Revision 34bc249f
Added by Jim Pingle about 9 years ago
| src/etc/inc/auth.inc | ||
|---|---|---|
| 417 | 417 |
* can cause issues. Just remove crontab before run it when necessary |
| 418 | 418 |
*/ |
| 419 | 419 |
unlink_if_exists("/var/cron/tabs/{$line[0]}");
|
| 420 |
$cmd = "/usr/sbin/pw userdel -n '{$line[0]}'";
|
|
| 420 |
$cmd = "/usr/sbin/pw userdel -n " . escapeshellarg($line[0]);
|
|
| 421 | 421 |
if ($debug) {
|
| 422 | 422 |
log_error(sprintf(gettext("Running: %s"), $cmd));
|
| 423 | 423 |
} |
| ... | ... | |
| 441 | 441 |
if ($line[2] > 65000) {
|
| 442 | 442 |
continue; |
| 443 | 443 |
} |
| 444 |
$cmd = "/usr/sbin/pw groupdel -g {$line[2]}";
|
|
| 444 |
$cmd = "/usr/sbin/pw groupdel -g " . escapeshellarg($line[2]);
|
|
| 445 | 445 |
if ($debug) {
|
| 446 | 446 |
log_error(sprintf(gettext("Running: %s"), $cmd));
|
| 447 | 447 |
} |
| ... | ... | |
| 549 | 549 |
|
| 550 | 550 |
$comment = str_replace(array(":", "!", "@"), " ", $user['descr']);
|
| 551 | 551 |
/* add or mod pw db */ |
| 552 |
$cmd = "/usr/sbin/pw {$user_op} -q -u {$user_uid} -n {$user_name}".
|
|
| 553 |
" -g {$user_group} -s {$user_shell} -d {$user_home}".
|
|
| 554 |
" -c ".escapeshellarg($comment)." -H 0 2>&1"; |
|
| 552 |
$cmd = "/usr/sbin/pw {$user_op} -q " .
|
|
| 553 |
" -u " . escapeshellarg($user_uid) . |
|
| 554 |
" -n " . escapeshellarg($user_name) . |
|
| 555 |
" -g " . escapeshellarg($user_group) . |
|
| 556 |
" -s " . escapeshellarg($user_shell) . |
|
| 557 |
" -d " . escapeshellarg($user_home) . |
|
| 558 |
" -c " . escapeshellarg($comment) . |
|
| 559 |
" -H 0 2>&1"; |
|
| 555 | 560 |
|
| 556 | 561 |
if ($debug) {
|
| 557 | 562 |
log_error(sprintf(gettext("Running: %s"), $cmd));
|
| ... | ... | |
| 585 | 590 |
} |
| 586 | 591 |
|
| 587 | 592 |
$un = $lock_account ? "" : "un"; |
| 588 |
exec("/usr/sbin/pw {$un}lock {$user_name} -q 2>/dev/null");
|
|
| 593 |
exec("/usr/sbin/pw {$un}lock " . escapeshellarg($user_name) . " -q 2>/dev/null");
|
|
| 589 | 594 |
|
| 590 | 595 |
conf_mount_ro(); |
| 591 | 596 |
} |
| ... | ... | |
| 613 | 618 |
} |
| 614 | 619 |
|
| 615 | 620 |
/* delete from pw db */ |
| 616 |
$cmd = "/usr/sbin/pw userdel -n {$user['name']} {$rmhome}";
|
|
| 621 |
$cmd = "/usr/sbin/pw userdel -n " . escapeshellarg($user['name']) . " " . escapeshellarg($rmhome);
|
|
| 617 | 622 |
|
| 618 | 623 |
if ($debug) {
|
| 619 | 624 |
log_error(sprintf(gettext("Running: %s"), $cmd));
|
| ... | ... | |
| 761 | 766 |
} |
| 762 | 767 |
|
| 763 | 768 |
/* determine add or mod */ |
| 764 |
if (mwexec("/usr/sbin/pw groupshow -g {$group_gid} 2>&1", true) == 0) {
|
|
| 769 |
if (mwexec("/usr/sbin/pw groupshow -g " . escapeshellarg($group_gid) . " 2>&1", true) == 0) {
|
|
| 765 | 770 |
$group_op = "groupmod -l"; |
| 766 | 771 |
} else {
|
| 767 | 772 |
$group_op = "groupadd -n"; |
| 768 | 773 |
} |
| 769 | 774 |
|
| 770 | 775 |
/* add or mod group db */ |
| 771 |
$cmd = "/usr/sbin/pw {$group_op} {$group_name} -g {$group_gid} -M '{$group_members}' 2>&1";
|
|
| 776 |
$cmd = "/usr/sbin/pw {$group_op} " .
|
|
| 777 |
escapeshellarg($group_name) . |
|
| 778 |
" -g " . escapeshellarg($group_gid) . |
|
| 779 |
" -M " . escapeshellarg($group_members) . " 2>&1"; |
|
| 772 | 780 |
|
| 773 | 781 |
if ($debug) {
|
| 774 | 782 |
log_error(sprintf(gettext("Running: %s"), $cmd));
|
| ... | ... | |
| 781 | 789 |
global $debug; |
| 782 | 790 |
|
| 783 | 791 |
/* delete from group db */ |
| 784 |
$cmd = "/usr/sbin/pw groupdel {$group['name']}";
|
|
| 792 |
$cmd = "/usr/sbin/pw groupdel " . escapeshellarg($group['name']);
|
|
| 785 | 793 |
|
| 786 | 794 |
if ($debug) {
|
| 787 | 795 |
log_error(sprintf(gettext("Running: %s"), $cmd));
|
Also available in: Unified diff
Use escapeshellarg on shell calls in auth.inc. Ticket #6475