From 0dfb2d97da6b25c20c8de3d766c81077837f7387 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Mon, 06 Jun 2016 11:39:15 -0400
Subject: [PATCH] - changed fpm socket group to fix access privilegue problems (does not decrease security!)

---
 server/plugins-available/nginx_plugin.inc.php |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index ece3cb0..b2262b0 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -932,6 +932,7 @@
 		$tpl->newTemplate('nginx_vhost.conf.master');
 
 		// IPv4
+		if($data['new']['ip_address'] == '') $data['new']['ip_address'] = '*';
 
 		//* use ip-mapping for web-mirror
 		if($data['new']['ip_address'] != '*' && $conf['mirror_server_id'] > 0) {
@@ -1312,9 +1313,9 @@
 				$app->log("Create Let's Encrypt SSL Cert for: $domain", LOGLEVEL_DEBUG);
 				
 				$success = false;
-				$letsencrypt = array_shift( explode("\n", `which letsencrypt /root/.local/share/letsencrypt/bin/letsencrypt`) );
+				$letsencrypt = array_shift( explode("\n", shell_exec('which letsencrypt certbot /root/.local/share/letsencrypt/bin/letsencrypt')) );
 				if(is_executable($letsencrypt)) {
-					$success = $this->_exec($letsencrypt . " auth --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path /usr/local/ispconfig/interface/acme");
+					$success = $this->_exec($letsencrypt . " certonly --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path /usr/local/ispconfig/interface/acme");
 				}
 				if(!$success) {
 					// error issuing cert
@@ -2763,7 +2764,7 @@
 		$tpl->setVar('fpm_pool', $pool_name);
 		$tpl->setVar('fpm_port', $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1);
 		$tpl->setVar('fpm_user', $data['new']['system_user']);
-		$tpl->setVar('fpm_group', $data['new']['system_group']);
+		$tpl->setVar('fpm_group', $web_config['group']);
 		$tpl->setVar('pm', $data['new']['pm']);
 		$tpl->setVar('pm_max_children', $data['new']['pm_max_children']);
 		$tpl->setVar('pm_start_servers', $data['new']['pm_start_servers']);

--
Gitblit v1.9.1