Commit 49a4ebff authored by tbrehm's avatar tbrehm
Browse files

Add option "set_folder_permissions_on_update" in server config to configure if...

Add option "set_folder_permissions_on_update" in server config to configure if folder permissions should be forced on web update.
parent 23f3bb8d
......@@ -68,6 +68,7 @@ php_fpm_ini_path=/etc/php5/fpm/php.ini
php_fpm_pool_dir=/etc/php5/fpm/pool.d
php_fpm_start_port=9010
php_fpm_socket_dir=/var/lib/php5-fpm
set_folder_permissions_on_update=y
[dns]
bind_user=root
......
......@@ -432,6 +432,12 @@ $form["tabs"]['web'] = array(
'default' => '20',
'value' => array('10' => 'Medium', '20' => 'High')
),
'set_folder_permissions_on_update' => array(
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'y',
'value' => array(0 => 'n', 1 => 'y')
),
'check_apache_config' => array(
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
......
......@@ -149,5 +149,6 @@ $wb["do_not_try_rescue_mysql_txt"] = 'Disable MySQL monitoring';
$wb["do_not_try_rescue_mail_txt"] = 'Disable Email monitoring';
$wb["rescue_description_txt"] = '<b>Information:</b> If you want to shut down mysql you have to select the "Disable MySQL monitor" checkbox and then wait 2-3 minutes.<br>If you do not wait 2-3 minutes, rescue will try to restart mysql!';
$wb["enable_sni_txt"] = 'Enable SNI';
$wb["set_folder_permissions_on_update_txt"] = 'Set folder permissions on update';
?>
\ No newline at end of file
......@@ -69,6 +69,12 @@
{tmpl_var name='check_apache_config'}
</div>
</div>
<div class="ctrlHolder apache">
<p class="label">{tmpl_var name='set_folder_permissions_on_update_txt'}</p>
<div class="multiField">
{tmpl_var name='set_folder_permissions_on_update'}
</div>
</div>
<div class="ctrlHolder">
<p class="label">{tmpl_var name='enable_sni_txt'}</p>
<div class="multiField">
......
......@@ -553,7 +553,7 @@ class apache2_plugin {
//* If the security level is set to high
if($this->action == 'insert' && $data['new']['type'] == 'vhost') {
if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {
if($web_config['security_level'] == 20) {
$this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']));
......@@ -585,8 +585,13 @@ class apache2_plugin {
//* add the Apache user to the client group
$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
$this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));
//* Chown all default directories
$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/cgi-bin'));
$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/log'));
$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/ssl'));
$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/tmp'));
$this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/web'));
/*
* Workaround for jailkit: If jailkit is enabled for the site, the
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment