From cabd6f6205756a51064fb856aca2ed94d28b1cf7 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Fri, 12 Sep 2008 11:31:19 -0400
Subject: [PATCH] Disabled suphp_UserGroup directive by default to make the setup compatible with the suphp compile options from most linux distributions. If you want some extra security, enable this directive again and recompile mod_suphp with the the option --with-setid-mode=paranoid

---
 server/plugins-available/apache2_plugin.inc.php |  101 +++++++++++++++++++++++++++++++++++++++++++++++---
 1 files changed, 95 insertions(+), 6 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 2bc6089..4160b1e 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -219,14 +219,31 @@
 		// Remove the symlink for the site, if site is renamed
 		if($this->action == 'update' && $data["old"]["domain"] != '' && $data["new"]["domain"] != $data["old"]["domain"]) {
 			if(is_dir('/var/log/ispconfig/httpd/'.$data["old"]["domain"])) exec('rm -rf /var/log/ispconfig/httpd/'.$data["old"]["domain"]);
-			if(is_link($data["new"]["document_root"]."/log")) exec("rm -f ".$data["new"]["document_root"]."/log");
+			if(is_link($data["old"]["document_root"]."/log")) unlink($data["old"]["document_root"]."/log");
 		}
 		
 		// Create the symlink for the logfiles
 		if(!is_dir('/var/log/ispconfig/httpd/'.$data["new"]["domain"])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data["new"]["domain"]);
-		if(!is_link($data["new"]["document_root"]."/log")) exec("ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log");
+		if(!is_link($data["new"]["document_root"]."/log")) {
+			exec("ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log");
+			$app->log("Creating Symlink: ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log",LOGLEVEL_DEBUG);
+		}
+		/*
+		// Create the symlink for the logfiles
+		// This does not work as vlogger can not log trogh symlinks.
+		if($this->action == 'update' && $data["old"]["domain"] != '' && $data["new"]["domain"] != $data["old"]["domain"]) {
+			if(is_dir($data["old"]["document_root"]."/log")) exec('rm -rf '.$data["old"]["document_root"]."/log");
+			if(is_link('/var/log/ispconfig/httpd/'.$data["old"]["domain"])) unlink('/var/log/ispconfig/httpd/'.$data["old"]["domain"]);
+		}
 		
-		
+		// Create the symlink for the logfiles
+		if(!is_dir($data["new"]["document_root"]."/log")) exec('mkdir -p '.$data["new"]["document_root"]."/log");
+		if(!is_link('/var/log/ispconfig/httpd/'.$data["new"]["domain"])) {
+			exec("ln -s ".$data["new"]["document_root"]."/log /var/log/ispconfig/httpd/".$data["new"]["domain"]);
+			$app->log("Creating Symlink: ln -s ".$data["new"]["document_root"]."/log /var/log/ispconfig/httpd/".$data["new"]["domain"],LOGLEVEL_DEBUG);
+		}
+		*/
+	
 		// Get the client ID
 		$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["new"]["sys_groupid"]));
 		$client_id = intval($client["client_id"]);
@@ -267,7 +284,7 @@
 		}
 		
 		
-		if($this->action == 'insert') {
+		if($this->action == 'insert' && $data["new"]["type"] == 'vhost') {
 			// Copy the error pages
 			$error_page_path = escapeshellcmd($data["new"]["document_root"])."/web/error/";
 			exec("cp /usr/local/ispconfig/server/conf/error/".substr(escapeshellcmd($conf["language"]),0,2)."/* ".$error_page_path);
@@ -289,7 +306,7 @@
 		
 		$username = escapeshellcmd($data["new"]["system_user"]);
 		if($data["new"]["system_user"] != '' && !$app->system->is_user($data["new"]["system_user"])) {
-			exec("useradd -d ".escapeshellcmd($data["new"]["document_root"])." -g $groupname $username");
+			exec("useradd -d ".escapeshellcmd($data["new"]["document_root"])." -g $groupname $username -s /bin/false");
 			$app->log("Adding the user: $username",LOGLEVEL_DEBUG);
 		}
 		
@@ -371,6 +388,54 @@
 		}
 		$tpl->setLoop('redirects',$rewrite_rules);
 		
+		/** 
+		 * install fast-cgi starter script and add script aliasd config 
+		 * first we create the script directory if not already created, then copy over the starter script
+		 * settings are copied over from the server ini config for now
+		 * TODO: Create form for fastcgi configs per site.
+		 */
+		
+		if ($data["new"]["php"] == "fast-cgi")
+		{
+			$fastcgi_config = $app->getconf->get_server_config($conf["server_id"], 'fastcgi');
+			
+			$fastcgi_starter_path = str_replace("[system_user]",$data["new"]["system_user"],$fastcgi_config["fastcgi_starter_path"]);
+			$fastcgi_starter_path = str_replace("[client_id]",$client_id,$fastcgi_starter_path);
+			
+			if (!is_dir($fastcgi_starter_path))
+			{
+				exec("mkdir -p ".escapeshellcmd($fastcgi_starter_path));
+				exec("chown ".$data["new"]["system_user"].":".$data["new"]["system_group"]." ".escapeshellcmd($fastcgi_starter_path));
+				
+				
+				$app->log("Creating fastcgi starter script directory: $fastcgi_starter_path",LOGLEVEL_DEBUG);
+			}
+			
+			$fcgi_tpl = new tpl();
+			$fcgi_tpl->newTemplate("php-fcgi-starter.master");
+				
+			$fcgi_tpl->setVar('php_ini_path',$fastcgi_config["fastcgi_phpini_path"]);
+			$fcgi_tpl->setVar('document_root',$data["new"]["document_root"]);
+			$fcgi_tpl->setVar('php_fcgi_children',$fastcgi_config["fastcgi_children"]);
+			$fcgi_tpl->setVar('php_fcgi_max_requests',$fastcgi_config["fastcgi_max_requests"]);
+			$fcgi_tpl->setVar('php_fcgi_bin',$fastcgi_config["fastcgi_bin"]);
+				
+			$fcgi_starter_script = escapeshellcmd($fastcgi_starter_path.$fastcgi_config["fastcgi_starter_script"]);
+			file_put_contents($fcgi_starter_script,$fcgi_tpl->grab());
+			unset($fcgi_tpl);
+			
+			$app->log("Creating fastcgi starter script: $fcgi_starter_script",LOGLEVEL_DEBUG);
+			
+			
+			exec("chmod 755 $fcgi_starter_script");
+			exec("chown ".$data["new"]["system_user"].":".$data["new"]["system_group"]." $fcgi_starter_script");
+
+			$tpl->setVar('fastcgi_alias',$fastcgi_config["fastcgi_alias"]);
+			$tpl->setVar('fastcgi_starter_path',$fastcgi_starter_path);
+			$tpl->setVar('fastcgi_starter_script',$fastcgi_config["fastcgi_starter_script"]);
+			
+		}
+		
 		$vhost_file = escapeshellcmd($web_config["vhost_conf_dir"].'/'.$data["new"]["domain"].'.vhost');
 		file_put_contents($vhost_file,$tpl->grab());
 		$app->log("Writing the vhost file: $vhost_file",LOGLEVEL_DEBUG);
@@ -389,11 +454,14 @@
 			$app->log("Removing symlink: $vhost_symlink => $vhost_file",LOGLEVEL_DEBUG);
 		}
 		
-		// remove old symlink, if domain name of the site has changed
+		// remove old symlink and vhost file, if domain name of the site has changed
 		if($this->action == 'update' && $data["old"]["domain"] != '' && $data["new"]["domain"] != $data["old"]["domain"]) {
 			$vhost_symlink = escapeshellcmd($web_config["vhost_conf_enabled_dir"].'/'.$data["old"]["domain"].'.vhost');
 			unlink($vhost_symlink);
 			$app->log("Removing symlink: $vhost_symlink => $vhost_file",LOGLEVEL_DEBUG);
+			$vhost_file = escapeshellcmd($web_config["vhost_conf_dir"].'/'.$data["old"]["domain"].'.vhost');
+			unlink($vhost_file);
+			$app->log("Removing File $vhost_file",LOGLEVEL_DEBUG);
 		}
 		
 		// request a httpd reload when all records have been processed
@@ -419,6 +487,18 @@
 		
 		$docroot = escapeshellcmd($data["old"]["document_root"]);
 		if($docroot != '' && !stristr($docroot,'..')) exec("rm -rf $docroot");
+		
+		
+		//remove the php fastgi starter script if available
+		if ($data["old"]["php"] == "fast-cgi")
+		{
+			$fastcgi_starter_path = str_replace("[system_user]",$data["old"]["system_user"],$web_config["fastcgi_starter_path"]);
+			if (is_dir($fastcgi_starter_path))
+			{
+					exec("rm -rf $fastcgi_starter_path");
+			}
+		}
+		
 		$app->log("Removing website: $docroot",LOGLEVEL_DEBUG);
 		
 		// Delete the symlinks for the sites
@@ -441,6 +521,15 @@
 		}
 		// end removing symlinks
 		
+		// Delete the log file directory
+		$vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/httpd/'.$data["old"]["domain"]);
+		if($data["old"]["domain"] != '' && !stristr($vhost_logfile_dir,'..')) exec("rm -rf $vhost_logfile_dir");
+		$app->log("Removing website logfile directory: $vhost_logfile_dir",LOGLEVEL_DEBUG);
+		
+		//delete the web user
+		$command = 'userdel';
+		$command .= ' '.$data["old"]["system_user"];			
+		exec($command);
 	}
 	
 	//* This function is called when a IP on the server is inserted, updated or deleted

--
Gitblit v1.9.1