Author Topic: Two Factor Authorization Mod  (Read 11134 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Re: Two Factor Authorization Mod
« Reply #15 on: February 21, 2020, 09:16:36 AM »
That means the file manager in the user admin canít be used as no access to user files only the ones I noted before. Then my users canít access their files using built in file manager I will have to not use it thanks


Offline
***
Re: Two Factor Authorization Mod
« Reply #16 on: February 21, 2020, 06:26:29 PM »
Once logged in, a session token is set, so you should have full access to everything.  Anything that is not working isn't because of this mod, I can promise you that.
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: Two Factor Authorization Mod
« Reply #17 on: February 21, 2020, 07:49:48 PM »
It was perfectly fine before I installed this first version of the mod that was bad. No other mods ect have been previously installed. 200% fine before this The issue never existed before this the fact that it go to the files your mod added shows u it came from your mod

Offline
***
Re: Two Factor Authorization Mod
« Reply #18 on: February 21, 2020, 09:26:36 PM »
Turn off 2fa for root and see if it persists while it's off.  They may have changed something on the backend.
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: Two Factor Authorization Mod
« Reply #19 on: February 21, 2020, 10:06:46 PM »
both root and user are off but still user dir only same:



as you can see the is a user named google and thats all that loads

« Last Edit: February 21, 2020, 10:12:54 PM by annettek »

Offline
***
Re: Two Factor Authorization Mod
« Reply #20 on: February 21, 2020, 10:13:00 PM »
I'll look into it
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: Two Factor Authorization Mod
« Reply #21 on: February 21, 2020, 10:20:59 PM »
thanks appericated..

Awsome person willing to help could not ask a stranger for more. 10 out of 10 for this guy.
« Last Edit: February 21, 2020, 10:58:27 PM by annettek »

Offline
***
Re: Two Factor Authorization Mod
« Reply #22 on: February 22, 2020, 01:06:13 AM »
I have a patch for you:
first:
edit /root/watch.sh file
Remove line 26  "sed -i "s@fastcgi_param   PHP_ADMIN_VA....."
Add in it's place  "   sed -i -re 's@open_basedir(.*)(";)@\1:/home/google\2@' $f     "

then run: 
 sed -i "s@open_basedir =/home/google/:@open_basedir =@g" /usr/local/cwpsrv/conf.d/users/*

finally run:
/root/watch.sh

This should fix the issue for users.  Root would normally start in /tmp, so I don't think it's too big of a bug ;)
« Last Edit: February 22, 2020, 01:12:19 AM by rcschaff »
Google Hangouts:  rcschaff82@gmail.com

Offline
***
Re: Two Factor Authorization Mod
« Reply #23 on: February 22, 2020, 01:10:44 AM »
Updated md5sum   b100f5a2bd1f02330cd1da2531749b6e

Changelog:

Bugfix of user filemanager displaying /home/google instead of home directory
Added check for ntpd service.  Installs and starts if not installed
install script disables selinux temporarily if it is enabled, then reenables it.
install script notifies how to set proper timezone at end
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: Two Factor Authorization Mod
« Reply #24 on: February 22, 2020, 01:33:01 AM »
can you post your original contents of the /root/watch.sh file i think i made mistke lol. im not perfect still learning

lol i screwed it up trying to resolve it now
« Last Edit: February 22, 2020, 02:02:04 AM by annettek »

Offline
***
Re: Two Factor Authorization Mod
« Reply #25 on: February 22, 2020, 01:59:46 AM »
Original file should be in cwp_2fa folder from untar
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: Two Factor Authorization Mod
« Reply #26 on: February 22, 2020, 02:16:46 AM »
evety time i do t get error below maybee i not doinf it right

I/O Error.
/home/

here is file contents i changed

#!/bin/sh
pid=` ps aux | grep -v grep | pgrep -f cron.php`
check_user()
{
echo "//////////User Checks//////////"
cd /usr/local/cwpsrv/var/services/users/login
if [ "$(tail -1 index.php)" == "?>" ] ; then
                return
        fi
chattr -i .
chattr -i *
echo "Moving Files"
cp -f index.php abcdefg.php
cp -f login.php index.php
chattr +i *
chattr +i .
}
check_configs()
{
echo "//////////Config Checks//////////"
FILES=/usr/local/cwpsrv/conf.d/users/*
for f in $FILES
do
if ! grep -q "open_basedir =/home/google" $f; then
    echo updateing $f
     sed -i -re 's@open_basedir(.*)(";)@\1:/home/google\2@' $f   
fi
done
if grep -q "open_basedir = /tmp" /usr/local/cwpsrv/conf.d/users.conf; then
updating users.conf
sed -i "s@fastcgi_param   PHP_ADMIN_VALUE \"open_basedir = /tmp@fastcgi_param   PHP_ADMIN_VALUE \"open_basedir = /home/:/tmp@g" /usr/local/cwpsrv/conf.d/users.conf

fi
/usr/local/cwpsrv/bin/cwpsrv -s reload
find /home/*/.conf/cwp.ini -exec sed -i "s@original@modified@g" {} +

}
check_admin()
{
echo "//////////Admin Checks//////////"
   cd /usr/local/cwpsrv/htdocs/admin/login/
   if [ "$(tail -1 index.php)" == "?>" ] ; then
      return
   fi
   echo "Moving Admin"
   chattr -i .
   chattr -i *
   ls | grep -P "[a-z0-9]{16}" | xargs -d"\n" rm
   RAND_CHARS=$(openssl rand -hex 16)
   mv index.php $RAND_CHARS.php
   cp index_working.php index.php
   sed -i "s@define(\"DO_LOGIN\",\"\");@define(\"DO_LOGIN\",\"$RAND_CHARS.php\");@g" index.php
   chattr +i *
   chattr +i .
}
if [ "$pid" != "" ]; then
while [ -e /proc/$pid ]
do
    sleep .6
done
fi
echo "Start Checks"
check_user
check_admin
check_configs


is that right
« Last Edit: February 22, 2020, 02:41:41 AM by annettek »

Offline
***
Re: Two Factor Authorization Mod
« Reply #27 on: February 22, 2020, 03:30:56 AM »
Use this, as I forgot to update the check of the user configs was changed as well.
/root/watch.sh
Code: [Select]
#!/bin/sh
pid=` ps aux | grep -v grep | pgrep -f cron.php`
check_user()
{
echo "//////////User Checks//////////"
cd /usr/local/cwpsrv/var/services/users/login
if [ "$(tail -1 index.php)" == "?>" ] ; then
                return
        fi
chattr -i .
chattr -i *
echo "Moving Files"
cp -f index.php abcdefg.php
cp -f login.php index.php
chattr +i *
chattr +i .
}
check_configs()
{
echo "//////////Config Checks//////////"
FILES=/usr/local/cwpsrv/conf.d/users/*
for f in $FILES
do
if ! grep -q "/home/google" $f; then
    echo updateing $f
     sed -i -re 's@open_basedir(.*)(";)@\1:/home/google\2@' $f
fi
done
if grep -q "open_basedir = /tmp" /usr/local/cwpsrv/conf.d/users.conf; then
updating users.conf
sed -i "s@fastcgi_param   PHP_ADMIN_VALUE \"open_basedir = /tmp@fastcgi_param   PHP_ADMIN_VALUE \"open_basedir = /home/:/tmp@g" /usr/local/cwpsrv/conf.d/users.conf

fi
/usr/local/cwpsrv/bin/cwpsrv -s reload
find /home/*/.conf/cwp.ini -exec sed -i "s@original@modified@g" {} +

}
check_admin()
{
echo "//////////Admin Checks//////////"
        cd /usr/local/cwpsrv/htdocs/admin/login/
        if [ "$(tail -1 index.php)" == "?>" ] ; then
                return
        fi
        echo "Moving Admin"
        chattr -i .
        chattr -i *
        ls | grep -P "[a-z0-9]{16}" | xargs -d"\n" rm
        RAND_CHARS=$(openssl rand -hex 16)
        mv index.php $RAND_CHARS.php
        cp index_working.php index.php
        sed -i "s@define(\"DO_LOGIN\",\"\");@define(\"DO_LOGIN\",\"$RAND_CHARS.php\");@g" index.php
        chattr +i *
        chattr +i .
}
if [ "$pid" != "" ]; then
while [ -e /proc/$pid ]
do
    sleep .6
done
fi
echo "Start Checks"
check_user
check_admin
check_configs

« Last Edit: February 22, 2020, 03:47:48 AM by rcschaff »
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: Two Factor Authorization Mod
« Reply #28 on: February 22, 2020, 03:42:05 AM »
/root/watch.sh: line 1: [root@server3: command not found
/root/watch.sh: line 4: syntax error near unexpected token `$'\r''
'root/watch.sh: line 4: `check_user()


after removing the top lines

[root@server ~]# /root/watch.sh
-bash: /root/watch.sh: /bin/sh^M: bad interpreter: No such file or directory
« Last Edit: February 22, 2020, 03:45:29 AM by annettek »

Offline
***
Re: Two Factor Authorization Mod
« Reply #29 on: February 22, 2020, 03:45:51 AM »
Remove the first line.  Didn't realize it copied
Google Hangouts:  rcschaff82@gmail.com