HEX
Server: Apache
System: Linux b:u:newjapaneti:1 3.10.0-1160.31.1.el7.x86_64 #1 SMP Thu Jun 10 13:32:12 UTC 2021 x86_64
User: newjapaneti (381717)
PHP: 5.6.30
Disabled: apache_get_modules, apache_get_version, apache_reset_timeout, apache_getenv, apache_note, apache_setenv
$ pwd: /sbin/init-scripts/prestart/
Upload Files
File: //sbin/init-scripts/prestart/manage-sshd.sh
#!/bin/bash

ACTION="$1" 
CONTAINER="$2"
ROOTFS="$4"
USER="$X_USER"
TEMPLATE="$7"
 
function generate_password {
    local NEW_PASSWORD_PLAIN_TEXT="$1";
    if [ -z "$NEW_PASSWORD_PLAIN_TEXT" ] ; then
        NEW_PASSWORD_PLAIN_TEXT="Pass@word1";
    fi
    
    local SALT=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 8);
    
    perl -e "print crypt('${NEW_PASSWORD_PLAIN_TEXT}','\$6\$${SALT}\$') . \"\n\"";
}
 
function prepare_users {
 
    PASSWD_FILE=/etc/passwd;
    SHADOW_FILE=/etc/shadow;
    GROUP_FILE=/etc/group;
 
    chmod 744 $PASSWD_FILE;
    chmod 700 $SHADOW_FILE;
    chmod 744 $GROUP_FILE;
 
    USER_PASSWORD=$(generate_password ${X_SSHD_CTN_PASS});
    unset X_SSHD_CTN_PASS;
    PASSWD_APPENTRY_OLD=$(cat $PASSWD_FILE | grep -Ev "^(root|bin|nobody|ssh)");
    if [ "$PASSWD_APPENTRY_OLD" ] ; then
        IFS=: read -ra PASSWD_ENTRY <<< "$PASSWD_APPENTRY_OLD"
 
        USERNAME=${PASSWD_ENTRY[0]}
        USERID=${PASSWD_ENTRY[2]}
        USERINFO=${PASSWD_ENTRY[4]}
        USER_RELATIVE_HOMEDIR=/home/$USER;
 
        USER_HOMEDIR=/home/$USER;
        USER_SSHDIR=$USER_HOMEDIR/.ssh;
        USER_AUTHKEYS_FILE=$USER_SSHDIR/authorized_keys;
 
        PASSWD_ENTRY[6]=/bin/bash
        PASSWD_APPENTRY_NEW=$(IFS=:; echo "${PASSWD_ENTRY[*]}")
        PASSWD_ENTRY[0]=$USER
        PASSWD_ENTRY[4]=$USER
        PASSWD_ENTRY[5]=$USER_RELATIVE_HOMEDIR
        PASSWD_USERENTRY_NEW=$(IFS=:; echo "${PASSWD_ENTRY[*]}")
        sed -rie "s|$PASSWD_APPENTRY_OLD|$PASSWD_USERENTRY_NEW\n$PASSWD_APPENTRY_NEW|" $PASSWD_FILE;
        if [ ! -d $USER_SSHDIR ] ; then
            mkdir -p $USER_SSHDIR;        
        fi
        chmod 700 $USER_SSHDIR;
        chmod 750 $USER_HOMEDIR;
    fi
 
    if [ "$USER" ] ; then
        SHADOW_USERENTRY=$USER':'$USER_PASSWORD':16897:0:99999:7:::';
        echo $SHADOW_USERENTRY >> $SHADOW_FILE;
    fi
 
    PASSWD_SSHDENTRY=$(cat $PASSWD_FILE | grep 'sshd:');
    if [ -z "$PASSWD_SSHDENTRY" ] ; then
        PASSWD_SSHDENTRY='sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin';
        echo "$PASSWD_SSHDENTRY" >> $PASSWD_FILE;
    fi
 
    touch $USER_AUTHKEYS_FILE;
 
    chmod 444 $PASSWD_FILE;
    chmod 400 $SHADOW_FILE;
    chmod 444 $GROUP_FILE;
 
    chmod 600 $USER_AUTHKEYS_FILE;
 
    chown $USERID:$USERID $USER_HOMEDIR;
    chown $USERID:$USERID $USER_SSHDIR;
    chown $USERID:$USERID $USER_AUTHKEYS_FILE;
}
 
SSHD_ENABLED=""
case "$(echo $X_APPLICATION_SSHD | tr a-z A-Z)" in
    ON) SSHD_ENABLED=1;;
    TRUE) SSHD_ENABLED=1;;
    YES) SSHD_ENABLED=1;;
    ENABLED) SSHD_ENABLED=1;;
    1) SSHD_ENABLED=1;;
esac
 
if [ "$SSHD_ENABLED" == "1" ]; then
    prepare_users;
fi
 
exit 0
@ Telegram