search

outroll / vesta

VESTA Control Panel
http://vestacp.com
GNU General Public License v3.0
2.95k stars 1.03k forks source link

Debian 9.3 Digital Ocean - VestaCP uses UID 1000 but admin is user 1001 #1491

Open didyouexpectthat opened 6 years ago

didyouexpectthat commented 6 years ago

Operating System (OS/VERSION):

Debian 9.3

VestaCP Version:

0.9.8-19

Installed Software (what you got with the installer):

Everything.

Steps to Reproduce:

Other Notes:

I see that in the install script it uses admin by user name but it somehow uses another UID somewhere later on. 

root@didyouexpect:/usr/local/vesta/data/templates/web/nginx# ls -lah
total 64K
drwxr-xr-x 3 debian debian 4.0K Feb 19 17:47 .
drwxr-xr-x 9 debian debian 4.0K Jan  4 12:16 ..
-rwxrwxr-x 1 debian debian  367 Dec 30 02:01 caching.sh
-rwxrwxr-x 1 debian debian 1.4K Dec 30 02:01 caching.stpl
-rwxrwxr-x 1 debian debian 1.3K Dec 30 02:01 caching.tpl
-rwxrwxr-x 1 debian debian 1.1K Dec 30 02:01 default.stpl
-rwxrwxr-x 1 debian debian  983 Dec 30 02:01 default.tpl
-rwxr-xr-x 1 debian debian  131 Dec 30 02:01 hosting.sh
-rwxrwxr-x 1 debian debian 1.2K Dec 30 02:01 hosting.stpl
-rwxrwxr-x 1 debian debian 1.1K Dec 30 02:01 hosting.tpl
-rw-rw-r-- 1 debian debian 1.1K Dec 30 02:01 http2.stpl
-rw-rw-r-- 1 debian debian  962 Dec 30 02:01 http2.tpl
drwxr-xr-x 2 debian debian 4.0K Dec 30 02:01 php-fpm
-rwxr-xr-x 1 debian debian  189 Dec 30 02:01 proxy_ip.tpl
root@server:/usr/local/vesta/data/templates/web/nginx# egrep "admin|debian" /etc/passwd
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
debian:x:1000:1000:Cloud-init-user,,,:/home/debian:/bin/bash
postgres:x:113:118:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash
debian-spamd:x:119:122::/var/lib/spamassassin:/bin/sh
admin:x:1001:1001:root@server:/home/admin:/bin/bash
Skamasle commented 6 years ago

Hi

What issue you get with this ?

UIDs assigned if is available

So if 1000 is not avalaible it take 1001 if 1001 isnt it take 1002 as any order user / group

didyouexpectthat commented 6 years ago

Something during install sets the uid to 1000 on several locations, namely the /usr/local/vesta/data and /etc/fail2ban/jail.local, but admin was user 1001. I fixed by find / -uid 1000 and changing the owner/group to admin.

Skamasle commented 6 years ago

Ok I get it and can reproduce it in centos

Skamasle commented 6 years ago

This issue come from repo, vesta not check the user, so, in default system when pack the deb / rpms and any orther stuff the user admin have uid 1000

Then unpack in orther system vesta just "unpack" and get uid and gid as it on 1000 and if orther user exists with iud 1000 system asign that file to uid 1000 user, in your case debian user, en centos 7 backup user

Easy to solve in any installer force chown at the end or tar /gzip files with --owner= option

didyouexpectthat commented 6 years ago

I like the idea of tar/gzip with --owner since forcing chown at the end requires you to remember which installation paths were used (example, not installing fail2ban). Do not want to maliciously overwrite permissions on good data.