[BlueOnyx:23653] 5210R YUM updates released
Michael Stauber
mstauber at blueonyx.it
Mon Feb 10 19:34:44 -05 2020
Hi all,
I had a bit of catching up to do with small bugfixes for BlueOnyx 5210R,
but I managed to push them out by now:
base-apache:
=============
On "Web Owner" changes of Vsites via the GUI a handler would deviate the
ownership of /home/.sites/<siteX> from root:root to the UID/GID of the
new SiteAdmin of that Vsite.
This caused SFTP and Jails to break.
The handler has been fixed to make sure that /home/.sites/<siteX>
remains owned by root:root.
base-shell:
=============
This fixes another Jailkit related issue - this time for server
administrators. Additional server administrators will now *NOT* be
jailed (at all). Therefore the handler that sets up Jails now excludes
them from processing.
It makes no sense to Jail server administrators. Because either they
have all privileges, or they're not real "server administrators". If
they're of type "Reseller", then we *might* want to have them jailed,
but best practice is to simply not give "Resellers" shell access at all.
Because we can't create Jails that encompass all their owned Vsites. So
even if they had jailed shell access, then they would be unable to do
anything useful with it as far as their Vsites are concerned.
Bottom line: No Jails for server administrators. Either they have (full)
shell, or they don't have shell at all.
base-swupdate.mod:
===================
The GUI allowed access to /var/log/yum.log to show the last 500 lines of
it. Of course this is the wrong place on a CentOS 8 to look for that, as
the "new YUM" (DNF) logs to /var/log/dnf.log instead.
Therefore the GUI page had to be updated to point to /var/log/dnf.log
instead. This has been done now.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list