vhost-stack/bin/vhost-user-jail.sh

#!/bin/bash
#
# vhost-stack
# https://git.stack-source.com/msb/vhost-stack
# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

# load include file
source $(dirname $0)/vhost.sh

help()
{
  thisfilename=$(basename -- "$0")
  echo "Jail specified user."
  echo ""
  echo "usage: $thisfilename -u <username> [-h]"
  echo ""
  echo "  -h            Print this help."
  echo "  -u <username> System username to jail."
  exit
}

vhost:getoptions "$@"

# check for username
if [ -z "$username" ]; then
  echo "username not set"
  exit 1
fi

if ! grep -q "^$username:" /etc/passwd; then
  echo "$username is not installed on this server"
  exit 1
fi

if [[ ! -d /home/$username ]]; then
  echo "/home/$username does not exists"
  exit 1
fi

if [[ -d /usr/jails/$username ]]; then
  echo "/usr/jails/$username already exists"
  exit 1
fi

if grep -q ":/usr/jails/$username/./home/$username:" /etc/passwd; then
  echo "$username already has jail home dir set"
  exit 1
fi

jk_init -k -j /usr/jails/$username shellstack
mkdir -p /usr/jails/$username/opt /usr/jails/$username/usr/sbin /usr/jails/$username/tmp /usr/jails/$username/srv/www
ln -s /usr/local/sbin/mini_sendmail /usr/jails/$username/usr/sbin/sendmail
chmod a+rwx /usr/jails/$username/tmp
install -d -o $username -g $username -m 755 /usr/jails/$username/home/$username
mount --bind /home/$username /usr/jails/$username/home/$username
echo "/home/$username /usr/jails/$username/home/$username none bind 0 0" >> /etc/fstab.jails
jk_jailuser -n -j /usr/jails/$username -s /bin/bash $username

# configure chroot for php-fpm
vhost::set-phpVersionArray
for phpVersion in "${phpVersionArray[@]}"
do
  if [[ -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
    if ! /bin/grep -q "^chroot" /etc/php/$phpVersion/fpm/pool.d/$username.conf; then
      echo "chroot = /usr/jails/$username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
    fi
  fi
done
initial commit 2021-04-04 13:28:22 -07:00			`#!/bin/bash`
			`#`
			`# vhost-stack`
			`# https://git.stack-source.com/msb/vhost-stack`
change license from MIT to GPL 3.0+ 2022-08-22 13:22:16 -07:00			`# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>`
			`# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)`
initial commit 2021-04-04 13:28:22 -07:00
etc/vhost.conf -> bin/vhost.sh 2021-04-04 14:15:16 -07:00			`# load include file`
			`source $(dirname $0)/vhost.sh`
initial commit 2021-04-04 13:28:22 -07:00
adding help() and associated changes 2021-09-16 16:21:35 -07:00			`help()`
			`{`
			`thisfilename=$(basename -- "$0")`
			`echo "Jail specified user."`
			`echo ""`
reworked getopts 2021-10-05 11:33:24 -07:00			`echo "usage: $thisfilename -u <username> [-h]"`
adding help() and associated changes 2021-09-16 16:21:35 -07:00			`echo ""`
			`echo " -h Print this help."`
reworked getopts 2021-10-05 11:33:24 -07:00			`echo " -u <username> System username to jail."`
adding help() and associated changes 2021-09-16 16:21:35 -07:00			`exit`
			`}`

reworked getopts 2021-10-05 11:33:24 -07:00			`vhost:getoptions "$@"`

			`# check for username`
			`if [ -z "$username" ]; then`
initial commit 2021-04-04 13:28:22 -07:00			`echo "username not set"`
			`exit 1`
			`fi`

			`if ! grep -q "^$username:" /etc/passwd; then`
			`echo "$username is not installed on this server"`
			`exit 1`
			`fi`

			`if [[ ! -d /home/$username ]]; then`
			`echo "/home/$username does not exists"`
			`exit 1`
			`fi`

reworked getopts 2021-10-05 11:33:24 -07:00			`if [[ -d /usr/jails/$username ]]; then`
initial commit 2021-04-04 13:28:22 -07:00			`echo "/usr/jails/$username already exists"`
			`exit 1`
			`fi`

			`if grep -q ":/usr/jails/$username/./home/$username:" /etc/passwd; then`
			`echo "$username already has jail home dir set"`
			`exit 1`
			`fi`

			`jk_init -k -j /usr/jails/$username shellstack`
/var/www -> /srv/www 2021-04-15 10:01:11 -07:00			`mkdir -p /usr/jails/$username/opt /usr/jails/$username/usr/sbin /usr/jails/$username/tmp /usr/jails/$username/srv/www`
move mini_sendmail to sbin 2021-04-15 09:31:24 -07:00			`ln -s /usr/local/sbin/mini_sendmail /usr/jails/$username/usr/sbin/sendmail`
initial commit 2021-04-04 13:28:22 -07:00			`chmod a+rwx /usr/jails/$username/tmp`
			`install -d -o $username -g $username -m 755 /usr/jails/$username/home/$username`
			`mount --bind /home/$username /usr/jails/$username/home/$username`
jails use fstab.jails 2021-08-18 16:13:02 -07:00			`echo "/home/$username /usr/jails/$username/home/$username none bind 0 0" >> /etc/fstab.jails`
initial commit 2021-04-04 13:28:22 -07:00			`jk_jailuser -n -j /usr/jails/$username -s /bin/bash $username`
add support for multiple php versions 2024-09-18 12:35:55 -07:00
			`# configure chroot for php-fpm`
			`vhost::set-phpVersionArray`
			`for phpVersion in "${phpVersionArray[@]}"`
			`do`
			`if [[ -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then`
			`if ! /bin/grep -q "^chroot" /etc/php/$phpVersion/fpm/pool.d/$username.conf; then`
			`echo "chroot = /usr/jails/$username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf`
			`fi`
			`fi`
			`done`