Commit f5ea1b4f authored by tbrehm's avatar tbrehm

Implemented: FS#1418 - Change optionally the owner of the backup dir to the website user

- Added Limit fields for openvz in the database
- Limited several vm functions to be used by admin only.
parent 9c9382e6
ALTER TABLE `cron` CHANGE `command` `command` TEXT NOT NULL;
ALTER TABLE `client` ADD `limit_openvz_vm` int(11) NOT NULL DEFAULT '0' AFTER `limit_mailmailinglist` ,
ADD `limit_openvz_vm_template_id` int(11) NOT NULL DEFAULT '0' AFTER `limit_openvz_vm`;
\ No newline at end of file
......@@ -130,6 +130,8 @@ CREATE TABLE `client` (
`limit_traffic_quota` int(11) NOT NULL DEFAULT '-1',
`limit_client` int(11) NOT NULL DEFAULT '0',
`limit_mailmailinglist` int(11) NOT NULL DEFAULT '-1',
`limit_openvz_vm` int(11) NOT NULL DEFAULT '0',
`limit_openvz_vm_template` int(11) NOT NULL DEFAULT '0',
`parent_client_id` int(11) unsigned NOT NULL DEFAULT '0',
`username` varchar(64) DEFAULT NULL,
`password` varchar(64) DEFAULT NULL,
......@@ -222,7 +224,7 @@ CREATE TABLE `cron` (
`server_id` int(11) unsigned NOT NULL default '0',
`parent_domain_id` int(11) unsigned NOT NULL default '0',
`type` enum('url','chrooted','full') NOT NULL default 'url',
`command` varchar(255) NOT NULL,
`command` TEXT NOT NULL,
`run_min` varchar(100) NULL,
`run_hour` varchar(100) NULL,
`run_mday` varchar(100) NULL,
......
......@@ -164,6 +164,7 @@ $form["tabs"]['main'] = array (
)
);
if($_SESSION["s"]["user"]["typ"] == 'admin') {
$form["tabs"]['advanced'] = array (
'title' => "Advanced",
'width' => 100,
......@@ -292,6 +293,7 @@ $form["tabs"]['advanced'] = array (
##################################
)
);
}
?>
\ No newline at end of file
......@@ -14,6 +14,7 @@ $items[] = array( 'title' => 'Virtual Servers',
'link' => 'vm/openvz_vm_list.php',
'html_id' => 'openvz_vm_list');
if($_SESSION["s"]["user"]["typ"] == 'admin') {
$items[] = array( 'title' => 'OS Templates',
'target' => 'content',
'link' => 'vm/openvz_ostemplate_list.php',
......@@ -28,7 +29,7 @@ $items[] = array( 'title' => 'IP addresses',
'target' => 'content',
'link' => 'vm/openvz_ip_list.php',
'html_id' => 'openvz_ip_list');
}
if(count($items))
{
$module['nav'][] = array( 'title' => 'OpenVZ',
......
......@@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('vm');
if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
$app->uses('tpl,tform');
$app->load('tform_actions');
......
......@@ -43,6 +43,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('vm');
if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
// Loading classes
$app->uses('tpl,tform');
......
......@@ -43,6 +43,7 @@ $list_def_file = "list/openvz_ip.list.php";
//* Check permissions for module
$app->auth->check_module_permissions('vm');
if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
$app->uses('listform_actions');
......
......@@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('vm');
if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
$app->uses('tpl,tform');
$app->load('tform_actions');
......
......@@ -43,6 +43,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('vm');
if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
// Loading classes
$app->uses('tpl,tform');
......
......@@ -43,6 +43,7 @@ $list_def_file = "list/openvz_ostemplate.list.php";
//* Check permissions for module
$app->auth->check_module_permissions('vm');
if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
$app->uses('listform_actions');
......
......@@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('vm');
if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
$app->uses('tpl,tform');
$app->load('tform_actions');
......
......@@ -43,6 +43,7 @@ require_once('../../lib/app.inc.php');
//* Check permissions for module
$app->auth->check_module_permissions('vm');
if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
// Loading classes
$app->uses('tpl,tform');
......
......@@ -43,6 +43,7 @@ $list_def_file = "list/openvz_template.list.php";
//* Check permissions for module
$app->auth->check_module_permissions('vm');
if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
$app->uses('listform_actions');
......
......@@ -501,12 +501,19 @@ if($backup_dir != '') {
$web_group = $rec['system_group'];
$web_id = $rec['domain_id'];
$web_backup_dir = $backup_dir.'/web'.$web_id;
if(!is_dir($web_backup_dir)) mkdir($web_backup_dir, 0755);
chmod($web_backup_dir, 0755);
chown($web_backup_dir, 'root');
chgrp($web_backup_dir, 'root');
if(!is_dir($web_backup_dir)) mkdir($web_backup_dir, 0750);
chmod($web_backup_dir, 0750);
if(isset($server_config['backup_dir_ftpread']) && $server_config['backup_dir_ftpread'] == 'y') {
chown($web_backup_dir, $rec['system_user']);
chgrp($web_backup_dir, $rec['system_group']);
} else {
chown($web_backup_dir, 'root');
chgrp($web_backup_dir, 'root');
}
exec('cd '.escapeshellarg($web_path).' && sudo -u '.escapeshellarg($web_user).' find . -group '.escapeshellarg($web_group).' -print | zip -y '.escapeshellarg($web_backup_dir.'/web.zip').' -@');
chown($web_backup_dir.'/web.zip', $rec['system_user']);
chgrp($web_backup_dir.'/web.zip', $rec['system_group']);
chmod($web_backup_dir.'/web.zip', 0750);
// Rename or remove old backups
$backup_copies = intval($rec['backup_copies']);
......@@ -527,7 +534,9 @@ if($backup_dir != '') {
// Create backupdir symlink
if(is_link($web_path.'/backup')) unlink($web_path.'/backup');
symlink($web_backup_dir,$web_path.'/backup');
chmod($web_path.'/backup', 0755);
// chmod($web_path.'/backup', 0755);
chown($web_path.'/backup', $rec['system_user']);
chgrp($web_path.'/backup', $rec['system_group']);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment