ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
tbrehm
2012-01-03 236d796455c44b0ca40ca6582ae1fbb614f8bf21 
 server/plugins-available/apache2_plugin.inc.php


@@ -553,7 +553,7 @@






      //* If the security level is set to high


      if($this->action == 'insert' && $data['new']['type'] == 'vhost') {


      if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {


         if($web_config['security_level'] == 20) {




            $this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']));


@@ -585,8 +585,14 @@




            //* add the Apache user to the client group


            $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));




				


            //* Chown all default directories


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/cgi-bin'));


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/log'));


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/ssl'));


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/tmp'));


            $this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/web'));




            /*


            * Workaround for jailkit: If jailkit is enabled for the site, the 


@@ -605,11 +611,20 @@


         } else {




            $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root']));


            $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root'].'/*'));


            $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']));




            $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root'].'/cgi-bin'));


            $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root'].'/log'));


            $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root'].'/ssl'));


            $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root'].'/web'));


				


            // make temp directory writable for Apache and the website users


            $this->_exec('chmod 777 '.escapeshellcmd($data['new']['document_root'].'/tmp'));


				


            $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']));


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/cgi-bin'));


            $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root'].'/log'));


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/tmp'));


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/ssl'));


            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/web'));


         }


      }




@@ -730,7 +745,7 @@


                     'rewrite_target_ssl' => $rewrite_target_ssl);


               break;


            case '*':


               $rewrite_rules[] = array(   'rewrite_domain'    => $data['new']['domain'],


               $rewrite_rules[] = array(   'rewrite_domain'    => '(^|\.)'.$data['new']['domain'],


                  'rewrite_type'       => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',


                  'rewrite_target'    => $rewrite_target,


                  'rewrite_target_ssl' => $rewrite_target_ssl);


@@ -796,7 +811,7 @@


                           'rewrite_target_ssl' => $rewrite_target_ssl);


                     break;


                  case '*':


                     $rewrite_rules[] = array(   'rewrite_domain'    => $alias['domain'],


                     $rewrite_rules[] = array(   'rewrite_domain'    => '(^|\.)'.$alias['domain'],


                        'rewrite_type'       => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',


                        'rewrite_target'    => $rewrite_target,


                        'rewrite_target_ssl' => $rewrite_target_ssl);


@@ -1100,7 +1115,13 @@


         if($apache_online_status_before_restart && !$apache_online_status_after_restart) {


            $app->log('Apache did not restart after the configuration change for website '.$data['new']['domain'].' Reverting the configuration. Saved non-working config as '.$vhost_file.'.err',LOGLEVEL_WARN);


            copy($vhost_file,$vhost_file.'.err');


            copy($vhost_file.'~',$vhost_file);


            if(is_file($vhost_file.'~')) {


               //* Copy back the last backup file


               copy($vhost_file.'~',$vhost_file);


            } else {


               //* There is no backup file, so we create a empty vhost file with a warning message inside


               file_put_contents($vhost_file,"# Apache did not start after modifying this vhost file.\n# Please check file $vhost_file.err for syntax errors.");


            }


            $app->services->restartService('httpd','restart');


         }


      } else {


@@ -1320,12 +1341,18 @@


      }


      


      //* Create the folder path, if it does not exist


      if(!is_dir($folder_path)) exec('mkdir -p '.$folder_path);


      if(!is_dir($folder_path)) {


         exec('mkdir -p '.$folder_path);


         chown($folder_path,$website['system_user']);


         chgrp($folder_path,$website['system_group']);


      }


      


      //* Create empty .htpasswd file, if it does not exist


      if(!is_file($folder_path.'.htpasswd')) {


         touch($folder_path.'.htpasswd');


         chmod($folder_path.'.htpasswd',0755);


         chown($folder_path.'.htpasswd',$website['system_user']);


         chgrp($folder_path.'.htpasswd',$website['system_group']);


         $app->log('Created file '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);


      }


      


@@ -1363,7 +1390,9 @@


      //if(!is_file($folder_path.'.htaccess')) {


         $ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user";


         file_put_contents($folder_path.'.htaccess',$ht_file);


         chmod($folder_path.'.htpasswd',0755);


         chmod($folder_path.'.htaccess',0755);


         chown($folder_path.'.htaccess',$website['system_user']);


         chgrp($folder_path.'.htaccess',$website['system_group']);


         $app->log('Created file '.$folder_path.'.htaccess',LOGLEVEL_DEBUG);


      //}


      


@@ -1475,7 +1504,9 @@


         $ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$new_folder_path.".htpasswd\nrequire valid-user";


         file_put_contents($new_folder_path.'.htaccess',$ht_file);


         chmod($new_folder_path.'.htpasswd',0755);


         $app->log('Created file '.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);


         chown($folder_path.'.htpasswd',$website['system_user']);


         chgrp($folder_path.'.htpasswd',$website['system_group']);


         $app->log('Created file '.$new_folder_path.'.htpasswd',LOGLEVEL_DEBUG);


      }


      


      //* Remove .htaccess file