From 036579b9074cebcf478043680355a893753c1a9e Mon Sep 17 00:00:00 2001
From: vogelor <vogelor@ispconfig3>
Date: Thu, 12 Feb 2009 09:02:41 -0500
Subject: [PATCH] fixed a bug in openbasedir (hopefully the last time)
---
server/plugins-available/apache2_plugin.inc.php | 109 +++++++++++++++++++++++++++++++++++++++++++++++++++---
1 files changed, 103 insertions(+), 6 deletions(-)
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index da6d877..96cf1bb 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -272,7 +272,7 @@
*/
// Get the client ID
- $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["new"]["sys_groupid"]));
+ $client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["new"]["sys_groupid"]));
$client_id = intval($client["client_id"]);
unset($client);
@@ -323,14 +323,14 @@
exec("cp /usr/local/ispconfig/server/conf-custom/error/".substr(escapeshellcmd($conf["language"]),0,2)."/* ".$error_page_path);
}
else {
- if (file_exists("/usr/local/ispconfig/server/conf-custom/error/fileNotFound.html")){
+ if (file_exists("/usr/local/ispconfig/server/conf-custom/error/400.html")){
exec("cp /usr/local/ispconfig/server/conf-custom/error/*.html ".$error_page_path);
}
else {
exec("cp /usr/local/ispconfig/server/conf/error/".substr(escapeshellcmd($conf["language"]),0,2)."/* ".$error_page_path);
}
}
- exec("chmod -R +r ".$error_page_path);
+ exec("chmod -R a+r ".$error_page_path);
}
// copy the standard index page
@@ -343,9 +343,12 @@
}
else {
exec("cp /usr/local/ispconfig/server/conf/index/standard_index.html_".substr(escapeshellcmd($conf["language"]),0,2)." ".escapeshellcmd($data["new"]["document_root"])."/web/index.html");
+ exec("cp /usr/local/ispconfig/server/conf/index/favicon.ico ".escapeshellcmd($data["new"]["document_root"])."/web/");
+ exec("cp /usr/local/ispconfig/server/conf/index/robots.txt ".escapeshellcmd($data["new"]["document_root"])."/web/");
+ exec("cp /usr/local/ispconfig/server/conf/index/.htaccess ".escapeshellcmd($data["new"]["document_root"])."/web/");
}
}
- exec("chmod +r ".escapeshellcmd($data["new"]["document_root"])."/web/index.html");
+ exec("chmod -R a+r ".escapeshellcmd($data["new"]["document_root"])."/web/");
}
// Create group and user, if not exist
@@ -376,9 +379,13 @@
}
+ if($this->action == 'insert') {
+ // Chown and chmod the directories below the document root
+ exec("chown -R $username:$groupname ".escapeshellcmd($data["new"]["document_root"]));
- // Chown and chmod the directories
- exec("chown -R $username:$groupname ".escapeshellcmd($data["new"]["document_root"]));
+ // The document root itself has to be owned by root
+ exec("chown root:root ".escapeshellcmd($data["new"]["document_root"]));
+ }
// make temp direcory writable for the apache user and the website user
exec("chmod 777 ".escapeshellcmd($data["new"]["document_root"]."/tmp"));
@@ -420,6 +427,20 @@
$rewrite_rules[] = array( 'rewrite_domain' => $data["new"]["domain"],
'rewrite_type' => $data["new"]["redirect_type"],
'rewrite_target' => $data["new"]["redirect_path"]);
+
+ switch($data["new"]["subdomain"]) {
+ case 'www':
+ $rewrite_rules[] = array( 'rewrite_domain' => 'www.'.$data["new"]["domain"],
+ 'rewrite_type' => $data["new"]["redirect_type"],
+ 'rewrite_target' => $data["new"]["redirect_path"]);
+ break;
+ case '*':
+ // TODO
+ //$rewrite_rules[] = array( 'rewrite_domain' => '*'.$alias["domain"],
+ // 'rewrite_type' => $alias["redirect_type"],
+ // 'rewrite_target' => $alias["redirect_path"]);
+ break;
+ }
}
// get alias domains (co-domains and subdomains)
@@ -451,6 +472,19 @@
$rewrite_rules[] = array( 'rewrite_domain' => $alias["domain"],
'rewrite_type' => $alias["redirect_type"],
'rewrite_target' => $alias["redirect_path"]);
+ switch($alias["subdomain"]) {
+ case 'www':
+ $rewrite_rules[] = array( 'rewrite_domain' => 'www.'.$alias["domain"],
+ 'rewrite_type' => $alias["redirect_type"],
+ 'rewrite_target' => $alias["redirect_path"]);
+ break;
+ case '*':
+ // TODO
+ //$rewrite_rules[] = array( 'rewrite_domain' => '*'.$alias["domain"],
+ // 'rewrite_type' => $alias["redirect_type"],
+ // 'rewrite_target' => $alias["redirect_path"]);
+ break;
+ }
}
}
}
@@ -510,6 +544,56 @@
}
+ /**
+ * install cgi starter script and add script alias to config.
+ * This is needed to allow cgi with suexec (to do so, we need a bin in the document-path!)
+ * first we create the script directory if not already created, then copy over the starter script.
+ * TODO: we have to fetch the data from the server-settings.
+ */
+
+ if ($data["new"]["php"] == "cgi")
+ {
+ //$cgi_config = $app->getconf->get_server_config($conf["server_id"], 'cgi');
+
+ $cgi_config["cgi_starter_path"] = "/var/www/php-cgi-scripts/[system_user]/";
+ $cgi_config["cgi_starter_script"] = "php-cgi-starter";
+ $cgi_config["cgi_bin"] = "/usr/bin/php-cgi";
+
+ $cgi_starter_path = str_replace("[system_user]",$data["new"]["system_user"],$cgi_config["cgi_starter_path"]);
+ $cgi_starter_path = str_replace("[client_id]",$client_id,$cgi_starter_path);
+
+ if (!is_dir($cgi_starter_path))
+ {
+ exec("mkdir -p ".escapeshellcmd($cgi_starter_path));
+ exec("chown ".$data["new"]["system_user"].":".$data["new"]["system_group"]." ".escapeshellcmd($cgi_starter_path));
+
+ $app->log("Creating cgi starter script directory: $cgi_starter_path",LOGLEVEL_DEBUG);
+ }
+
+ $cgi_tpl = new tpl();
+ $cgi_tpl->newTemplate("php-cgi-starter.master");
+
+ // This works, because php "rewrites" a symlink to the physical path
+ $cgi_tpl->setVar('open_basedir', $data["new"]["document_root"]);
+ // This will NOT work!
+ //$cgi_tpl->setVar('open_basedir', "/var/www/" . $data["new"]["domain"]);
+ $cgi_tpl->setVar('php_cgi_bin',$cgi_config["cgi_bin"]);
+
+ $cgi_starter_script = escapeshellcmd($cgi_starter_path.$cgi_config["cgi_starter_script"]);
+ file_put_contents($cgi_starter_script,$cgi_tpl->grab());
+ unset($cgi_tpl);
+
+ $app->log("Creating cgi starter script: $cgi_starter_script",LOGLEVEL_DEBUG);
+
+
+ exec("chmod 755 $cgi_starter_script");
+ exec("chown ".$data["new"]["system_user"].":".$data["new"]["system_group"]." $cgi_starter_script");
+
+ $tpl->setVar('cgi_starter_path',$cgi_starter_path);
+ $tpl->setVar('cgi_starter_script',$cgi_config["cgi_starter_script"]);
+
+ }
+
$vhost_file = escapeshellcmd($web_config["vhost_conf_dir"].'/'.$data["new"]["domain"].'.vhost');
file_put_contents($vhost_file,$tpl->grab());
$app->log("Writing the vhost file: $vhost_file",LOGLEVEL_DEBUG);
@@ -573,6 +657,19 @@
}
}
+ //remove the php cgi starter script if available
+ if ($data["old"]["php"] == "cgi")
+ {
+ // TODO: fetch the date from the server-settings
+ $web_config["cgi_starter_path"] = "/var/www/php-cgi-scripts/[system_user]/";
+
+ $cgi_starter_path = str_replace("[system_user]",$data["old"]["system_user"],$web_config["cgi_starter_path"]);
+ if (is_dir($cgi_starter_path))
+ {
+ exec("rm -rf $cgi_starter_path");
+ }
+ }
+
$app->log("Removing website: $docroot",LOGLEVEL_DEBUG);
// Delete the symlinks for the sites
--
Gitblit v1.9.1