then
  42. fline=$(echo $sftp_i |cut -f 1 -d :)
  43. lline=$((fline + 5))
  44. sed -i "${fline},${lline}d" $config
  45. restart='yes'
  46. fi
  47. # Validating opensshd config
  48. if [ "$restart" = 'yes' ]; then
  49. subj="OpenSSH restart failed"
  50. email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f 2 -d \')
  51. /usr/sbin/sshd -t >/dev/null 2>&1
  52. if [ "$?" -ne 0 ]; then
  53. mail_text="OpenSSH can not be restarted. Please check config:
  54. \n\n$(/usr/sbin/sshd -t)"
  55. echo -e "$mail_text" |$SENDMAIL -s "$subj" $email
  56. else
  57. service ssh restart >/dev/null 2>&1
  58. service sshd restart >/dev/null 2>&1
  59. fi
  60. fi
  61. # Deleting v-add-sys-sftp-jail from startup
  62. sed -i "/v-add-sys-sftp-jail/d" /etc/rc.local 2>/dev/null
  63. #----------------------------------------------------------#
  64. # Vesta #
  65. #----------------------------------------------------------#
  66. # Logging
  67. log_event "$OK" "$ARGUMENTS"
  68. exit