Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-15 09:46:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update fixperms.sh

Browse Source 
Added smart fall back detection to find the linux user from domain if domain is provided vs username for Cyberpanel user. Also ran it through shellcheck andupdated and optimized the code and added multi control panel detection code.
This commit is contained in:
WhatTheServer
2020-09-02 09:33:13 -04:00
committed by GitHub
parent a3846aafe5
commit ca30929d6f
1 changed files with 263 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

305
CPScripts/fixperms.sh
View File

@@ -1,9 +1,62 @@
#! /bin/bash #!/usr/bin/env bash
# Cyberpanel Fix Perms ## Author: Michael Ramsey
# https://gitlab.com/cyberpaneltoolsnscripts/cyberpanel-fixperms ## Objective Fix permissions issues on CyberPanel/cPanel/Plesk for a linux user or users
# https://gitlab.com/wizardassistantscripts/fixperms
# #
# Forked from https://github.com/PeachFlame/cPanel-fixperms # Forked from https://github.com/PeachFlame/cPanel-fixperms
# #
# Plesk portion credits too
# https://www.orware.com/blog/tips-and-how-tos/plesk/correct-httpdocs-permissions
# https://support.plesk.com/hc/en-us/articles/115001969889--BUG-plesk-repair-fs-doesn-t-set-correct-owner-inside-httpdocs
## How to use.
# wget https://gitlab.com/wizardassistantscripts/fixperms/-/raw/master/fixperms.sh ; bash fixperms.sh username
#
# wget https://gitlab.com/wizardassistantscripts/fixperms/-/raw/master/fixperms.sh ; bash fixperms.sh exampleuserbob
#
# Or once of
## bash <(curl -s https://gitlab.com/wizardassistantscripts/fixperms/-/raw/master/fixperms.sh || wget -qO - https://gitlab.com/wizardassistantscripts/fixperms/-/raw/master/fixperms.sh) exampleuserbob;
#
# Permanent Install for reuse via the below
# wget -O /usr/bin/fixperms https://gitlab.com/wizardassistantscripts/fixperms/-/raw/master/fixperms.sh; chmod +x /usr/bin/fixperms;
#
# Then
# fixperms -v -a Username
# fixperms -v -all
# Username=$1
#Detect Control panel
if [ -f /usr/local/cpanel/cpanel ]; then
# Cpanel check for /usr/local/cpanel/cpanel -V
ControlPanel="cpanel"
#user_homedir="/home/${Username}"
elif [ -f /usr/bin/cyberpanel ]; then
# CyberPanel check /usr/bin/cyberpanel
ControlPanel="cyberpanel"
#Get users homedir path
#user_homedir=$(grep -E "^${Username}:" /etc/passwd | cut -d: -f6)
elif [ -f /usr/local/psa/core.version ]; then
# Plesk check /usr/local/psa/core.version
ControlPanel="plesk"
#Get users homedir path
#user_homedir=$(grep -E "^${Username}:" /etc/passwd | cut -d: -f6)
else
echo "Not able to detect Control panel. Unsupported Control Panel exiting now"
exit 1;
fi
echo "=============================================================";
echo "$ControlPanel Control Panel Detected"
echo "=============================================================";
echo "";
# Set verbose to null # Set verbose to null
verbose="" verbose=""
@@ -21,7 +74,7 @@ helptext () {
echo "-h or --help: print this screen and exit" echo "-h or --help: print this screen and exit"
echo "-v: verbose output" echo "-v: verbose output"
echo "-all: run on all Cyberpanel accounts" echo "-all: run on all Cyberpanel accounts"
echo "--account or -a: specify a Cyberpanel account" echo "--account or -a: specify a Cyberpanel/cPanel/Plesk account"
# echo "--domain or -d: specify a Cyberpanel domain" # echo "--domain or -d: specify a Cyberpanel domain"
tput sgr0 tput sgr0
exit 0 exit 0
@@ -59,8 +112,11 @@ else
fi fi
#### Cyberpanel Section
# fix mailperms # fix mailperms
fixmailperms () { fixmailperms_cyberpanel () {
tput bold tput bold
tput setaf 4 tput setaf 4
echo "Fixing mailperms...." echo "Fixing mailperms...."
@@ -75,7 +131,7 @@ fixmailperms () {
} }
# Main workhorse, fix perms per account passed to it # Main workhorse, fix perms per account passed to it
fixperms () { fixperms_cyberpanel () {
#Get account from what is passed to the function #Get account from what is passed to the function
account=$1 account=$1
@@ -91,43 +147,64 @@ fixperms () {
#Else, start doing work #Else, start doing work
else else
#Get the account's homedir # Get linux user from Domain
HOMEDIR=$(egrep "^${account}:" /etc/passwd | cut -d: -f6) domain_username=$(grep -E "/${1}:" /etc/passwd | cut -d: -f1)
if id "$1" >/dev/null 2>&1; then
echo "$1 exists"
elif id "$domain_username" >/dev/null 2>&1; then
echo "Found user: $domain_username from domain: $1"
echo "$domain_username exists"
account=$domain_username
else
echo "user does not exist"
fi
#Get the account's homedir
HOMEDIR=$(grep -E "^${account}:" /etc/passwd | cut -d: -f6)
echo "User Homedirectory: ${HOMEDIR}"
tput bold tput bold
tput setaf 4 tput setaf 4
echo "Fixing perms for $account:" echo "Fixing perms for $account:"
tput setaf 3 tput setaf 3
if [ -d "$HOMEDIR/.cagefs" ]; then
chmod 775 "$HOMEDIR"/.cagefs
chmod 700 "$HOMEDIR"/.cagefs/tmp
chmod 700 "$HOMEDIR"/.cagefs/var
chmod 777 "$HOMEDIR"/.cagefs/cache
chmod 777 "$HOMEDIR"/.cagefs/run
fi
echo "------------------------" echo "------------------------"
tput setaf 4 tput setaf 4
echo "Fixing website files...." echo "Fixing website files...."
tput sgr0 tput sgr0
#Fix individual files in public_html #Fix individual files in public_html
find "$HOMEDIR"/public_html -type d -exec chmod $verbose 755 {} \; find "$HOMEDIR"/public_html -type d -exec chmod "$verbose" 755 {} \;
find "$HOMEDIR"/public_html -type f | xargs -d$'\n' -r chmod $verbose 644 find "$HOMEDIR"/public_html -type f -print0 | xargs -d$'\n' -r chmod "$verbose" 644
find "$HOMEDIR"/public_html -name '*.cgi' -o -name '*.pl' | xargs -r chmod $verbose 755 find "$HOMEDIR"/public_html -name '*.cgi' -print0 -o -name '*.pl' | xargs -0 -r chmod "$verbose" 755
#chown $verbose -R "$account":"$account" "$HOMEDIR"/public_html/* #chown $verbose -R "$account":"$account" "$HOMEDIR"/public_html/*
# Hidden files test support: https://serverfault.com/a/156481 # Hidden files test support: https://serverfault.com/a/156481
chown $verbose -R "$account":"$account" "$HOMEDIR"/public_html/.[^.]* chown "$verbose" -R "$account":"$account" "$HOMEDIR"/public_html/.[^.]*
find "$HOMEDIR"/* -name .htaccess -exec chown $verbose "$account"."$account" {} \; find "$HOMEDIR"/* -name .htaccess -exec chown "$verbose" "$account"."$account" {} \;
tput bold tput bold
tput setaf 4 tput setaf 4
echo "Fixing public_html...." echo "Fixing public_html...."
tput sgr0 tput sgr0
#Fix perms of public_html itself #Fix perms of public_html itself
chown $verbose "$account":"$account" "$HOMEDIR"/public_html chown "$verbose" "$account":"$account" "$HOMEDIR"/public_html
chmod $verbose 755 "$HOMEDIR"/public_html chmod "$verbose" 755 "$HOMEDIR"/public_html
tput bold tput bold
tput setaf 4 tput setaf 4
echo "Fixing logs...." echo "Fixing logs...."
tput sgr0 tput sgr0
#Fix perms of $HOMEDIR/logs #Fix perms of $HOMEDIR/logs
chown $verbose nobody:"$account" "$HOMEDIR"/logs chown "$verbose" nobody:"$account" "$HOMEDIR"/logs
chmod $verbose 750 "$HOMEDIR"/logs chmod "$verbose" 750 "$HOMEDIR"/logs
find "$HOMEDIR"/logs/* -name '*.access_log' -exec chown $verbose nobody."$account" {} \; find "$HOMEDIR"/logs/* -name '*.access_log' -exec chown "$verbose" nobody."$account" {} \;
@@ -144,7 +221,7 @@ fixperms () {
#echo "Fixing sub/addon domain document root $SUBDOMAIN...." #echo "Fixing sub/addon domain document root $SUBDOMAIN...."
#tput sgr0 #tput sgr0
#find $SUBDOMAIN -type d -exec chmod $verbose 755 {} \; #find $SUBDOMAIN -type d -exec chmod $verbose 755 {} \;
#find $SUBDOMAIN -type f | xargs -d$'\n' -r chmod $verbose 644 #find $SUBDOMAIN -type f -print0 | xargs -d$'\n' -r chmod $verbose 644
#find $SUBDOMAIN -name '*.cgi' -o -name '*.pl' | xargs -r chmod $verbose 755 #find $SUBDOMAIN -name '*.cgi' -o -name '*.pl' | xargs -r chmod $verbose 755
#chown $verbose -R $account:$account $SUBDOMAIN #chown $verbose -R $account:$account $SUBDOMAIN
#find $SUBDOMAIN -name .htaccess -exec chown $verbose $account.$account {} \; #find $SUBDOMAIN -name .htaccess -exec chown $verbose $account.$account {} \;
@@ -162,33 +239,177 @@ fixperms () {
return 0 return 0
} }
#Parses all users through Cyberpanel's users file
#all () {
# for user in $(cut -d: -f1 /etc/domainusers)
# do
# fixperms "$user"
# done
#}
#########cPanel
# Main workhorse, fix perms per account passed to it
fixperms_cpanel () {
#Get account from what is passed to the function
account=$1
#Check account against cPanel users file
if ! grep "$account" /var/cpanel/users/*
then
tput bold
tput setaf 1
echo "Invalid cPanel account"
tput sgr0
exit 0
fi
#Make sure account isn't blank
if [ -z "$account" ]
then
tput bold
tput setaf 1
echo "Need an account name!"
tput sgr0
helptext
#Else, start doing work
else
#Get the account's homedir
HOMEDIR=$(grep -E "^${account}:" /etc/passwd | cut -d: -f6)
echo "User Homedirectory: ${HOMEDIR}"
tput bold
tput setaf 4
echo "Fixing perms for $account:"
tput setaf 3
if [ -d "$HOMEDIR/.cagefs" ]; then
chmod 775 "$HOMEDIR"/.cagefs
chmod 700 "$HOMEDIR"/.cagefs/tmp
chmod 700 "$HOMEDIR"/.cagefs/var
chmod 777 "$HOMEDIR"/.cagefs/cache
chmod 777 "$HOMEDIR"/.cagefs/run
fi
echo "------------------------"
tput setaf 4
echo "Fixing website files...."
tput sgr0
#Fix individual files in public_html
find "$HOMEDIR"/public_html -type d -exec chmod "$verbose" 755 {} \;
find "$HOMEDIR"/public_html -type f -print0 | xargs -0 -d$'\n' -r chmod "$verbose" 644
find "$HOMEDIR"/public_html -name '*.cgi' -print0 -o -name '*.pl' | xargs -0 -r chmod "$verbose" 755
# fix hidden files and folders like .well-known/ with root or other user perms
chown "$verbose" -R "$account":"$account" "$HOMEDIR"/public_html/.[^.]*
find "$HOMEDIR"/* -name .htaccess -exec chown "$verbose" "$account"."$account" {} \;
tput bold
tput setaf 4
echo "Fixing public_html...."
tput sgr0
#Fix perms of public_html itself
chown "$verbose" "$account":nobody "$HOMEDIR"/public_html
chmod "$verbose" 750 "$HOMEDIR"/public_html
#Fix subdomains that lie outside of public_html
tput setaf 3
tput bold
echo "------------------------"
tput setaf 4
echo "Fixing any domains with a document root outside of public_html...."
for SUBDOMAIN in $(grep -i documentroot /var/cpanel/userdata/"$account"/* | grep -v '.cache\|_SSL' | awk '{print $2}' | grep -v public_html)
do
tput bold
tput setaf 4
echo "Fixing sub/addon domain document root $SUBDOMAIN...."
tput sgr0
find "$SUBDOMAIN" -type d -exec chmod "$verbose" 755 {} \;
find "$SUBDOMAIN" -type f -print0 | xargs -0 -d$'\n' -r chmod "$verbose" 644
find "$SUBDOMAIN" -name '*.cgi' -print0 -o -name '*.pl' | xargs -0 -r chmod "$verbose" 755
chown "$verbose" -R "$account":"$account" "$SUBDOMAIN"
chmod "$verbose" 755 "$SUBDOMAIN"
find "$SUBDOMAIN" -name .htaccess -exec chown "$verbose" "$account"."$account" {} \;
done
#Finished
tput bold
tput setaf 3
echo "Finished!"
echo "------------------------"
printf "\n\n"
tput sgr0
fi
return 0
}
###################################
##################################
fixperms () {
Username=$1
if [ "${ControlPanel}" == "cpanel" ] ; then
fixperms_cpanel "${Username}"
# Fix users mailperms
tput bold
tput setaf 4
echo "Fixing Mailperms...."
tput sgr0
/scripts/mailperm --verbose "${Username}"
#Finished
tput bold
tput setaf 3
echo "Finished!"
echo "------------------------"
printf "\n\n"
tput sgr0
elif [ "${ControlPanel}" == "cyberpanel" ] ; then
fixperms_cyberpanel "${Username}"
fixmailperms_cyberpanel
elif [ "${ControlPanel}" == "plesk" ] ; then
#Get users homedir path
user_homedir=$(grep -E "^${Username}:" /etc/passwd | cut -d: -f6)
echo "User Homedirectory: ${user_homedir}"
echo "Resetting perms/ownership for ${user_homedir}/httpdocs"
sudo chown -R "${Username}":psacln "${user_homedir}"/httpdocs
sudo chown "${Username}":psaserv "${user_homedir}"/httpdocs
fi
}
all () { all () {
if [[ $OS = 'CentOS Linux' ]] ; then if [ "${ControlPanel}" == "cpanel" ] ; then
for user in $(getent passwd | awk -F: '5001<$3 && $3<6000 {print $1}' |grep -v spamd)
do
fixperms "$user"
done
fixmailperms
fi
if [[ $OS = 'Ubuntu' ]] ; then for user in $(cut -d: -f1 /etc/domainusers)
for user in $(getent passwd | awk -F: '1001<$3 && $3<2000 {print $1}') do
do fixperms_cpanel "$user"
fixperms "$user" done
done # Fix all users mailperms
fixmailperms /scripts/mailperm --verbose
fi
elif [ "${ControlPanel}" == "cyberpanel" ] ; then
if [[ $OS = 'CentOS Linux' ]] ; then
for user in $(getent passwd | awk -F: '5001<$3 && $3<6000 {print $1}' |grep -v spamd)
do
fixperms_cyberpanel "$user"
done
fixmailperms_cyberpanel
fi
if [[ $OS = 'Ubuntu' ]] ; then
for user in $(getent passwd | awk -F: '1001<$3 && $3<2000 {print $1}')
do
fixperms_cyberpanel "$user"
done
fixmailperms_cyberpanel
fi
fi
} }
@@ -230,4 +451,4 @@ case "$1" in
echo "Invalid Option!" echo "Invalid Option!"
helptext helptext
;; ;;
esac esac