From cabd6f6205756a51064fb856aca2ed94d28b1cf7 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Fri, 12 Sep 2008 11:31:19 -0400
Subject: [PATCH] Disabled suphp_UserGroup directive by default to make the setup compatible with the suphp compile options from most linux distributions. If you want some extra security, enable this directive again and recompile mod_suphp with the the option --with-setid-mode=paranoid
---
server/plugins-available/apache2_plugin.inc.php | 51 +++++++++++++++++++++++++++++++++++++++++----------
1 files changed, 41 insertions(+), 10 deletions(-)
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 98fcfd0..4160b1e 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -218,6 +218,20 @@
// Remove the symlink for the site, if site is renamed
if($this->action == 'update' && $data["old"]["domain"] != '' && $data["new"]["domain"] != $data["old"]["domain"]) {
+ if(is_dir('/var/log/ispconfig/httpd/'.$data["old"]["domain"])) exec('rm -rf /var/log/ispconfig/httpd/'.$data["old"]["domain"]);
+ if(is_link($data["old"]["document_root"]."/log")) unlink($data["old"]["document_root"]."/log");
+ }
+
+ // Create the symlink for the logfiles
+ if(!is_dir('/var/log/ispconfig/httpd/'.$data["new"]["domain"])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data["new"]["domain"]);
+ if(!is_link($data["new"]["document_root"]."/log")) {
+ exec("ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log");
+ $app->log("Creating Symlink: ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log",LOGLEVEL_DEBUG);
+ }
+ /*
+ // Create the symlink for the logfiles
+ // This does not work as vlogger can not log trogh symlinks.
+ if($this->action == 'update' && $data["old"]["domain"] != '' && $data["new"]["domain"] != $data["old"]["domain"]) {
if(is_dir($data["old"]["document_root"]."/log")) exec('rm -rf '.$data["old"]["document_root"]."/log");
if(is_link('/var/log/ispconfig/httpd/'.$data["old"]["domain"])) unlink('/var/log/ispconfig/httpd/'.$data["old"]["domain"]);
}
@@ -228,6 +242,7 @@
exec("ln -s ".$data["new"]["document_root"]."/log /var/log/ispconfig/httpd/".$data["new"]["domain"]);
$app->log("Creating Symlink: ln -s ".$data["new"]["document_root"]."/log /var/log/ispconfig/httpd/".$data["new"]["domain"],LOGLEVEL_DEBUG);
}
+ */
// Get the client ID
$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["new"]["sys_groupid"]));
@@ -269,7 +284,7 @@
}
- if($this->action == 'insert') {
+ if($this->action == 'insert' && $data["new"]["type"] == 'vhost') {
// Copy the error pages
$error_page_path = escapeshellcmd($data["new"]["document_root"])."/web/error/";
exec("cp /usr/local/ispconfig/server/conf/error/".substr(escapeshellcmd($conf["language"]),0,2)."/* ".$error_page_path);
@@ -382,31 +397,42 @@
if ($data["new"]["php"] == "fast-cgi")
{
- $fastcgi_starter_path = str_replace("[system_user]",$data["new"]["system_user"],$web_config["fastcgi_starter_path"]);
+ $fastcgi_config = $app->getconf->get_server_config($conf["server_id"], 'fastcgi');
+
+ $fastcgi_starter_path = str_replace("[system_user]",$data["new"]["system_user"],$fastcgi_config["fastcgi_starter_path"]);
+ $fastcgi_starter_path = str_replace("[client_id]",$client_id,$fastcgi_starter_path);
+
if (!is_dir($fastcgi_starter_path))
{
- exec("mkdir $fastcgi_starter_path");
- exec("chown ".$data["new"]["system_user"].":".$data["new"]["system_group"]." $fastcgi_starter_path");
+ exec("mkdir -p ".escapeshellcmd($fastcgi_starter_path));
+ exec("chown ".$data["new"]["system_user"].":".$data["new"]["system_group"]." ".escapeshellcmd($fastcgi_starter_path));
+
+
+ $app->log("Creating fastcgi starter script directory: $fastcgi_starter_path",LOGLEVEL_DEBUG);
}
$fcgi_tpl = new tpl();
$fcgi_tpl->newTemplate("php-fcgi-starter.master");
- $fcgi_tpl->setVar('php_ini_path',$web_config["fastcgi_phpini_path"]);
+ $fcgi_tpl->setVar('php_ini_path',$fastcgi_config["fastcgi_phpini_path"]);
$fcgi_tpl->setVar('document_root',$data["new"]["document_root"]);
- $fcgi_tpl->setVar('php_fcgi_children',$web_config["fastcgi_children"]);
- $fcgi_tpl->setVar('php_fcgi_max_requests',$web_config["fastcgi_max_requests"]);
- $fcgi_tpl->setVar('php_fcgi_bin',$web_config["fastcgi_bin"]);
+ $fcgi_tpl->setVar('php_fcgi_children',$fastcgi_config["fastcgi_children"]);
+ $fcgi_tpl->setVar('php_fcgi_max_requests',$fastcgi_config["fastcgi_max_requests"]);
+ $fcgi_tpl->setVar('php_fcgi_bin',$fastcgi_config["fastcgi_bin"]);
- $fcgi_starter_script = escapeshellcmd($fastcgi_starter_path."/".$web_config["fastcgi_starter_script"]);
+ $fcgi_starter_script = escapeshellcmd($fastcgi_starter_path.$fastcgi_config["fastcgi_starter_script"]);
file_put_contents($fcgi_starter_script,$fcgi_tpl->grab());
unset($fcgi_tpl);
+
+ $app->log("Creating fastcgi starter script: $fcgi_starter_script",LOGLEVEL_DEBUG);
+
exec("chmod 755 $fcgi_starter_script");
exec("chown ".$data["new"]["system_user"].":".$data["new"]["system_group"]." $fcgi_starter_script");
- $tpl->setVar('fastcgi_alias',$web_config["fastcgi_alias"]);
+ $tpl->setVar('fastcgi_alias',$fastcgi_config["fastcgi_alias"]);
$tpl->setVar('fastcgi_starter_path',$fastcgi_starter_path);
+ $tpl->setVar('fastcgi_starter_script',$fastcgi_config["fastcgi_starter_script"]);
}
@@ -462,6 +488,7 @@
$docroot = escapeshellcmd($data["old"]["document_root"]);
if($docroot != '' && !stristr($docroot,'..')) exec("rm -rf $docroot");
+
//remove the php fastgi starter script if available
if ($data["old"]["php"] == "fast-cgi")
{
@@ -499,6 +526,10 @@
if($data["old"]["domain"] != '' && !stristr($vhost_logfile_dir,'..')) exec("rm -rf $vhost_logfile_dir");
$app->log("Removing website logfile directory: $vhost_logfile_dir",LOGLEVEL_DEBUG);
+ //delete the web user
+ $command = 'userdel';
+ $command .= ' '.$data["old"]["system_user"];
+ exec($command);
}
//* This function is called when a IP on the server is inserted, updated or deleted
--
Gitblit v1.9.1