Merge pull request 'Bump version & Debian 12 patch' (#95 ) from unstable into master

Reviewed-on: #95
Update changelog for release
2024-04-22 10:41:13 +02:00 · 2024-04-16 18:02:46 +02:00 · 2024-04-16 18:01:24 +02:00 · 2024-04-16 17:59:01 +02:00 · 2024-04-16 17:55:08 +02:00 · 2024-04-03 16:28:57 +02:00
2 changed files with 21 additions and 8 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -12,6 +12,20 @@ The **patch** part changes is incremented if multiple releases happen the same m

 ### Added

+### Changed
+
+### Fixed
+
+### Removed
+
+### Security
+
+
+
+## [24.04]
+
+### Added
+
 * Prevent op_del to fail and able to remove web account when part of it is already removed

 ### Changed
@ -21,6 +35,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 ### Fixed

 * letsencrypt: Add required check when retrieving certificate. (Avoid TypeError.)
+* web-add.sh: Fix ssh group membership (#94)

 ### Removed

--- a/scripts/web-add.sh
+++ b/scripts/web-add.sh
@ -14,7 +14,7 @@

 set -e

-VERSION="23.02"
+VERSION="24.04"
 HOME="/root"
 CONTACT_MAIL="jdoe@example.org"
 WWWBOUNCE_MAIL="jdoe@example.org"
@ -363,14 +363,12 @@ create_www_account() {
        lxc-attach -n php"${php_version}" -- /usr/sbin/adduser --disabled-password --home "$HOME_DIR_USER"/www --no-create-home --shell /bin/false --gecos "WWW $in_login" www-"$in_login" --uid "$www_uid" --ingroup "$in_login" --force-badname >/dev/null
    done

-    if grep -qE '^AllowGroups' /etc/ssh/sshd_config; then
-        if ! grep -qE "^AllowGroups(\\s+\\S+)*(\\s+$SSH_GROUP)" /etc/ssh/sshd_config; then
-            sed -i "s/^AllowGroups .*/& $SSH_GROUP/" /etc/ssh/sshd_config
-            groupadd --force $SSH_GROUP
-        fi
-        usermod -a -G $SSH_GROUP "$in_login"
-    elif grep -qE '^AllowUsers' /etc/ssh/sshd_config; then
+    if grep -qE '^AllowUsers' /etc/ssh/sshd_config; then
        sed -i "s/^AllowUsers .*/& $in_login/" /etc/ssh/sshd_config
+    else
+        if getent group "$SSH_GROUP" 1>/dev/null 2>&1; then
+            usermod --append --groups "$SSH_GROUP" "$in_login"
+	fi
    fi
    /etc/init.d/ssh reload
Author	SHA1	Message	Date
Ludovic Poujol	3400434f90	Merge pull request 'Bump version & Debian 12 patch' (#95 ) from unstable into master Reviewed-on: #95	2024-04-22 10:41:13 +02:00
Ludovic Poujol	a7c1af3d83	Update changelog for release	2024-04-16 18:02:46 +02:00
Ludovic Poujol	188e63376d	Bump version	2024-04-16 18:01:24 +02:00
Ludovic Poujol	a30ba3337b	Update CHANGELOG.md * web-add.sh: Fix ssh group membership (#94)	2024-04-16 17:59:01 +02:00
Ludovic Poujol	b014f1584a	Merge pull request 'Fix ssh group membership.' (#94 ) from fix-ssh-memebership into unstable Reviewed-on: #94	2024-04-16 17:55:08 +02:00
Brice Waegeneire	99741826f6	Fix ssh group membership. We now use split SSH configuration files, so the user was never a member of the ssh group on newly installed systems. This change don't modify the SSH configuration of new systems since evolinux-ssh members' are already allowed to connect by SSH.	2024-04-03 16:28:57 +02:00