From 566306a608384e760e212b10d5234aaabcd21105 Mon Sep 17 00:00:00 2001
From: vogelor <vogelor@ispconfig3>
Date: Tue, 20 Jan 2009 15:55:11 -0500
Subject: [PATCH] cgi now works with suexec (added cgi-wrapper)

---
 server/conf/php-cgi-starter.master              |    7 +++
 server/conf/vhost.conf.master                   |    4 +-
 server/plugins-available/apache2_plugin.inc.php |   60 ++++++++++++++++++++++++++++++
 3 files changed, 69 insertions(+), 2 deletions(-)

diff --git a/server/conf/php-cgi-starter.master b/server/conf/php-cgi-starter.master
new file mode 100644
index 0000000..94b3664
--- /dev/null
+++ b/server/conf/php-cgi-starter.master
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+exec <tmpl_var name='php_cgi_bin'> \
+-d open_basedir=<tmpl_var name='open_basedir'> \
+-d upload_tmp_dir=<tmpl_var name='open_basedir'>/tmp \
+-d session.save_path=<tmpl_var name='open_basedir'>/tmp
+# -d safe_mode=${SAFE_MODE}
\ No newline at end of file
diff --git a/server/conf/vhost.conf.master b/server/conf/vhost.conf.master
index bd9e7e6..fddc610 100644
--- a/server/conf/vhost.conf.master
+++ b/server/conf/vhost.conf.master
@@ -67,7 +67,7 @@
 </tmpl_if>
 <tmpl_if name='php' op='==' value='cgi'>
     # php as cgi enabled
-    ScriptAlias /php5-cgi /usr/bin/php5-cgi
+    ScriptAlias /php5-cgi <tmpl_var name='cgi_starter_path'><tmpl_var name='cgi_starter_script'>
     Action php5-cgi /php5-cgi
     AddHandler php5-cgi .php .php3 .php4 .php5
 </tmpl_if>
@@ -166,7 +166,7 @@
 </tmpl_if>
 <tmpl_if name='php' op='==' value='cgi'>
     # php as cgi enabled
-    ScriptAlias /php5-cgi /usr/bin/php5-cgi
+    ScriptAlias /php5-cgi <tmpl_var name='cgi_starter_path'><tmpl_var name='cgi_starter_script'>
     Action php5-cgi /php5-cgi
     AddHandler php5-cgi .php .php3 .php4 .php5
 </tmpl_if>
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index ed2b212..0ac0aab 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -540,6 +540,53 @@
 			
 		}
 		
+		/**
+		 * install cgi starter script and add script alias to config.
+		 * This is needed to allow cgi with suexec (to do so, we need a bin in the document-path!)
+		 * first we create the script directory if not already created, then copy over the starter script.
+		 * TODO: we have to fetch the data from the server-settings.
+		 */
+
+		if ($data["new"]["php"] == "cgi")
+		{
+			//$cgi_config = $app->getconf->get_server_config($conf["server_id"], 'cgi');
+
+			$cgi_config["cgi_starter_path"] = "/var/www/php-cgi-scripts/[system_user]/";
+			$cgi_config["cgi_starter_script"] = "php-cgi-starter";
+			$cgi_config["cgi_bin"] = "/usr/bin/php-cgi";
+
+			$cgi_starter_path = str_replace("[system_user]",$data["new"]["system_user"],$cgi_config["cgi_starter_path"]);
+			$cgi_starter_path = str_replace("[client_id]",$client_id,$cgi_starter_path);
+
+			if (!is_dir($cgi_starter_path))
+			{
+				exec("mkdir -p ".escapeshellcmd($cgi_starter_path));
+				exec("chown ".$data["new"]["system_user"].":".$data["new"]["system_group"]." ".escapeshellcmd($cgi_starter_path));
+
+				$app->log("Creating cgi starter script directory: $cgi_starter_path",LOGLEVEL_DEBUG);
+			}
+
+			$cgi_tpl = new tpl();
+			$cgi_tpl->newTemplate("php-cgi-starter.master");
+
+			$cgi_tpl->setVar('open_basedir',$data["new"]["document_root"]);
+			$cgi_tpl->setVar('php_cgi_bin',$cgi_config["cgi_bin"]);
+
+			$cgi_starter_script = escapeshellcmd($cgi_starter_path.$cgi_config["cgi_starter_script"]);
+			file_put_contents($cgi_starter_script,$cgi_tpl->grab());
+			unset($cgi_tpl);
+
+			$app->log("Creating cgi starter script: $cgi_starter_script",LOGLEVEL_DEBUG);
+
+
+			exec("chmod 755 $cgi_starter_script");
+			exec("chown ".$data["new"]["system_user"].":".$data["new"]["system_group"]." $cgi_starter_script");
+
+			$tpl->setVar('cgi_starter_path',$cgi_starter_path);
+			$tpl->setVar('cgi_starter_script',$cgi_config["cgi_starter_script"]);
+
+		}
+
 		$vhost_file = escapeshellcmd($web_config["vhost_conf_dir"].'/'.$data["new"]["domain"].'.vhost');
 		file_put_contents($vhost_file,$tpl->grab());
 		$app->log("Writing the vhost file: $vhost_file",LOGLEVEL_DEBUG);
@@ -603,6 +650,19 @@
 			}
 		}
 		
+		//remove the php cgi starter script if available
+		if ($data["old"]["php"] == "cgi")
+		{
+			// TODO: fetch the date from the server-settings
+			$web_config["cgi_starter_path"] = "/var/www/php-cgi-scripts/[system_user]/";
+
+			$cgi_starter_path = str_replace("[system_user]",$data["old"]["system_user"],$web_config["cgi_starter_path"]);
+			if (is_dir($cgi_starter_path))
+			{
+					exec("rm -rf $cgi_starter_path");
+			}
+		}
+
 		$app->log("Removing website: $docroot",LOGLEVEL_DEBUG);
 		
 		// Delete the symlinks for the sites

--
Gitblit v1.9.1