diff --git a/scripts/web-add.sh b/scripts/web-add.sh index b8813c9..10444a3 100755 --- a/scripts/web-add.sh +++ b/scripts/web-add.sh @@ -52,6 +52,7 @@ PHP_VERSIONS=() # Utiliser ce fichier pour redefinir la valeur des variables ci-dessus config_file="/etc/evolinux/web-add.conf" +# shellcheck source=/etc/evolinux/web-add.conf [ -r $config_file ] && . $config_file usage() { @@ -148,12 +149,12 @@ validate_login() { length=${#login} - if [ $length -lt 3 ]; then + if [ "$length" -lt 3 ]; then in_error "Le login doit contenir plus de 2 caracteres" return 1 fi - if [ $length -gt $MAX_LOGIN_CHAR ]; then + if [ "$length" -gt $MAX_LOGIN_CHAR ]; then in_error "Le login ne doit pas contenir plus de $MAX_LOGIN_CHAR caracteres" return 1 fi @@ -163,7 +164,7 @@ validate_passwd() { passwd=$1 length=${#passwd} - if [ $length -lt 6 ] && [ $length -gt 0 ]; then + if [ "$length" -lt 6 ] && [ "$length" -gt 0 ]; then in_error "Le mot de passe doit avoir au moins 6 caracteres" return 1 fi @@ -192,19 +193,19 @@ validate_mail() { validate_phpversion() { php_version="$1" - if [[ ! " ${PHP_VERSIONS[@]} " =~ " ${php_version} " ]]; then + if [[ ! " ${PHP_VERSIONS[*]} " =~ ${php_version} ]]; then in_error "Version de PHP incorrecte." return 1 fi } validate_quota() { - quota_soft=$(echo $1 |cut -f 1 -d:) - quota_hard=$(echo $1 |cut -f 2 -d:) + quota_soft=$(echo "$1" |cut -f 1 -d:) + quota_hard=$(echo "$1" |cut -f 2 -d:) if [ -z "$quota_soft" ] || [ -z "$quota_hard" ]; then in_error "Le quota soft et le quota hard doivent être spécifiés sous la forme :." return 1 - elif [ $quota_soft -gt $quota_hard ]; then + elif [ "$quota_soft" -gt "$quota_hard" ]; then in_error "Le quota hard doit être plus grand que le quota soft." return 1 fi @@ -228,6 +229,7 @@ create_www_account() { ############################################################################ if [ -f $PRE_LOCAL_SCRIPT ]; then + # shellcheck source=/usr/share/scripts/evoadmin/web-add.pre-local.sh source $PRE_LOCAL_SCRIPT fi @@ -246,46 +248,61 @@ create_www_account() { return 1 fi - ############################################################################ + # Create user and force UID / GID if specified + /usr/sbin/adduser \ + --gecos "User $in_login" \ + --disabled-password \ + "$in_login" \ + --shell /bin/bash \ + ${in_uid:+'--uid' "$in_uid"} \ + ${in_gid:+'--gid' "$in_gid"} \ + --force-badname \ + --home "$HOME_DIR_USER" >/dev/null + + [ -z "$in_sshkey" ] \ + && echo "$in_login:$in_passwd" | chpasswd --md5 + + [ -z "$in_sshkey" ] \ + || [ -n "$HOME_DIR_USER" ] \ + && mkdir "$HOME_DIR_USER/.ssh" \ + && echo "$in_sshkey" > "$HOME_DIR_USER/.ssh/authorized_keys" \ + && chmod -R u=rwX,g=,o= "$HOME_DIR_USER/.ssh/authorized_keys" \ + && chown -R "$in_login":"$in_login" "$HOME_DIR_USER/.ssh" - # Force UID GID if specified - - [ -n "$in_uid" ] && OPT_UID="--uid" && OPT_UID_ARG="$in_uid" - [ -n "$in_gid" ] && OPT_GID="--gid" && OPT_GID_ARG="$in_gid" - [ -n "$in_wwwuid" ] && OPT_WWWUID="--uid" && OPT_WWWUID_ARG="$in_wwwuid" - - ############################################################################ - - - /usr/sbin/adduser --gecos "User $in_login" --disabled-password "$in_login" --shell /bin/bash $OPT_UID $OPT_UID_ARG --force-badname --home "$HOME_DIR_USER" >/dev/null - [ -z "$in_sshkey" ] && echo "$in_login:$in_passwd" | chpasswd --md5 - [ -z "$in_sshkey" ] || [ -n "$HOME_DIR_USER" ] && mkdir "$HOME_DIR_USER/.ssh" && echo "$in_sshkey" > "$HOME_DIR_USER/.ssh/authorized_keys" \ - && chmod -R u=rwX,g=,o= "$HOME_DIR_USER/.ssh/authorized_keys" && chown -R "$in_login":"$in_login" "$HOME_DIR_USER/.ssh" - if [ "$WEB_SERVER" == "apache" ]; then - /usr/sbin/adduser --disabled-password --home $HOME_DIR_USER/www \ - --no-create-home --shell /bin/false --gecos "WWW $in_login" www-$in_login $OPT_WWWUID $OPT_WWWUID_ARG --ingroup $in_login --force-badname >/dev/null + if [ "$WEB_SERVER" == "apache" ]; then + # Create www user and force UID if specified + /usr/sbin/adduser \ + --gecos "WWW $in_login" \ + --disabled-password \ + www-"$in_login" \ + --shell /bin/false \ + ${in_wwwuid:+'--uid' "$in_wwwuid"} \ + --ingroup "$in_login" \ + --force-badname \ + --home "$HOME_DIR_USER"/www \ + --no-create-home > /dev/null elif [ "$WEB_SERVER" == "nginx" ]; then # Adding user www-data to group $in_login. # And primary group www-data for $in_login. - adduser www-data $in_login - usermod -g www-data $in_login + adduser www-data "$in_login" + usermod -g www-data "$in_login" fi # Get uid/gid for newly created accounts - uid=$(id -u $in_login) - gid=$(id -g $in_login) - www_uid=$(id -u www-$in_login) + uid=$(id -u "$in_login") + gid=$(id -g "$in_login") + www_uid=$(id -u www-"$in_login") # Create users inside all containers - for php_version in ${PHP_VERSIONS[@]}; do - lxc-attach -n php${php_version} -- /usr/sbin/addgroup "$in_login" --gid $gid --force-badname >/dev/null - lxc-attach -n php${php_version} -- /usr/sbin/adduser --gecos "User $in_login" --disabled-password "$in_login" --shell /bin/bash --uid $uid --gid $gid --force-badname --home "$HOME_DIR_USER" >/dev/null - lxc-attach -n php${php_version} -- [ -z "$in_sshkey" ] && echo "$in_login:$in_passwd" | chpasswd --md5 - lxc-attach -n php${php_version} -- /usr/sbin/adduser --disabled-password --home $HOME_DIR_USER/www --no-create-home --shell /bin/false --gecos "WWW $in_login" www-$in_login --uid $www_uid --ingroup $in_login --force-badname >/dev/null + for php_version in "${PHP_VERSIONS[@]}"; do + lxc-attach -n php"${php_version}" -- /usr/sbin/addgroup "$in_login" --gid "$gid" --force-badname >/dev/null + lxc-attach -n php"${php_version}" -- /usr/sbin/adduser --gecos "User $in_login" --disabled-password "$in_login" --shell /bin/bash --uid "$uid" --gid "$gid" --force-badname --home "$HOME_DIR_USER" >/dev/null + lxc-attach -n php"${php_version}" -- [ -z "$in_sshkey" ] && echo "$in_login:$in_passwd" | chpasswd --md5 + lxc-attach -n php"${php_version}" -- /usr/sbin/adduser --disabled-password --home "$HOME_DIR_USER"/www --no-create-home --shell /bin/false --gecos "WWW $in_login" www-"$in_login" --uid "$www_uid" --ingroup "$in_login" --force-badname >/dev/null done if grep -qE '^AllowGroups' /etc/ssh/sshd_config; then - if ! grep -qE "^AllowGroups(\s+\S+)*(\s+$SSH_GROUP)" /etc/ssh/sshd_config; then + if ! grep -qE "^AllowGroups(\\s+\\S+)*(\\s+$SSH_GROUP)" /etc/ssh/sshd_config; then sed -i "s/^AllowGroups .*/& $SSH_GROUP/" /etc/ssh/sshd_config groupadd --force $SSH_GROUP fi @@ -311,49 +328,49 @@ create_www_account() { ############################################################################ - chmod 750 $HOME_DIR_USER/ + chmod 750 "$HOME_DIR_USER"/ # Répertoires par défaut - mkdir -p $HOME_DIR_USER/{log,www,awstats} - chown $in_login:$in_login $HOME_DIR_USER/www - chgrp $in_login $HOME_DIR_USER/{log,awstats} - chmod 750 $HOME_DIR_USER/{log,www,awstats} + mkdir -p "$HOME_DIR_USER"/{log,www,awstats} + chown "$in_login":"$in_login" "$HOME_DIR_USER"/www + chgrp "$in_login" "$HOME_DIR_USER"/{log,awstats} + chmod 750 "$HOME_DIR_USER"/{log,www,awstats} # Ajout des logs par defaut - touch $HOME_DIR_USER/log/access.log - touch $HOME_DIR_USER/log/error.log - touch $HOME_DIR_USER/log/php.log - chgrp $in_login $HOME_DIR_USER/log/access.log - chgrp $in_login $HOME_DIR_USER/log/error.log + touch "$HOME_DIR_USER"/log/access.log + touch "$HOME_DIR_USER"/log/error.log + touch "$HOME_DIR_USER"/log/php.log + chgrp "$in_login" "$HOME_DIR_USER"/log/access.log + chgrp "$in_login" "$HOME_DIR_USER"/log/error.log if [ "$WEB_SERVER" == "apache" ]; then - chown www-$in_login:$in_login $HOME_DIR_USER/log/php.log + chown www-"$in_login":"$in_login" "$HOME_DIR_USER"/log/php.log fi # There is no php.log for nginx ATM, it will go in error.log. - chmod 640 $HOME_DIR_USER/log/access.log - chmod 640 $HOME_DIR_USER/log/error.log - chmod 640 $HOME_DIR_USER/log/php.log + chmod 640 "$HOME_DIR_USER"/log/access.log + chmod 640 "$HOME_DIR_USER"/log/error.log + chmod 640 "$HOME_DIR_USER"/log/php.log step_ok "Création du répertoire personnel" ############################################################################ if [ -n "$in_quota" ]; then - quota_soft=$(($(echo $in_quota |cut -f 1 -d:) * 1024 * 1024)) - quota_hard=$(($(echo $in_quota |cut -f 2 -d:) * 1024 * 1024)) - setquota --remote --user $in_login $quota_soft $quota_hard 0 0 /home + quota_soft=$(($(echo "$in_quota" |cut -f 1 -d:) * 1024 * 1024)) + quota_hard=$(($(echo "$in_quota" |cut -f 2 -d:) * 1024 * 1024)) + setquota --remote --user "$in_login" $quota_soft $quota_hard 0 0 /home fi ############################################################################ # Create FPM pool on all containers. - for php_version in ${PHP_VERSIONS[@]}; do + for php_version in "${PHP_VERSIONS[@]}"; do if [ "$php_version" = "70" ]; then pool_path="/etc/php/7.0/fpm/pool.d/" else pool_path="/etc/php5/fpm/pool.d/" fi phpfpm_socket_path="/home/${in_login}/php-fpm${php_version}.sock" - cat </var/lib/lxc/php${php_version}/rootfs/${pool_path}/${in_login}.conf + cat </var/lib/lxc/php"${php_version}"/rootfs/${pool_path}/"${in_login}".conf [${in_login}] user = ${in_login} group = ${in_login} @@ -374,42 +391,41 @@ EOT random=$RANDOM if [ "$WEB_SERVER" == "apache" ]; then vhostfile="/etc/apache2/sites-available/${in_login}.conf" - cat $TPL_VHOST | \ - sed -e "s/XXX/$in_login/g ; s/SERVERNAME/$in_wwwdomain/ ; s/RANDOM/$random/ ; s#HOME_DIR#$HOME_DIR#" >$vhostfile + sed -e "s/XXX/$in_login/g ; s/SERVERNAME/$in_wwwdomain/ ; s/RANDOM/$random/ ; s#HOME_DIR#$HOME_DIR#" < $TPL_VHOST > "$vhostfile" if [ ${#PHP_VERSIONS[@]} -gt 0 ]; then phpfpm_socket_path="/home/${in_login}/php-fpm${in_phpversion}.sock" - cat <>$vhostfile + cat <>"$vhostfile" - + SetHandler proxy:unix:${phpfpm_socket_path}|fcgi://localhost/ EOT else - cat <>$vhostfile + cat <>"$vhostfile" EOT fi # On active aussi example.com si domaine commence par "www." comme www.example - if echo $in_wwwdomain | grep '^www.' > /dev/null; then - subweb=`echo $in_wwwdomain | sed -e "s/www.//"` - sed -i -e "s/^\(.*\)#\(ServerAlias\).*$/\1\2 $subweb/" $vhostfile + if echo "$in_wwwdomain" | grep '^www.' > /dev/null; then + subweb="${in_wwwdomain#www.}" + sed -i -e "s/^\\(.*\\)#\\(ServerAlias\\).*$/\\1\\2 $subweb/" "$vhostfile" fi - a2ensite $in_login >/dev/null + a2ensite "$in_login" >/dev/null step_ok "Configuration d'Apache" elif [ "$WEB_SERVER" == "nginx" ]; then - cat $TPL_VHOST | \ - sed -e " - s/DOMAIN/${in_wwwdomain}/g; - s/LOGIN/${in_login}/g;" > ${VHOST_PATH}/$in_login - ln -s /etc/nginx/sites-available/$in_login \ - /etc/nginx/sites-enabled/$in_login + sed -e \ + "s/DOMAIN/${in_wwwdomain}/g; s/LOGIN/${in_login}/g;" \ + < "$TPL_VHOST" \ + > ${VHOST_PATH}/"$in_login" + ln -s /etc/nginx/sites-available/"$in_login" \ + /etc/nginx/sites-enabled/"$in_login" /etc/init.d/nginx restart @@ -417,23 +433,22 @@ EOT ############################################################################ - cat $TPL_FPM | \ - sed -e "s/SED_LOGIN/${in_login}/g;" > ${FPM_PATH}/${in_login}.conf + sed -e "s/SED_LOGIN/${in_login}/g;" \ + < $TPL_FPM > ${FPM_PATH}/"${in_login}".conf step_ok "Creation du pool PHP-FPM" ############################################################################ fi - cat $TPL_AWSTATS | \ - sed -e "s/XXX/$in_login/ ; s/SERVERNAME/$in_wwwdomain/ ; s#HOME_DIR#$HOME_DIR#" \ - > /etc/awstats/awstats.$in_login.conf - chmod 644 /etc/awstats/awstats.$in_login.conf + sed -e "s/XXX/$in_login/ ; s/SERVERNAME/$in_wwwdomain/ ; s#HOME_DIR#$HOME_DIR#" \ + < $TPL_AWSTATS > /etc/awstats/awstats."$in_login".conf + chmod 644 /etc/awstats/awstats."$in_login".conf - VAR=`grep -v "^#" /etc/cron.d/awstats |tail -1 | cut -d " " -f1` - if [ "$VAR" = "" ] || [ $VAR -ge 59 ]; then + VAR=$(grep -v "^#" /etc/cron.d/awstats |tail -1 | cut -d " " -f1) + if [ "$VAR" = "" ] || [ "$VAR" -ge 59 ]; then VAR=1 else - VAR=$(($VAR +1)) + VAR=$((VAR +1)) fi echo "$VAR * * * * root umask 033; [ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.$in_login.conf -a -r $HOME_DIR_USER/log/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=$in_login -update >/dev/null" >> /etc/cron.d/awstats @@ -448,7 +463,7 @@ EOT echo "FLUSH PRIVILEGES;" | mysql $MYSQL_OPTS my_cnf_file="$HOME_DIR_USER/.my.cnf" - cat >$my_cnf_file <<-EOT + cat > "$my_cnf_file" <<-EOT [client] user = $in_login password = "$in_dbpasswd" @@ -456,8 +471,8 @@ password = "$in_dbpasswd" [mysql] database = $in_dbname EOT - chown $in_login $my_cnf_file - chmod 600 $my_cnf_file + chown "$in_login" "$my_cnf_file" + chmod 600 "$my_cnf_file" step_ok "Création base de données et compte MySQL" fi @@ -465,13 +480,28 @@ EOT ############################################################################ if [ "$in_dbname" ]; then - cat $TPL_MAIL | \ - sed -e "s/LOGIN/$in_login/g ; s/SERVERNAME/$in_wwwdomain/ ; s/PASSE1/$in_passwd/ ; s/PASSE2/$in_dbpasswd/ ; s/RANDOM/$random/ ; s/QUOTA/$quota/ ; s/RCPTTO/$in_mail/ ; s/DBNAME/$in_dbname/ ; s#HOME_DIR#$HOME_DIR#"| \ - /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL" + sed -e " + s/LOGIN/$in_login/g ; + s/SERVERNAME/$in_wwwdomain/ ; + s/PASSE1/$in_passwd/ ; + s/PASSE2/$in_dbpasswd/ ; + s/RANDOM/$random/ ; + s/QUOTA/$quota/ ; + s/RCPTTO/$in_mail/ ; + s/DBNAME/$in_dbname/ ; + s#HOME_DIR#$HOME_DIR#" \ + < $TPL_MAIL | /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL" else - cat $TPL_MAIL | \ - sed -e "s/LOGIN/$in_login/g ; s/SERVERNAME/$in_wwwdomain/ ; s/PASSE1/$in_passwd/ ; s/RANDOM/$random/ ; s/QUOTA/$quota/ ; s/RCPTTO/$in_mail/ ; s#HOME_DIR#$HOME_DIR# ; 39,58d"| \ - /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL" + sed -e " + s/LOGIN/$in_login/g ; + s/SERVERNAME/$in_wwwdomain/ ; + s/PASSE1/$in_passwd/ ; + s/RANDOM/$random/ ; + s/QUOTA/$quota/ ; + s/RCPTTO/$in_mail/ ; + s#HOME_DIR#$HOME_DIR# ; + 39,58d" \ + < $TPL_MAIL | /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL" fi step_ok "Envoi du mail récapitulatif" @@ -479,6 +509,7 @@ EOT ############################################################################ if [ -f $LOCAL_SCRIPT ]; then + # shellcheck source=/usr/share/scripts/evoadmin/web-add.local.sh source $LOCAL_SCRIPT fi @@ -489,7 +520,7 @@ EOT if [ "$WEB_SERVER" == "apache" ]; then apache2ctl configtest 2>/dev/null /etc/init.d/apache2 force-reload >/dev/null - for php_version in ${PHP_VERSIONS[@]}; do + for php_version in "${PHP_VERSIONS[@]}"; do if [ "$php_version" = "70" ]; then initscript_path="/etc/init.d/php7.0-fpm" binary="php-fpm7.0" @@ -497,8 +528,8 @@ EOT initscript_path="/etc/init.d/php5-fpm" binary="php5-fpm" fi - lxc-attach -n php${php_version} -- $binary --test >/dev/null - lxc-attach -n php${php_version} -- $initscript_path restart >/dev/null + lxc-attach -n php"${php_version}" -- $binary --test >/dev/null + lxc-attach -n php"${php_version}" -- $initscript_path restart >/dev/null step_ok "Rechargement de php-fpm dans php${php_version}" done @@ -508,8 +539,8 @@ EOT ############################################################################ if [ "$WEB_SERVER" == "nginx" ]; then - fpm_status=$(echo -n $in_login | md5sum | cut -d' ' -f1) - cat < /etc/munin/plugin-conf.d/phpfpm_${in_login}_ + fpm_status=$(echo -n "$in_login" | md5sum | cut -d' ' -f1) + cat < /etc/munin/plugin-conf.d/phpfpm_"${in_login}"_ [phpfpm_${in_login}_*] env.url http://munin:%d/fpm_status_$fpm_status @@ -519,7 +550,7 @@ env.phppool $in_login EOT for name in average connections memory processes status; do ln -s /usr/local/share/munin/plugins/phpfpm_${name} \ - /etc/munin/plugins/phpfpm_${in_login}_${name} + /etc/munin/plugins/phpfpm_"${in_login}"_${name} done cat <> /etc/nginx/evolinux.d/munin-plugins.conf @@ -533,7 +564,7 @@ location ~ ^/fpm_status_${fpm_status}$ { } EOT sed -i "s#SED_STATUS#/fpm_status_${fpm_status}#" \ - ${FPM_PATH}/${in_login}.conf + ${FPM_PATH}/"${in_login}".conf /etc/init.d/nginx reload /etc/init.d/${FPM_SERVICE_NAME} reload /etc/init.d/munin-node restart @@ -558,17 +589,17 @@ op_del() { fi echo "Deleting account $login. Continue ?" - read + read -r set -x - userdel $login + userdel "$login" if [ "$WEB_SERVER" == "apache" ]; then - userdel www-$login + userdel www-"$login" fi - groupdel $login - for php_version in ${PHP_VERSIONS[@]}; do - lxc-attach -n php${php_version} -- userdel -f $login - lxc-attach -n php${php_version} -- userdel -f www-$login + groupdel "$login" + for php_version in "${PHP_VERSIONS[@]}"; do + lxc-attach -n php"${php_version}" -- userdel -f "$login" + lxc-attach -n php"${php_version}" -- userdel -f www-"$login" done sed -i.bak "/^$login:/d" /etc/aliases if [ "$WEB_SERVER" == "apache" ]; then @@ -581,18 +612,18 @@ op_del() { fi if [ -d "$HOME_DIR/$login" ]; then - mv -i $HOME_DIR/$login $HOME_DIR/$login.`date '+%Y%m%d-%H%M%S'`.bak + mv -i $HOME_DIR/"$login" $HOME_DIR/"$login"."$(date '+%Y%m%d-%H%M%S')".bak else echo "warning : $HOME_DIR/$login does not exist" fi if [ "$WEB_SERVER" == "apache" ]; then - a2dissite $login - rm /etc/apache2/sites-available/$login.conf - rm /etc/awstats/awstats.$login.conf + a2dissite "$login" + rm /etc/apache2/sites-available/"$login.conf" + rm /etc/awstats/awstats."$login.conf" sed -i.bak "/-config=$login /d" /etc/cron.d/awstats apache2ctl configtest - for php_version in ${PHP_VERSIONS[@]}; do + for php_version in "${PHP_VERSIONS[@]}"; do if [ "$php_version" = "70" ]; then phpfpm_dir="/etc/php5/fpm/pool.d/" initscript_path="/etc/init.d/php7.0-fpm" @@ -600,14 +631,14 @@ op_del() { phpfpm_dir="/etc/php/7.0/fpm/pool.d/" initscript_path="/etc/init.d/php5-fpm" fi - rm /var/lib/lxc/php${php_version}/rootfs/${phpfpm_dir}/${login}.conf - lxc-attach -n php${php_version} -- $initscript_path restart >/dev/null + rm /var/lib/lxc/php"${php_version}"/rootfs/${phpfpm_dir}/"${login}".conf + lxc-attach -n php"${php_version}" -- $initscript_path restart >/dev/null done elif [ "$WEB_SERVER" == "nginx" ]; then - rm /etc/nginx/sites-{available,enabled}/$login - rm /etc/awstats/awstats.$login.conf - rm /etc/munin/plugins/phpfpm_${in_login}* + rm /etc/nginx/sites-{available,enabled}/"$login" + rm /etc/awstats/awstats."$login.conf" + rm /etc/munin/plugins/phpfpm_"${in_login}"* sed -i.bak "/-config=$login/d" /etc/cron.d/awstats nginx -t fi @@ -615,7 +646,7 @@ op_del() { if [ -n "$dbname" ]; then echo "Deleting mysql DATABASE $dbname and mysql user $login. Continue ?" - read + read -r set -x echo "DROP DATABASE $dbname; delete from mysql.user where user='$login' ; FLUSH PRIVILEGES;" | mysql $MYSQL_OPTS @@ -631,10 +662,10 @@ op_setphpversion() { login="$1" phpversion="$2" - validate_phpversion $phpversion + validate_phpversion "$phpversion" - sed -i "s#^\( \+SetHandler proxy:unix:/home/.*/php-fpm\)..\(\.sock\)#\1${phpversion}\2#" /etc/apache2/sites-available/${login}.conf - sed -i "s#^\( \+/dev/null DATE=$(date +"%Y-%m-%d") @@ -649,11 +680,11 @@ op_setquota() { login="$1" quota="$2" - validate_quota $quota + validate_quota "$quota" - quota_soft=$(($(echo $quota |cut -f 1 -d:) * 1024 * 1024)) - quota_hard=$(($(echo $quota |cut -f 2 -d:) * 1024 * 1024)) - setquota --remote --user $login $quota_soft $quota_hard 0 0 /home + quota_soft=$(($(echo "$quota" |cut -f 1 -d:) * 1024 * 1024)) + quota_hard=$(($(echo "$quota" |cut -f 2 -d:) * 1024 * 1024)) + setquota --remote --user "$login" $quota_soft $quota_hard 0 0 /home DATE=$(date +"%Y-%m-%d") echo "$DATE [web-add.sh] quota set to $quota for $login" >> /var/log/evolix.log @@ -671,25 +702,25 @@ arg_processing() { case "$commandname" in add) - op_add $* + op_add "$@" ;; del) - op_del $* + op_del "$@" ;; list-vhost) - op_listvhost $* + op_listvhost "$@" ;; add-alias) - op_aliasadd $* + op_aliasadd "$@" ;; del-alias) - op_aliasdel $* + op_aliasdel "$@" ;; setphpversion) - op_setphpversion $* + op_setphpversion "$@" ;; setquota) - op_setquota $* + op_setquota "$@" ;; *) usage @@ -707,24 +738,24 @@ op_listvhost() { for configfile in $configlist; do - if [ -r "$configfile" ] && echo "$configfile" |grep -qvE "/(000-default|default-ssl)\.conf$"; then - servername=`awk '/^[[:space:]]*ServerName (.*)/ { print $2 }' $configfile | head -n 1` - serveraliases=`perl -ne 'print "$1 " if /^[[:space:]]*ServerAlias (.*)/' $configfile | head -n 1` - serveraliases=`echo $serveraliases | sed 's/ \+/,/g'` - userid=`awk '/^[[:space:]]*AssignUserID.*/ { print $3 }' $configfile | head -n 1` + if [ -r "$configfile" ] && echo "$configfile" |grep -qvE "/(000-default|default-ssl)\\.conf$"; then + servername="$(awk '/^[[:space:]]*ServerName (.*)/ { print $2 }' "$configfile" | head -n 1)" + serveraliases="$(perl -ne 'print "$1 " if /^[[:space:]]*ServerAlias (.*)/' "$configfile" | head -n 1)" + serveraliases="${serveraliases// \+/,}" + userid="$(awk '/^[[:space:]]*AssignUserID.*/ { print $3 }' "$configfile" | head -n 1)" if [ -x /usr/bin/quota ]; then - size=$(quota --no-wrap --human-readable $userid |grep /home |awk '{print $2}') - quota_soft=$(quota --no-wrap --human-readable $userid |grep /home |awk '{print $3}') - quota_hard=$(quota --no-wrap --human-readable $userid |grep /home |awk '{print $4}') + size=$(quota --no-wrap --human-readable "$userid" |grep /home |awk '{print $2}') + quota_soft=$(quota --no-wrap --human-readable "$userid" |grep /home |awk '{print $3}') + quota_hard=$(quota --no-wrap --human-readable "$userid" |grep /home |awk '{print $4}') fi - phpversion=$(perl -ne 'print $1 if (m!^\s+SetHandler proxy:unix:/home/.*/php-fpm(\d{2})\.sock!)' $configfile) - if [ -e /etc/apache2/sites-enabled/${userid}.conf ]; then + phpversion=$(perl -ne 'print $1 if (m!^\s+SetHandler proxy:unix:/home/.*/php-fpm(\d{2})\.sock!)' "$configfile") + if [ -e /etc/apache2/sites-enabled/"${userid}".conf ]; then is_enabled=1 else is_enabled=0 fi if [ "$servername" ] && [ "$userid" ]; then - configid=`basename $configfile` + configid=$(basename "$configfile") echo "$userid:$configid:$servername:$serveraliases:$size:$quota_soft:$quota_hard:$phpversion:$is_enabled" fi fi @@ -736,7 +767,7 @@ op_aliasadd() { vhost="${1}.conf" alias=$2 - [ -f $VHOST_PATH/$vhost ] && sed -i -e "s/\(ServerName .*\)/\1\n\tServerAlias $alias/" $VHOST_PATH/$vhost --follow-symlinks + [ -f $VHOST_PATH/"$vhost" ] && sed -i -e "s/\\(ServerName .*\\)/\\1\\n\\tServerAlias $alias/" "$VHOST_PATH"/"$vhost" --follow-symlinks apache2ctl configtest 2>/dev/null /etc/init.d/apache2 force-reload >/dev/null @@ -750,7 +781,7 @@ op_aliasdel() { vhost="${1}.conf" alias=$2 - [ -f $VHOST_PATH/$vhost ] && sed -i -e "/ServerAlias $alias/d" $VHOST_PATH/$vhost --follow-symlinks + [ -f $VHOST_PATH/"$vhost" ] && sed -i -e "/ServerAlias $alias/d" $VHOST_PATH/"$vhost" --follow-symlinks apache2ctl configtest 2>/dev/null /etc/init.d/apache2 force-reload >/dev/null @@ -771,7 +802,7 @@ op_add() { until [ "$in_login" ]; do echo -n "Entrez le login du nouveau compte : " - read tmp + read -r tmp if validate_login "$tmp"; then in_login="$tmp" fi @@ -779,11 +810,11 @@ op_add() { until [ "$in_passwd" ]; do echo -n "Entrez le mot de passe FTP/SFTP/SSH (ou vide pour aleatoire) : " - read -s tmp + read -rs tmp echo if [ -z "$tmp" ]; then - tmp=`gen_random_passwd` + tmp=$(gen_random_passwd) fi if validate_passwd "$tmp"; then @@ -792,12 +823,12 @@ op_add() { done echo -n "Voulez-vous aussi un compte/base MySQL ? [Y|n] " - read confirm + read -r confirm if [ "$confirm" != "n" ] && [ "$confirm" != "N" ]; then until [ "$in_dbname" ]; do echo -n "Entrez le nom de la base de donnees ($in_login par defaut) : " - read tmp + read -r tmp if [ -z "$tmp" ]; then tmp=$in_login @@ -810,11 +841,11 @@ op_add() { until [ "$in_dbpasswd" ]; do echo -n "Entrez le mot de passe MySQL (ou vide pour aleatoire) : " - read -s tmp + read -rs tmp echo if [ -z "$tmp" ]; then - tmp=`gen_random_passwd` + tmp=$(gen_random_passwd) fi if validate_passwd "$tmp"; then @@ -825,7 +856,7 @@ op_add() { until [ "$in_wwwdomain" ]; do echo -n "Entrez le nom de domaine web (ex: foo.example.com) : " - read tmp + read -r tmp if validate_wwwdomain "$tmp"; then in_wwwdomain="$tmp" fi @@ -833,8 +864,8 @@ op_add() { if [ ${#PHP_VERSIONS[@]} -gt 0 ]; then until [ "$in_phpversion" ]; do - echo -n "Entrez la version de PHP désirée parmis ${PHP_VERSIONS[@]} : " - read tmp + echo -n "Entrez la version de PHP désirée parmis ${PHP_VERSIONS[*]} : " + read -r tmp if validate_phpversion "$tmp"; then in_phpversion="$tmp" fi @@ -843,7 +874,7 @@ op_add() { until [ "$in_mail" ]; do echo -n "Entrez votre adresse mail pour recevoir le mail de creation ($CONTACT_MAIL par défaut) : " - read tmp + read -r tmp if [ -z "$tmp" ]; then tmp="$CONTACT_MAIL" fi @@ -902,24 +933,24 @@ op_add() { esac done - shift $(($OPTIND - 1)) + shift $((OPTIND - 1)) if [ $# -ne 2 ]; then usage exit 1 else in_login=$1 in_wwwdomain=$2 - validate_login $in_login || exit 1 - [ -z "$in_passwd" ] && [ -z "$in_sshkey" ] && in_passwd=`gen_random_passwd` - [ -z "$in_sshkey" ] && ( validate_passwd $in_passwd || exit 1 ) - [ -n "$in_dbname" ] && ( validate_dbname $in_dbname || exit 1 ) - [ -z "$in_dbpasswd" ] && [ -n "$in_dbname" ] && in_dbpasswd=`gen_random_passwd` - [ -n "$in_dbname" ] && ( validate_passwd $in_dbpasswd || exit 1 ) - validate_wwwdomain $in_wwwdomain || exit 1 + validate_login "$in_login" || exit 1 + [ -z "$in_passwd" ] && [ -z "$in_sshkey" ] && in_passwd=$(gen_random_passwd) + [ -z "$in_sshkey" ] && ( validate_passwd "$in_passwd" || exit 1 ) + [ -n "$in_dbname" ] && ( validate_dbname "$in_dbname" || exit 1 ) + [ -z "$in_dbpasswd" ] && [ -n "$in_dbname" ] && in_dbpasswd=$(gen_random_passwd) + [ -n "$in_dbname" ] && ( validate_passwd "$in_dbpasswd" || exit 1 ) + validate_wwwdomain "$in_wwwdomain" || exit 1 [ -z "$in_mail" ] && in_mail=$CONTACT_MAIL validate_mail $in_mail || exit 1 - [ -n "$in_phpversion" ] && (validate_phpversion $in_phpversion || exit 1) - [ -n "$in_quota" ] && (validate_quota $in_quota || exit 1) + [ -n "$in_phpversion" ] && (validate_phpversion "$in_phpversion" || exit 1) + [ -n "$in_quota" ] && (validate_quota "$in_quota" || exit 1) fi fi @@ -942,7 +973,7 @@ op_add() { if [ -z "$force_confirm" ]; then echo -n "Confirmer la création ? [y/N] : " - read tmp + read -r tmp echo if [ "$tmp" != "y" ] && [ "$tmp" != "Y" ]; then echo "Annulation..." @@ -958,4 +989,4 @@ op_add() { } # Point d'entrée -arg_processing $* +arg_processing "$@"