From 0bba178de7534526d4ebb59c56be6abc05b732e0 Mon Sep 17 00:00:00 2001 From: Steven Mondji-Lerider Date: Tue, 12 Jun 2012 17:11:46 +0000 Subject: [PATCH] =?UTF-8?q?modification=20du=20script=20fixperms.sh=20pour?= =?UTF-8?q?=20modfier=20les=20ACL=20par=20fichiers,=20afin=20de=20les=20mo?= =?UTF-8?q?difier=20apr=C3=A8s=20upload=20par=20le=20panel?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bureau/class/m_bro.php | 5 ++-- etc/alternc/alternc-sudoers | 2 +- src/fixperms.sh | 50 +++++++++++++++++++++++++++++++------ 3 files changed, 46 insertions(+), 11 deletions(-) diff --git a/bureau/class/m_bro.php b/bureau/class/m_bro.php index 14d658c5..6d31e047 100644 --- a/bureau/class/m_bro.php +++ b/bureau/class/m_bro.php @@ -509,7 +509,7 @@ class m_bro { * @returns the path where the file resides or false if upload failed */ function UploadFile($R) { - global $_FILES,$err; + global $_FILES,$err,$cuid; $absolute=$this->convertabsolute($R,0); if (!$absolute) { $err->raise("bro",1); @@ -521,7 +521,8 @@ class m_bro { @touch($absolute."/".$_FILES['userfile']['name']); } if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $absolute."/".$_FILES['userfile']['name'])) { - return $absolute."/".$_FILES['userfile']['name']; + exec("sudo /usr/lib/alternc/fixperms.sh -u ".$cuid." -f ".$absolute."/".$_FILES['userfile']['name']); + return $absolute."/".$_FILES['userfile']['name']; } else { $err->raise("bro",3); return false; diff --git a/etc/alternc/alternc-sudoers b/etc/alternc/alternc-sudoers index 7209af72..fb2e57d2 100644 --- a/etc/alternc/alternc-sudoers +++ b/etc/alternc/alternc-sudoers @@ -1,2 +1,2 @@ -alterncpanel ALL = NOPASSWD : /usr/bin/quota, /usr/sbin/setquota +alterncpanel ALL = NOPASSWD : /usr/bin/quota, /usr/sbin/setquota, /usr/lib/alternc/fixperms.sh vmail ALL = NOPASSWD : /usr/lib/dovecot/deliver diff --git a/src/fixperms.sh b/src/fixperms.sh index 6a71aa48..22315c30 100755 --- a/src/fixperms.sh +++ b/src/fixperms.sh @@ -31,18 +31,33 @@ #Default Query : fixperms for all account query="SELECT uid,login FROM membres" sub_dir="" - +file="" #Two optionals argument # -l string : a specific login to fix -# -u interger : a specifi uid to fix -while getopts "l:u:d:" optname +# -u interger : a specific uid to fix +# -f interger : a specific file to fix according to a given uid + +while getopts "l:u:f:d:" optname do case "$optname" in "l") - query="SELECT uid,login FROM membres WHERE login LIKE '$OPTARG'" + if [[ "$OPTARG" =~ ^[a-zA-Z0-9_]+$ ]] ; then + query="SELECT uid,login FROM membres WHERE login LIKE '$OPTARG'" + else + echo "Bad login provided" + exit + fi ;; "u") - query="SELECT uid,login FROM membres WHERE uid LIKE '$OPTARG'" + if [[ "$OPTARG" =~ ^[0-9]+$ ]] ; then + query="SELECT uid,login FROM membres WHERE uid LIKE '$OPTARG'" + else + echo "Bad uid provided" + exit + fi + ;; + "f") + file="$OPTARG" ;; "d") sub_dir="$OPTARG" @@ -97,12 +112,31 @@ doone() { # Delete existings ACL # Set the defaults acl on all the files setfacl -b -k -m d:g:alterncpanel:rwx -m d:u:$GID:rw- -m d:g:$GID:rw- \ - -m g:alterncpanel:rwx -m u:$GID:rw- -m g:$GID:rw- \ - -R "$REP" + -Rm g:alterncpanel:rwx -m u:$GID:rw- -m g:$GID:rw- \ + "$REP" read GID LOGIN done } -mysql --defaults-file=/etc/alternc/my.cnf --skip-column-names -B -e "$query" |doone +fixefile(){ + read GID LOGIN + /usr/bin/setfacl -bk $file + echo "gid: $GID" + echo "file: $file" + chown $GID:$GID $file + chmod 0770 $file + /usr/bin/setfacl -m u:$GID:rw- -m g:$GID:rw- -m g:alterncpanel:rw- -m u:$GID:rw- -m g:$GID:rw- $file + echo file ownership and ACLs changed +} + +if [[ $file != "" ]]; then + if [ -e $file ]; then + mysql --defaults-file=/etc/alternc/my.cnf --skip-column-names -B -e "$query" |fixefile + else + echo "file not found" + fi +else + mysql --defaults-file=/etc/alternc/my.cnf --skip-column-names -B -e "$query" |doone +fi