maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

various permission fixes when using fcgid / fpm and customerdocroots having 0770 and sockets are 0660

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2014-12-22 09:51:55 +01:00
parent 3c12e825f5
commit 366e0f6061
2 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
admin_customers.php
View File

@@ -833,7 +833,21 @@ if ($page == 'customers'
'guid' => $guid,
'members' => $loginname.','.Settings::Get('system.httpuser')
);
// also, add froxlor-local user to ftp-group (if exists!) to
// allow access to customer-directories from within the panel, which
// is necessary when pathedit = Dropdown
if ((int)Settings::Get('system.mod_fcgid_ownvhost') == 1 || (int)Settings::Get('phpfpm.enabled_ownvhost') == 1) {
if ((int)Settings::Get('system.mod_fcgid') == 1) {
$local_user = Settings::Get('system.mod_fcgid_httpuser');
} else {
$local_user = Settings::Get('phpfpm.vhost_httpuser');
}
$ins_data['members'] .= ','.$local_user;
}
Database::pexecute($ins_stmt, $ins_data);
// FTP-Quotatallies
$ins_stmt = Database::prepare("
INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` SET `name` = :name, `quota_type` = 'user', `bytes_in_used` = '0',

16
scripts/jobs/cron_tasks.php
View File

@@ -86,6 +86,22 @@ while ($row = $result_tasks_stmt->fetch(PDO::FETCH_ASSOC)) {
} else {
echo "Please check you Webserver settings\n";
}
// if we use php-fpm and have a local user for froxlor, we need to
// add the webserver-user to the local-group in order to allow the webserver
// to access the fpm-socket
if (Settings::Get('phpfpm.enabled') == 1 && function_exists("posix_getgrnam")) {
// get group info about the local-user's group (e.g. froxlorlocal)
$groupinfo = posix_getgrnam(Settings::Get('phpfpm.vhost_httpgroup'));
// check group members
if (isset($groupinfo['members'])
&& !in_array(Settings::Get('system.httpuser'), $groupinfo['members'])
) {
// webserver has no access, add it
safe_exec('usermod -aG ' . escapeshellarg(Settings::Get('phpfpm.vhost_httpgroup')." ".Settings::Get('system.httpuser')));
}
}
}
/**