From 96541d1fbda84e686f3b13e9efbfe764e98a61e3 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Thu, 6 Oct 2016 16:58:07 +0200
Subject: [PATCH] - Invalid XFS quota argument, fixes #4257 - Added missing
shell escaping
---
.../plugins-available/apache2_plugin.inc.php | 34 +++++++++---------
server/plugins-available/nginx_plugin.inc.php | 36 +++++++++----------
2 files changed, 35 insertions(+), 35 deletions(-)
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 157f994488..463bd44e86 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -879,30 +879,30 @@ class apache2_plugin {
$blocks_soft = $data['new']['hd_quota'] * 1024;
$blocks_hard = $blocks_soft + 1024;
$mb_soft = $data['new']['hd_quota'];
- $mb_hard = $mb_soft + 1;
+ $mb_hard = $mb_soft + 1;
} else {
$mb_soft = $mb_hard = $blocks_soft = $blocks_hard = 0;
}
-
- // get the primitive folder for document_root and the filesystem, will need it later.
- $df_output=explode(" ", exec("df -T " . escapeshellarg($data['new']['document_root']) . "|awk 'END{print \$2,\$NF}'"));
- $file_system = $df_output[0];
- $primitive_root = $df_output[1];
- if($file_system == 'xfs') {
- exec("xfs_quota -x -c 'limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " $username' $primitive_root");
+ // get the primitive folder for document_root and the filesystem, will need it later.
+ $df_output=explode(" ", exec("df -T " . escapeshellarg($data['new']['document_root']) . "|awk 'END{print \$2,\$NF}'"));
+ $file_system = $df_output[0];
+ $primitive_root = $df_output[1];
- // xfs only supports timers globally, not per user.
- exec("xfs_quota -x -c 'timer -bir -i 604800' $primitive_root");
+ if($file_system == 'xfs') {
+ exec("xfs_quota -x -c " . escapeshellarg("limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " " . $data['new']['system_group']) . " " . escapeshellarg($primitive_root));
- unset($project_uid, $username_position, $xfs_projects);
- unset($primitive_root, $df_output, $mb_hard, $mb_soft);
- } else {
- if($app->system->is_installed('setquota')) {
- exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null');
- exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null');
+ // xfs only supports timers globally, not per user.
+ exec("xfs_quota -x -c 'timer -bir -i 604800' " . escapeshellarg($primitive_root));
+
+ unset($project_uid, $username_position, $xfs_projects);
+ unset($primitive_root, $df_output, $mb_hard, $mb_soft);
+ } else {
+ if($app->system->is_installed('setquota')) {
+ exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null');
+ exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null');
+ }
}
- }
}
if($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) {
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 27d710d395..d597000f99 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -733,34 +733,34 @@ class nginx_plugin {
} // end copy error docs
// Set the quota for the user, but only for vhosts, not vhostsubdomains or vhostalias
- if($username != '' && $app->system->is_user($username) && $data['new']['type'] == 'vhost') {
+ if($username != '' && $app->system->is_user($username) && $data['new']['type'] == 'vhost') {
if($data['new']['hd_quota'] > 0) {
$blocks_soft = $data['new']['hd_quota'] * 1024;
$blocks_hard = $blocks_soft + 1024;
- $mb_hard = $mb_soft + 1;
+ $mb_hard = $mb_soft + 1;
} else {
$mb_soft = $mb_hard = $blocks_soft = $blocks_hard = 0;
}
-
- // get the primitive folder for document_root and the filesystem, will need it later.
- $df_output=explode(" ", exec("df -T $document_root|awk 'END{print \$2,\$NF}'"));
- $file_system = $df_output[0];
- $primitive_root = $df_output[1];
- if($file_system == 'xfs') {
- exec("xfs_quota -x -c 'limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " $username' $primitive_root");
+ // get the primitive folder for document_root and the filesystem, will need it later.
+ $df_output=explode(" ", exec("df -T " . escapeshellarg($data['new']['document_root']) . "|awk 'END{print \$2,\$NF}'"));
+ $file_system = $df_output[0];
+ $primitive_root = $df_output[1];
- // xfs only supports timers globally, not per user.
- exec("xfs_quota -x -c 'timer -bir -i 604800' $primitive_root");
+ if($file_system == 'xfs') {
+ exec("xfs_quota -x -c " . escapeshellarg("limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " " . $data['new']['system_group']) . " " . escapeshellarg($primitive_root));
- unset($project_uid, $username_position, $xfs_projects);
- unset($primitive_root, $df_output, $mb_hard, $mb_soft);
- } else {
- if($app->system->is_installed('setquota')) {
- exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null');
- exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null');
+ // xfs only supports timers globally, not per user.
+ exec("xfs_quota -x -c 'timer -bir -i 604800' " . escapeshellarg($primitive_root));
+
+ unset($project_uid, $username_position, $xfs_projects);
+ unset($primitive_root, $df_output, $mb_hard, $mb_soft);
+ } else {
+ if($app->system->is_installed('setquota')) {
+ exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null');
+ exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null');
+ }
}
- }
}
if($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) {
--
GitLab