From fb19a99ad4c680b1dfcf9be97e066c5db3595404 Mon Sep 17 00:00:00 2001 From: donbuehl Date: Mon, 19 Aug 2024 18:16:38 +0200 Subject: [PATCH 1/9] Added function getUserShell() to OpenTerminal.php and use it for the execution --- .../plugins/dynamix/include/OpenTerminal.php | 22 ++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/emhttp/plugins/dynamix/include/OpenTerminal.php b/emhttp/plugins/dynamix/include/OpenTerminal.php index 1b0abdd07..db5d8572b 100644 --- a/emhttp/plugins/dynamix/include/OpenTerminal.php +++ b/emhttp/plugins/dynamix/include/OpenTerminal.php @@ -29,6 +29,26 @@ $run = "$docroot/webGui/scripts/run_cmd"; // set tty window font size if (!empty($display['tty'])) exec("sed -ri 's/fontSize=[0-9]+/fontSize={$display['tty']}/' /etc/default/ttyd"); +function getUserShell() { + $shell = 'bash'; + try { + $username = posix_getpwuid(posix_geteuid())['name']; + $passwd = file_get_contents('/etc/passwd'); + $lines = explode("\n", $passwd); + foreach ($lines as $line) { + if (strpos($line, $username) === 0) { + $parts = explode(':', $line); + $fullShellPath = end($parts); + $shell = basename(trim($fullShellPath)); + break; + } + } + } catch (Exception $e) { + syslog(LOG_ERR, "Fehler beim Ermitteln der User-Shell: " . $e->getMessage()); + } + return $shell; +} + function wait($name,$cmd) { global $run,$wait; $exec = "/var/tmp/$name.run.sh"; @@ -51,7 +71,7 @@ case 'ttyd': // no child processes, restart ttyd to pick up possible font size change if ($retval != 0) exec("kill ".$ttyd_pid[0]); } - if ($retval != 0) exec("ttyd-exec -i '$sock' bash --login"); + if ($retval != 0) exec("ttyd-exec -i '$sock' " . getUserShell() . " --login"); break; case 'syslog': // read syslog file From 07fa790411184f2a3e7d0ead730419eac359c550 Mon Sep 17 00:00:00 2001 From: donbuehl Date: Mon, 19 Aug 2024 21:49:31 +0200 Subject: [PATCH 2/9] Improve getUserShell() function for accuracy and consistency - Refine username matching to prevent partial matches - Use English for syslog error message --- .../plugins/dynamix/include/OpenTerminal.php | 27 ++++++++++--------- 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/emhttp/plugins/dynamix/include/OpenTerminal.php b/emhttp/plugins/dynamix/include/OpenTerminal.php index db5d8572b..3afd4d9f9 100644 --- a/emhttp/plugins/dynamix/include/OpenTerminal.php +++ b/emhttp/plugins/dynamix/include/OpenTerminal.php @@ -32,20 +32,23 @@ if (!empty($display['tty'])) exec("sed -ri 's/fontSize=[0-9]+/fontSize={$display function getUserShell() { $shell = 'bash'; try { - $username = posix_getpwuid(posix_geteuid())['name']; - $passwd = file_get_contents('/etc/passwd'); - $lines = explode("\n", $passwd); - foreach ($lines as $line) { - if (strpos($line, $username) === 0) { - $parts = explode(':', $line); - $fullShellPath = end($parts); - $shell = basename(trim($fullShellPath)); - break; - } - } + $username = posix_getpwuid(posix_geteuid())['name']; + $passwd = file_get_contents('/etc/passwd'); + $lines = explode("\n", $passwd); + foreach ($lines as $line) { + $parts = explode(':', $line); + if ($parts[0] === $username) { + $fullShellPath = end($parts); + $shell = basename(trim($fullShellPath)); + break; + } + } } catch (Exception $e) { - syslog(LOG_ERR, "Fehler beim Ermitteln der User-Shell: " . $e->getMessage()); + syslog(LOG_ERR, "Error determining user shell: " . $e->getMessage()); } + + syslog(LOG_INFO, sprintf("User shell determined: %s %s", $username, $shell)); + return $shell; } From c62ef28fc3eeb10ce238b0ea56f817360298bce6 Mon Sep 17 00:00:00 2001 From: donbuehl Date: Mon, 19 Aug 2024 22:06:41 +0200 Subject: [PATCH 3/9] Refactor getUserShell() for improved clarity and maintainability - Introduce variable for better code readability - Simplify return logic using the default shell variable - Maintain comprehensive error handling with Throwable --- .../plugins/dynamix/include/OpenTerminal.php | 23 +++++++++---------- 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/emhttp/plugins/dynamix/include/OpenTerminal.php b/emhttp/plugins/dynamix/include/OpenTerminal.php index 3afd4d9f9..c0c1fdbac 100644 --- a/emhttp/plugins/dynamix/include/OpenTerminal.php +++ b/emhttp/plugins/dynamix/include/OpenTerminal.php @@ -30,26 +30,25 @@ $run = "$docroot/webGui/scripts/run_cmd"; if (!empty($display['tty'])) exec("sed -ri 's/fontSize=[0-9]+/fontSize={$display['tty']}/' /etc/default/ttyd"); function getUserShell() { - $shell = 'bash'; + $defaultShell = 'bash'; + try { $username = posix_getpwuid(posix_geteuid())['name']; $passwd = file_get_contents('/etc/passwd'); $lines = explode("\n", $passwd); foreach ($lines as $line) { - $parts = explode(':', $line); - if ($parts[0] === $username) { - $fullShellPath = end($parts); - $shell = basename(trim($fullShellPath)); - break; - } + $parts = explode(':', $line); + if ($parts[0] === $username) { + $fullShellPath = end($parts); + return basename(trim($fullShellPath)); + } } - } catch (Exception $e) { - syslog(LOG_ERR, "Error determining user shell: " . $e->getMessage()); + } catch (Throwable $t) { + syslog(LOG_ERR, 'Error determining user shell: ' . $t->getMessage()); + return defaultShell; } - syslog(LOG_INFO, sprintf("User shell determined: %s %s", $username, $shell)); - - return $shell; + return defaultShell; } function wait($name,$cmd) { From d7b4dfd44b4e867149d6059f4ef65aa7088ea257 Mon Sep 17 00:00:00 2001 From: donbuehl Date: Mon, 19 Aug 2024 22:14:46 +0200 Subject: [PATCH 4/9] Fixed missing $ in variable --- emhttp/plugins/dynamix/include/OpenTerminal.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/emhttp/plugins/dynamix/include/OpenTerminal.php b/emhttp/plugins/dynamix/include/OpenTerminal.php index c0c1fdbac..46ad07c5e 100644 --- a/emhttp/plugins/dynamix/include/OpenTerminal.php +++ b/emhttp/plugins/dynamix/include/OpenTerminal.php @@ -45,10 +45,10 @@ function getUserShell() { } } catch (Throwable $t) { syslog(LOG_ERR, 'Error determining user shell: ' . $t->getMessage()); - return defaultShell; + return $defaultShell; } - return defaultShell; + return $defaultShell; } function wait($name,$cmd) { From 7e6ad9512debdda56abda3526783902a95aa2f9c Mon Sep 17 00:00:00 2001 From: donbuehl Date: Tue, 20 Aug 2024 09:08:31 +0200 Subject: [PATCH 5/9] Wrap getUserShell() call with escapeshellarg() for additional security --- emhttp/plugins/dynamix/include/OpenTerminal.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/emhttp/plugins/dynamix/include/OpenTerminal.php b/emhttp/plugins/dynamix/include/OpenTerminal.php index 46ad07c5e..b63850a88 100644 --- a/emhttp/plugins/dynamix/include/OpenTerminal.php +++ b/emhttp/plugins/dynamix/include/OpenTerminal.php @@ -73,7 +73,7 @@ case 'ttyd': // no child processes, restart ttyd to pick up possible font size change if ($retval != 0) exec("kill ".$ttyd_pid[0]); } - if ($retval != 0) exec("ttyd-exec -i '$sock' " . getUserShell() . " --login"); + if ($retval != 0) exec("ttyd-exec -i '$sock' " . escapeshellarg(getUserShell()) . " --login"); break; case 'syslog': // read syslog file From cd9d20eaf3a2c1ec43baba50298cdbe7d3945bcd Mon Sep 17 00:00:00 2001 From: donbuehl Date: Sun, 25 Aug 2024 15:19:53 +0200 Subject: [PATCH 6/9] Simplify shell detection for openterminal --- .../plugins/dynamix/include/OpenTerminal.php | 24 +------------------ 1 file changed, 1 insertion(+), 23 deletions(-) diff --git a/emhttp/plugins/dynamix/include/OpenTerminal.php b/emhttp/plugins/dynamix/include/OpenTerminal.php index b63850a88..647536a0c 100644 --- a/emhttp/plugins/dynamix/include/OpenTerminal.php +++ b/emhttp/plugins/dynamix/include/OpenTerminal.php @@ -29,28 +29,6 @@ $run = "$docroot/webGui/scripts/run_cmd"; // set tty window font size if (!empty($display['tty'])) exec("sed -ri 's/fontSize=[0-9]+/fontSize={$display['tty']}/' /etc/default/ttyd"); -function getUserShell() { - $defaultShell = 'bash'; - - try { - $username = posix_getpwuid(posix_geteuid())['name']; - $passwd = file_get_contents('/etc/passwd'); - $lines = explode("\n", $passwd); - foreach ($lines as $line) { - $parts = explode(':', $line); - if ($parts[0] === $username) { - $fullShellPath = end($parts); - return basename(trim($fullShellPath)); - } - } - } catch (Throwable $t) { - syslog(LOG_ERR, 'Error determining user shell: ' . $t->getMessage()); - return $defaultShell; - } - - return $defaultShell; -} - function wait($name,$cmd) { global $run,$wait; $exec = "/var/tmp/$name.run.sh"; @@ -73,7 +51,7 @@ case 'ttyd': // no child processes, restart ttyd to pick up possible font size change if ($retval != 0) exec("kill ".$ttyd_pid[0]); } - if ($retval != 0) exec("ttyd-exec -i '$sock' " . escapeshellarg(getUserShell()) . " --login"); + if ($retval != 0) exec("ttyd-exec -i '$sock' " . basename(posix_getpwuid(0)['shell']) . " --login"); break; case 'syslog': // read syslog file From be22c0e1f899d7f0e6651e21555ce3cb1f3824e4 Mon Sep 17 00:00:00 2001 From: donbuehl Date: Sun, 25 Aug 2024 15:44:28 +0200 Subject: [PATCH 7/9] Simplify shell detection for openterminal --- emhttp/plugins/dynamix/include/OpenTerminal.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/emhttp/plugins/dynamix/include/OpenTerminal.php b/emhttp/plugins/dynamix/include/OpenTerminal.php index 647536a0c..41929d85b 100644 --- a/emhttp/plugins/dynamix/include/OpenTerminal.php +++ b/emhttp/plugins/dynamix/include/OpenTerminal.php @@ -51,7 +51,9 @@ case 'ttyd': // no child processes, restart ttyd to pick up possible font size change if ($retval != 0) exec("kill ".$ttyd_pid[0]); } - if ($retval != 0) exec("ttyd-exec -i '$sock' " . basename(posix_getpwuid(0)['shell']) . " --login"); + $userShell = basename(posix_getpwuid(0)['shell']); + $shell = in_array($userShell, ['bash', 'sh', 'zsh', 'fish', 'ksh', 'tcsh', 'dash']) ? $userShell : 'bash'; + if ($retval != 0) exec("ttyd-exec -i '$sock' $shell --login"); break; case 'syslog': // read syslog file From db77c13552f62835520159e133b8bbc8c6a62fc4 Mon Sep 17 00:00:00 2001 From: donbuehl Date: Mon, 26 Aug 2024 14:29:24 +0200 Subject: [PATCH 8/9] MVP solution for zsh plugin Implemented a minimal viable solution for the zsh plugin: - Checks if the shell is /bin/zsh - Falls back to bash if not This approach prioritizes simplicity and reliability over a more general solution to avoid potential errors. --- emhttp/plugins/dynamix/include/OpenTerminal.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/emhttp/plugins/dynamix/include/OpenTerminal.php b/emhttp/plugins/dynamix/include/OpenTerminal.php index 41929d85b..349b51dca 100644 --- a/emhttp/plugins/dynamix/include/OpenTerminal.php +++ b/emhttp/plugins/dynamix/include/OpenTerminal.php @@ -51,9 +51,8 @@ case 'ttyd': // no child processes, restart ttyd to pick up possible font size change if ($retval != 0) exec("kill ".$ttyd_pid[0]); } - $userShell = basename(posix_getpwuid(0)['shell']); - $shell = in_array($userShell, ['bash', 'sh', 'zsh', 'fish', 'ksh', 'tcsh', 'dash']) ? $userShell : 'bash'; - if ($retval != 0) exec("ttyd-exec -i '$sock' $shell --login"); + $shell = posix_getpwuid(0)['shell'] === '/bin/zsh' ? 'zsh' : 'bash'; + if ($retval != 0) exec("ttyd-exec -i '$sock' '$shell' --login"); break; case 'syslog': // read syslog file From 53704b58aad63adac81dcdaeb6521f2925767efa Mon Sep 17 00:00:00 2001 From: donbuehl Date: Tue, 27 Aug 2024 21:43:46 +0200 Subject: [PATCH 9/9] Final minimal viable solution --- emhttp/plugins/dynamix/include/OpenTerminal.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/emhttp/plugins/dynamix/include/OpenTerminal.php b/emhttp/plugins/dynamix/include/OpenTerminal.php index 349b51dca..fbba2d93e 100644 --- a/emhttp/plugins/dynamix/include/OpenTerminal.php +++ b/emhttp/plugins/dynamix/include/OpenTerminal.php @@ -51,8 +51,7 @@ case 'ttyd': // no child processes, restart ttyd to pick up possible font size change if ($retval != 0) exec("kill ".$ttyd_pid[0]); } - $shell = posix_getpwuid(0)['shell'] === '/bin/zsh' ? 'zsh' : 'bash'; - if ($retval != 0) exec("ttyd-exec -i '$sock' '$shell' --login"); + if ($retval != 0) exec("ttyd-exec -i '$sock' '" . posix_getpwuid(0)['shell'] . "' --login"); break; case 'syslog': // read syslog file