From 8e725d2c1057608431d3d1639c948206d5e24869 Mon Sep 17 00:00:00 2001
From: jwarnier <jwarnier@ispconfig3>
Date: Sun, 05 Sep 2010 08:54:24 -0400
Subject: [PATCH] fix some strings quoting and remove some execs
---
server/plugins-available/webmail_symlink_plugin.inc.php | 10 +-
server/plugins-available/shelluser_jailkit_plugin.inc.php | 28 +++---
install/lib/update.lib.php | 10 +-
server/plugins-available/pma_symlink_plugin.inc.php | 10 +-
server/plugins-available/cron_jailkit_plugin.inc.php | 16 ++--
server/plugins-available/cron_plugin.inc.php | 4
server/plugins-available/software_update_plugin.inc.php | 12 +-
server/plugins-available/shelluser_base_plugin.inc.php | 20 ++--
server/plugins-available/maildrop_plugin.inc.php | 26 +++---
server/plugins-available/getmail_plugin.inc.php | 6
install/dist/lib/debian60.lib.php | 35 ++++----
server/cron_daily.php | 27 +++---
server/plugins-available/bind_plugin.inc.php | 3
13 files changed, 108 insertions(+), 99 deletions(-)
diff --git a/install/dist/lib/debian60.lib.php b/install/dist/lib/debian60.lib.php
index 3bacd50..5f79e27 100644
--- a/install/dist/lib/debian60.lib.php
+++ b/install/dist/lib/debian60.lib.php
@@ -38,11 +38,11 @@
//* Configure master.cf and add a line for deliver
if(is_file($config_dir.'/master.cf')){
- copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
- }
+ copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
+ }
if(is_file($config_dir.'/master.cf~')){
- exec('chmod 400 '.$config_dir.'/master.cf~2');
- }
+ chmod($config_dir.'/master.cf~2', 0400);
+ }
$content = rf($conf["postfix"]["config_dir"].'/master.cf');
// Only add the content if we had not addded it before
if(!stristr($content,"dovecot/deliver")) {
@@ -73,29 +73,30 @@
//* copy dovecot.conf
$configfile = 'dovecot.conf';
- if(is_file("$config_dir/$configfile")){
- copy("$config_dir/$configfile", "$config_dir/$configfile~");
- }
- copy('tpl/debian6_dovecot.conf.master',"$config_dir/$configfile");
+ if(is_file($config_dir.'/'.$configfile)){
+ copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
+ }
+ copy('tpl/debian6_dovecot.conf.master',$config_dir.'/'.$configfile);
//* dovecot-sql.conf
$configfile = 'dovecot-sql.conf';
- if(is_file("$config_dir/$configfile")){
- copy("$config_dir/$configfile", "$config_dir/$configfile~");
- }
- exec("chmod 400 $config_dir/$configfile~");
- $content = rf("tpl/debian6_dovecot-sql.conf.master");
+ if(is_file($config_dir.'/'.$configfile)){
+ copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
+ }
+ chmod($config_dir.'/'.$configfile.'~', 0400);
+ $content = rf('tpl/debian6_dovecot-sql.conf.master');
$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
$content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content);
- wf("$config_dir/$configfile", $content);
+ wf($config_dir.'/'.$configfile, $content);
- exec("chmod 600 $config_dir/$configfile");
- exec("chown root:root $config_dir/$configfile");
+ chmod($config_dir.'/'.$configfile, 0600);
+ chown($config_dir.'/'.$configfile, 'root');
+ chgrp($config_dir.'/'.$configfile, 'root');
}
}
-?>
\ No newline at end of file
+?>
diff --git a/install/lib/update.lib.php b/install/lib/update.lib.php
index fc4f57b..69de044 100644
--- a/install/lib/update.lib.php
+++ b/install/lib/update.lib.php
@@ -58,8 +58,9 @@
// create a backup copy of the ispconfig database in the root folder
$backup_db_name = '/root/ispconfig_db_backup_'.@date('Y-m-d_h-i').'.sql';
copy('existing_db.sql',$backup_db_name);
- exec("chmod 700 $backup_db_name");
- exec("chown root:root $backup_db_name");
+ chmod($backup_db_name, 0700);
+ chown($backup_db_name, 'root');
+ chgrp($backup_db_name, 'root');
if ($conf['powerdns']['installed']) {
//** export the current PowerDNS database data
@@ -72,8 +73,9 @@
// create a backup copy of the PowerDNS database in the root folder
$backup_db_name = '/root/ispconfig_powerdns_db_backup_'.@date('Y-m-d_h-i').'.sql';
copy('existing_powerdns_db.sql',$backup_db_name);
- exec("chmod 700 $backup_db_name");
- exec("chown root:root $backup_db_name");
+ chmod($backup_db_name, 0700);
+ chown($backup_db_name, 'root');
+ chgrp($backup_db_name, 'root');
}
}
diff --git a/server/cron_daily.php b/server/cron_daily.php
index a9e8796..83ef10c 100644
--- a/server/cron_daily.php
+++ b/server/cron_daily.php
@@ -132,7 +132,7 @@
$webalizer_conf = escapeshellcmd($rec["document_root"].'/log/webalizer.conf');
if(!@is_file($webalizer_conf)) {
- exec("cp $webalizer_conf_main $webalizer_conf");
+ copy($webalizer_conf_main,$webalizer_conf);
}
if(@is_file($webalizer_conf)) {
@@ -376,12 +376,12 @@
#######################################################################################################
$server_config = $app->getconf->get_server_config($conf["server_id"], 'server');
-$backup_dir = trim($server_config['backup_dir']);
+$backup_dir = $server_config['backup_dir'];
if($backup_dir != '') {
if(!is_dir($backup_dir)) {
- exec("mkdir -p ".escapeshellarg($backup_dir));
+ mkdir(escapeshellarg($backup_dir), 0750, true);
}
$sql = "SELECT * FROM web_domain WHERE type = 'vhost'";
@@ -397,24 +397,25 @@
$web_group = $rec['system_group'];
$web_id = $rec['domain_id'];
$web_backup_dir = $backup_dir.'/web'.$web_id;
- if(!is_dir($web_backup_dir)) mkdir($web_backup_dir);
+ if(!is_dir($web_backup_dir)) mkdir($web_backup_dir, 0750);
- exec('chown root:root '.$web_backup_dir);
- exec('chmod 755 '.$web_backup_dir);
- exec("cd ".escapeshellarg($web_path)." && sudo -u ".escapeshellarg($web_user)." find . -group ".escapeshellarg($web_group)." -print | zip -y ".escapeshellarg($web_backup_dir."/web.zip")." -@");
+ chmod($web_backup_dir, 0755);
+ chown($web_backup_dir, 'root');
+ chgrp($web_backup_dir, 'root');
+ exec('cd '.escapeshellarg($web_path).' && sudo -u '.escapeshellarg($web_user).' find . -group '.escapeshellarg($web_group).' -print | zip -y '.escapeshellarg($web_backup_dir.'/web.zip').' -@');
// Rename or remove old backups
$backup_copies = intval($rec['backup_copies']);
- if(is_file($web_backup_dir."/web.".$backup_copies.".zip")) unlink($web_backup_dir."/web.".$backup_copies.".zip");
+ if(is_file($web_backup_dir.'/web.'.$backup_copies.'.zip')) unlink($web_backup_dir.'/web.'.$backup_copies.'.zip');
for($n = $backup_copies - 1; $n >= 1; $n--) {
- if(is_file($web_backup_dir."/web.".$n.".zip")) {
- rename($web_backup_dir."/web.".$n.".zip",$web_backup_dir."/web.".($n+1).".zip");
+ if(is_file($web_backup_dir.'/web.'.$n.'.zip')) {
+ rename($web_backup_dir.'/web.'.$n.'.zip',$web_backup_dir.'/web.'.($n+1).'.zip');
}
}
- if(is_file($web_backup_dir."/web.zip")) rename($web_backup_dir."/web.zip",$web_backup_dir."/web.1.zip");
+ if(is_file($web_backup_dir.'/web.zip')) rename($web_backup_dir.'/web.zip',$web_backup_dir.'/web.1.zip');
// Create backupdir symlink
if(is_link($web_path.'/backup')) unlink($web_path.'/backup');
@@ -430,7 +431,7 @@
$web_user = $rec['system_user'];
$web_backup_dir = realpath($backup_dir.'/web'.$web_id);
if(is_dir($web_backup_dir)) {
- exec("sudo -u ".escapeshellarg($web_user)." rm -f ".escapeshellarg($web_backup_dir.'/*'));
+ exec('sudo -u '.escapeshellarg($web_user).' rm -f '.escapeshellarg($web_backup_dir.'/*'));
}
}
}
@@ -439,4 +440,4 @@
die("finished.\n");
-?>
\ No newline at end of file
+?>
diff --git a/server/plugins-available/bind_plugin.inc.php b/server/plugins-available/bind_plugin.inc.php
index 2e4e334..6532920 100644
--- a/server/plugins-available/bind_plugin.inc.php
+++ b/server/plugins-available/bind_plugin.inc.php
@@ -109,7 +109,8 @@
$filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.substr($zone['origin'],0,-1));
$app->log("Writing BIND domain file: ".$filename,LOGLEVEL_DEBUG);
file_put_contents($filename,$tpl->grab());
- exec('chown '.escapeshellcmd($dns_config['bind_user']).':'.escapeshellcmd($dns_config['bind_group']).' '.$filename);
+ chown($filename, escapeshellcmd($dns_config['bind_user']));
+ chgrp($filename, escapeshellcmd($dns_config['bind_group']));
unset($tpl);
unset($records);
unset($records_out);
diff --git a/server/plugins-available/cron_jailkit_plugin.inc.php b/server/plugins-available/cron_jailkit_plugin.inc.php
index 3960472..9761fbc 100644
--- a/server/plugins-available/cron_jailkit_plugin.inc.php
+++ b/server/plugins-available/cron_jailkit_plugin.inc.php
@@ -230,20 +230,20 @@
$tpl->setVar('home_dir',$this->_get_home_dir(""));
$bashrc = escapeshellcmd($this->parent_domain['document_root']).'/etc/bash.bashrc';
- if(@is_file($bashrc)) exec('rm '.$bashrc);
+ if(@is_file($bashrc)) unlink($bashrc);
file_put_contents($bashrc,$tpl->grab());
unset($tpl);
- $this->app->log("Added bashrc scrpt : ".$bashrc,LOGLEVEL_DEBUG);
+ $this->app->log('Added bashrc script: '.$bashrc,LOGLEVEL_DEBUG);
$tpl = new tpl();
- $tpl->newTemplate("motd.master");
+ $tpl->newTemplate('motd.master');
$tpl->setVar('domain',$this->parent_domain['domain']);
$motd = escapeshellcmd($this->parent_domain['document_root']).'/var/run/motd';
- if(@is_file($motd)) exec('rm '.$motd);
+ if(@is_file($motd)) unlink($motd);
file_put_contents($motd,$tpl->grab());
@@ -290,7 +290,7 @@
$this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG);
- exec("mkdir -p ".escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome));
+ mkdir(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), 0755, true);
}
function _get_home_dir($username)
@@ -308,8 +308,8 @@
//* If the security level is set to high
if($web_config['security_level'] == 20) {
- $this->_exec("chmod 755 ".escapeshellcmd($this->parent_domain['document_root']));
- $this->_exec("chown root:root ".escapeshellcmd($this->parent_domain['document_root']));
+ $this->_exec('chmod 755 '.escapeshellcmd($this->parent_domain['document_root']));
+ $this->_exec('chown root:root '.escapeshellcmd($this->parent_domain['document_root']));
}
}
@@ -317,7 +317,7 @@
//* Wrapper for exec function for easier debugging
private function _exec($command) {
global $app;
- $app->log("exec: ".$command,LOGLEVEL_DEBUG);
+ $app->log('exec: '.$command,LOGLEVEL_DEBUG);
exec($command);
}
diff --git a/server/plugins-available/cron_plugin.inc.php b/server/plugins-available/cron_plugin.inc.php
index eae2232..068dc35 100644
--- a/server/plugins-available/cron_plugin.inc.php
+++ b/server/plugins-available/cron_plugin.inc.php
@@ -97,7 +97,7 @@
$app->log("Parent domain not found",LOGLEVEL_WARN);
return 0;
} elseif($parent_domain["system_user"] == 'root' or $parent_domain["system_group"] == 'root') {
- $app->log("Websites (and Crons) can not be owned by the root user or group.",LOGLEVEL_WARN);
+ $app->log("Websites (and Crons) cannot be owned by the root user or group.",LOGLEVEL_WARN);
return 0;
}
@@ -134,7 +134,7 @@
}
// make temp directory writable for the apache and website users
- exec("chmod 777 ".escapeshellcmd($parent_domain["document_root"]."/tmp"));
+ chmod(escapeshellcmd($parent_domain["document_root"].'/tmp'), 0777);
/** TODO READ CRON MASTER **/
diff --git a/server/plugins-available/getmail_plugin.inc.php b/server/plugins-available/getmail_plugin.inc.php
index a168aff..7c6669a 100644
--- a/server/plugins-available/getmail_plugin.inc.php
+++ b/server/plugins-available/getmail_plugin.inc.php
@@ -129,8 +129,8 @@
// Write the config file.
file_put_contents($config_file_path,$tpl);
$app->log("Writing Getmail config file: $config_file_path",LOGLEVEL_DEBUG);
- exec("chmod 400 $config_file_path");
- exec("chown getmail $config_file_path");
+ chmod($config_file_path, 0400);
+ chown($config_file_path, 'getmail');
unset($tpl);
unset($config_file_path);
@@ -160,4 +160,4 @@
} // end class
-?>
\ No newline at end of file
+?>
diff --git a/server/plugins-available/maildrop_plugin.inc.php b/server/plugins-available/maildrop_plugin.inc.php
index 6296653..0c806ab 100644
--- a/server/plugins-available/maildrop_plugin.inc.php
+++ b/server/plugins-available/maildrop_plugin.inc.php
@@ -82,8 +82,8 @@
if(!is_dir($this->mailfilter_config_dir)) {
$app->log("Mailfilter config directory '".$this->mailfilter_config_dir."' does not exist. Creating it now.",LOGLEVEL_WARN);
mkdir($this->mailfilter_config_dir);
- exec("chown vmail ".$this->mailfilter_config_dir);
- exec("chmod 770 ".$this->mailfilter_config_dir);
+ chown($this->mailfilter_config_dir, 'vmail');
+ chmod($this->mailfilter_config_dir, 0770);
}
if(isset($data["new"]["email"])) {
@@ -95,13 +95,13 @@
// make sure that the config directories exist
if(!is_dir($this->mailfilter_config_dir.'/'.$email_parts[1])) {
mkdir($this->mailfilter_config_dir.'/'.$email_parts[1]);
- exec("chown vmail ".$this->mailfilter_config_dir.'/'.$email_parts[1]);
- exec("chmod 770 ".$this->mailfilter_config_dir.'/'.$email_parts[1]);
+ chown($this->mailfilter_config_dir.'/'.$email_parts[1], 'vmail');
+ chmod($this->mailfilter_config_dir.'/'.$email_parts[1], 0770);
}
if(!is_dir($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0])) {
mkdir($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0]);
- exec("chown vmail ".$this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0]);
- exec("chmod 770 ".$this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0]);
+ chown($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0], 'vmail');
+ chmod($this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0], 0770);
}
// Check if something has been changed regarding the autoresponders
@@ -151,16 +151,16 @@
$config_file_path = $this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0].'/.autoresponder';
file_put_contents($config_file_path,$tpl);
$app->log("Writing Autoresponder mailfilter file: $config_file_path",LOGLEVEL_DEBUG);
- exec("chmod 770 $config_file_path");
- exec("chown vmail $config_file_path");
+ chmod($config_file_path, 0770);
+ chown($config_file_path, 'vmail');
unset($tpl);
unset($config_file_path);
// Write the autoresponder message file
$config_file_path = $this->mailfilter_config_dir.'/'.$email_parts[1].'/'.$email_parts[0].'/.vacation.msg';
file_put_contents($config_file_path,$data["new"]["autoresponder_text"]);
- exec("chmod 770 $config_file_path");
- exec("chown vmail $config_file_path");
+ chmod($config_file_path, 0770);
+ chown($config_file_path, 'vmail');
$app->log("Writing Autoresponder message file: $config_file_path",LOGLEVEL_DEBUG);
}
}
@@ -198,8 +198,8 @@
file_put_contents($config_file_path,$mailfilter_content);
$app->log("Writing new custom Mailfiter".$config_file_path,LOGLEVEL_DEBUG);
- exec("chmod 770 $config_file_path");
- exec("chown vmail $config_file_path");
+ chmod($config_file_path, 0770);
+ chown($config_file_path, 'vmail');
unset($config_file_path);
} else {
// Delete the mailfilter recipe
@@ -244,4 +244,4 @@
} // end class
-?>
\ No newline at end of file
+?>
diff --git a/server/plugins-available/pma_symlink_plugin.inc.php b/server/plugins-available/pma_symlink_plugin.inc.php
index 06ce787..e2cb3a3 100644
--- a/server/plugins-available/pma_symlink_plugin.inc.php
+++ b/server/plugins-available/pma_symlink_plugin.inc.php
@@ -106,16 +106,16 @@
elseif($data["new"]["php"] == "fast-cgi" && $data["new"]["suexec"] == "y") $symlink = false;
- if(!is_dir($data["new"]["document_root"]."/web")) exec("mkdir -p ".$data["new"]["document_root"]."/web");
+ if(!is_dir($data["new"]["document_root"]."/web")) mkdir($data["new"]["document_root"].'/web', 0755, true);
if($symlink == false) {
- if(is_link($data["new"]["document_root"]."/web/phpmyadmin")) exec("rm -f ".$data["new"]["document_root"]."/web/phpmyadmin");
+ if(is_link($data["new"]["document_root"].'/web/phpmyadmin')) unlink($data["new"]["document_root"].'/web/phpmyadmin');
} else {
- if(!is_link($data["new"]["document_root"]."/web/phpmyadmin")) exec("ln -s /var/www/phpmyadmin ".$data["new"]["document_root"]."/web/phpmyadmin");
- else exec("ln -sf /var/www/phpmyadmin ".$data["new"]["document_root"]."/web/phpmyadmin");
+ if(!is_link($data["new"]["document_root"].'/web/phpmyadmin')) symlink('/var/www/phpmyadmin',$data["new"]["document_root"].'/web/phpmyadmin');
+ else symlink('/var/www/phpmyadmin',$data["new"]["document_root"].'/web/phpmyadmin');
}
}
} // end class
-?>
\ No newline at end of file
+?>
diff --git a/server/plugins-available/shelluser_base_plugin.inc.php b/server/plugins-available/shelluser_base_plugin.inc.php
index d279678..69348f5 100755
--- a/server/plugins-available/shelluser_base_plugin.inc.php
+++ b/server/plugins-available/shelluser_base_plugin.inc.php
@@ -90,9 +90,10 @@
$app->log("Added shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG);
//* Create .bash_history file
- exec('touch '.escapeshellcmd($data['new']['dir']).'/.bash_history');
- exec('chmod 755 '.escapeshellcmd($data['new']['dir']).'/.bash_history');
- exec('chown '.escapeshellcmd($data['new']['username']).':'.escapeshellcmd($data['new']['pgroup']).' '.escapeshellcmd($data['new']['dir']).'/.bash_history');
+ touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
+ chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
+ chown(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['username']));
+ chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['pgroup']));
//* Disable shell user temporarily if we use jailkit
if($data['new']['chroot'] == 'jailkit') {
@@ -105,7 +106,7 @@
$app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
}
} else {
- $app->log("Skippung insert of user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
+ $app->log("Skipping insertion of user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
}
}
@@ -137,9 +138,10 @@
//* Create .bash_history file
if(!is_file($data['new']['dir']).'/.bash_history') {
- exec('touch '.escapeshellcmd($data['new']['dir']).'/.bash_history');
- exec('chmod 755 '.escapeshellcmd($data['new']['dir']).'/.bash_history');
- exec('chown '.escapeshellcmd($data['new']['username']).':'.escapeshellcmd($data['new']['pgroup']).' '.escapeshellcmd($data['new']['dir']).'/.bash_history');
+ touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
+ chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
+ chown(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['username']));
+ chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['pgroup']));
}
} else {
@@ -150,7 +152,7 @@
$app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
}
} else {
- $app->log("Skippung update for user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
+ $app->log("Skipping update for user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
}
}
@@ -186,4 +188,4 @@
} // end class
-?>
\ No newline at end of file
+?>
diff --git a/server/plugins-available/shelluser_jailkit_plugin.inc.php b/server/plugins-available/shelluser_jailkit_plugin.inc.php
index c1b32ab..b1ee45e 100755
--- a/server/plugins-available/shelluser_jailkit_plugin.inc.php
+++ b/server/plugins-available/shelluser_jailkit_plugin.inc.php
@@ -201,7 +201,7 @@
$tpl->setVar('home_dir',$this->_get_home_dir(""));
$bashrc = escapeshellcmd($this->data['new']['dir']).'/etc/bash.bashrc';
- if(@is_file($bashrc)) exec('rm '.$bashrc);
+ if(@is_file($bashrc)) unlink($bashrc);
file_put_contents($bashrc,$tpl->grab());
unset($tpl);
@@ -214,7 +214,7 @@
$tpl->setVar('domain',$web['domain']);
$motd = escapeshellcmd($this->data['new']['dir']).'/var/run/motd';
- if(@is_file($motd)) exec('rm '.$motd);
+ if(@is_file($motd)) unlink($motd);
file_put_contents($motd,$tpl->grab());
@@ -234,7 +234,7 @@
function _get_home_dir($username)
{
- return str_replace("[username]",escapeshellcmd($username),$this->jailkit_config["jailkit_chroot_home"]);
+ return str_replace("[username]",escapeshellcmd($username),$this->jailkit_config['jailkit_chroot_home']);
}
function _add_jailkit_user()
@@ -243,8 +243,8 @@
$jailkit_chroot_userhome = $this->_get_home_dir($this->data['new']['username']);
$jailkit_chroot_puserhome = $this->_get_home_dir($this->data['new']['puser']);
- if(!is_dir($this->data['new']['dir'].'/etc')) mkdir($this->data['new']['dir'].'/etc');
- if(!is_file($this->data['new']['dir'].'/etc/passwd')) exec('touch '.$this->data['new']['dir'].'/etc/passwd');
+ if(!is_dir($this->data['new']['dir'].'/etc')) mkdir($this->data['new']['dir'].'/etc', 0755);
+ if(!is_file($this->data['new']['dir'].'/etc/passwd')) touch($this->data['new']['dir'].'/etc/passwd', 0755);
// IMPORTANT!
// ALWAYS create the user. Even if the user was created before
@@ -261,13 +261,15 @@
$this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG);
- exec("mkdir -p ".escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome));
- exec("chown ".$this->data['new']['username'].":".$this->data['new']['pgroup']." ".escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome));
+ mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), 0755, true);
+ chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['username']);
+ chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_userhome), $this->data['new']['pgroup']);
$this->app->log("Added created jailkit user home in : ".$this->data['new']['dir'].$jailkit_chroot_userhome,LOGLEVEL_DEBUG);
- exec("mkdir -p ".escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome));
- exec("chown ".$this->data['new']['puser'].":".$this->data['new']['pgroup']." ".escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome));
+ mkdir(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), 0755, true);
+ chown(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['puser']);
+ chgrp(escapeshellcmd($this->data['new']['dir'].$jailkit_chroot_puserhome), $this->data['new']['pgroup']);
$this->app->log("Added created jailkit parent user home in : ".$this->data['new']['dir'].$jailkit_chroot_puserhome,LOGLEVEL_DEBUG);
}
@@ -285,8 +287,8 @@
//* If the security level is set to high
if($web_config['security_level'] == 20) {
- $this->_exec("chmod 755 ".escapeshellcmd($web["document_root"]));
- $this->_exec("chown root:root ".escapeshellcmd($web["document_root"]));
+ $this->_exec('chmod 755 '.escapeshellcmd($web["document_root"]));
+ $this->_exec('chown root:root '.escapeshellcmd($web["document_root"]));
}
}
@@ -294,10 +296,10 @@
//* Wrapper for exec function for easier debugging
private function _exec($command) {
global $app;
- $app->log("exec: ".$command,LOGLEVEL_DEBUG);
+ $app->log('exec: '.$command,LOGLEVEL_DEBUG);
exec($command);
}
} // end class
-?>
\ No newline at end of file
+?>
diff --git a/server/plugins-available/software_update_plugin.inc.php b/server/plugins-available/software_update_plugin.inc.php
index be73c8b..55feaee 100644
--- a/server/plugins-available/software_update_plugin.inc.php
+++ b/server/plugins-available/software_update_plugin.inc.php
@@ -73,7 +73,7 @@
global $app, $conf;
//* Get the info of the package:
- $software_update_id = intval($data["new"]["software_update_id"]);
+ $software_update_id = intval($data["new"]["software_update_id"]);
$software_update = $app->db->queryOneRecord("SELECT * FROM software_update WHERE software_update_id = '$software_update_id'");
$software_package = $app->db->queryOneRecord("SELECT * FROM software_package WHERE package_name = '".$app->db->quote($software_update['package_name'])."'");
@@ -97,7 +97,7 @@
$temp_dir = '/tmp/'.md5 (uniqid (rand()));
$app->log("The temp dir is $temp_dir",LOGLEVEL_DEBUG);
mkdir($temp_dir);
- if($installuser != '') exec('chown '.$installuser.' '.$temp_dir);
+ if($installuser != '') chown($temp_dir, $installuser);
if(!is_dir($temp_dir)) {
$app->log("Unable to create temp directory.",LOGLEVEL_WARN);
@@ -135,7 +135,7 @@
$app->log("No package file found. Download failed? Installation aborted.",LOGLEVEL_WARN);
exec("rm -rf $temp_dir");
$app->log("Deleting the temp directory $temp_dir",LOGLEVEL_DEBUG);
- $this->set_install_status($data["new"]["software_update_inst_id"], "failed");
+ $this->set_install_status($data["new"]["software_update_inst_id"], "failed");
return false;
}
@@ -148,10 +148,10 @@
$app->log("The md5 sum of the downloaded file is incorrect. Update aborted.",LOGLEVEL_WARN);
exec("rm -rf $temp_dir");
$app->log("Deleting the temp directory $temp_dir",LOGLEVEL_DEBUG);
- $this->set_install_status($data["new"]["software_update_inst_id"], "failed");
+ $this->set_install_status($data["new"]["software_update_inst_id"], "failed");
return false;
} else {
- $app->log("md5sum of the downloaded file is verified.",LOGLEVEL_DEBUG);
+ $app->log("MD5 checksum of the downloaded file verified.",LOGLEVEL_DEBUG);
}
@@ -274,4 +274,4 @@
} // end class
-?>
\ No newline at end of file
+?>
diff --git a/server/plugins-available/webmail_symlink_plugin.inc.php b/server/plugins-available/webmail_symlink_plugin.inc.php
index db5fd26..8530fc4 100644
--- a/server/plugins-available/webmail_symlink_plugin.inc.php
+++ b/server/plugins-available/webmail_symlink_plugin.inc.php
@@ -106,16 +106,16 @@
elseif($data["new"]["php"] == "fast-cgi" && $data["new"]["suexec"] == "y") $symlink = false;
- if(!is_dir($data["new"]["document_root"]."/web")) exec("mkdir -p ".$data["new"]["document_root"]."/web");
+ if(!is_dir($data["new"]["document_root"]."/web")) mkdir($data["new"]["document_root"].'/web', 0755, true);
if($symlink == false) {
- if(is_link($data["new"]["document_root"]."/web/webmail")) exec("rm -f ".$data["new"]["document_root"]."/web/webmail");
+ if(is_link($data["new"]["document_root"].'/web/webmail')) unlink($data["new"]["document_root"].'/web/webmail');
} else {
- if(!is_link($data["new"]["document_root"]."/web/webmail")) exec("ln -s /var/www/webmail ".$data["new"]["document_root"]."/web/webmail");
- else exec("ln -sf /var/www/webmail ".$data["new"]["document_root"]."/web/webmail");
+ if(!is_link($data["new"]["document_root"]."/web/webmail")) symlink('/var/www/webmail',$data["new"]["document_root"].'/web/webmail');
+ else symlink('/var/www/webmail',$data["new"]["document_root"].'/web/webmail');
}
}
} // end class
-?>
\ No newline at end of file
+?>
--
Gitblit v1.9.1