From fb41bbf9792c7e58aef16624c7ede9aabf2539d4 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sun, 05 Jul 2009 09:31:05 -0400
Subject: [PATCH] Add the website user to the sshusers group

---
 server/plugins-available/apache2_plugin.inc.php |   22 ++++++++--------------
 1 files changed, 8 insertions(+), 14 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index bfdc6bf..c734921 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -473,30 +473,22 @@
 		if($web_config['security_level'] == 20) {
 			
 			exec("chmod 711 ".escapeshellcmd($data["new"]["document_root"]."/"));
-			exec("chmod 711 ".escapeshellcmd($data["new"]["document_root"]."/*"));
+			exec("chmod 711 ".escapeshellcmd($data["new"]["document_root"])."/*");
 			exec("chmod 710 ".escapeshellcmd($data["new"]["document_root"]."/web"));
 			
-			//* Change the home directory and group of the website user
 			$command = 'usermod';
-			$command .= ' --groups sshusers,'.escapeshellcmd($web_config['group']);
+			$command .= ' --groups sshusers';
 			$command .= ' '.escapeshellcmd($data["new"]["system_user"]);
 			exec($command);
-			$app->log("Modifying user: $command",LOGLEVEL_DEBUG);
-		
-			// make temp direcory writable for the apache user and the website user
-			// exec("chmod 777 ".escapeshellcmd($data["new"]["document_root"]."/tmp"));
+			
+			//* add the apache user to the client group
+			$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
+			
 		// If the security Level is set to medium
 		} else {
 		
 			exec("chmod 755 ".escapeshellcmd($data["new"]["document_root"]."/"));
 			exec("chmod 755 ".escapeshellcmd($data["new"]["document_root"]."/*"));
-			
-			//* Change the home directory and group of the website user
-			$command = 'usermod';
-			$command .= ' --groups sshusers ';
-			$command .= ' '.escapeshellcmd($data["new"]["system_user"]);
-			exec($command);
-			$app->log("Modifying user: $command",LOGLEVEL_DEBUG);
 		
 			// make temp direcory writable for the apache user and the website user
 			exec("chmod 777 ".escapeshellcmd($data["new"]["document_root"]."/tmp"));
@@ -663,6 +655,7 @@
 			$fcgi_tpl->setVar('php_fcgi_children',$fastcgi_config["fastcgi_children"]);
 			$fcgi_tpl->setVar('php_fcgi_max_requests',$fastcgi_config["fastcgi_max_requests"]);
 			$fcgi_tpl->setVar('php_fcgi_bin',$fastcgi_config["fastcgi_bin"]);
+			$fcgi_tpl->setVar('security_level',$web_config["security_level"]);
 				
 			$fcgi_starter_script = escapeshellcmd($fastcgi_starter_path.$fastcgi_config["fastcgi_starter_script"]);
 			file_put_contents($fcgi_starter_script,$fcgi_tpl->grab());
@@ -714,6 +707,7 @@
 			// This will NOT work!
 			//$cgi_tpl->setVar('open_basedir', "/var/www/" . $data["new"]["domain"]);
 			$cgi_tpl->setVar('php_cgi_bin',$cgi_config["cgi_bin"]);
+			$cgi_tpl->setVar('security_level',$web_config["security_level"]);
 
 			$cgi_starter_script = escapeshellcmd($cgi_starter_path.$cgi_config["cgi_starter_script"]);
 			file_put_contents($cgi_starter_script,$cgi_tpl->grab());

--
Gitblit v1.9.1