cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: cschantz/Linux-Server-Management-Toolkit:6809a4e68a995f5b6225b3807366f58d0eb2875a
Branches Tags
cschantz/Linux-Server-Management-Toolkit:main cschantz/Linux-Server-Management-Toolkit:dev
..
compare: cschantz/Linux-Server-Management-Toolkit:296113db99af09db396b8f0bc91b02bac49d4c19
Branches Tags
cschantz/Linux-Server-Management-Toolkit:dev cschantz/Linux-Server-Management-Toolkit:main

3 Commits
6809a4e68a .. 296113db99

Author SHA1 Message Date
cschantz 296113db99 Fix SOURCE command safety issues (HIGH priority) 
Added existence checks and error handling for all source commands
to prevent silent failures when dependencies are missing.

Library files (use 'return' for error):
- reference-db.sh: Added checks for 3 dependencies
- mysql-analyzer.sh: Added checks for 3 dependencies
- domain-discovery.sh: Added checks for 2 dependencies
- system-detect.sh: Added check for common-functions.sh
- plesk-helpers.sh: Added check for common-functions.sh
- user-manager.sh: Added checks for 2 dependencies

Executable scripts (use 'exit' for error):
- wordpress-cron-manager.sh: Added checks for 2 dependencies
- website-error-analyzer.sh: Added checks for 4 dependencies

Pattern: [ -f "file" ] && source "file" || { echo "ERROR" >&2; return/exit 1; }

This ensures scripts fail fast with clear error messages when
required dependencies are missing, rather than continuing with
undefined functions.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-02 17:26:21 -05:00
cschantz 5d1cc93aee Fix integer comparison safety issues (6 HIGH priority) 
Added parameter expansion with defaults to prevent comparison errors
on potentially empty variables:

- live-attack-monitor-v2.sh: IPSET_CREATE_EXIT, IPTABLES_EXIT
- live-attack-monitor.sh: IPSET_CREATE_EXIT, IPTABLES_EXIT
- malware-scanner.sh: START_EXIT
- email-diagnostics.sh: check_type, account_found

Pattern: Changed "$VAR" to "${VAR:-default}" in integer comparisons
to ensure safe comparisons even if variable is unexpectedly empty.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-02 17:23:02 -05:00
cschantz 7fb7c230b9 Fix HIGH priority issues: paths, globs, deps, wordsplit 
- Fixed 3 unquoted path expansions in cleanup-toolkit-data.sh
  (lines 175, 192-193: quoted $pattern in ls/rm commands)

- Fixed 3 unquoted globs in erase/malware-scanner scripts
  (erase-toolkit-traces.sh lines 103-104, malware-scanner.sh line 229)

- Added system-detect.sh sourcing to email-functions.sh
  (fixes 5 HIGH priority DEP warnings for detect_control_panel)

- Fixed 2 WORDSPLIT issues in mysql-analyzer.sh
  (lines 137, 362: changed from for loops to while read loops
   to safely handle database/table names with spaces)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-02 17:21:19 -05:00
15 changed files with 49 additions and 39 deletions
Expand all files Collapse all files
lib/domain-discovery.sh
+3 -2
View File
@@ -8,8 +8,9 @@
# Source dependencies
if [ -z "$TOOLKIT_BASE_DIR" ]; then
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/common-functions.sh"
source "$SCRIPT_DIR/system-detect.sh"
[ -f "$SCRIPT_DIR/common-functions.sh" ] && source "$SCRIPT_DIR/common-functions.sh" || { echo "ERROR: common-functions.sh not found" >&2; return 1; }
[ -f "$SCRIPT_DIR/system-detect.sh" ] && source "$SCRIPT_DIR/system-detect.sh" || { echo "ERROR: system-detect.sh not found" >&2; return 1; }
fi
# Source control panel helpers if available
lib/email-functions.sh
+6
View File
@@ -6,6 +6,12 @@
# Shared functions for email troubleshooting modules
################################################################################
# Source system detection (for detect_control_panel function)
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
if [ -f "$SCRIPT_DIR/system-detect.sh" ]; then
source "$SCRIPT_DIR/system-detect.sh"
fi
# Detect MTA (Mail Transfer Agent)
detect_mta() {
if command -v exim &>/dev/null; then
lib/mysql-analyzer.sh
+9 -10
View File
@@ -8,9 +8,10 @@
# Source dependencies
if [ -z "$TOOLKIT_BASE_DIR" ]; then
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/common-functions.sh"
source "$SCRIPT_DIR/system-detect.sh"
source "$SCRIPT_DIR/user-manager.sh"
[ -f "$SCRIPT_DIR/common-functions.sh" ] && source "$SCRIPT_DIR/common-functions.sh" || { echo "ERROR: common-functions.sh not found" >&2; return 1; }
[ -f "$SCRIPT_DIR/system-detect.sh" ] && source "$SCRIPT_DIR/system-detect.sh" || { echo "ERROR: system-detect.sh not found" >&2; return 1; }
[ -f "$SCRIPT_DIR/user-manager.sh" ] && source "$SCRIPT_DIR/user-manager.sh" || { echo "ERROR: user-manager.sh not found" >&2; return 1; }
fi
#############################################################################
@@ -133,9 +134,8 @@ map_database_to_user_domain() {
# Build map for all databases
print_info "Building database to user/domain mapping..."
local all_dbs=$(mysql -Ns -e "SHOW DATABASES" 2>/dev/null | grep -v "^information_schema$\|^mysql$\|^performance_schema$\|^sys$")
for db in $all_dbs; do
# Use while read to safely iterate over database names (handles spaces in names)
mysql -Ns -e "SHOW DATABASES" 2>/dev/null | grep -v "^information_schema$\|^mysql$\|^performance_schema$\|^sys$" | while IFS= read -r db; do
# Extract potential username from database name
# Format: username_dbname
local potential_user=$(echo "$db" | cut -d_ -f1)
@@ -359,11 +359,10 @@ analyze_queries_for_problems() {
# Extract database
local db_name=$(extract_database_from_query "$query")
# Extract tables
local tables=$(extract_tables_from_query "$query")
# Extract tables and safely iterate (handles spaces in table names)
extract_tables_from_query "$query" | while IFS= read -r table; do
[ -z "$table" ] && continue # Skip empty lines
# Identify plugins
for table in $tables; do
local plugin=$(identify_plugin_from_table "$table")
local owner=$(get_database_owner "$db_name")
local domain=$(get_database_domain "$db_name")
lib/plesk-helpers.sh
+1 -1
View File
@@ -8,7 +8,7 @@
# Source common functions if not already loaded
if [ -z "$TOOLKIT_BASE_DIR" ]; then
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/common-functions.sh"
[ -f "$SCRIPT_DIR/common-functions.sh" ] && source "$SCRIPT_DIR/common-functions.sh" || { echo "ERROR: common-functions.sh not found" >&2; return 1; }
fi
#############################################################################
lib/reference-db.sh
+4 -3
View File
@@ -9,9 +9,10 @@
# Source dependencies
if [ -z "$TOOLKIT_BASE_DIR" ]; then
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/common-functions.sh"
source "$SCRIPT_DIR/system-detect.sh"
source "$SCRIPT_DIR/user-manager.sh"
[ -f "$SCRIPT_DIR/common-functions.sh" ] && source "$SCRIPT_DIR/common-functions.sh" || { echo "ERROR: common-functions.sh not found" >&2; return 1; }
[ -f "$SCRIPT_DIR/system-detect.sh" ] && source "$SCRIPT_DIR/system-detect.sh" || { echo "ERROR: system-detect.sh not found" >&2; return 1; }
[ -f "$SCRIPT_DIR/user-manager.sh" ] && source "$SCRIPT_DIR/user-manager.sh" || { echo "ERROR: user-manager.sh not found" >&2; return 1; }
fi
# Reference database location
lib/system-detect.sh
+1 -1
View File
@@ -9,7 +9,7 @@
# Source common functions if not already loaded
if [ -z "$TOOLKIT_BASE_DIR" ]; then
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/common-functions.sh"
[ -f "$SCRIPT_DIR/common-functions.sh" ] && source "$SCRIPT_DIR/common-functions.sh" || { echo "ERROR: common-functions.sh not found" >&2; return 1; }
fi
# Global variables (session-only) - only initialize if not already set
lib/user-manager.sh
+3 -2
View File
@@ -8,8 +8,9 @@
# Source dependencies
if [ -z "$TOOLKIT_BASE_DIR" ]; then
_LIB_SRCDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$_LIB_SRCDIR/common-functions.sh"
source "$_LIB_SRCDIR/system-detect.sh"
[ -f "$_LIB_SRCDIR/common-functions.sh" ] && source "$_LIB_SRCDIR/common-functions.sh" || { echo "ERROR: common-functions.sh not found" >&2; return 1; }
[ -f "$_LIB_SRCDIR/system-detect.sh" ] && source "$_LIB_SRCDIR/system-detect.sh" || { echo "ERROR: system-detect.sh not found" >&2; return 1; }
fi
# Initialize temp session directory if not set
modules/email/email-diagnostics.sh
+1 -1
View File
@@ -709,7 +709,7 @@ if [ "$greylist" -gt 0 ] && [ "$delivered" -eq 0 ]; then
echo ""
fi
if [ "$check_type" != "2" ] && [ $account_found -eq 0 ]; then
if [ "${check_type:-1}" != "2" ] && [ "${account_found:-0}" -eq 0 ]; then
echo "Email account not found:"
echo " 1. Verify the email address is spelled correctly"
echo " 2. Check if domain DNS points to this server"
modules/maintenance/cleanup-toolkit-data.sh
+5 -5
View File
@@ -172,8 +172,8 @@ fi
# Session/lock files
for pattern in /var/run/server-toolkit* /var/lock/server-toolkit*; do
if ls $pattern 2>/dev/null | grep -q .; then
rm -f $pattern 2>/dev/null
if ls "$pattern" 2>/dev/null | grep -q .; then
rm -f "$pattern" 2>/dev/null
echo -e " ${GREEN}${NC} Removed: Session/lock files"
((cleaned_count++))
break
@@ -189,9 +189,9 @@ remove_logs="${remove_logs:-no}"
if [ "$remove_logs" = "yes" ]; then
for pattern in /var/log/server-toolkit*.log; do
if ls $pattern 2>/dev/null | grep -q .; then
count=$(ls $pattern 2>/dev/null | wc -l)
rm -f $pattern 2>/dev/null
if ls "$pattern" 2>/dev/null | grep -q .; then
count=$(ls "$pattern" 2>/dev/null | wc -l)
rm -f "$pattern" 2>/dev/null
echo -e " ${GREEN}${NC} Removed: $count log file(s)"
((cleaned_count++))
break
modules/security/live-attack-monitor-v2.sh
+2 -2
View File
@@ -93,7 +93,7 @@ if command -v ipset &>/dev/null; then
IPSET_CREATE_OUTPUT=$(ipset create "$IPSET_NAME" hash:ip timeout 3600 maxelem 65536 2>&1)
IPSET_CREATE_EXIT=$?
if [ $IPSET_CREATE_EXIT -eq 0 ]; then
if [ "${IPSET_CREATE_EXIT:-1}" -eq 0 ]; then
IPSET_AVAILABLE=1
IPSET_SUPPORTS_TIMEOUT=1
@@ -101,7 +101,7 @@ if command -v ipset &>/dev/null; then
IPTABLES_OUTPUT=$(iptables -I INPUT -m set --match-set "$IPSET_NAME" src -j DROP 2>&1)
IPTABLES_EXIT=$?
if [ $IPTABLES_EXIT -ne 0 ]; then
if [ "${IPTABLES_EXIT:-1}" -ne 0 ]; then
# iptables rule failed - clean up ipset and report error
ipset destroy "$IPSET_NAME" 2>/dev/null
IPSET_AVAILABLE=0
modules/security/live-attack-monitor.sh
+2 -2
View File
@@ -93,7 +93,7 @@ if command -v ipset &>/dev/null; then
IPSET_CREATE_OUTPUT=$(ipset create "$IPSET_NAME" hash:ip timeout 3600 maxelem 65536 2>&1)
IPSET_CREATE_EXIT=$?
if [ $IPSET_CREATE_EXIT -eq 0 ]; then
if [ "${IPSET_CREATE_EXIT:-1}" -eq 0 ]; then
IPSET_AVAILABLE=1
IPSET_SUPPORTS_TIMEOUT=1
@@ -101,7 +101,7 @@ if command -v ipset &>/dev/null; then
IPTABLES_OUTPUT=$(iptables -I INPUT -m set --match-set "$IPSET_NAME" src -j DROP 2>&1)
IPTABLES_EXIT=$?
if [ $IPTABLES_EXIT -ne 0 ]; then
if [ "${IPTABLES_EXIT:-1}" -ne 0 ]; then
# iptables rule failed - clean up ipset and report error
ipset destroy "$IPSET_NAME" 2>/dev/null
IPSET_AVAILABLE=0
modules/security/malware-scanner.sh
+2 -2
View File
@@ -226,7 +226,7 @@ install_all_scanners() {
cd maldetect-* 2>/dev/null
./install.sh &>/dev/null
cd /tmp
rm -rf maldetect-*
rm -rf "maldetect-"*
fi
if is_maldet_installed; then
@@ -853,7 +853,7 @@ for scanner in "${AVAILABLE_SCANNERS[@]}"; do
imunify-antivirus malware on-demand start --path="$path" &>> "$LOG_DIR/imunify.log"
START_EXIT=$?
if [ $START_EXIT -ne 0 ]; then
if [ "${START_EXIT:-1}" -ne 0 ]; then
log_message "ERROR: ImunifyAV scan failed to start for $path (exit code: $START_EXIT)"
echo " ✗ Scan failed to start for $path (check logs)"
continue
modules/website/website-error-analyzer.sh
+5 -4
View File
@@ -9,10 +9,11 @@
################################################################################
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
source "$SCRIPT_DIR/lib/common-functions.sh"
source "$SCRIPT_DIR/lib/system-detect.sh"
source "$SCRIPT_DIR/lib/user-manager.sh"
source "$SCRIPT_DIR/lib/ip-reputation.sh"
[ -f "$SCRIPT_DIR/lib/common-functions.sh" ] && source "$SCRIPT_DIR/lib/common-functions.sh" || { echo "ERROR: common-functions.sh not found" >&2; exit 1; }
[ -f "$SCRIPT_DIR/lib/system-detect.sh" ] && source "$SCRIPT_DIR/lib/system-detect.sh" || { echo "ERROR: system-detect.sh not found" >&2; exit 1; }
[ -f "$SCRIPT_DIR/lib/user-manager.sh" ] && source "$SCRIPT_DIR/lib/user-manager.sh" || { echo "ERROR: user-manager.sh not found" >&2; exit 1; }
[ -f "$SCRIPT_DIR/lib/ip-reputation.sh" ] && source "$SCRIPT_DIR/lib/ip-reputation.sh" || { echo "ERROR: ip-reputation.sh not found" >&2; exit 1; }
# Configuration - Use system-detected paths
APACHE_ERROR_LOG="/var/log/apache2/error_log" # Will be auto-detected
modules/website/wordpress/wordpress-cron-manager.sh
+3 -2
View File
@@ -12,8 +12,9 @@
################################################################################
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../../.." && pwd)"
source "$SCRIPT_DIR/lib/common-functions.sh"
source "$SCRIPT_DIR/lib/system-detect.sh"
[ -f "$SCRIPT_DIR/lib/common-functions.sh" ] && source "$SCRIPT_DIR/lib/common-functions.sh" || { echo "ERROR: common-functions.sh not found" >&2; exit 1; }
[ -f "$SCRIPT_DIR/lib/system-detect.sh" ] && source "$SCRIPT_DIR/lib/system-detect.sh" || { echo "ERROR: system-detect.sh not found" >&2; exit 1; }
if [ "$EUID" -ne 0 ]; then
print_error "This script must be run as root"
tools/erase-toolkit-traces.sh
+2 -2
View File
@@ -100,8 +100,8 @@ echo " ✓ Download artifacts removed"
# Remove toolkit temp files
echo "→ Removing temporary files..."
rm -rf /tmp/live-monitor-* 2>/dev/null
rm -rf /tmp/server-toolkit-* 2>/dev/null
rm -rf /tmp/"live-monitor-"* 2>/dev/null
rm -rf /tmp/"server-toolkit-"* 2>/dev/null
echo " ✓ Temp files removed"
# Clean last log and audit trails