Skip to content

Commit cef84ee

Browse files
ScIT-RaphaelScIT-Raphael
authored
Merge pull request hestiacp#2257 from jaapmarcus/fix/sftp-jail-non-hestia-user
[SFTP] Prevent non hestia-user to be added to sftp jail
2 parents 2c68ebc + 5c4696e commit cef84ee

File tree

1 file changed

+11
-1
lines changed

1 file changed

+11
-1
lines changed

bin/v-add-sys-sftp-jail

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,9 +75,19 @@ fi
7575
# Checking users
7676
shells="rssh|nologin"
7777
for user in $(grep "$HOMEDIR" /etc/passwd |egrep "$shells" |cut -f 1 -d:); do
78-
$BIN/v-add-user-sftp-jail "$user" "$restart"
78+
if [ -d "$HESTIA/data/users/$user" ]; then
79+
$BIN/v-add-user-sftp-jail "$user" "no"
80+
fi
7981
done
8082

83+
# Restart ssh service
84+
if [ "$restart" = 'no' ]; then
85+
# Skip restart of SSH daemon
86+
echo "" > /dev/null 2>&1
87+
else
88+
service ssh restart > /dev/null 2>&1
89+
fi
90+
8191
# Add v-add-sys-sftp-jail to startup
8292
if [ ! -e "/etc/cron.d/hestia-sftp" ]; then
8393
echo "@reboot root sleep 60 && /usr/local/hestia/bin/v-add-sys-sftp-jail" > /etc/cron.d/hestia-sftp

0 commit comments

Comments
 (0)