From 6a95c89ed619c3c261a09a17f43a31dd8cc4047e Mon Sep 17 00:00:00 2001
From: daniel <daniel@ispconfig3>
Date: Fri, 06 Jun 2008 14:24:13 -0400
Subject: [PATCH] Added initial jailkit chroot feature as a plugin Added chroot options to the shell user form Added jailkit ini settings Added ini settings for fastcgi Fixed bug with web delete not removing parent web user unless that was intentional ? Changed name of shell user plugin so plugin order calls this first Started a change to the update script.
---
server/plugins-available/apache2_plugin.inc.php | 78 ++++++++++++++++++++++++++++++++++----
1 files changed, 69 insertions(+), 9 deletions(-)
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index c0b04a4..d8b0c06 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -218,18 +218,17 @@
// Remove the symlink for the site, if site is renamed
if($this->action == 'update' && $data["old"]["domain"] != '' && $data["new"]["domain"] != $data["old"]["domain"]) {
- if(is_dir('/var/log/ispconfig/httpd/'.$data["old"]["domain"])) exec('rm -rf /var/log/ispconfig/httpd/'.$data["old"]["domain"]);
- if(is_link($data["old"]["document_root"]."/log")) unlink($data["old"]["document_root"]."/log");
+ if(is_dir($data["old"]["document_root"]."/log")) exec('rm -rf '.$data["old"]["document_root"]."/log");
+ if(is_link('/var/log/ispconfig/httpd/'.$data["old"]["domain"])) unlink('/var/log/ispconfig/httpd/'.$data["old"]["domain"]);
}
// Create the symlink for the logfiles
- if(!is_dir('/var/log/ispconfig/httpd/'.$data["new"]["domain"])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data["new"]["domain"]);
- if(!is_link($data["new"]["document_root"]."/log")) {
- exec("ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log");
- $app->log("Creating Symlink: ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log",LOGLEVEL_DEBUG);
+ if(!is_dir($data["new"]["document_root"]."/log")) exec('mkdir -p '.$data["new"]["document_root"]."/log");
+ if(!is_link('/var/log/ispconfig/httpd/'.$data["new"]["domain"])) {
+ exec("ln -s ".$data["new"]["document_root"]."/log /var/log/ispconfig/httpd/".$data["new"]["domain"]);
+ $app->log("Creating Symlink: ln -s ".$data["new"]["document_root"]."/log /var/log/ispconfig/httpd/".$data["new"]["domain"],LOGLEVEL_DEBUG);
}
-
-
+
// Get the client ID
$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["new"]["sys_groupid"]));
$client_id = intval($client["client_id"]);
@@ -292,7 +291,7 @@
$username = escapeshellcmd($data["new"]["system_user"]);
if($data["new"]["system_user"] != '' && !$app->system->is_user($data["new"]["system_user"])) {
- exec("useradd -d ".escapeshellcmd($data["new"]["document_root"])." -g $groupname $username");
+ exec("useradd -d ".escapeshellcmd($data["new"]["document_root"])." -g $groupname $username -s /bin/false");
$app->log("Adding the user: $username",LOGLEVEL_DEBUG);
}
@@ -374,6 +373,51 @@
}
$tpl->setLoop('redirects',$rewrite_rules);
+ /**
+ * install fast-cgi starter script and add script aliasd config
+ * first we create the script directory if not already created, then copy over the starter script
+ * settings are copied over from the server ini config for now
+ * TODO: Create form for fastcgi configs per site.
+ */
+
+ if ($data["new"]["php"] == "fast-cgi")
+ {
+ $fastcgi_config = $app->getconf->get_server_config($conf["server_id"], 'fastcgi');
+
+ $fastcgi_starter_path = str_replace("[system_user]",$data["new"]["system_user"],$fastcgi_config["fastcgi_starter_path"]);
+ if (!is_dir($fastcgi_starter_path))
+ {
+ exec("mkdir -p $fastcgi_starter_path");
+ exec("chown ".$data["new"]["system_user"].":".$data["new"]["system_group"]." $fastcgi_starter_path");
+
+
+ $app->log("Creating fastcgi starter script directory: $fastcgi_starter_path",LOGLEVEL_DEBUG);
+ }
+
+ $fcgi_tpl = new tpl();
+ $fcgi_tpl->newTemplate("php-fcgi-starter.master");
+
+ $fcgi_tpl->setVar('php_ini_path',$fastcgi_config["fastcgi_phpini_path"]);
+ $fcgi_tpl->setVar('document_root',$data["new"]["document_root"]);
+ $fcgi_tpl->setVar('php_fcgi_children',$fastcgi_config["fastcgi_children"]);
+ $fcgi_tpl->setVar('php_fcgi_max_requests',$fastcgi_config["fastcgi_max_requests"]);
+ $fcgi_tpl->setVar('php_fcgi_bin',$fastcgi_config["fastcgi_bin"]);
+
+ $fcgi_starter_script = escapeshellcmd($fastcgi_starter_path."/".$fastcgi_config["fastcgi_starter_script"]);
+ file_put_contents($fcgi_starter_script,$fcgi_tpl->grab());
+ unset($fcgi_tpl);
+
+ $app->log("Creating fastcgi starter script: $fcgi_starter_script",LOGLEVEL_DEBUG);
+
+
+ exec("chmod 755 $fcgi_starter_script");
+ exec("chown ".$data["new"]["system_user"].":".$data["new"]["system_group"]." $fcgi_starter_script");
+
+ $tpl->setVar('fastcgi_alias',$fastcgi_config["fastcgi_alias"]);
+ $tpl->setVar('fastcgi_starter_path',$fastcgi_starter_path);
+
+ }
+
$vhost_file = escapeshellcmd($web_config["vhost_conf_dir"].'/'.$data["new"]["domain"].'.vhost');
file_put_contents($vhost_file,$tpl->grab());
$app->log("Writing the vhost file: $vhost_file",LOGLEVEL_DEBUG);
@@ -425,6 +469,18 @@
$docroot = escapeshellcmd($data["old"]["document_root"]);
if($docroot != '' && !stristr($docroot,'..')) exec("rm -rf $docroot");
+
+
+ //remove the php fastgi starter script if available
+ if ($data["old"]["php"] == "fast-cgi")
+ {
+ $fastcgi_starter_path = str_replace("[system_user]",$data["old"]["system_user"],$web_config["fastcgi_starter_path"]);
+ if (is_dir($fastcgi_starter_path))
+ {
+ exec("rm -rf $fastcgi_starter_path");
+ }
+ }
+
$app->log("Removing website: $docroot",LOGLEVEL_DEBUG);
// Delete the symlinks for the sites
@@ -452,6 +508,10 @@
if($data["old"]["domain"] != '' && !stristr($vhost_logfile_dir,'..')) exec("rm -rf $vhost_logfile_dir");
$app->log("Removing website logfile directory: $vhost_logfile_dir",LOGLEVEL_DEBUG);
+ //delete the web user
+ $command = 'userdel';
+ $command .= ' '.$data["old"]["system_user"];
+ exec($command);
}
//* This function is called when a IP on the server is inserted, updated or deleted
--
Gitblit v1.9.1