From 8e725d2c1057608431d3d1639c948206d5e24869 Mon Sep 17 00:00:00 2001 From: jwarnier Date: Sun, 5 Sep 2010 12:54:24 +0000 Subject: [PATCH] fix some strings quoting and remove some execs --- install/dist/lib/debian60.lib.php | 35 ++++++++++--------- install/lib/update.lib.php | 10 +++--- server/cron_daily.php | 27 +++++++------- server/plugins-available/bind_plugin.inc.php | 3 +- .../cron_jailkit_plugin.inc.php | 16 ++++----- server/plugins-available/cron_plugin.inc.php | 4 +-- .../plugins-available/getmail_plugin.inc.php | 6 ++-- .../plugins-available/maildrop_plugin.inc.php | 26 +++++++------- .../pma_symlink_plugin.inc.php | 10 +++--- .../shelluser_base_plugin.inc.php | 20 ++++++----- .../shelluser_jailkit_plugin.inc.php | 28 ++++++++------- .../software_update_plugin.inc.php | 12 +++---- .../webmail_symlink_plugin.inc.php | 10 +++--- 13 files changed, 108 insertions(+), 99 deletions(-) diff --git a/install/dist/lib/debian60.lib.php b/install/dist/lib/debian60.lib.php index 3bacd5056f..5f79e274aa 100644 --- a/install/dist/lib/debian60.lib.php +++ b/install/dist/lib/debian60.lib.php @@ -38,11 +38,11 @@ class installer extends installer_base { //* Configure master.cf and add a line for deliver if(is_file($config_dir.'/master.cf')){ - copy($config_dir.'/master.cf', $config_dir.'/master.cf~2'); - } + copy($config_dir.'/master.cf', $config_dir.'/master.cf~2'); + } if(is_file($config_dir.'/master.cf~')){ - exec('chmod 400 '.$config_dir.'/master.cf~2'); - } + chmod($config_dir.'/master.cf~2', 0400); + } $content = rf($conf["postfix"]["config_dir"].'/master.cf'); // Only add the content if we had not addded it before if(!stristr($content,"dovecot/deliver")) { @@ -73,29 +73,30 @@ class installer extends installer_base { //* copy dovecot.conf $configfile = 'dovecot.conf'; - if(is_file("$config_dir/$configfile")){ - copy("$config_dir/$configfile", "$config_dir/$configfile~"); - } - copy('tpl/debian6_dovecot.conf.master',"$config_dir/$configfile"); + if(is_file($config_dir.'/'.$configfile)){ + copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~'); + } + copy('tpl/debian6_dovecot.conf.master',$config_dir.'/'.$configfile); //* dovecot-sql.conf $configfile = 'dovecot-sql.conf'; - if(is_file("$config_dir/$configfile")){ - copy("$config_dir/$configfile", "$config_dir/$configfile~"); - } - exec("chmod 400 $config_dir/$configfile~"); - $content = rf("tpl/debian6_dovecot-sql.conf.master"); + if(is_file($config_dir.'/'.$configfile)){ + copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~'); + } + chmod($config_dir.'/'.$configfile.'~', 0400); + $content = rf('tpl/debian6_dovecot-sql.conf.master'); $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content); $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content); $content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content); - wf("$config_dir/$configfile", $content); + wf($config_dir.'/'.$configfile, $content); - exec("chmod 600 $config_dir/$configfile"); - exec("chown root:root $config_dir/$configfile"); + chmod($config_dir.'/'.$configfile, 0600); + chown($config_dir.'/'.$configfile, 'root'); + chgrp($config_dir.'/'.$configfile, 'root'); } } -?> \ No newline at end of file +?> diff --git a/install/lib/update.lib.php b/install/lib/update.lib.php index fc4f57b4f0..69de044a16 100644 --- a/install/lib/update.lib.php +++ b/install/lib/update.lib.php @@ -58,8 +58,9 @@ function prepareDBDump() { // create a backup copy of the ispconfig database in the root folder $backup_db_name = '/root/ispconfig_db_backup_'.@date('Y-m-d_h-i').'.sql'; copy('existing_db.sql',$backup_db_name); - exec("chmod 700 $backup_db_name"); - exec("chown root:root $backup_db_name"); + chmod($backup_db_name, 0700); + chown($backup_db_name, 'root'); + chgrp($backup_db_name, 'root'); if ($conf['powerdns']['installed']) { //** export the current PowerDNS database data @@ -72,8 +73,9 @@ function prepareDBDump() { // create a backup copy of the PowerDNS database in the root folder $backup_db_name = '/root/ispconfig_powerdns_db_backup_'.@date('Y-m-d_h-i').'.sql'; copy('existing_powerdns_db.sql',$backup_db_name); - exec("chmod 700 $backup_db_name"); - exec("chown root:root $backup_db_name"); + chmod($backup_db_name, 0700); + chown($backup_db_name, 'root'); + chgrp($backup_db_name, 'root'); } } diff --git a/server/cron_daily.php b/server/cron_daily.php index a9e8796d5b..83ef10c562 100644 --- a/server/cron_daily.php +++ b/server/cron_daily.php @@ -132,7 +132,7 @@ foreach($records as $rec) { $webalizer_conf = escapeshellcmd($rec["document_root"].'/log/webalizer.conf'); if(!@is_file($webalizer_conf)) { - exec("cp $webalizer_conf_main $webalizer_conf"); + copy($webalizer_conf_main,$webalizer_conf); } if(@is_file($webalizer_conf)) { @@ -376,12 +376,12 @@ if ($app->dbmaster == $app->db) { ####################################################################################################### $server_config = $app->getconf->get_server_config($conf["server_id"], 'server'); -$backup_dir = trim($server_config['backup_dir']); +$backup_dir = $server_config['backup_dir']; if($backup_dir != '') { if(!is_dir($backup_dir)) { - exec("mkdir -p ".escapeshellarg($backup_dir)); + mkdir(escapeshellarg($backup_dir), 0750, true); } $sql = "SELECT * FROM web_domain WHERE type = 'vhost'"; @@ -397,24 +397,25 @@ if($backup_dir != '') { $web_group = $rec['system_group']; $web_id = $rec['domain_id']; $web_backup_dir = $backup_dir.'/web'.$web_id; - if(!is_dir($web_backup_dir)) mkdir($web_backup_dir); + if(!is_dir($web_backup_dir)) mkdir($web_backup_dir, 0750); - exec('chown root:root '.$web_backup_dir); - exec('chmod 755 '.$web_backup_dir); - exec("cd ".escapeshellarg($web_path)." && sudo -u ".escapeshellarg($web_user)." find . -group ".escapeshellarg($web_group)." -print | zip -y ".escapeshellarg($web_backup_dir."/web.zip")." -@"); + chmod($web_backup_dir, 0755); + chown($web_backup_dir, 'root'); + chgrp($web_backup_dir, 'root'); + exec('cd '.escapeshellarg($web_path).' && sudo -u '.escapeshellarg($web_user).' find . -group '.escapeshellarg($web_group).' -print | zip -y '.escapeshellarg($web_backup_dir.'/web.zip').' -@'); // Rename or remove old backups $backup_copies = intval($rec['backup_copies']); - if(is_file($web_backup_dir."/web.".$backup_copies.".zip")) unlink($web_backup_dir."/web.".$backup_copies.".zip"); + if(is_file($web_backup_dir.'/web.'.$backup_copies.'.zip')) unlink($web_backup_dir.'/web.'.$backup_copies.'.zip'); for($n = $backup_copies - 1; $n >= 1; $n--) { - if(is_file($web_backup_dir."/web.".$n.".zip")) { - rename($web_backup_dir."/web.".$n.".zip",$web_backup_dir."/web.".($n+1).".zip"); + if(is_file($web_backup_dir.'/web.'.$n.'.zip')) { + rename($web_backup_dir.'/web.'.$n.'.zip',$web_backup_dir.'/web.'.($n+1).'.zip'); } } - if(is_file($web_backup_dir."/web.zip")) rename($web_backup_dir."/web.zip",$web_backup_dir."/web.1.zip"); + if(is_file($web_backup_dir.'/web.zip')) rename($web_backup_dir.'/web.zip',$web_backup_dir.'/web.1.zip'); // Create backupdir symlink if(is_link($web_path.'/backup')) unlink($web_path.'/backup'); @@ -430,7 +431,7 @@ if($backup_dir != '') { $web_user = $rec['system_user']; $web_backup_dir = realpath($backup_dir.'/web'.$web_id); if(is_dir($web_backup_dir)) { - exec("sudo -u ".escapeshellarg($web_user)." rm -f ".escapeshellarg($web_backup_dir.'/*')); + exec('sudo -u '.escapeshellarg($web_user).' rm -f '.escapeshellarg($web_backup_dir.'/*')); } } } @@ -439,4 +440,4 @@ if($backup_dir != '') { die("finished.\n"); -?> \ No newline at end of file +?> diff --git a/server/plugins-available/bind_plugin.inc.php b/server/plugins-available/bind_plugin.inc.php index 2e4e334a78..65329204e3 100644 --- a/server/plugins-available/bind_plugin.inc.php +++ b/server/plugins-available/bind_plugin.inc.php @@ -109,7 +109,8 @@ class bind_plugin { $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.substr($zone['origin'],0,-1)); $app->log("Writing BIND domain file: ".$filename,LOGLEVEL_DEBUG); file_put_contents($filename,$tpl->grab()); - exec('chown '.escapeshellcmd($dns_config['bind_user']).':'.escapeshellcmd($dns_config['bind_group']).' '.$filename); + chown($filename, escapeshellcmd($dns_config['bind_user'])); + chgrp($filename, escapeshellcmd($dns_config['bind_group'])); unset($tpl); unset($records); unset($records_out); diff --git a/server/plugins-available/cron_jailkit_plugin.inc.php b/server/plugins-available/cron_jailkit_plugin.inc.php index 3960472160..9761fbc1ae 100644 --- a/server/plugins-available/cron_jailkit_plugin.inc.php +++ b/server/plugins-available/cron_jailkit_plugin.inc.php @@ -230,20 +230,20 @@ class cron_jailkit_plugin { $tpl->setVar('home_dir',$this->_get_home_dir("")); $bashrc = escapeshellcmd($this->parent_domain['document_root']).'/etc/bash.bashrc'; - if(@is_file($bashrc)) exec('rm '.$bashrc); + if(@is_file($bashrc)) unlink($bashrc); file_put_contents($bashrc,$tpl->grab()); unset($tpl); - $this->app->log("Added bashrc scrpt : ".$bashrc,LOGLEVEL_DEBUG); + $this->app->log('Added bashrc script: '.$bashrc,LOGLEVEL_DEBUG); $tpl = new tpl(); - $tpl->newTemplate("motd.master"); + $tpl->newTemplate('motd.master'); $tpl->setVar('domain',$this->parent_domain['domain']); $motd = escapeshellcmd($this->parent_domain['document_root']).'/var/run/motd'; - if(@is_file($motd)) exec('rm '.$motd); + if(@is_file($motd)) unlink($motd); file_put_contents($motd,$tpl->grab()); @@ -290,7 +290,7 @@ class cron_jailkit_plugin { $this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG); - exec("mkdir -p ".escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome)); + mkdir(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), 0755, true); } function _get_home_dir($username) @@ -308,8 +308,8 @@ class cron_jailkit_plugin { //* If the security level is set to high if($web_config['security_level'] == 20) { - $this->_exec("chmod 755 ".escapeshellcmd($this->parent_domain['document_root'])); - $this->_exec("chown root:root ".escapeshellcmd($this->parent_domain['document_root'])); + $this->_exec('chmod 755 '.escapeshellcmd($this->parent_domain['document_root'])); + $this->_exec('chown root:root '.escapeshellcmd($this->parent_domain['document_root'])); } } @@ -317,7 +317,7 @@ class cron_jailkit_plugin { //* Wrapper for exec function for easier debugging private function _exec($command) { global $app; - $app->log("exec: ".$command,LOGLEVEL_DEBUG); + $app->log('exec: '.$command,LOGLEVEL_DEBUG); exec($command); } diff --git a/server/plugins-available/cron_plugin.inc.php b/server/plugins-available/cron_plugin.inc.php index eae2232db9..068dc35e43 100644 --- a/server/plugins-available/cron_plugin.inc.php +++ b/server/plugins-available/cron_plugin.inc.php @@ -97,7 +97,7 @@ class cron_plugin { $app->log("Parent domain not found",LOGLEVEL_WARN); return 0; } elseif($parent_domain["system_user"] == 'root' or $parent_domain["system_group"] == 'root') { - $app->log("Websites (and Crons) can not be owned by the root user or group.",LOGLEVEL_WARN); + $app->log("Websites (and Crons) cannot be owned by the root user or group.",LOGLEVEL_WARN); return 0; } @@ -134,7 +134,7 @@ class cron_plugin { } // make temp directory writable for the apache and website users - exec("chmod 777 ".escapeshellcmd($parent_domain["document_root"]."/tmp")); + chmod(escapeshellcmd($parent_domain["document_root"].'/tmp'), 0777); /** TODO READ CRON MASTER **/ diff --git a/server/plugins-available/getmail_plugin.inc.php b/server/plugins-available/getmail_plugin.inc.php index a168aff670..7c6669a209 100644 --- a/server/plugins-available/getmail_plugin.inc.php +++ b/server/plugins-available/getmail_plugin.inc.php @@ -129,8 +129,8 @@ class getmail_plugin { // Write the config file. file_put_contents($config_file_path,$tpl); $app->log("Writing Getmail config file: $config_file_path",LOGLEVEL_DEBUG); - exec("chmod 400 $config_file_path"); - exec("chown getmail $config_file_path"); + chmod($config_file_path, 0400); + chown($config_file_path, 'getmail'); unset($tpl); unset($config_file_path); @@ -160,4 +160,4 @@ class getmail_plugin { } // end class -?> \ No newline at end of file +?> diff --git a/server/plugins-available/maildrop_plugin.inc.php b/server/plugins-available/maildrop_plugin.inc.php index 6296653b61..0c806ab242 100644 --- a/server/plugins-available/maildrop_plugin.inc.php +++ b/server/plugins-available/maildrop_plugin.inc.php @@ -82,8 +82,8 @@ class maildrop_plugin { if(!is_dir($this->mailfilter_config_dir)) { $app->log("Mailfilter config directory '".$this->mailfilter_config_dir."' does not exist. Creating it now.",LOGLEVEL_WARN); mkdir($this->mailfilter_config_dir); - exec("chown vmail ".$this->mailfilter_config_dir); - exec("chmod 770 ".$this->mailfilter_config_dir); + chown($this->mailfilter_config_dir, 'vmail'); + chmod($this->mailfilter_config_dir, 0770); } if(isset($data["new"]["email"])) { @@ -95,13 +95,13 @@ class maildrop_plugin { // make sure that the config directories exist if(!is_dir($this->mailfilter_config_dir.'/'.$email_parts[1])) { mkdir($this->mailfilter_config_dir.'/'.$email_parts[1]); - exec("chown vmail ".$this->mailfilter_config_dir.'/'.$email_parts[1]); - exec("chmod 770 ".$this->mailfilter_config_dir.'/'.$email_parts[1]); + chown($this->mailfilter_config_dir.'/'.$email_parts[1], 'vmail'); + chmod($this->mailfilter_config_dir.'/'.$email_parts[1], 0770); } if(!is_dir($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0])) { mkdir($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0]); - exec("chown vmail ".$this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0]); - exec("chmod 770 ".$this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0]); + chown($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0], 'vmail'); + chmod($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0], 0770); } // Check if something has been changed regarding the autoresponders @@ -151,16 +151,16 @@ class maildrop_plugin { $config_file_path = $this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0].'/.autoresponder'; file_put_contents($config_file_path,$tpl); $app->log("Writing Autoresponder mailfilter file: $config_file_path",LOGLEVEL_DEBUG); - exec("chmod 770 $config_file_path"); - exec("chown vmail $config_file_path"); + chmod($config_file_path, 0770); + chown($config_file_path, 'vmail'); unset($tpl); unset($config_file_path); // Write the autoresponder message file $config_file_path = $this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0].'/.vacation.msg'; file_put_contents($config_file_path,$data["new"]["autoresponder_text"]); - exec("chmod 770 $config_file_path"); - exec("chown vmail $config_file_path"); + chmod($config_file_path, 0770); + chown($config_file_path, 'vmail'); $app->log("Writing Autoresponder message file: $config_file_path",LOGLEVEL_DEBUG); } } @@ -198,8 +198,8 @@ class maildrop_plugin { file_put_contents($config_file_path,$mailfilter_content); $app->log("Writing new custom Mailfiter".$config_file_path,LOGLEVEL_DEBUG); - exec("chmod 770 $config_file_path"); - exec("chown vmail $config_file_path"); + chmod($config_file_path, 0770); + chown($config_file_path, 'vmail'); unset($config_file_path); } else { // Delete the mailfilter recipe @@ -244,4 +244,4 @@ class maildrop_plugin { } // end class -?> \ No newline at end of file +?> diff --git a/server/plugins-available/pma_symlink_plugin.inc.php b/server/plugins-available/pma_symlink_plugin.inc.php index 06ce78722a..e2cb3a3914 100644 --- a/server/plugins-available/pma_symlink_plugin.inc.php +++ b/server/plugins-available/pma_symlink_plugin.inc.php @@ -106,16 +106,16 @@ class pma_symlink_plugin { elseif($data["new"]["php"] == "fast-cgi" && $data["new"]["suexec"] == "y") $symlink = false; - if(!is_dir($data["new"]["document_root"]."/web")) exec("mkdir -p ".$data["new"]["document_root"]."/web"); + if(!is_dir($data["new"]["document_root"]."/web")) mkdir($data["new"]["document_root"].'/web', 0755, true); if($symlink == false) { - if(is_link($data["new"]["document_root"]."/web/phpmyadmin")) exec("rm -f ".$data["new"]["document_root"]."/web/phpmyadmin"); + if(is_link($data["new"]["document_root"].'/web/phpmyadmin')) unlink($data["new"]["document_root"].'/web/phpmyadmin'); } else { - if(!is_link($data["new"]["document_root"]."/web/phpmyadmin")) exec("ln -s /var/www/phpmyadmin ".$data["new"]["document_root"]."/web/phpmyadmin"); - else exec("ln -sf /var/www/phpmyadmin ".$data["new"]["document_root"]."/web/phpmyadmin"); + if(!is_link($data["new"]["document_root"].'/web/phpmyadmin')) symlink('/var/www/phpmyadmin',$data["new"]["document_root"].'/web/phpmyadmin'); + else symlink('/var/www/phpmyadmin',$data["new"]["document_root"].'/web/phpmyadmin'); } } } // end class -?> \ No newline at end of file +?> diff --git a/server/plugins-available/shelluser_base_plugin.inc.php b/server/plugins-available/shelluser_base_plugin.inc.php index d279678596..69348f58f0 100755 --- a/server/plugins-available/shelluser_base_plugin.inc.php +++ b/server/plugins-available/shelluser_base_plugin.inc.php @@ -90,9 +90,10 @@ class shelluser_base_plugin { $app->log("Added shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG); //* Create .bash_history file - exec('touch '.escapeshellcmd($data['new']['dir']).'/.bash_history'); - exec('chmod 755 '.escapeshellcmd($data['new']['dir']).'/.bash_history'); - exec('chown '.escapeshellcmd($data['new']['username']).':'.escapeshellcmd($data['new']['pgroup']).' '.escapeshellcmd($data['new']['dir']).'/.bash_history'); + touch(escapeshellcmd($data['new']['dir']).'/.bash_history'); + chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755); + chown(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['username'])); + chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['pgroup'])); //* Disable shell user temporarily if we use jailkit if($data['new']['chroot'] == 'jailkit') { @@ -105,7 +106,7 @@ class shelluser_base_plugin { $app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR); } } else { - $app->log("Skippung insert of user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN); + $app->log("Skipping insertion of user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN); } } @@ -137,9 +138,10 @@ class shelluser_base_plugin { //* Create .bash_history file if(!is_file($data['new']['dir']).'/.bash_history') { - exec('touch '.escapeshellcmd($data['new']['dir']).'/.bash_history'); - exec('chmod 755 '.escapeshellcmd($data['new']['dir']).'/.bash_history'); - exec('chown '.escapeshellcmd($data['new']['username']).':'.escapeshellcmd($data['new']['pgroup']).' '.escapeshellcmd($data['new']['dir']).'/.bash_history'); + touch(escapeshellcmd($data['new']['dir']).'/.bash_history'); + chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755); + chown(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['username'])); + chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['pgroup'])); } } else { @@ -150,7 +152,7 @@ class shelluser_base_plugin { $app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR); } } else { - $app->log("Skippung update for user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN); + $app->log("Skipping update for user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN); } } @@ -186,4 +188,4 @@ class shelluser_base_plugin { } // end class -?> \ No newline at end of file +?> diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php index c1b32abb76..b1ee45e2ff 100755 --- a/server/plugins-available/shelluser_jailkit_plugin.inc.php +++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php @@ -201,7 +201,7 @@ class shelluser_jailkit_plugin { $tpl->setVar('home_dir',$this->_get_home_dir("")); $bashrc = escapeshellcmd($this->data['new']['dir']).'/etc/bash.bashrc'; - if(@is_file($bashrc)) exec('rm '.$bashrc); + if(@is_file($bashrc)) unlink($bashrc); file_put_contents($bashrc,$tpl->grab()); unset($tpl); @@ -214,7 +214,7 @@ class shelluser_jailkit_plugin { $tpl->setVar('domain',$web['domain']); $motd = escapeshellcmd($this->data['new']['dir']).'/var/run/motd'; - if(@is_file($motd)) exec('rm '.$motd); + if(@is_file($motd)) unlink($motd); file_put_contents($motd,$tpl->grab()); @@ -234,7 +234,7 @@ class shelluser_jailkit_plugin { function _get_home_dir($username) { - return str_replace("[username]",escapeshellcmd($username),$this->jailkit_config["jailkit_chroot_home"]); + return str_replace("[username]",escapeshellcmd($username),$this->jailkit_config['jailkit_chroot_home']); } function _add_jailkit_user() @@ -243,8 +243,8 @@ class shelluser_jailkit_plugin { $jailkit_chroot_userhome = $this->_get_home_dir($this->data['new']['username']); $jailkit_chroot_puserhome = $this->_get_home_dir($this->data['new']['puser']); - if(!is_dir($this->data['new']['dir'].'/etc')) mkdir($this->data['new']['dir'].'/etc'); - if(!is_file($this->data['new']['dir'].'/etc/passwd')) exec('touch '.$this->data['new']['dir'].'/etc/passwd'); + if(!is_dir($this->data['new']['dir'].'/etc')) mkdir($this->data['new']['dir'].'/etc', 0755); + if(!is_file($this->data['new']['dir'].'/etc/passwd')) touch($this->data['new']['dir'].'/etc/passwd', 0755); // IMPORTANT! // ALWAYS create the user. Even if the user was created before @@ -261,13 +261,15 @@ class shelluser_jailkit_plugin { $this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG); - exec("mkdir -p ".escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome)); - exec("chown ".$this->data['new']['username'].":".$this->data['new']['pgroup']." ".escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome)); + mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), 0755, true); + chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['username']); + chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['pgroup']); $this->app->log("Added created jailkit user home in : ".$this->data['new']['dir'].$jailkit_chroot_userhome,LOGLEVEL_DEBUG); - exec("mkdir -p ".escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome)); - exec("chown ".$this->data['new']['puser'].":".$this->data['new']['pgroup']." ".escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome)); + mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), 0755, true); + chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['puser']); + chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['pgroup']); $this->app->log("Added created jailkit parent user home in : ".$this->data['new']['dir'].$jailkit_chroot_puserhome,LOGLEVEL_DEBUG); } @@ -285,8 +287,8 @@ class shelluser_jailkit_plugin { //* If the security level is set to high if($web_config['security_level'] == 20) { - $this->_exec("chmod 755 ".escapeshellcmd($web["document_root"])); - $this->_exec("chown root:root ".escapeshellcmd($web["document_root"])); + $this->_exec('chmod 755 '.escapeshellcmd($web["document_root"])); + $this->_exec('chown root:root '.escapeshellcmd($web["document_root"])); } } @@ -294,10 +296,10 @@ class shelluser_jailkit_plugin { //* Wrapper for exec function for easier debugging private function _exec($command) { global $app; - $app->log("exec: ".$command,LOGLEVEL_DEBUG); + $app->log('exec: '.$command,LOGLEVEL_DEBUG); exec($command); } } // end class -?> \ No newline at end of file +?> diff --git a/server/plugins-available/software_update_plugin.inc.php b/server/plugins-available/software_update_plugin.inc.php index be73c8b4fc..55feaee2e6 100644 --- a/server/plugins-available/software_update_plugin.inc.php +++ b/server/plugins-available/software_update_plugin.inc.php @@ -73,7 +73,7 @@ class software_update_plugin { global $app, $conf; //* Get the info of the package: - $software_update_id = intval($data["new"]["software_update_id"]); + $software_update_id = intval($data["new"]["software_update_id"]); $software_update = $app->db->queryOneRecord("SELECT * FROM software_update WHERE software_update_id = '$software_update_id'"); $software_package = $app->db->queryOneRecord("SELECT * FROM software_package WHERE package_name = '".$app->db->quote($software_update['package_name'])."'"); @@ -97,7 +97,7 @@ class software_update_plugin { $temp_dir = '/tmp/'.md5 (uniqid (rand())); $app->log("The temp dir is $temp_dir",LOGLEVEL_DEBUG); mkdir($temp_dir); - if($installuser != '') exec('chown '.$installuser.' '.$temp_dir); + if($installuser != '') chown($temp_dir, $installuser); if(!is_dir($temp_dir)) { $app->log("Unable to create temp directory.",LOGLEVEL_WARN); @@ -135,7 +135,7 @@ class software_update_plugin { $app->log("No package file found. Download failed? Installation aborted.",LOGLEVEL_WARN); exec("rm -rf $temp_dir"); $app->log("Deleting the temp directory $temp_dir",LOGLEVEL_DEBUG); - $this->set_install_status($data["new"]["software_update_inst_id"], "failed"); + $this->set_install_status($data["new"]["software_update_inst_id"], "failed"); return false; } @@ -148,10 +148,10 @@ class software_update_plugin { $app->log("The md5 sum of the downloaded file is incorrect. Update aborted.",LOGLEVEL_WARN); exec("rm -rf $temp_dir"); $app->log("Deleting the temp directory $temp_dir",LOGLEVEL_DEBUG); - $this->set_install_status($data["new"]["software_update_inst_id"], "failed"); + $this->set_install_status($data["new"]["software_update_inst_id"], "failed"); return false; } else { - $app->log("md5sum of the downloaded file is verified.",LOGLEVEL_DEBUG); + $app->log("MD5 checksum of the downloaded file verified.",LOGLEVEL_DEBUG); } @@ -274,4 +274,4 @@ class software_update_plugin { } // end class -?> \ No newline at end of file +?> diff --git a/server/plugins-available/webmail_symlink_plugin.inc.php b/server/plugins-available/webmail_symlink_plugin.inc.php index db5fd266e5..8530fc4e90 100644 --- a/server/plugins-available/webmail_symlink_plugin.inc.php +++ b/server/plugins-available/webmail_symlink_plugin.inc.php @@ -106,16 +106,16 @@ class webmail_symlink_plugin { elseif($data["new"]["php"] == "fast-cgi" && $data["new"]["suexec"] == "y") $symlink = false; - if(!is_dir($data["new"]["document_root"]."/web")) exec("mkdir -p ".$data["new"]["document_root"]."/web"); + if(!is_dir($data["new"]["document_root"]."/web")) mkdir($data["new"]["document_root"].'/web', 0755, true); if($symlink == false) { - if(is_link($data["new"]["document_root"]."/web/webmail")) exec("rm -f ".$data["new"]["document_root"]."/web/webmail"); + if(is_link($data["new"]["document_root"].'/web/webmail')) unlink($data["new"]["document_root"].'/web/webmail'); } else { - if(!is_link($data["new"]["document_root"]."/web/webmail")) exec("ln -s /var/www/webmail ".$data["new"]["document_root"]."/web/webmail"); - else exec("ln -sf /var/www/webmail ".$data["new"]["document_root"]."/web/webmail"); + if(!is_link($data["new"]["document_root"]."/web/webmail")) symlink('/var/www/webmail',$data["new"]["document_root"].'/web/webmail'); + else symlink('/var/www/webmail',$data["new"]["document_root"].'/web/webmail'); } } } // end class -?> \ No newline at end of file +?> -- GitLab