From e1ceb050e19c7574bca146a8da7047ee4ff456b5 Mon Sep 17 00:00:00 2001 From: Marius Burkard <m.burkard@pixcept.de> Date: Sun, 10 Jul 2016 05:02:35 -0400 Subject: [PATCH] Merge branch 'stable-3.1' --- server/plugins-available/cron_plugin.inc.php | 73 ++++++++++++++++++++++++------------ 1 files changed, 49 insertions(+), 24 deletions(-) diff --git a/server/plugins-available/cron_plugin.inc.php b/server/plugins-available/cron_plugin.inc.php index 75afe95..c7109a5 100644 --- a/server/plugins-available/cron_plugin.inc.php +++ b/server/plugins-available/cron_plugin.inc.php @@ -92,17 +92,20 @@ } //* get data from web - $parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ".intval($data["new"]["parent_domain_id"])); + $parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ?", $data["new"]["parent_domain_id"]); if(!$parent_domain["domain_id"]) { $app->log("Parent domain not found", LOGLEVEL_WARN); return 0; - } elseif($parent_domain["system_user"] == 'root' or $parent_domain["system_group"] == 'root') { - $app->log("Websites (and Crons) cannot be owned by the root user or group.", LOGLEVEL_WARN); - return 0; } + if(!$app->system->is_allowed_user($parent_domain['system_user'], true, true) + || !$app->system->is_allowed_group($parent_domain['system_group'], true, true)) { + $app->log("Websites (and Crons) cannot be owned by the root user or group.", LOGLEVEL_WARN); + return false; + } + // Get the client ID - $client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["new"]["sys_groupid"])); + $client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ?", $data["new"]["sys_groupid"]); $client_id = intval($client["client_id"]); unset($client); @@ -120,18 +123,37 @@ exec("useradd -d ".escapeshellcmd($parent_domain["document_root"])." -g $groupname $username -s /bin/false"); $app->log("Adding the user: $username", LOGLEVEL_DEBUG); } + + // Set the quota for the user + if($username != '' && $app->system->is_user($username)) { + if($parent_domain['hd_quota'] > 0) { + $blocks_soft = $parent_domain['hd_quota'] * 1024; + $mb_soft = $parent_domain['hd_quota']; + $blocks_hard = $blocks_soft + 1024; + $mb_hard = $mb_soft + 1; + } else { + $mb_soft = $mb_hard = $blocks_soft = $blocks_hard = 0; + } - // Set the quota for the user - if($username != '' && $app->system->is_user($username)) { - if($parent_domain["hd_quota"] > 0){ - $blocks_soft = $parent_domain["hd_quota"] * 1024; - $blocks_hard = $blocks_soft + 1024; - } else { - $blocks_soft = $blocks_hard = 0; - } - exec("setquota -u $username $blocks_soft $blocks_hard 0 0 -a &> /dev/null"); - exec("setquota -T -u $username 604800 604800 -a &> /dev/null"); - } + // get the primitive folder for document_root and the filesystem, will need it later. + $df_output=explode(" ", exec("df -T " . escapeshellarg($parent_domain["document_root"]) . "|awk 'END{print \$2,\$NF}'")); + $file_system = $df_output[0]; + $primitive_root = $df_output[1]; + + if ( in_array($file_system , array('ext2','ext3','ext4'),true) ) { + exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null'); + exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null'); + } elseif ($file_system == 'xfs') { + + exec("xfs_quota -x -c 'limit -g bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " $username' $primitive_root"); + + // xfs only supports timers globally, not per user. + exec("xfs_quota -x -c 'timer -bir -i 604800'"); + + unset($project_uid, $username_position, $xfs_projects); + unset($primitive_root, $df_output, $mb_hard, $mb_soft); + } + } //TODO : change this when distribution information has been integrated into server record //* Gentoo requires a user to be part of the crontab group. @@ -158,14 +180,14 @@ global $app, $conf; //* get data from web - $parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ".intval($data["old"]["parent_domain_id"])); + $parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ?", $data["old"]["parent_domain_id"]); if(!$parent_domain["domain_id"]) { $app->log("Parent domain not found", LOGLEVEL_WARN); return 0; } // Get the client ID - $client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["old"]["sys_groupid"])); + $client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ?", $data["old"]["sys_groupid"]); $client_id = intval($client["client_id"]); unset($client); @@ -193,7 +215,7 @@ $chr_cmd_count = 0; //* read all active cron jobs from database and write them to file - $cron_jobs = $app->db->queryAllRecords("SELECT c.`run_min`, c.`run_hour`, c.`run_mday`, c.`run_month`, c.`run_wday`, c.`command`, c.`type`, c.`log`, `web_domain`.`domain` as `domain` FROM `cron` as c INNER JOIN `web_domain` ON `web_domain`.`domain_id` = c.`parent_domain_id` WHERE c.`parent_domain_id` = ".intval($this->parent_domain["domain_id"]) . " AND c.`active` = 'y'"); + $cron_jobs = $app->db->queryAllRecords("SELECT c.`run_min`, c.`run_hour`, c.`run_mday`, c.`run_month`, c.`run_wday`, c.`command`, c.`type`, c.`log`, `web_domain`.`domain` as `domain` FROM `cron` as c INNER JOIN `web_domain` ON `web_domain`.`domain_id` = c.`parent_domain_id` WHERE c.`parent_domain_id` = ? AND c.`active` = 'y'", $this->parent_domain["domain_id"]); if($cron_jobs && count($cron_jobs) > 0) { foreach($cron_jobs as $job) { if($job['run_month'] == '@reboot') { @@ -203,16 +225,19 @@ } $log_target = ">/dev/null 2>&1"; + $log_wget_target = '/dev/null'; + $log_root = ''; if($job['log'] == 'y') { - $log_root = ''; - if($job['type'] != 'chrooted') $log_root = $this->parent_domain['document_root'] . '/log'; + if($job['type'] != 'chrooted') $log_root = $this->parent_domain['document_root']; + $log_root .= '/private'; - $log_target = '>' . $log_root . '/cron.log 2>' . $log_root . '/cron_error.log'; + $log_target = '>>' . $log_root . '/cron.log 2>>' . $log_root . '/cron_error.log'; + $log_wget_target = $log_root . '/cron_wget.log'; } $command .= "\t{$this->parent_domain['system_user']}"; //* running as user if($job['type'] == 'url') { - $command .= "\t{$cron_config['wget']} -q -t 1 -T 7200 -O /dev/null " . escapeshellarg($job['command']) . " " . $log_target; + $command .= "\t{$cron_config['wget']} -q -t 1 -T 7200 -O " . $log_wget_target . " " . escapeshellarg($job['command']) . " " . $log_target; } else { $web_root = ''; if($job['type'] == 'chrooted') { @@ -228,7 +253,7 @@ $job['command'] = str_replace('[web_root]', $web_root, $job['command']); $command .= "\t"; - if($job['type'] != 'chrooted' && substr($job['command'], 0, 1) != "/") $command .= $this->parent_domain['document_root'].'/'; + //if($job['type'] != 'chrooted' && substr($job['command'], 0, 1) != "/") $command .= $this->parent_domain['document_root'].'/'; $command .= $job['command'] . " " . $log_target; } -- Gitblit v1.9.1