Commit bfcdef6b authored by tbrehm's avatar tbrehm

Merged revisions 3596-3670 from 3.0.5 stable branch.

parent bf49ff3a

Too many changes to show.

To preserve performance only 1000 of 1000+ files are displayed.
...@@ -875,8 +875,15 @@ class installer_dist extends installer_base { ...@@ -875,8 +875,15 @@ class installer_dist extends installer_base {
exec("chmod -R 770 $install_dir/server/aps_packages"); exec("chmod -R 770 $install_dir/server/aps_packages");
//* make sure that the server config file (not the interface one) is only readable by the root user //* make sure that the server config file (not the interface one) is only readable by the root user
exec("chmod 600 $install_dir/server/lib/$configfile"); chmod($install_dir.'/server/lib/config.inc.php', 0600);
exec("chown root:root $install_dir/server/lib/$configfile"); chown($install_dir.'/server/lib/config.inc.php', 'root');
chgrp($install_dir.'/server/lib/config.inc.php', 'root');
//* Make sure thet the interface config file is readable by user ispconfig only
chmod($install_dir.'/interface/lib/config.inc.php', 0600);
chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) { if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) {
exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf"); exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf"); exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");
......
...@@ -864,9 +864,14 @@ class installer extends installer_base ...@@ -864,9 +864,14 @@ class installer extends installer_base
exec("chmod -R 770 $install_dir/server/aps_packages"); exec("chmod -R 770 $install_dir/server/aps_packages");
//* make sure that the server config file (not the interface one) is only readable by the root user //* make sure that the server config file (not the interface one) is only readable by the root user
chmod($install_dir.'/server/lib/'.$configfile, 0600); chmod($install_dir.'/server/lib/config.inc.php', 0600);
chown($install_dir.'/server/lib/'.$configfile, 'root'); chown($install_dir.'/server/lib/config.inc.php', 'root');
chgrp($install_dir.'/server/lib/'.$configfile, 'root'); chgrp($install_dir.'/server/lib/config.inc.php', 'root');
//* Make sure thet the interface config file is readable by user ispconfig only
chmod($install_dir.'/interface/lib/config.inc.php', 0600);
chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
chmod($install_dir.'/server/lib/remote_action.inc.php', 0600); chmod($install_dir.'/server/lib/remote_action.inc.php', 0600);
chown($install_dir.'/server/lib/remote_action.inc.php', 'root'); chown($install_dir.'/server/lib/remote_action.inc.php', 'root');
......
...@@ -914,8 +914,15 @@ class installer_dist extends installer_base { ...@@ -914,8 +914,15 @@ class installer_dist extends installer_base {
exec("chmod -R 770 $install_dir/server/aps_packages"); exec("chmod -R 770 $install_dir/server/aps_packages");
//* make sure that the server config file (not the interface one) is only readable by the root user //* make sure that the server config file (not the interface one) is only readable by the root user
exec("chmod 600 $install_dir/server/lib/$configfile"); chmod($install_dir.'/server/lib/config.inc.php', 0600);
exec("chown root:root $install_dir/server/lib/$configfile"); chown($install_dir.'/server/lib/config.inc.php', 'root');
chgrp($install_dir.'/server/lib/config.inc.php', 'root');
//* Make sure thet the interface config file is readable by user ispconfig only
chmod($install_dir.'/interface/lib/config.inc.php', 0600);
chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) { if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) {
exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf"); exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf"); exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");
......
...@@ -757,10 +757,11 @@ function is_ispconfig_ssl_enabled() { ...@@ -757,10 +757,11 @@ function is_ispconfig_ssl_enabled() {
function find_hash_file($hash, $dir, $basedir = '') { function find_hash_file($hash, $dir, $basedir = '') {
$res = opendir($dir); $res = opendir($dir);
if(!$res) return false; if(!$res) return false;
if(substr($basedir, -1) === '/') $basedir = substr($basedir, 0, strlen($basedir) - 1);
if(substr($dir, -1) === '/') $dir = substr($dir, 0, strlen($dir) - 1); if(substr($dir, -1) === '/') $dir = substr($dir, 0, strlen($dir) - 1);
if($basedir === '') $basedir = $dir; if($basedir === '') $basedir = $dir;
while($cur = readdir($res)) { while($cur = readdir($res)) {
if($cur == '.' || $cur == '..') continue; if($cur == '.' || $cur == '..') continue;
$entry = $dir.'/'.$cur; $entry = $dir.'/'.$cur;
...@@ -768,7 +769,7 @@ function find_hash_file($hash, $dir, $basedir = '') { ...@@ -768,7 +769,7 @@ function find_hash_file($hash, $dir, $basedir = '') {
$result = find_hash_file($hash, $entry, $basedir); $result = find_hash_file($hash, $entry, $basedir);
if($result !== false) return $result; if($result !== false) return $result;
} elseif(md5_file($entry) === $hash) { } elseif(md5_file($entry) === $hash) {
$entry = substr($entry, strlen($basedir)); $entry = substr($entry, strlen($basedir) + 1);
if(substr($entry, 0, 7) === '/posix/') $entry = substr($entry, 7); if(substr($entry, 0, 7) === '/posix/') $entry = substr($entry, 7);
return $entry; return $entry;
} }
...@@ -782,23 +783,28 @@ function find_hash_file($hash, $dir, $basedir = '') { ...@@ -782,23 +783,28 @@ function find_hash_file($hash, $dir, $basedir = '') {
(c) 2012 Marius Cramer, pixcept KG, m.cramer@pixcept.de (c) 2012 Marius Cramer, pixcept KG, m.cramer@pixcept.de
*/ */
function get_system_timezone() { function get_system_timezone() {
if(is_link('/etc/localtime')) { $timezone = false;
$timezone = readlink('/etc/localtime'); if(file_exists('/etc/timezone') && is_readable('/etc/timezone')) {
$timezone = str_replace('/usr/share/zoneinfo/', '', $timezone); $timezone = trim(file_get_contents('/etc/timezone'));
if(substr($timezone, 0, 6) === 'posix/') $timezone = substr($timezone, 6); if(file_exists('/usr/share/zoneinfo/' . $timezone) == false) $timezone = false;
} else { }
$hash = md5_file('/etc/localtime');
$timezone = find_hash_file($hash, '/usr/share/zoneinfo'); if(!$timezone && is_link('/etc/localtime')) {
} $timezone = readlink('/etc/localtime');
$timezone = str_replace('/usr/share/zoneinfo/', '', $timezone);
if(substr($timezone, 0, 6) === 'posix/') $timezone = substr($timezone, 6);
} elseif(!$timezone) {
$hash = md5_file('/etc/localtime');
$timezone = find_hash_file($hash, '/usr/share/zoneinfo');
}
if(!$timezone) { if(!$timezone) {
exec('date +%Z', $tzinfo); exec('date +%Z', $tzinfo);
$timezone = $tzinfo[0]; $timezone = $tzinfo[0];
} }
return $timezone; return $timezone;
} }
?> ?>