We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Multiple Admin users
Multiple Admin users
Hello folks,
I was just checking some config on vesta and I know that at this time is not possible to add multiple admin users with permission features + their own vesta profile, however I just followed the same method as vesta does with the root user login it into the 'admin' user, basically any unix account which doesn't have any hosting package (just ssh) may login as admin using their own user and password. (I'm not sure if I'm making myself clear, if not feel free to ask).
So, what I have done are two simple steps (which would be overwritten on every vesta update) and those are:
First, modify the following file on line 59:
This is what you would have:
Add another line for your new unix account like this:
Save the file and let's modify the next one which is located here:
Search the line 29 and you would have something like this:
Modify it to include your user, like this:
Save the file and you would be able to login with your unix account, again this will just mask the 'admin' login as root does, however is useful to me since I don't have to share my admin/root password with the team.
Note: if this represents any security flaw, please let me know so I can disable this on my servers :p
I was just checking some config on vesta and I know that at this time is not possible to add multiple admin users with permission features + their own vesta profile, however I just followed the same method as vesta does with the root user login it into the 'admin' user, basically any unix account which doesn't have any hosting package (just ssh) may login as admin using their own user and password. (I'm not sure if I'm making myself clear, if not feel free to ask).
So, what I have done are two simple steps (which would be overwritten on every vesta update) and those are:
First, modify the following file on line 59:
Code: Select all
$VESTA/web/login/index.php
Code: Select all
// Make root admin user
if ($_POST['user'] == 'root') $v_user = 'admin';
Code: Select all
// Make root admin user
if ($_POST['user'] == 'root') $v_user = 'admin';
if ($_POST['user'] == 'mike') $v_user = 'admin';
Code: Select all
$VESTA/bin/v-check-user-password
Code: Select all
# Checking user
if [ ! -d "$VESTA/data/users/$user" ] && [ "$user" != 'root' ]; then
echo "Error: password missmatch"
echo "$DATE $TIME $user $ip failed to login" >> $VESTA/log/auth.log
exit 9
fi
Code: Select all
# Checking user
if [ ! -d "$VESTA/data/users/$user" ] && [ "$user" != 'root' ] && [ "$user" != 'mike' ]; then
echo "Error: password missmatch"
echo "$DATE $TIME $user $ip failed to login" >> $VESTA/log/auth.log
exit 9
fi
Note: if this represents any security flaw, please let me know so I can disable this on my servers :p
-
- Posts: 139
- Joined: Thu Jan 07, 2016 12:01 am
Re: Multiple Admin users
If it works, then I'd say keep it, but I'm not programmer but something about it doesn't feel right to me.
http://php.net/manual/en/language.operators.logical.php
&& means if both are true.
If it were me, I would've just copied and added a new section, to eliminate the possibility of messing up the main login ability.
http://php.net/manual/en/language.operators.logical.php
&& means if both are true.
If it were me, I would've just copied and added a new section, to eliminate the possibility of messing up the main login ability.