From e3adfe773ecf2422da5f16f0e2766d7163a14071 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Fri, 20 Apr 2018 11:17:41 +0200
Subject: [PATCH] web-add: use group "evolinux-ssh"

---
 scripts/web-add.sh | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/scripts/web-add.sh b/scripts/web-add.sh
index 4966b1d..e1ea122 100755
--- a/scripts/web-add.sh
+++ b/scripts/web-add.sh
@@ -28,6 +28,7 @@ VHOST_PATH="/etc/apache2/sites-enabled/"
 MAX_LOGIN_CHAR=16
 HOME_DIR="/home"
 MYSQL_CREATE_DB_OPTS=""
+SSH_GROUP="evolinux-ssh"
 
 # Utiliser ce fichier pour redefinir la valeur des variables ci-dessus
 config_file="/etc/evolinux/web-add.conf"
@@ -212,15 +213,13 @@ create_www_account() {
           --no-create-home --shell /bin/false --gecos "WWW $in_login" www-$in_login $OPT_WWWUID $OPT_WWWUID_ARG --ingroup $in_login --force-badname >/dev/null
 
   if grep -qE '^AllowGroups' /etc/ssh/sshd_config; then
-    if ! grep -qE "^AllowGroups(\s+\S+)*(\s+evoadmin-ssh)" /etc/ssh/sshd_config; then
-      sed -i "s/^AllowGroups .*/& evoadmin-ssh/" /etc/ssh/sshd_config
-      groupadd --force evoadmin-ssh
-    fi
-    usermod -a -G evoadmin-ssh "$in_login"
-  else
-    if grep -qE '^AllowUsers' /etc/ssh/sshd_config; then
-      sed -i "s/^AllowUsers .*/& $in_login/" /etc/ssh/sshd_config
+    if ! grep -qE "^AllowGroups(\s+\S+)*(\s+$SSH_GROUP)" /etc/ssh/sshd_config; then
+      sed -i "s/^AllowGroups .*/& $SSH_GROUP/" /etc/ssh/sshd_config
+      groupadd --force $SSH_GROUP
     fi
+    usermod -a -G $SSH_GROUP "$in_login"
+  elif grep -qE '^AllowUsers' /etc/ssh/sshd_config; then
+    sed -i "s/^AllowUsers .*/& $in_login/" /etc/ssh/sshd_config
   fi
   /etc/init.d/ssh reload