Private

Server IP : 195.201.23.43 / Your IP : 18.119.143.234
Web Server : Apache
System : Linux webserver2.vercom.be 5.4.0-192-generic #212-Ubuntu SMP Fri Jul 5 09:47:39 UTC 2024 x86_64
User : kdecoratie ( 1041)
PHP Version : 7.1.33-63+ubuntu20.04.1+deb.sury.org+1
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON
Directory : /usr/share/webmin/virtual-server/

Upload File :

[ HOME SHELL ]

Current File : /usr/share/webmin/virtual-server/modify-admin.pl

#!/usr/bin/perl

=head1 modify-admin.pl

Updates an extra administrator for a virtual server

This program can be used to change the details of an extra administrator.
The required parameters are C<--domain> followed by the domain name, and C<--name>
followed by the administrator account name, which specify the account to
change.

You can then use the C<--pass> parameter to set a new password, C<--desc> to change
the description, and C<--newname> to change the login name. The admin can be
allowed to denied the ability to create servers, rename domains, manage
features and use other Webmin modules with the C<--can-create>, C<--cannot-create>,
C<--can-rename>, C<--cannot-rename>, C<--can-features>, C<--cannot-features>,
C<--can-modules> and C<--cannot-modules> options respectively.

The extra admin's contact email address can be set or changed with the 
C<--email> flag (followed by an address), or removed with the C<--no-email>
parameter.

Editing capabilities can be granted to the user with the C<--can-edit> option
followed by a capability name. Similarly, they can be taken away with the
C<--cannot-edit> option.

To add a domain to the list of those an extra administrator is allowed to
manage, use the C<--add-domain> flag followed by a domain name. If all virtual
servers are currently allowed, this will restrict the extra admin to just that
virtual server.

To remove a server from the allowed list, use the C<--remove-domain> parameter
followed by the domain name. To grant access to all virtual servers under
the parent server, use the C<--all-domains> flag.

=cut

package virtual_server;
if (!$module_name) {
	$main::no_acl_check++;
	$ENV{'WEBMIN_CONFIG'} ||= "/etc/webmin";
	$ENV{'WEBMIN_VAR'} ||= "/var/webmin";
	if ($0 =~ /^(.*)\/[^\/]+$/) {
		chdir($pwd = $1);
		}
	else {
		chop($pwd = `pwd`);
		}
	$0 = "$pwd/modify-admin.pl";
	require './virtual-server-lib.pl';
	$< == 0 || die "modify-admin.pl must be run as root";
	}
@OLDARGV = @ARGV;

# Parse command-line args
while(@ARGV > 0) {
	local $a = shift(@ARGV);
	if ($a eq "--domain") {
		$domain = shift(@ARGV);
		}
	elsif ($a eq "--name") {
		$name = shift(@ARGV);
		}
	elsif ($a eq "--newname") {
		$newname = shift(@ARGV);
		}
	elsif ($a eq "--pass") {
		$pass = shift(@ARGV);
		}
	elsif ($a eq "--passfile") {
		$pass = &read_file_contents(shift(@ARGV));
		$pass =~ s/\r|\n//g;
		}
	elsif ($a eq "--desc") {
		$desc = shift(@ARGV);
		}
	elsif ($a eq "--email") {
		$email = shift(@ARGV);
		}
	elsif ($a eq "--no-email") {
		$email = "";
		}
	elsif ($a eq "--can-edit" || $a eq "--cannot-edit") {
		$edit = shift(@ARGV);
		&indexof($edit, @edit_limits) >= 0 ||
			&usage("Unknown edit capability. Valid capabilities are : ".join(" ", @edit_limits));
		if ($a eq "--can-edit") { push(@canedits, $edit); }
		else { push(@cannotedits, $edit); }
		}
	elsif ($a eq "--can-create") {
		$create = 1;
		}
	elsif ($a eq "--cannot-create") {
		$create = 0;
		}
	elsif ($a eq "--can-rename") {
		$norename = 0;
		}
	elsif ($a eq "--cannot-rename") {
		$norename = 1;
		}
	elsif ($a eq "--can-features") {
		$features = 1;
		}
	elsif ($a eq "--cannot-features") {
		$features = 0;
		}
	elsif ($a eq "--can-modules") {
		$modules = 1;
		}
	elsif ($a eq "--cannot-modules") {
		$modules = 0;
		}
	elsif ($a eq "--all-domains") {
		$allowedall = 1;
		}
	elsif ($a eq "--add-domain") {
		push(@allowednames, shift(@ARGV));
		}
	elsif ($a eq "--remove-domain") {
		push(@deniednames, shift(@ARGV));
		}
	elsif ($a eq "--multiline") {
		$multiline = 1;
		}
	elsif ($a eq "--help") {
		&usage();
		}
	else {
		&usage("Unknown parameter $a");
		}
	}

$domain && $name || &usage("No domain or username specified");
$d = &get_domain_by("dom", $domain);
$d || usage("Virtual server $domain does not exist");

# Find the admin
&obtain_lock_webmin();
@admins = &list_extra_admins($d);
($admin) = grep { $_->{'name'} eq $name } @admins;
$admin || &usage("Extra administrator $name does not exist in this virtual server");
$old = { %$admin };

# Update the object
if (defined($newname)) {
	&require_acl();
	($clash) = grep { $_->{'name'} eq $newname } &acl::list_users();
	$clash && &usage("The login name $newname is already in use");
	$admin->{'name'} = $newname;
	}
if (defined($pass)) {
	$admin->{'pass'} = $pass;
	}
if (defined($desc)) {
	$admin->{'desc'} = $desc;
	}
if (defined($email)) {
	if ($email) {
		$admin->{'email'} = $email;
		}
	else {
		delete($admin->{'email'});
		}
	}
if (defined($create)) {
	$admin->{'create'} = $create;
	}
if (defined($norename)) {
	$admin->{'norename'} = $norename;
	}
if (defined($features)) {
	$admin->{'features'} = $features;
	}
if (defined($modules)) {
	$admin->{'modules'} = $modules;
	}
foreach $e (@canedits) {
	$admin->{'edit_'.$e} = 1;
	}
foreach $e (@cannotedits) {
	$admin->{'edit_'.$e} = 0;
	}

# Apply allowed domain changes
@allowed = split(/\s+/, $admin->{'doms'});
if ($allowedall) {
	@allowed = ( );
	}
foreach $aname (@allowednames) {
	$a = &get_domain_by("dom", $aname);
        $a || &usage("The allowed virtual server $aname does not exist");
	$a->{'user'} eq $d->{'user'} ||
                &usage("The allowed virtual server $a->{'dom'} is not owned ".
                       "by the same user as $d->{'dom'}");
	push(@allowed, $a->{'id'});
	}
foreach $aname (@deniednames) {
	$a = &get_domain_by("dom", $aname);
        $a || &usage("The allowed virtual server $aname does not exist");
	@allowed = grep { $_ ne $a->{'id'} } @allowed;
	@allowed || &usage("You cannot remove all allowed virtual servers");
	}
if (@allowed) {
        $admin->{'doms'} = join(" ", @allowed);
        }
else {
	delete($admin->{'doms'});
	}

# Save him
&modify_extra_admin($admin, $old, $d);
&release_lock_webmin();
&run_post_actions_silently();
&virtualmin_api_log(\@OLDARGV, $d);
print "Extra administrator $name modified successfully\n";

sub usage
{
print "$_[0]\n\n" if ($_[0]);
print "Modifies an extra administrator associated with some virtual server.\n";
print "\n";
print "virtualmin modify-admin --domain domain.name\n";
print "                        --name login\n";
print "                       [--newname login]\n";
print "                       [--pass password | --passfile password-file]\n";
print "                       [--desc description]\n";
print "                       [--email user\@domain | --no-email]\n";
print "                       [--can-create] | [--cannot-create]\n";
print "                       [--can-rename] | [--cannot-rename]\n";
print "                       [--can-features] | [--cannot-features]\n";
print "                       [--can-modules] | [--cannot-modules]\n";
print "                       [--can-edit capability]*\n";
print "                       [--cannot-edit capability]*\n";
print "                       [--all-domains]\n";
print "                       [--add-domain name]* [--remove-domain name]*\n";
exit(1);
}

Private