.
07070100000003000081a40000000000000000000000015f0c72700000003e000000000000000000000000000000000000002e00000000./usr/libexec/webmin/webmin-jailkit/README.md # webmin-jailkit
Manage Jailkit configuration files in Webmin
07070100000004000081a40000000000000000000000015f0c727000000020000000000000000000000000000000000000002b00000000./usr/libexec/webmin/webmin-jailkit/config jailkit_config_dir=/etc/jailkit
07070100000005000081a40000000000000000000000015f0c72700000003d000000000000000000000000000000000000003000000000./usr/libexec/webmin/webmin-jailkit/config.info jailkit_config_dir=Path to Jailkit configuration directory,0
07070100000006000081a40000000000000000000000015f1153ef00000504000000000000000000000000000000000000003400000000./usr/libexec/webmin/webmin-jailkit/delete_jail.cgi #!/usr/bin/perl
use strict;
use warnings;
our (%text, %in);
require './jailkit-lib.pl';
ReadParse();
my $jk_init_ini = get_jk_init_ini();
my @sections = $jk_init_ini->Sections();
my %jail_params;
my @d = split(/\0/, $in{'d'});
# If we've already confirmed go ahead an delete it
if (defined $in{'confirmed'}) {
foreach my $jail (@d) {
if ($jk_init_ini->SectionExists($jail)) {
$jk_init_ini->DeleteSection($jail);
}
else {
# Does this jail exist?
error(text('error_jail_not_found', "$jail", "
\n"));
}
}
write_jk_init_ini($jk_init_ini);
redirect('');
}
else {
ui_print_header(undef, $text{'index_delete_jail'}, "");
print "\n";
# Check to be sure we really want these jails gone
print ui_form_start("delete_jail.cgi", "post");
foreach my $jail (@d) {
# Re-send all of the d_* items with a confirmed field
print ui_hidden("d", $jail);
}
print $text{'delete_are_you_sure'};
print "\n";
foreach my $del_jail (@d) {
print "$del_jail
\n";
}
print "
\n";
print ui_hidden("confirmed", "1");
#print ui_submit($text{delete_confirm}, "confirm");
print ui_form_end([["confirm", $text{'delete_confirm'}]]);
print "\n";
ui_print_footer("");
}
ui_print_footer("");
07070100000007000081a40000000000000000000000015f1153ef00000b01000000000000000000000000000000000000003200000000./usr/libexec/webmin/webmin-jailkit/edit_jail.cgi #!/usr/bin/perl
use strict;
use warnings;
our (%text, %in);
require './jailkit-lib.pl';
ReadParse();
my $jk_init_ini = get_jk_init_ini();
my @sections = $jk_init_ini->Sections();
my %jail_params;
# Make a new section?
if ($in{'new'}) {
ui_print_header(undef, $text{'index_create_jail'}, '', 'create_jail');
# Keep new defined so we add a new section on save
print ui_hidden("new", $in{'new'});
}
else {
ui_print_header(undef, $text{'index_edit_jail'}, '', 'edit_jail');
unless ($jk_init_ini->SectionExists($in{'jail'})) {
error($text{'edit_jail_not_found'});
}
# Populate the jail hash
my @params = $jk_init_ini->Parameters($in{'jail'});
foreach my $param (@params) {
$jail_params{$param} = $jk_init_ini->val($in{'jail'}, $param);
}
}
print ui_form_start("save_jail.cgi");
print ui_hidden("orig_jail", $in{'jail'});
print ui_
print ui_hidden_table_start($text{'edit_jail_metadata'}, undef, 1,
'metadata', 1);
# name
print ui_table_row(hlink($text{'edit_jail_name'}, 'name'),
ui_textbox('jail', $in{'jail'}));
# comment/description
print ui_table_row(
hlink($text{'edit_jail_comment'}, 'comment'),
ui_textbox('comment', $jail_params{'comment'})
);
print ui_hidden_table_end('metadata');
print ui_hidden_table_start($text{'edit_jail_includes'}, undef, 1, 'includes',
1);
# paths
print ui_table_row(
hlink($text{'edit_jail_paths'}, 'paths'),
ui_textarea('paths', $jail_params{'paths'})
);
print ui_table_row(
hlink($text{'edit_jail_paths_w_owner'}, 'paths_w_owner'),
ui_textarea('paths_w_owner', $jail_params{'paths_w_owner'})
);
print ui_table_row(
hlink($text{'edit_jail_paths_w_setuid'}, 'paths_w_setuid'),
ui_textarea('paths_w_setuid', $jail_params{'paths_w_setuid'})
);
print ui_table_row(
hlink($text{'edit_jail_includesections'}, 'includesections'),
ui_textarea('includesections'),
$jail_params{'includesections'}
);
print ui_table_row(
hlink($text{'edit_jail_emptydirs'}, 'emptydirs'),
ui_textarea('emptydirs', $jail_params{'emptydirs'})
);
print ui_table_row(
hlink($text{'edit_jail_devices'}, 'devices'),
ui_textbox('devices', $jail_params{'devices'})
);
print ui_table_row(
hlink($text{'edit_jail_need_logsocket'}, 'need_logsocket'),
ui_checkbox(
'need_logsocket', 1, undef, $jail_params{'need_logsocket'} ? 1 : 0
)
);
print ui_hidden_table_end('includes');
print ui_hidden_table_start($text{'edit_jail_ug'}, undef, 1, 'usergroups', 1);
print ui_table_row(
hlink($text{'edit_jail_users'}, 'users'),
ui_textarea('users', $jail_params{'users'})
);
print ui_table_row(
hlink($text{'edit_jail_groups'}, 'groups'),
ui_textarea('groups', $jail_params{'groups'})
);
print ui_hidden_table_end('usergroups');
print ui_form_end([[undef, $text{'save_jail'}]]);
&ui_print_footer("index.cgi", $text{'edit_jail_return'});
07070100000008000041ed0000000000000000000000015f0c727000000000000000000000000000000000000000000000002900000000./usr/libexec/webmin/webmin-jailkit/help 07070100000009000081a40000000000000000000000015f0c72700000009e000000000000000000000000000000000000003600000000./usr/libexec/webmin/webmin-jailkit/help/comment.html
This option sets the comment paramter for the selected jail configuration. It is generally used to describe the purpose of the jail.
0707010000000a000081a40000000000000000000000015f0c727000000113000000000000000000000000000000000000003a00000000./usr/libexec/webmin/webmin-jailkit/help/create_jail.html
This form provides access to all of the elements of one jail section of the Jailkit jk_init.ini jail configuration file.
All parameters, except Jail ID, are optional, though to be useful a jail will at least need paths to be useful
0707010000000b000081a40000000000000000000000015f0c72700000005d000000000000000000000000000000000000003600000000./usr/libexec/webmin/webmin-jailkit/help/devices.html Devices to create in jail
Specifies which devices are required in the jail.
0707010000000c000081a40000000000000000000000015f0c727000000111000000000000000000000000000000000000003800000000./usr/libexec/webmin/webmin-jailkit/help/edit_jail.html
This form provides access to all of the elements of one jail section of the Jailkit jk_init.ini jail configuration file.
All parameters, except Jail ID, are optional, though to be useful a jail will at least need paths to be useful
0707010000000d000081a40000000000000000000000015f0c7270000000cf000000000000000000000000000000000000003800000000./usr/libexec/webmin/webmin-jailkit/help/emptydirs.html Empty directories to create in jail
Specifies, in a comma-separated list, which directories to create as empty directories. This can be useful to create for example mountpoints in the jail.
0707010000000e000081a40000000000000000000000015f0c727000000111000000000000000000000000000000000000003500000000./usr/libexec/webmin/webmin-jailkit/help/groups.html Groups to include in /etc/group
Some programs require group information to be available in /etc/group. This option will make the information for the listed groups available in /etc/group. Multiple group names can be specified in a comma-separated list.
0707010000000f000081a40000000000000000000000015f0c727000000154000000000000000000000000000000000000003e00000000./usr/libexec/webmin/webmin-jailkit/help/includesections.html Other jails to inherit from
Entry specifies which other jail sections need to be processed as well when processing the current jail configuration. For example if uidbasics were included here, the paths, users, groups, etc. from the uidbasics jail would be included in jails generated with this configuration.
07070100000010000081a40000000000000000000000015f0c7270000001e3000000000000000000000000000000000000003400000000./usr/libexec/webmin/webmin-jailkit/help/index.html
Jailkit is a set of utilities to limit user accounts to specific files using chroot() and or specific commands. Setting up a chroot shell, a shell limited to some specific command, or a daemon inside a chroot jail is a lot easier and can be automated using these utilities.
This module provides a user interface for managing the Jailkit jail configuration file (jk_init.ini). With it, you can create, modify, and delete jail definitions.
07070100000011000081a40000000000000000000000015f0c7270000000d1000000000000000000000000000000000000003300000000./usr/libexec/webmin/webmin-jailkit/help/name.html
This option is the name for the Jail. It should be unique and should contain no spaces or special characters. It will be used as a section label in the jk_init.ini configuration file.
07070100000012000081a40000000000000000000000015f0c72700000006a000000000000000000000000000000000000003d00000000./usr/libexec/webmin/webmin-jailkit/help/need_logsocket.html
If this is checked, the jail will include a /dev/log socket.
07070100000013000081a40000000000000000000000015f0c72700000006e000000000000000000000000000000000000003400000000./usr/libexec/webmin/webmin-jailkit/help/paths.html
Comma-separated list of directory or file paths to include in jail.
07070100000014000081a40000000000000000000000015f0c7270000000d7000000000000000000000000000000000000003c00000000./usr/libexec/webmin/webmin-jailkit/help/paths_w_owner.html Paths to include (keep ownership)
Comma-separated list of directory and file paths to include in jail. This option preserves ownership information (equivalent to using "cp -p" to copy the files).
07070100000015000081a40000000000000000000000015f0c727000000148000000000000000000000000000000000000003d00000000./usr/libexec/webmin/webmin-jailkit/help/paths_w_setuid.html Paths to include (with setuid)
Comma-separated list of directory and file paths to include in the jail. These files will be setuid. Use extreme caution when placing setuid binaries into a chroot jail, as a poorly constructed program (or malicious one) could be used to escape the jail or escalate privileges.
07070100000016000081a40000000000000000000000015f0c727000000115000000000000000000000000000000000000003400000000./usr/libexec/webmin/webmin-jailkit/help/users.html Users to include in /etc/passwd
Some programs and activities require users to exist in the /etc/passwd file. This option will make the information for the listed users available in /etc/passwd. Multiple user names can be specified in a comma-separated list.
07070100000017000081a40000000000000000000000015f1153ef000003f2000000000000000000000000000000000000002e00000000./usr/libexec/webmin/webmin-jailkit/index.cgi #!/usr/bin/perl
use warnings;
use strict;
our %text;
require './jailkit-lib.pl';
my $jk_init_ini = get_jk_init_ini();
my @sections = $jk_init_ini->Sections();
ui_print_header(undef, $text{'index_title'}, "", "index", 1, 1, 0, undef,
undef, undef, undef);
my @table;
foreach my $jail (@sections) {
push(
@table,
[
{'type' => 'checkbox', 'name' => 'd', 'value' => $jail},
"" . &html_escape($jail) . "",
$jk_init_ini->val("$jail", 'comment')
]
);
}
my @buttons;
push(@buttons, [["delete", $text{'index_delete_jail'}]]);
my @actions;
push(@actions, [["edit_jail.cgi?new=1", $text{'index_create_jail'}]]);
#use Data::Dumper;
#print "\n";
print ui_form_columns_table(
'delete_jail.cgi', @buttons, 1, @actions, undef,
[$text{'index_delete'}, $text{'index_jail_id'}, $text{'index_comment'}],
undef, \@table, undef, 1, $text{'index_jail_list'}, $text{'index_no_jails'}
);
ui_print_footer("");
07070100000018000081a40000000000000000000000015f1153ef00000004000000000000000000000000000000000000003100000000./usr/libexec/webmin/webmin-jailkit/install-type rpm
07070100000019000081a40000000000000000000000015f1153ef000001c4000000000000000000000000000000000000003500000000./usr/libexec/webmin/webmin-jailkit/install_check.pl # install_check.pl
use strict;
use warnings;
our %config;
do './jailkit-lib.pl';
# is_installed(mode)
# For mode 1, returns 2 if the server is installed and configured for use by
# Webmin, 1 if installed but not configured, or 0 otherwise.
# For mode 0, returns 1 if installed, 0 if not
sub is_installed {
my ($mode) = @_;
# Available config file in the default location?
return 0 if (!-r $config{'jailkit_init_ini'});
return $mode ? 2 : 0;
}
0707010000001a000081a40000000000000000000000015f1153ef00000413000000000000000000000000000000000000003300000000./usr/libexec/webmin/webmin-jailkit/jailkit-lib.pl #!/usr/bin/perl
use strict;
use warnings;
our (%config, %text);
=head1 jailkit-lib.pl
Functions for the Jailkit Webmin module
foreign_require("jailkit", "jailkit-lib.pl");
$jk_init_ini = jailkit::get_jk_init_ini();
$jk_init_ini will contain a list of hashrefs of configuration
directives from jk_init.ini.
=cut
BEGIN { push(@INC, ".."); }
use WebminCore;
init_config();
=head2 get_jk_init_ini()
Returns the jailkit configuration as a list of hash references with name and key value keys.
=cut
sub get_jk_init_ini {
use Config::IniFiles;
my $jk_init_ini = new Config::IniFiles(
-file => "$config{'jailkit_config_dir'}/jk_init.ini");
return $jk_init_ini;
}
=head2 write_jk_init_ini(\%jk_init_ini)
Write configuration file array to config file. May return an error object, if write fails.
=cut
sub write_jk_init_ini {
use Config::IniFiles;
my ($jk_init_ini) = @_;
my $result = $jk_init_ini->RewriteConfig($config{'jk_init_ini'});
unless ($result) {
error($text{'error_save_failed'});
}
return;
}
1;
0707010000001b000041ed0000000000000000000000015f0c727000000000000000000000000000000000000000000000002900000000./usr/libexec/webmin/webmin-jailkit/lang 0707010000001c000081a40000000000000000000000015f0c727000000511000000000000000000000000000000000000002c00000000./usr/libexec/webmin/webmin-jailkit/lang/en index_title=Jailkit
index_delete=Delete
index_jail_list=Configured Jails
index_no_jails=No jails found.
index_jail_id=Jail ID
index_commment=Comment
index_jails=Available Jails
index_create_jail=Create a new jail
index_delete_jail=Delete selected
index_initialize=Initialize jail for user
index_edit_jail=Edit Jail
index_comment=Comment
edit_jail_return=Return to jail list
edit_jail_not_found=That jail doesn't exist!
edit_jail_metadata=Jail Description
edit_jail_name=Jail ID
edit_jail_comment=Comment
edit_jail_includes=Paths in Jail
edit_jail_paths=Paths to include in jail
edit_jail_paths_w_owner=Paths to include (keep ownership)
edit_jail_paths_w_setuid=Paths to include (with setuid)
edit_jail_ug=Users and Groups
edit_jail_users=Users to include in /etc/passwd
edit_jail_groups=Groups to include in /etc/group
edit_jail_need_logsocket=Log socket required?
edit_jail_includesections=Other jails to inherit from
edit_jail_emptydirs=Empty directories to create in jail
edit_jail_devices=Devices to create in jail
save_jail=Save Jail
error_save_failed=Saving jail failed
error_jail_exists=Jail already exists!
error_jail_not_found=Jail named $1 doesn't exist!
delete_are_you_sure=Are you sure you want to delete the following jail(s)? This action cannot be undone.
delete_confirm=Delete
0707010000001d000081a40000000000000000000000015f11539900000056000000000000000000000000000000000000003000000000./usr/libexec/webmin/webmin-jailkit/module.info name=Jailkit
desc=Jailkit Jail Manager
os_support=*-linux
category=system
version=0.7
0707010000001e000081a40000000000000000000000015f1153ef000007f2000000000000000000000000000000000000003200000000./usr/libexec/webmin/webmin-jailkit/save_jail.cgi #!/usr/bin/perl
# save_config.cgi
# Write updated settings.ini for bloctweet
use warnings;
use strict;
our %in;
our %text;
require './jailkit-lib.pl';
my $jk_init_ini = get_jk_init_ini();
my @sections = $jk_init_ini->Sections();
my %jail_params;
ReadParse();
# If new, create a new section
if (defined $in{'new'}) {
if ($jk_init_ini->SectionExists($in{'jail'})) {
error($text{'error_jail_exists'});
}
$jk_init_ini->AddSection($in{'jail'});
}
else {
# Not new, make sure we update the name of the jail, if
# changed
if ( defined($in{'orig_jail'})
&& defined($in{'jail'})
&& $in{'orig_jail'} ne $in{'jail'})
{
$jk_init_ini->DeleteSection($in{'orig_jail'});
$jk_init_ini->AddSection($in{'jail'});
}
}
if (length $in{'comment'}) {
$jk_init_ini->newval($in{'jail'}, 'comment', $in{'comment'});
}
if (length $in{'paths'}) {
$jk_init_ini->newval($in{'jail'}, 'paths', $in{'paths'});
}
if (length $in{'paths_w_owner'}) {
$jk_init_ini->newval($in{'jail'}, 'paths_w_owner', $in{'paths_w_owner'});
}
if (length $in{'paths_w_setuid'}) {
$jk_init_ini->newval($in{'jail'}, 'paths_w_setuid', $in{'paths_w_setuid'});
}
if (length $in{'users'}) {
$jk_init_ini->newval($in{'jail'}, 'users', $in{'users'});
}
if (length $in{'groups'}) {
$jk_init_ini->newval($in{'jail'}, 'groups', $in{'groups'});
}
if (length $in{'need_logsocket'}) {
$jk_init_ini->newval($in{'jail'}, 'need_logsocket', $in{'need_logsocket'});
}
if (length $in{'devices'}) {
$jk_init_ini->newval($in{'jail'}, 'devices', $in{'devices'});
}
if (length $in{'includesections'}) {
$jk_init_ini->newval($in{'jail'}, 'includesections', $in{'includesections'});
}
if (length $in{'emptydirs'}) {
$jk_init_ini->newval($in{'jail'}, 'emptydirs', $in{'emptydirs'});
}
# Contributors
#if (defined $in{'contributors'}) {
# my @contributors = split(' ', $in{'contributors'});
# foreach my $contributor (@contributors) {
# $bloctweet_config->{'contributors'}{$contributor} = '0';
# }
#}
write_jk_init_ini($jk_init_ini);
redirect('');
07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000b00000000TRAILER!!! `