Implemented FS#2379 - Add perl option to web sites (apache2 mod_perl2) Fix...

mcramer

2012-08-16 ab7597c7ec2d62aadf82c4c647d3dc63dae8de90

 server/plugins-available/apache2_plugin.inc.php

@@ -1,7 +1,7 @@
<?php

/*
Copyright (c) 2007 - 2009, Till Brehm, projektfarm Gmbh
Copyright (c) 2007 - 2012, Till Brehm, projektfarm Gmbh
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
@@ -195,11 +195,12 @@
         @$app->system->unlink($rand_file);
         $ssl_request = $app->db->quote($app->system->file_get_contents($csr_file));
         $ssl_cert = $app->db->quote($app->system->file_get_contents($crt_file));
         $ssl_key2 = $app->db->quote($app->system->file_get_contents($key_file2));
         /* Update the DB of the (local) Server */
         $app->db->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert' WHERE domain = '".$data['new']['domain']."'");
         $app->db->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key2' WHERE domain = '".$data['new']['domain']."'");
         $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
         /* Update also the master-DB of the Server-Farm */
         $app->dbmaster->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert' WHERE domain = '".$data['new']['domain']."'");
         $app->dbmaster->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key2' WHERE domain = '".$data['new']['domain']."'");
         $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
      }

@@ -209,7 +210,7 @@
         $ssl_dir = $data["new"]["document_root"]."/ssl";
         $domain = ($data["new"]["ssl_domain"] != '')?$data["new"]["ssl_domain"]:$data["new"]["domain"];
         $key_file = $ssl_dir.'/'.$domain.'.key.org';
      $key_file2 = $ssl_dir.'/'.$domain.'.key';
         $key_file2 = $ssl_dir.'/'.$domain.'.key';
         $csr_file = $ssl_dir.'/'.$domain.".csr";
         $crt_file = $ssl_dir.'/'.$domain.".crt";
         $bundle_file = $ssl_dir.'/'.$domain.".bundle";
@@ -225,6 +226,7 @@
         if(trim($data["new"]["ssl_request"]) != '') $app->system->file_put_contents($csr_file,$data["new"]["ssl_request"]);
         if(trim($data["new"]["ssl_cert"]) != '') $app->system->file_put_contents($crt_file,$data["new"]["ssl_cert"]);
         if(trim($data["new"]["ssl_bundle"]) != '') $app->system->file_put_contents($bundle_file,$data["new"]["ssl_bundle"]);
         if(trim($data["new"]["ssl_key"]) != '') $app->system->file_put_contents($key_file2,$data["new"]["ssl_key"]);
         
         /* Update the DB of the (local) Server */
         $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
@@ -433,6 +435,8 @@
      //print_r($data);

      // Check if the directories are there and create them if necessary.
      $app->system->web_folder_protection($data['new']['document_root'],false);
		
      if(!is_dir($data['new']['document_root'].'/web')) $app->system->mkdirpath($data['new']['document_root'].'/web');
      if(!is_dir($data['new']['document_root'].'/web/error') and $data['new']['errordocs']) $app->system->mkdirpath($data['new']['document_root'].'/web/error');
      //if(!is_dir($data['new']['document_root'].'/log')) exec('mkdir -p '.$data['new']['document_root'].'/log');
@@ -441,39 +445,35 @@
      if(!is_dir($data['new']['document_root'].'/tmp')) $app->system->mkdirpath($data['new']['document_root'].'/tmp');
      if(!is_dir($data['new']['document_root'].'/webdav')) $app->system->mkdirpath($data['new']['document_root'].'/webdav');
      
      //* Create the new private directory
      if(!is_dir($data['new']['document_root'].'/private')) {
         $app->system->mkdirpath($data['new']['document_root'].'/private');
         $app->system->chmod($data['new']['document_root'].'/private',0710);
         $app->system->chown($data['new']['document_root'].'/private',$username);
         $app->system->chgrp($data['new']['document_root'].'/private',$groupname);
      }
		
		
      // Remove the symlink for the site, if site is renamed
      if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
         if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/httpd/'.$data['old']['domain']);
         if(is_link($data['old']['document_root'].'/log')) $app->system->unlink($data['old']['document_root'].'/log');
      }

      // Create the symlink for the logfiles
      if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) $app->system->mkdirpath('/var/log/ispconfig/httpd/'.$data['new']['domain']);
      if(!is_link($data['new']['document_root'].'/log')) {
//         exec("ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log");
         if ($web_config["website_symlinks_rel"] == 'y') {
            $this->create_relative_link("/var/log/ispconfig/httpd/".$data["new"]["domain"], $data["new"]["document_root"]."/log");
         } else {
            exec("ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log");
         }

         $app->log('Creating symlink: ln -s /var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/log',LOGLEVEL_DEBUG);
      }
      /*
      // Create the symlink for the logfiles
      // This does not work as vlogger cannot log trough symlinks.
      if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
         if(is_dir($data['old']['document_root'].'/log')) exec('rm -rf '.$data['old']['document_root'].'/log');
         if(is_link('/var/log/ispconfig/httpd/'.$data['old']['domain'])) $app->system->unlink('/var/log/ispconfig/httpd/'.$data['old']['domain']);
		
      //* Create the log dir if nescessary and mount it
      if(!is_dir($data['new']['document_root'].'/log') || is_link($data['new']['document_root'].'/log')) {
         if(is_link($data['new']['document_root'].'/log')) unlink($data['new']['document_root'].'/log');
         $app->system->mkdir($data['new']['document_root'].'/log');
         $app->system->chown($data['new']['document_root'].'/log','root');
         $app->system->chgrp($data['new']['document_root'].'/log','root');
         $app->system->chmod($data['new']['document_root'].'/log',0755);
         exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/log'));
         //* add mountpoint to fstab
         $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/log    none    bind    0 0';
         $app->system->replaceLine('/etc/fstab',$fstab_line,$fstab_line,1,1);
      }
      
      // Create the symlink for the logfiles
      if(!is_dir($data['new']['document_root'].'/log')) exec('mkdir -p '.$data['new']['document_root'].'/log');
      if(!is_link('/var/log/ispconfig/httpd/'.$data['new']['domain'])) {
         exec('ln -s '.$data['new']['document_root'].'/log /var/log/ispconfig/httpd/'.$data['new']['domain']);
         $app->log('Creating symlink: ln -s '.$data['new']['document_root'].'/log /var/log/ispconfig/httpd/'.$data['new']['domain'],LOGLEVEL_DEBUG);
      }
      */
      $app->system->web_folder_protection($data['new']['document_root'],true);

      // Get the client ID
      $client = $app->dbmaster->queryOneRecord('SELECT client_id FROM sys_group WHERE sys_group.groupid = '.intval($data['new']['sys_groupid']));
@@ -624,24 +624,21 @@
         
         $app->system->web_folder_protection($data['new']['document_root'],false);
         
         //* Check if we have the new private folder and create it if nescessary
         if(!is_dir($data['new']['document_root'].'/private')) $app->system->mkdir($data['new']['document_root'].'/private');
			
         if($web_config['security_level'] == 20) {
            
            $app->system->chmod($data['new']['document_root'],0751);
            $app->system->chmod($data['new']['document_root'],0755);
            $app->system->chmod($data['new']['document_root'].'/web',0710);
            $app->system->chmod($data['new']['document_root'].'/webdav',0710);
            $app->system->chmod($data['new']['document_root'].'/private',0710);
            $app->system->chmod($data['new']['document_root'].'/ssl',0755);
				
            /*
            $this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']));
            $this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']).'/*');
            $this->_exec('chmod 710 '.escapeshellcmd($data['new']['document_root'].'/web'));
            $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root'].'/ssl'));
            */

            // make tmp directory writable for Apache and the website users
            $app->system->chmod($data['new']['document_root'].'/tmp',0777);
         
            // Set Log symlink to 755 to make the logs accessible by the FTP user
            // Set Log directory to 755 to make the logs accessible by the FTP user
            if(realpath($data['new']['document_root'].'/log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
               $app->system->chmod($data['new']['document_root'].'/log',0755);
            }
@@ -669,16 +666,8 @@
            $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
            
            //* Chown all default directories
            /*
            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));
            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/cgi-bin'));
            $this->_exec('chown root:'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/log'));
            $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root'].'/ssl'));
            $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/tmp'));
            $this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/web'));
            */
            $app->system->chown($data['new']['document_root'],$username);
            $app->system->chgrp($data['new']['document_root'],$groupname);
            $app->system->chown($data['new']['document_root'],'root');
            $app->system->chgrp($data['new']['document_root'],'root');
            $app->system->chown($data['new']['document_root'].'/cgi-bin',$username);
            $app->system->chgrp($data['new']['document_root'].'/cgi-bin',$groupname);
            if(realpath($data['new']['document_root'].'/log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
@@ -697,22 +686,8 @@
            $app->system->chgrp($data['new']['document_root'].'/web/stats',$groupname);
            $app->system->chown($data['new']['document_root'].'/webdav',$username);
            $app->system->chgrp($data['new']['document_root'].'/webdav',$groupname);
				
				
            /*
            * Workaround for jailkit: If jailkit is enabled for the site, the 
            * website root has to be owned by the root user and we have to chmod it to 755 then
            */

            //* Check if there is a jailkit user or cronjob for this site
            $tmp = $app->db->queryOneRecord('SELECT count(shell_user_id) as number FROM shell_user WHERE parent_domain_id = '.$data['new']['domain_id']." AND chroot = 'jailkit'");
            $tmp2 = $app->db->queryOneRecord('SELECT count(id) as number FROM cron WHERE parent_domain_id = '.$data['new']['domain_id']." AND `type` = 'chrooted'");
            if($tmp['number'] > 0 || $tmp2['number'] > 0) {
               $app->system->chmod($data['new']['document_root'],0755);
               $app->system->chown($data['new']['document_root'],'root');
               $app->system->chgrp($data['new']['document_root'],'root');
            }
            unset($tmp);
            $app->system->chown($data['new']['document_root'].'/private',$username);
            $app->system->chgrp($data['new']['document_root'].'/private',$groupname);

            // If the security Level is set to medium
         } else {
@@ -755,10 +730,10 @@
      //* Protect web folders
      $app->system->web_folder_protection($data['new']['document_root'],true);

      // Change the ownership of the error log to the owner of the website
      // Change the ownership of the error log to the root user
      if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) exec('touch '.escapeshellcmd('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log'));
      $app->system->chown('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log',$username);
      $app->system->chgrp('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log',$groupname);
      $app->system->chown('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log','root');
      $app->system->chgrp('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log','root');


      //* Write the custom php.ini file, if custom_php_ini fieled is not empty