Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2026-05-06 20:05:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix password argument quoting for adminPass flows

Browse Source 
Quote admin password arguments during install and harden upgrade rewrites of /usr/bin/adminPass so shell-sensitive characters are preserved instead of expanded.
This commit is contained in:
master3395
2026-04-14 21:54:02 +02:00
parent fb1d97758b
commit a548f0c042
4 changed files with 16 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cyberpanel_upgrade_monolithic.sh
View File

@@ -1813,6 +1813,13 @@ if [[ "$Server_Country" = "CN" ]] ; then
fi
sed -i 's|python2|python|g' /usr/bin/adminPass
if [[ -f /usr/bin/adminPass ]]; then
cat >/usr/bin/adminPass <<'EOF'
/usr/local/CyberPanel/bin/python /usr/local/CyberCP/plogical/adminPass.py --password "$@"
systemctl restart lscpd
echo "$@" > /etc/cyberpanel/adminPass
EOF
fi
chmod 700 /usr/bin/adminPass
rm -f /usr/bin/php

2
install/venvsetup_modules/04_after_install.sh
View File

@@ -123,7 +123,7 @@ DISK2=$(df -h | awk '$NF=="/"{printf "%d/%dGB (%s)\n", $3,$2,$5}')
ELAPSED="$(($SECONDS / 3600)) hrs $((($SECONDS / 60) % 60)) min $(($SECONDS % 60)) sec"
MYSQLPASSWD=$(cat /etc/cyberpanel/mysqlPassword)
echo "$ADMIN_PASS" > /etc/cyberpanel/adminPass
/usr/local/CyberPanel/bin/python2 /usr/local/CyberCP/plogical/adminPass.py --password $ADMIN_PASS
/usr/local/CyberPanel/bin/python2 /usr/local/CyberCP/plogical/adminPass.py --password "$ADMIN_PASS"
_restart_lscpd_safe
systemctl restart lsws
echo "/usr/local/CyberPanel/bin/python2 /usr/local/CyberCP/plogical/adminPass.py --password \"\$@\"" > /usr/bin/adminPass

2
install/venvsetup_monolithic.sh
View File

@@ -1153,7 +1153,7 @@ DISK2=$(df -h | awk '$NF=="/"{printf "%d/%dGB (%s)\n", $3,$2,$5}')
ELAPSED="$(($SECONDS / 3600)) hrs $((($SECONDS / 60) % 60)) min $(($SECONDS % 60)) sec"
MYSQLPASSWD=$(cat /etc/cyberpanel/mysqlPassword)
echo "$ADMIN_PASS" > /etc/cyberpanel/adminPass
/usr/local/CyberPanel/bin/python2 /usr/local/CyberCP/plogical/adminPass.py --password $ADMIN_PASS
/usr/local/CyberPanel/bin/python2 /usr/local/CyberCP/plogical/adminPass.py --password "$ADMIN_PASS"
systemctl restart lscpd
systemctl restart lsws
echo "/usr/local/CyberPanel/bin/python2 /usr/local/CyberCP/plogical/adminPass.py --password \"\$@\"" > /usr/bin/adminPass

7
upgrade_modules/10_post_tweak.sh
View File

@@ -72,6 +72,13 @@ if [[ "$Server_Country" = "CN" ]] ; then
fi
sed -i 's|python2|python|g' /usr/bin/adminPass
if [[ -f /usr/bin/adminPass ]]; then
cat >/usr/bin/adminPass <<'EOF'
/usr/local/CyberPanel/bin/python /usr/local/CyberCP/plogical/adminPass.py --password "$@"
systemctl restart lscpd
echo "$@" > /etc/cyberpanel/adminPass
EOF
fi
chmod 700 /usr/bin/adminPass
rm -f /usr/bin/php