- htpasswd_stats file was not readable for apache user.

tbrehm

2013-02-11 33e2c95c69b405f36caf9013ff9a256e6edf9500

 server/plugins-available/apache2_plugin.inc.php

@@ -121,8 +121,14 @@
         $this->ssl_certificate_changed = true;
         
         //* Rename files if they exist
         if(file_exists($key_file)) $app->system->rename($key_file,$key_file.'.bak');
         if(file_exists($key_file2)) $app->system->rename($key_file2,$key_file2.'.bak');
         if(file_exists($key_file)){
            $app->system->rename($key_file,$key_file.'.bak');
            $app->system->chmod($key_file.'.bak',0400);
         }
         if(file_exists($key_file2)){
            $app->system->rename($key_file2,$key_file2.'.bak');
            $app->system->chmod($key_file2.'.bak',0400);
         }
         if(file_exists($csr_file)) $app->system->rename($csr_file,$csr_file.'.bak');
         if(file_exists($crt_file)) $app->system->rename($crt_file,$crt_file.'.bak');
         
@@ -165,11 +171,15 @@

         $rand_file = escapeshellcmd($rand_file);
         $key_file = escapeshellcmd($key_file);
         if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') != false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate
         $key_file2 = escapeshellcmd($key_file2);
         if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') != false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate
         $ssl_days = 3650;
         $csr_file = escapeshellcmd($csr_file);
         if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') != false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate
         $config_file = escapeshellcmd($ssl_cnf_file);
         $crt_file = escapeshellcmd($crt_file);
         if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') != false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate

         if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
            
@@ -190,6 +200,7 @@
         
         }

         $app->system->chmod($key_file,0400);
         $app->system->chmod($key_file2,0400);
         @$app->system->unlink($config_file);
         @$app->system->unlink($rand_file);
@@ -216,8 +227,14 @@
         $bundle_file = $ssl_dir.'/'.$domain.".bundle";
         
         //* Backup files
         if(file_exists($key_file)) $app->system->copy($key_file,$key_file.'~');
         if(file_exists($key_file2)) $app->system->copy($key_file2,$key_file2.'~');
         if(file_exists($key_file)){
            $app->system->copy($key_file,$key_file.'~');
            $app->system->chmod($key_file.'~',0400);
         }
         if(file_exists($key_file2)){
            $app->system->copy($key_file2,$key_file2.'~');
            $app->system->chmod($key_file2.'~',0400);
         }
         if(file_exists($csr_file)) $app->system->copy($csr_file,$csr_file.'~');
         if(file_exists($crt_file)) $app->system->copy($crt_file,$crt_file.'~');
         if(file_exists($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'~');
@@ -226,7 +243,17 @@
         if(trim($data["new"]["ssl_request"]) != '') $app->system->file_put_contents($csr_file,$data["new"]["ssl_request"]);
         if(trim($data["new"]["ssl_cert"]) != '') $app->system->file_put_contents($crt_file,$data["new"]["ssl_cert"]);
         if(trim($data["new"]["ssl_bundle"]) != '') $app->system->file_put_contents($bundle_file,$data["new"]["ssl_bundle"]);
         if(trim($data["new"]["ssl_key"]) != '') $app->system->file_put_contents($key_file2,$data["new"]["ssl_key"]);
			
         //* Write the key file, if field is empty then import the key into the db
         if(trim($data["new"]["ssl_key"]) != '') {
            $app->system->file_put_contents($key_file2,$data["new"]["ssl_key"]);
         } else {
            $ssl_key2 = $app->db->quote($app->system->file_get_contents($key_file2));
            /* Update the DB of the (local) Server */
            $app->db->query("UPDATE web_domain SET ssl_key = '$ssl_key2' WHERE domain = '".$data['new']['domain']."'");
            /* Update also the master-DB of the Server-Farm */
            $app->dbmaster->query("UPDATE web_domain SET ssl_key = '$ssl_key2' WHERE domain = '".$data['new']['domain']."'");
         }
         
         /* Update the DB of the (local) Server */
         $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
@@ -403,43 +430,52 @@
         
         //* Remove protection of old folders
         $app->system->web_folder_protection($data['old']['document_root'],false);
            
            if($data["new"]["type"] != "vhostsubdomain") {
                //* Move the site data
                $tmp_docroot = explode('/',$data['new']['document_root']);
                unset($tmp_docroot[count($tmp_docroot)-1]);
                $new_dir = implode('/',$tmp_docroot);

         //* Move the site data
         $tmp_docroot = explode('/',$data['new']['document_root']);
         unset($tmp_docroot[count($tmp_docroot)-1]);
         $new_dir = implode('/',$tmp_docroot);
                $tmp_docroot = explode('/',$data['old']['document_root']);
                unset($tmp_docroot[count($tmp_docroot)-1]);
                $old_dir = implode('/',$tmp_docroot);

         $tmp_docroot = explode('/',$data['old']['document_root']);
         unset($tmp_docroot[count($tmp_docroot)-1]);
         $old_dir = implode('/',$tmp_docroot);
                //* Check if there is already some data in the new docroot and rename it as we need a clean path to move the existing site to the new path
                if(@is_dir($data['new']['document_root'])) {
                    $app->system->web_folder_protection($data['new']['document_root'],false);
                    $app->system->rename($data['new']['document_root'],$data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'));
                    $app->log('Renaming existing directory in new docroot location. mv '.$data['new']['document_root'].' '.$data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'),LOGLEVEL_DEBUG);
                }
                
                //* Create new base directory, if it does not exist yet
                if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);
                $app->system->web_folder_protection($data['old']['document_root'],false);
                exec('mv '.escapeshellarg($data['old']['document_root']).' '.escapeshellarg($new_dir));
                //$app->system->rename($data['old']['document_root'],$new_dir);
                $app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir,LOGLEVEL_DEBUG);

         //* Check if there is already some data in the new docroot and rename it as we need a clean path to move the existing site to the new path
         if(@is_dir($data['new']['document_root'])) {
            $app->system->rename($data['new']['document_root'],$data['new']['document_root'].'_bak_'.date('Y_m_d'));
            $app->log('Renaming existing directory in new docroot location. mv '.$data['new']['document_root'].' '.$data['new']['document_root'].'_bak_'.date('Y_m_d'),LOGLEVEL_DEBUG);
         }
			
         //* Create new base directory, if it does not exist yet
         if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);
         //exec('mv '.$data['old']['document_root'].' '.$new_dir);
         $app->system->rename($data['old']['document_root'],$new_dir);
         $app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir,LOGLEVEL_DEBUG);
                // Handle the change in php_open_basedir
                $data['new']['php_open_basedir'] = str_replace($data['old']['document_root'],$data['new']['document_root'],$data['old']['php_open_basedir']);

         // Handle the change in php_open_basedir
         $data['new']['php_open_basedir'] = str_replace($data['old']['document_root'],$data['new']['document_root'],$data['old']['php_open_basedir']);
                //* Change the owner of the website files to the new website owner
                exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir);

         //* Change the owner of the website files to the new website owner
         exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir);

         //* Change the home directory and group of the website user
         $command = 'usermod';
         $command .= ' --home '.escapeshellcmd($data['new']['document_root']);
         $command .= ' --gid '.escapeshellcmd($data['new']['system_group']);
         $command .= ' '.escapeshellcmd($data['new']['system_user']);
         exec($command);

                //* Change the home directory and group of the website user
                $command = 'usermod';
                $command .= ' --home '.escapeshellcmd($data['new']['document_root']);
                $command .= ' --gid '.escapeshellcmd($data['new']['system_group']);
                $command .= ' '.escapeshellcmd($data['new']['system_user']);
                exec($command);
            }
            
         if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);

			
         //* Change the log mount
         $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind';
         $app->system->removeLine('/etc/fstab',$fstab_line);
         $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait    0 0';
         $app->system->replaceLine('/etc/fstab',$fstab_line,$fstab_line,1,1);

      }

@@ -469,19 +505,26 @@
      if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
         if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/httpd/'.$data['old']['domain']);
         if(is_link($data['old']['document_root'].'/'.$log_folder)) $app->system->unlink($data['old']['document_root'].'/'.$log_folder);
			
         //* remove old log mount
         $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind';
         $app->system->removeLine('/etc/fstab',$fstab_line);
			
         //* Unmount log directory
         exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
      }
      
      //* Create the log dir if nescessary and mount it
        if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']);
      if(!is_dir($data['new']['document_root'].'/'.$log_folder) || is_link($data['new']['document_root'].'/'.$log_folder)) {
      if(!is_dir($data['new']['document_root'].'/'.$log_folder) || !is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain']) || is_link($data['new']['document_root'].'/'.$log_folder)) {
         if(is_link($data['new']['document_root'].'/'.$log_folder)) unlink($data['new']['document_root'].'/'.$log_folder);
         if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']);
         $app->system->mkdirpath($data['new']['document_root'].'/'.$log_folder);
         $app->system->chown($data['new']['document_root'].'/'.$log_folder,'root');
         $app->system->chgrp($data['new']['document_root'].'/'.$log_folder,'root');
         $app->system->chmod($data['new']['document_root'].'/'.$log_folder,0755);
         exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder));
         //* add mountpoint to fstab
         $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind    0 0';
         $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait    0 0';
         $app->system->replaceLine('/etc/fstab',$fstab_line,$fstab_line,1,1);
      }
      
@@ -793,6 +836,13 @@
               $master_php_ini_path = $web_config['php_ini_path_cgi'];
            }
         }
			
         //* Add php.ini to the path in case that the master_php_ini_path is a directory
         if($master_php_ini_path != '' && is_dir($master_php_ini_path) && is_file($master_php_ini_path.'/php.ini')) {
            if(substr($master_php_ini_path,-1) == '/') $master_php_ini_path = substr($master_php_ini_path,0,-1);
            $master_php_ini_path .= '/php.ini';
         }
			
         if($master_php_ini_path != '' && substr($master_php_ini_path,-7) == 'php.ini' && is_file($master_php_ini_path)) {
            $php_ini_content .= $app->system->file_get_contents($master_php_ini_path)."\n";
         }
@@ -888,26 +938,30 @@
                  'rewrite_type'       => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
                  'rewrite_target'    => $rewrite_target,
                  'rewrite_target_ssl' => $rewrite_target_ssl,
                        'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'));
                        'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
                        'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
               $rewrite_rules[] = array(   'rewrite_domain'    => '^' . $this->_rewrite_quote('www.'.$data['new']['domain']),
                     'rewrite_type'       => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
                     'rewrite_target'    => $rewrite_target,
                     'rewrite_target_ssl' => $rewrite_target_ssl,
                            'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'));
                            'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
                            'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
               break;
            case '*':
               $rewrite_rules[] = array(   'rewrite_domain'    => '(^|\.)'.$this->_rewrite_quote($data['new']['domain']),
                  'rewrite_type'       => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
                  'rewrite_target'    => $rewrite_target,
                  'rewrite_target_ssl' => $rewrite_target_ssl,
                        'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'));
                        'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
                        'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
               break;
            default:
               $rewrite_rules[] = array(   'rewrite_domain'    => '^'.$this->_rewrite_quote($data['new']['domain']),
                  'rewrite_type'       => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
                  'rewrite_target'    => $rewrite_target,
                  'rewrite_target_ssl' => $rewrite_target_ssl,
                        'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'));
                        'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
                        'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
         }
      }
      
@@ -983,19 +1037,22 @@
                        'rewrite_type'       => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
                        'rewrite_target'    => $rewrite_target,
                        'rewrite_target_ssl' => $rewrite_target_ssl,
                                'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'));
                                'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
                                'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
                     $rewrite_rules[] = array(   'rewrite_domain'    => '^' . $this->_rewrite_quote('www.'.$alias['domain']),
                           'rewrite_type'       => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
                           'rewrite_target'    => $rewrite_target,
                           'rewrite_target_ssl' => $rewrite_target_ssl,
                                    'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'));
                                    'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
                                    'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
                     break;
                  case '*':
                     $rewrite_rules[] = array(   'rewrite_domain'    => '(^|\.)'.$this->_rewrite_quote($alias['domain']),
                        'rewrite_type'       => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
                        'rewrite_target'    => $rewrite_target,
                        'rewrite_target_ssl' => $rewrite_target_ssl,
                                'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'));
                                'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
                                'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
                     break;
                  default:
                            if(substr($alias['domain'], 0, 2) === '*.') $domain_rule = '(^|\.)'.$this->_rewrite_quote(substr($alias['domain'], 2));
@@ -1004,7 +1061,8 @@
                        'rewrite_type'       => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
                        'rewrite_target'    => $rewrite_target,
                        'rewrite_target_ssl' => $rewrite_target_ssl,
                                'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'));
                                'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
                                'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
               }
            }
         }
@@ -1071,6 +1129,7 @@
         if(trim($data['new']['fastcgi_php_version']) != ''){
            $default_fastcgi_php = false;
            list($custom_fastcgi_php_name, $custom_fastcgi_php_executable, $custom_fastcgi_php_ini_dir) = explode(':', trim($data['new']['fastcgi_php_version']));
            if(is_file($custom_fastcgi_php_ini_dir)) $custom_fastcgi_php_ini_dir = dirname($custom_fastcgi_php_ini_dir);
            if(substr($custom_fastcgi_php_ini_dir,-1) != '/') $custom_fastcgi_php_ini_dir .= '/';
         } else {
            $default_fastcgi_php = true;
@@ -1266,14 +1325,25 @@
         } else {
            $vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443');
         }
         $app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);
      }
		
      //* Add vhost for IPv6 IP
      if($data['new']['ipv6_address'] != '') {
         if(count($rewrite_rules) > 0){
            $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80, 'redirects' => $rewrite_rules);
         } else {
         $app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);

      }

		
   //* Add vhost for IPv6 IP

   if($data['new']['ipv6_address'] != '') {

      if ($conf['serverconfig']['web']['vhost_rewrite_v6'] == 'y') {

         if (isset($conf['serverconfig']['server']['v6_prefix']) && $conf['serverconfig']['server']['v6_prefix'] <> '') {

            $explode_v6prefix=explode(':',$conf['serverconfig']['server']['v6_prefix']);

            $explode_v6=explode(':',$data['new']['ipv6_address']);



            for ( $i = 0; $i <= count($explode_v6prefix)-3; $i++ ) {

                    $explode_v6[$i] = $explode_v6prefix[$i];

            }

            $data['new']['ipv6_address'] = implode(':',$explode_v6);

         }

      }

         if(count($rewrite_rules) > 0){

            $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80, 'redirects' => $rewrite_rules);

         } else {

            $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80);
         }
      
@@ -1369,7 +1439,7 @@
            $app->system->web_folder_protection($data['new']['document_root'],false);
            $app->system->file_put_contents($data['new']['document_root'].'/web/stats/.htpasswd_stats',$htp_file);
            $app->system->web_folder_protection($data['new']['document_root'],true);
            $app->system->chmod($data['new']['document_root'].'/web/stats/.htpasswd_stats',0750);
            $app->system->chmod($data['new']['document_root'].'/web/stats/.htpasswd_stats',0755);
            unset($htp_file);
         }
      }
@@ -1419,8 +1489,14 @@
               $bundle_file = $ssl_dir.'/'.$domain.'.bundle';
               
               //* Backup the files that might have caused the error
               if(is_file($key_file)) $app->system->copy($key_file,$key_file.'.err');
               if(is_file($key_file2)) $app->system->copy($key_file2,$key_file2.'.err');
               if(is_file($key_file)){
                  $app->system->copy($key_file,$key_file.'.err');
                  $app->system->chmod($key_file.'.err',0400);
               }
               if(is_file($key_file2)){
                  $app->system->copy($key_file2,$key_file2.'.err');
                  $app->system->chmod($key_file2.'.err',0400);
               }
               if(is_file($csr_file)) $app->system->copy($csr_file,$csr_file.'.err');
               if(is_file($crt_file)) $app->system->copy($crt_file,$crt_file.'.err');
               if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');
@@ -1505,7 +1581,7 @@
      exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
      
      //* remove mountpoint from fstab
      $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind    0 0';
      $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind';
      $app->system->removeLine('/etc/fstab',$fstab_line);

      if($data['old']['type'] != 'vhost' && $data['old']['type'] != 'vhostsubdomain' && $data['old']['parent_domain_id'] > 0) {
@@ -2600,6 +2676,17 @@
         
         $client_dir = $web_config['website_basedir'].'/clients/client'.$client_id;
         if(is_dir($client_dir) && !stristr($client_dir,'..')) {
            // remove symlinks from $client_dir
            $files = array_diff(scandir($client_dir), array('.','..'));
            if(is_array($files) && !empty($files)){
               foreach($files as $file){
                  if(is_link($client_dir.'/'.$file)){
                     unlink($client_dir.'/'.$file);
                     $app->log('Removed symlink: '.$client_dir.'/'.$file,LOGLEVEL_DEBUG);
                  }
               }
            }
				
            @rmdir($client_dir);
            $app->log('Removed client directory: '.$client_dir,LOGLEVEL_DEBUG);
         }