Sindbad~EG File Manager

Current Path : /opt/dedrads/extras/
Upload File :
Current File : //opt/dedrads/extras/secureperms.sh

#!/bin/bash
# Script to fix common security issues on shared servers

userlist=$(/bin/ls -A /var/cpanel/users)

# Fix valiases permissions

# shellcheck disable=SC2063,SC2013
for domain in $(cat /etc/userdomains |awk '{print $1}' | grep -v "*" | cut -d: -f1); do

	if ! [ -f "/etc/valiases/$domain" ]; then
		touch "/etc/valiases/$domain"
	fi

	user=$(/scripts/whoowns "$domain")

	if [ ! -z "$user" ];then

		chown "$user:mail" "/etc/valiases/$domain"
		chown "$user:mail" "/etc/vdomainaliases/$domain"
		chown "$user:mail" "/etc/vfilters/$domain"
		chmod 640 "/etc/valiases/$domain"
		chmod 640 "/etc/vdomainaliases/$domain"
		chmod 640 "/etc/vfilters/$domain"
	fi
done

# Fix named.conf

chown named:named /etc/named.conf
chmod 640 /etc/named.conf

# Set /home to 711

chmod 711 /home
conflist="config.php configuration.php wp-config.php"

# Remove shell access

for user in $userlist; do
	if [ "$user" != "root" ];then
		if [ "$(cat /etc/passwd |grep "^${user}:" |awk -F: '{print $7}')" != "/usr/local/cpanel/bin/noshell" ]; then
			echo "Returning $user's shell to noshell"
			chsh "$user" -s /usr/local/cpanel/bin/noshell >/dev/null
		fi
	fi
done

# Set user home and public_html folders
if [ -f /etc/cpanel/ea4/is_ea4 ]; then
    test -f /etc/apache2/conf.modules.d/90-suphp.conf
    IS_SUPHP=$?
else
    PHPVER=$(cat /usr/local/apache/conf/php.version |cut -d. -f1)
    /usr/local/cpanel/bin/rebuild_phpconf --current |grep "PHP$PHPVER"  | awk '{print $3}' | grep -q suphp
    IS_SUPHP=$?
fi


if [ $IS_SUPHP -eq 0 ];then

        for user in $userlist
        do
                homedir=$(/scripts/gethomedir "$user")

		[ "$(/usr/bin/stat --format=%a "$homedir")" == "711" ] || echo "Fixing permissions of $homedir" && chmod 711 "$homedir"
		[ "$(/usr/bin/stat --format=%a "$homedir"/public_html)" == "750" ] || echo "Fixing permissions of $homedir/public_html" && chmod 750 "$homedir/public_html"

                chown "$user:nobody" "$homedir/public_html"

		for file in $conflist
		do
			if [ -e "$homedir/public_html/$file" ]; then
				[ "$(/usr/bin/stat --format=%a "$homedir/public_html/$file")" == "640" ] || echo "Fixing $homedir/public_html/$file" && chmod 640 "$homedir/public_html/$file"
			fi
		done

        done

fi

Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists