From e1ceb050e19c7574bca146a8da7047ee4ff456b5 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Sun, 10 Jul 2016 05:02:35 -0400
Subject: [PATCH] Merge branch 'stable-3.1'

---
 server/plugins-available/cron_plugin.inc.php |   73 ++++++++++++++++++++++++------------
 1 files changed, 49 insertions(+), 24 deletions(-)

diff --git a/server/plugins-available/cron_plugin.inc.php b/server/plugins-available/cron_plugin.inc.php
index 75afe95..c7109a5 100644
--- a/server/plugins-available/cron_plugin.inc.php
+++ b/server/plugins-available/cron_plugin.inc.php
@@ -92,17 +92,20 @@
 		}
 
 		//* get data from web
-		$parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ".intval($data["new"]["parent_domain_id"]));
+		$parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ?", $data["new"]["parent_domain_id"]);
 		if(!$parent_domain["domain_id"]) {
 			$app->log("Parent domain not found", LOGLEVEL_WARN);
 			return 0;
-		} elseif($parent_domain["system_user"] == 'root' or $parent_domain["system_group"] == 'root') {
-			$app->log("Websites (and Crons) cannot be owned by the root user or group.", LOGLEVEL_WARN);
-			return 0;
 		}
 
+		if(!$app->system->is_allowed_user($parent_domain['system_user'], true, true)
+			|| !$app->system->is_allowed_group($parent_domain['system_group'], true, true)) {
+			$app->log("Websites (and Crons) cannot be owned by the root user or group.", LOGLEVEL_WARN);
+			return false;
+		}
+		
 		// Get the client ID
-		$client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["new"]["sys_groupid"]));
+		$client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ?", $data["new"]["sys_groupid"]);
 		$client_id = intval($client["client_id"]);
 		unset($client);
 
@@ -120,18 +123,37 @@
 			exec("useradd -d ".escapeshellcmd($parent_domain["document_root"])." -g $groupname $username -s /bin/false");
 			$app->log("Adding the user: $username", LOGLEVEL_DEBUG);
 		}
+        
+        // Set the quota for the user
+        if($username != '' && $app->system->is_user($username)) {
+           if($parent_domain['hd_quota'] > 0) {
+              $blocks_soft = $parent_domain['hd_quota'] * 1024;
+              $mb_soft = $parent_domain['hd_quota'];
+              $blocks_hard = $blocks_soft + 1024;
+              $mb_hard = $mb_soft + 1;
+            } else {
+              $mb_soft = $mb_hard = $blocks_soft = $blocks_hard = 0;
+            }
 
-		// Set the quota for the user
-		if($username != '' && $app->system->is_user($username)) {
-			if($parent_domain["hd_quota"] > 0){
-				$blocks_soft = $parent_domain["hd_quota"] * 1024;
-				$blocks_hard = $blocks_soft + 1024;
-			} else {
-				$blocks_soft = $blocks_hard = 0;
-			}
-			exec("setquota -u $username $blocks_soft $blocks_hard 0 0 -a &> /dev/null");
-			exec("setquota -T -u $username 604800 604800 -a &> /dev/null");
-		}
+            // get the primitive folder for document_root and the filesystem, will need it later.
+            $df_output=explode(" ", exec("df -T " . escapeshellarg($parent_domain["document_root"]) . "|awk 'END{print \$2,\$NF}'"));
+            $file_system = $df_output[0];
+            $primitive_root = $df_output[1];
+
+            if ( in_array($file_system , array('ext2','ext3','ext4'),true) ) {
+              exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null');
+              exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null');
+            } elseif ($file_system == 'xfs') {
+                
+              exec("xfs_quota -x -c 'limit -g bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " $username' $primitive_root");
+
+              // xfs only supports timers globally, not per user.
+              exec("xfs_quota -x -c 'timer -bir -i 604800'");
+
+              unset($project_uid, $username_position, $xfs_projects);
+              unset($primitive_root, $df_output, $mb_hard, $mb_soft);
+            }
+        }
 
 		//TODO : change this when distribution information has been integrated into server record
 		//* Gentoo requires a user to be part of the crontab group.
@@ -158,14 +180,14 @@
 		global $app, $conf;
 
 		//* get data from web
-		$parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ".intval($data["old"]["parent_domain_id"]));
+		$parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ?", $data["old"]["parent_domain_id"]);
 		if(!$parent_domain["domain_id"]) {
 			$app->log("Parent domain not found", LOGLEVEL_WARN);
 			return 0;
 		}
 
 		// Get the client ID
-		$client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["old"]["sys_groupid"]));
+		$client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ?", $data["old"]["sys_groupid"]);
 		$client_id = intval($client["client_id"]);
 		unset($client);
 
@@ -193,7 +215,7 @@
 		$chr_cmd_count = 0;
 
 		//* read all active cron jobs from database and write them to file
-		$cron_jobs = $app->db->queryAllRecords("SELECT c.`run_min`, c.`run_hour`, c.`run_mday`, c.`run_month`, c.`run_wday`, c.`command`, c.`type`, c.`log`, `web_domain`.`domain` as `domain` FROM `cron` as c INNER JOIN `web_domain` ON `web_domain`.`domain_id` = c.`parent_domain_id` WHERE c.`parent_domain_id` = ".intval($this->parent_domain["domain_id"]) . " AND c.`active` = 'y'");
+		$cron_jobs = $app->db->queryAllRecords("SELECT c.`run_min`, c.`run_hour`, c.`run_mday`, c.`run_month`, c.`run_wday`, c.`command`, c.`type`, c.`log`, `web_domain`.`domain` as `domain` FROM `cron` as c INNER JOIN `web_domain` ON `web_domain`.`domain_id` = c.`parent_domain_id` WHERE c.`parent_domain_id` = ? AND c.`active` = 'y'", $this->parent_domain["domain_id"]);
 		if($cron_jobs && count($cron_jobs) > 0) {
 			foreach($cron_jobs as $job) {
 				if($job['run_month'] == '@reboot') {
@@ -203,16 +225,19 @@
 				}
 				
 				$log_target = ">/dev/null 2>&1";
+				$log_wget_target = '/dev/null';
+				$log_root = '';
 				if($job['log'] == 'y') {
-					$log_root = '';
-					if($job['type'] != 'chrooted') $log_root = $this->parent_domain['document_root'] . '/log';
+					if($job['type'] != 'chrooted') $log_root = $this->parent_domain['document_root'];
+					$log_root .= '/private';
 					
-					$log_target = '>' . $log_root . '/cron.log 2>' . $log_root . '/cron_error.log';
+					$log_target = '>>' . $log_root . '/cron.log 2>>' . $log_root . '/cron_error.log';
+					$log_wget_target = $log_root . '/cron_wget.log';
 				}
 				
 				$command .= "\t{$this->parent_domain['system_user']}"; //* running as user
 				if($job['type'] == 'url') {
-					$command .= "\t{$cron_config['wget']} -q -t 1 -T 7200 -O /dev/null " . escapeshellarg($job['command']) . " " . $log_target;
+					$command .= "\t{$cron_config['wget']} -q -t 1 -T 7200 -O " . $log_wget_target . " " . escapeshellarg($job['command']) . " " . $log_target;
 				} else {
 					$web_root = '';
 					if($job['type'] == 'chrooted') {
@@ -228,7 +253,7 @@
 					$job['command'] = str_replace('[web_root]', $web_root, $job['command']);
 
 					$command .= "\t";
-					if($job['type'] != 'chrooted' && substr($job['command'], 0, 1) != "/") $command .= $this->parent_domain['document_root'].'/';
+					//if($job['type'] != 'chrooted' && substr($job['command'], 0, 1) != "/") $command .= $this->parent_domain['document_root'].'/';
 					$command .= $job['command'] . " " . $log_target;
 				}
 

--
Gitblit v1.9.1