sshd/save_users.cgi

   1 #!/usr/local/bin/perl
   2 # save_users.cgi
   3 # save user and group related sshd options
   4
   5 require './sshd-lib.pl';
   6 &ReadParse();
   7 &error_setup($text{'users_err'});
   8 &lock_file($config{'sshd_config'});
   9 $conf = &get_sshd_config();
  10
  11 if ($version{'type'} eq 'ssh' && $version{'number'} < 2) {
  12         if ($in{'expire_def'}) {
  13                 &save_directive("AccountExpireWarningDays", $conf);
  14                 }
  15         else {
  16                 $in{'expire'} =~ /^\d+$/ || &error($text{'users_eexpire'});
  17                 &save_directive("AccountExpireWarningDays", $conf,
  18                                 $in{'expire'});
  19                 }
  20         }
  21
  22 if ($version{'type'} eq 'ssh' || $version{'number'} < 3.1) {
  23         &save_directive("CheckMail", $conf, $in{'mail'} ? 'yes' : 'no');
  24         }
  25
  26 #&save_directive("ForcedEmptyPasswdChange", $conf, $in{'empty'} ? 'yes' : 'no');
  27 #
  28 #&save_directive("ForcedPasswdChange", $conf, $in{'passwd'} ? 'yes' : 'no');
  29
  30 if ($version{'type'} eq 'ssh' && $version{'number'} < 2) {
  31         if ($in{'pexpire_def'}) {
  32                 &save_directive("PasswdExpireWarningDays", $conf);
  33                 }
  34         else {
  35                 $in{'pexpire'} =~ /^\d+$/ || &error($text{'users_eexpire'});
  36                 &save_directive("PasswdExpireWarningDays", $conf,
  37                                 $in{'pexpire'});
  38                 }
  39         }
  40
  41 if ($version{'type'} ne 'ssh' || $version{'number'} < 3) {
  42         &save_directive("PasswordAuthentication", $conf,
  43                         $in{'auth'} ? 'yes' : 'no');
  44         }
  45
  46 &save_directive("PermitEmptyPasswords", $conf, $in{'pempty'} ? 'yes' : 'no');
  47
  48 &save_directive("PermitRootLogin", $conf, $in{'root'});
  49
  50 if ($version{'type'} ne 'ssh' || $version{'number'} < 3) {
  51         &save_directive("RSAAuthentication", $conf, $in{'rsa'} ? 'yes' : 'no');
  52         }
  53 if ($version{'type'} eq 'openssh' && $version{'number'} >= 3) {
  54         &save_directive("PubkeyAuthentication", $conf,
  55                         $in{'dsa'} ? 'yes' : 'no');
  56         }
  57
  58 &save_directive("StrictModes", $conf, $in{'strict'} ? 'yes' : 'no');
  59
  60 &save_directive("PrintMotd", $conf, $in{'motd'} ? 'yes' : 'no');
  61
  62 if ($version{'type'} eq 'openssh') {
  63         &save_directive("IgnoreUserKnownHosts", $conf,
  64                         $in{'known'} ? 'yes' : 'no');
  65
  66         if ($version{'number'} > 2.3) {
  67                 if ($in{'banner_def'}) {
  68                         &save_directive("Banner", $conf);
  69                         }
  70                 else {
  71                         -r $in{'banner'} || &error($text{'users_ebanner'});
  72                         &save_directive("Banner", $conf, $in{'banner'});
  73                         }
  74                 }
  75         }
  76 elsif ($version{'type'} eq 'ssh' && $version{'number'} >= 2) {
  77         if ($in{'banner_def'}) {
  78                 &save_directive("BannerMessageFile", $conf);
  79                 }
  80         else {
  81                 -r $in{'banner'} || &error($text{'users_ebanner'});
  82                 &save_directive("BannerMessageFile", $conf, $in{'banner'});
  83                 }
  84         }
  85
  86 if ($version{'type'} eq 'openssh' && $version{'number'} >= 3) {
  87         if ($in{'authkeys_def'}) {
  88                 &save_directive("AuthorizedKeysFile", $conf);
  89                 }
  90         else {
  91                 $in{'authkeys'} =~ /^\S+$/ || &error($text{'users_eauthkeys'});
  92                 &save_directive("AuthorizedKeysFile", $conf, $in{'authkeys'});
  93                 }
  94         }
  95
  96 if ($version{'type'} eq 'openssh' && $version{'number'} >= 5) {
  97         if ($in{'maxauthtries_def'}) {
  98                 &save_directive("MaxAuthTries", $conf);
  99                 }
 100         else {
 101                 $in{'maxauthtries'} =~ /^\d+$/ && $in{'maxauthtries'} > 0 ||
 102                         &error($text{'users_emaxauthtries'});
 103                 &save_directive("MaxAuthTries", $conf, $in{'maxauthtries'});
 104                 }
 105         }
 106
 107 if ($version{'type'} eq 'openssh' && $version{'number'} < 3.7 ||
 108     $version{'type'} eq 'ssh' && $version{'number'} < 2) {
 109         &save_directive("RhostsAuthentication", $conf,
 110                         $in{'rhostsauth'} ? 'yes' : 'no');
 111
 112         &save_directive("RhostsRSAAuthentication", $conf,
 113                         $in{'rhostsrsa'} ? 'yes' : 'no');
 114         }
 115
 116 &save_directive("IgnoreRhosts", $conf, $in{'rhosts'} ? 'yes' : 'no');
 117
 118 if ($version{'type'} eq 'ssh') {
 119         if ($in{'rrhosts'} == -1) {
 120                 &save_directive("IgnoreRootRhosts", $conf);
 121                 }
 122         else {
 123                 &save_directive("IgnoreRootRhosts", $conf,
 124                                 $in{'rrhosts'} ? 'yes' : 'no');
 125                 }
 126         }
 127
 128 &flush_file_lines();
 129 &unlock_file($config{'sshd_config'});
 130 &webmin_log("users");
 131 &redirect("");
 132