From 49a4ebff7c069a34fb1c9967aab06486b75735e0 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 02 Jan 2012 07:26:26 -0500
Subject: [PATCH] Add option "set_folder_permissions_on_update" in server config to configure if folder permissions should be forced on web update.
---
server/plugins-available/apache2_plugin.inc.php | 22 ++++++++++++++++------
1 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 49bb90f..bd93b51 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -553,7 +553,7 @@
//* If the security level is set to high
- if($this->action == 'insert' && $data['new']['type'] == 'vhost') {
+ if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {
if($web_config['security_level'] == 20) {
$this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']));
@@ -585,8 +585,13 @@
//* add the Apache user to the client group
$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
-
- $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));
+
+ //* Chown all default directories
+ $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/cgi-bin'));
+ $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/log'));
+ $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/ssl'));
+ $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/tmp'));
+ $this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/web'));
/*
* Workaround for jailkit: If jailkit is enabled for the site, the
@@ -637,7 +642,7 @@
if($master_php_ini_path != '' && substr($master_php_ini_path,-7) == 'php.ini' && is_file($master_php_ini_path)) {
$php_ini_content .= file_get_contents($master_php_ini_path)."\n";
}
- $php_ini_content .= trim($data['new']['custom_php_ini']);
+ $php_ini_content .= str_replace("\r",'',trim($data['new']['custom_php_ini']));
file_put_contents($custom_php_ini_dir.'/php.ini',$php_ini_content);
} else {
$has_custom_php_ini = false;
@@ -730,7 +735,7 @@
'rewrite_target_ssl' => $rewrite_target_ssl);
break;
case '*':
- $rewrite_rules[] = array( 'rewrite_domain' => $data['new']['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '(^|\.)'.$data['new']['domain'],
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl);
@@ -796,7 +801,7 @@
'rewrite_target_ssl' => $rewrite_target_ssl);
break;
case '*':
- $rewrite_rules[] = array( 'rewrite_domain' => $alias['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '(^|\.)'.$alias['domain'],
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl);
@@ -1051,6 +1056,11 @@
unlink($vhost_symlink);
$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);
}
+ $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
+ if(is_link($vhost_symlink)) {
+ unlink($vhost_symlink);
+ $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);
+ }
$vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost');
unlink($vhost_file);
$app->log('Removing file: '.$vhost_file,LOGLEVEL_DEBUG);
--
Gitblit v1.9.1