diff --git a/lib/functions/filedir/function.fileImmutable.php b/lib/functions/filedir/function.fileImmutable.php new file mode 100644 index 00000000..6533740e --- /dev/null +++ b/lib/functions/filedir/function.fileImmutable.php @@ -0,0 +1,66 @@ + (2010-) + * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt + * @package Functions + * @version $Id$ + */ + +/** + * set the immutable flag for a file + * + * @param string $filename the file to set the flag for + * + * @return boolean + */ +function setImmutable($filename = null) +{ + safe_exec(_getImmutableFunction(false).escapeshellarg($filename)); +} + +/** + * removes the immutable flag for a file + * + * @param string $filename the file to set the flag for + * + * @return boolean + */ +function removeImmutable($filename = null) +{ + safe_exec(_getImmutableFunction(true).escapeshellarg($filename)); +} + +/** + * internal function to check whether + * to use chattr (Linux) or chflags (FreeBSD) + * + * @param boolean $remove whether to use +i|schg (false) or -i|noschg (true) + * + * @return string functionname + parameter (not the file) + */ +function _getImmutableFunction($remove = false) +{ + $output = array(); + $return_var = 0; + exec('which chattr 2>&1', $output, $return_var); + + if((int)$return_var != 0) + { + // FreeBSD style + return 'chflags '.($remove === true) ? 'noschg ' : 'schg '; + } + else + { + // Linux style + return 'chattr '.($remove === true) ? '-i ' : '+i '; + } +} diff --git a/lib/functions/filedir/function.safe_exec.php b/lib/functions/filedir/function.safe_exec.php index 46b9f7f4..8fac2f5b 100644 --- a/lib/functions/filedir/function.safe_exec.php +++ b/lib/functions/filedir/function.safe_exec.php @@ -48,6 +48,7 @@ function safe_exec($exec_string, &$return_value = false) 'du', 'chmod', 'chattr', + 'chflags', /* freebsd equivalent to linux' chattr */ $settings['system']['apachereload_command'], $settings['system']['bindreload_command'], $settings['dkim']['dkimrestart_command'], diff --git a/lib/functions/filedir/function.storeDefaultIndex.php b/lib/functions/filedir/function.storeDefaultIndex.php index 0626640f..4fc6c529 100644 --- a/lib/functions/filedir/function.storeDefaultIndex.php +++ b/lib/functions/filedir/function.storeDefaultIndex.php @@ -1,5 +1,20 @@ (2010-) + * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt + * @package Functions + * @version $Id$ + */ + /** * store the default index-file in a given destination folder * diff --git a/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php b/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php index 684b395e..78ab577d 100644 --- a/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php +++ b/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php @@ -149,7 +149,7 @@ class apache_fcgid extends apache if(file_exists($starter_filename)) { - safe_exec('chattr -i ' . escapeshellarg($starter_filename)); + removeImmutable($starter_filename); } $starter_file_handler = fopen($starter_filename, 'w'); @@ -157,7 +157,7 @@ class apache_fcgid extends apache fclose($starter_file_handler); safe_exec('chmod 750 ' . escapeshellarg($starter_filename)); safe_exec('chown ' . $domain['guid'] . ':' . $domain['guid'] . ' ' . escapeshellarg($starter_filename)); - safe_exec('chattr +i ' . escapeshellarg($starter_filename)); + setImmutable($starter_filename); // define the php.ini @@ -349,7 +349,7 @@ class apache_fcgid extends apache //remove +i attibute, so starter can be overwritten if(file_exists($starter_filename)) { - safe_exec('chattr -i ' . escapeshellarg($starter_filename)); + removeImmutable($starter_filename); } $starter_file_handler = fopen($starter_filename, 'w'); @@ -357,7 +357,7 @@ class apache_fcgid extends apache fclose($starter_file_handler); safe_exec('chmod 750 ' . escapeshellarg($starter_filename)); safe_exec('chown ' . $user . ':' . $group . ' ' . escapeshellarg($starter_filename)); - safe_exec('chattr +i ' . escapeshellarg($starter_filename)); + setImmutable($starter_filename); } } diff --git a/scripts/jobs/cron_tasks.inc.http.25.lighttpd_fcgid.php b/scripts/jobs/cron_tasks.inc.http.25.lighttpd_fcgid.php index 9e61a0be..0f267515 100644 --- a/scripts/jobs/cron_tasks.inc.http.25.lighttpd_fcgid.php +++ b/scripts/jobs/cron_tasks.inc.http.25.lighttpd_fcgid.php @@ -173,7 +173,7 @@ class lighttpd_fcgid extends lighttpd if(file_exists($starter_filename)) { - safe_exec('chattr -i ' . escapeshellarg($starter_filename)); + removeImmutable($starter_filename); } $starter_file_handler = fopen($starter_filename, 'w'); @@ -181,7 +181,7 @@ class lighttpd_fcgid extends lighttpd fclose($starter_file_handler); safe_exec('chmod 750 ' . escapeshellarg($starter_filename)); safe_exec('chown ' . $domain['guid'] . ':' . $domain['guid'] . ' ' . escapeshellarg($starter_filename)); - safe_exec('chattr +i ' . escapeshellarg($starter_filename)); + setImmutable($starter_filename); // define the php.ini diff --git a/scripts/jobs/cron_tasks.php b/scripts/jobs/cron_tasks.php index 78e51724..e8565a98 100644 --- a/scripts/jobs/cron_tasks.php +++ b/scripts/jobs/cron_tasks.php @@ -254,13 +254,13 @@ $awstatsclean['headerold']) { // iterate through all subdirs, // look for php-fcgi-starter files - // and take chattr +i away from them + // and take immutable-flag away from them // so we can delete them :) foreach ($its as $fullFileName => $it ) { if ($it->isFile() && $it->getFilename() == 'php-fcgi-starter') { - safe_exec('chattr -i ' . escapeshellarg($its->getPathname())); + removeImmutable($its->getPathname()); } } // now get rid of old stuff