kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity
AlternC/src/do_actions.php

358 lines
12 KiB
PHP
Raw Blame History

#!/usr/bin/php -q
<?php
/*
$Id: do_actions.php,v 1.0 2013/04/19 13:40:32 axel Exp $
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
Based on:
Valentin Lacambre's web hosting softwares: http://altern.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Axel Roger
Purpose of file: Do planed actions on files/directories.
----------------------------------------------------------------------
*/
/**
* This script check the MySQL DB for actions to do, and do them one by one.
*
* @copyright AlternC-Team 2002-2013 http://alternc.org/
*/
//////////////////////////////////
/*
Fixme
- check all those cases
*/
///////////////////////////////////
// Put this var to 1 if you want to enable debug prints
$debug=0;
// Collects errors along execution. If length > 1, an email is sent.
$errorsList=array();
// Bootstraps
require_once("/usr/share/alternc/panel/class/config_nochk.php");
// Script lock through filesystem
$admin->stop_if_jobs_locked();
if( !defined("ALTERNC_DO_ACTION_LOCK")){
define("ALTERNC_DO_ACTION_LOCK",'/run/alternc/do_actions_cron.lock');
}
$SCRIPT='/usr/bin/php do_actions.php';
$MY_PID=getmypid();
$FIXPERM='/usr/lib/alternc/fixperms.sh';
/**
*
* Debug function that print infos
*
* @global int $debug
* @param type $mess
*/
function d($mess){
global $debug;
if ($debug == 1)
echo "$mess\n";
}
/**
* Function to mail the panel's administrator if something failed
* @global array $errorsList
* @global type $L_FQDN
*/
function mail_it(){
global $errorsList,$L_FQDN;
// Forces array
if( !is_array($errorsList)){
$errorsList = array($errorsList);
}
// Builds message from array
$msg = implode("\n", $errorsList);
// Attempts to send email
// @todo log if fails
mail("alterncpanel@$L_FQDN",'Script do_actions.php issues',"\n Errors reporting mail:\n\n$msg");
}
/**
* Common routine for system calls
*
* @param type $command the command
* @param type $parameters of the command (they are going to be protected)
* @return array('output'=>'output of exec', 'return_val'=>'returned integer of exec')
*/
function execute_cmd($command, $parameters=array()) {
$cmd_line = "$command ";
if (!empty($parameters)) {
if (is_array($parameters)) {
foreach($parameters as $pp) {
$cmd_line.= " ".escapeshellarg($pp)." ";
}
} else {
$cmd_line.= " ".escapeshellarg($parameters)." " ;
}
}
$cmd_line.= " 2>&1";
exec($cmd_line, $output, $code);
return array('executed' => $cmd_line, 'output'=>$output, 'return_val'=>$code);
}
/** Check if a file or folder is in the list of allowed
* path (after dereferencing all ../ and symlinks
* @param $path string the path to check against
* @return string the dereferenced path, or FALSE if the path is NOT allowed (/var/www/alternc /var/mail/alternc)
*/
function my_realpath($path) {
global $L_ALTERNC_HTML, $L_ALTERNC_MAIL;
// add here any allowed path:
$allowed=array(realpath($L_ALTERNC_HTML)."/", realpath($L_ALTERNC_MAIL)."/");
$path=realpath($path);
foreach($allowed as $one) {
// the path must be BELOW each allowed folder. forbid anything
if (strlen($path)>strlen($one) && substr($path,0,strlen($one))==$one) {
return $path;
}
}
return false;
}
// Check if script isn't already running
if (file_exists(ALTERNC_DO_ACTION_LOCK) !== false){
d("Lock file already exists. ");
// Check if file is in process list
$PID=file_get_contents(ALTERNC_DO_ACTION_LOCK);
d("My PID is $MY_PID, PID in the lock file is $PID");
if ($PID == exec("pidof $SCRIPT | tr ' ' '\n' | grep -v $MY_PID")){
// Previous cron is not finished yet, just exit
d("Previous cron is already running, we just exit and let it finish :-)");
exit(0);
}else{
// Previous cron failed!
$errorsList[]="Lock file already exists. No process with PID $PID found! Previous cron failed...\n";
// No need to remove anything, we're going to recreate it
//d("Removing lock file and trying to process the failed action...");
// Delete the lock and continue to the next action
//unlink(ALTERNC_DO_ACTION_LOCK);
// Lock with the current script's PID
if (file_put_contents(ALTERNC_DO_ACTION_LOCK,$MY_PID) === false){
$errorsList[]="Cannot open/write ALTERNC_DO_ACTION_LOCK\n";
mail_it();
exit(1);
}
// Get the action(s) that was processing when previous script failed
// (Normally, there will be at most 1 job pending... but who know?)
while($cc=$action->get_job()){
$c=$cc[0];
$params=unserialize($c["parameters"]);
// We can resume these types of action, so we reset the job to process it later
d("Previous job was the n°".$c["id"]." : '".$c["type"]."'");
if($c["type"] == "CREATE_FILE" && is_dir(dirname($params["file"])) || $c["type"] == "CREATE_DIR" || $c["type"] == "DELETE" || $c["type"] == "FIX_DIR" || $c["type"] == "FIX_FILE"){
d("Reset of the job! So it will be resumed...");
$action->reset_job($c["id"]);
}else{
// We can't resume the others types, notify the fail and finish this action
$errorsList[]="Can't resume the job n°".$c["id"]." action '".$c["type"]."', finishing it with a fail status.\n";
if(!$action->finish($c["id"],"Fail: Previous script crashed while processing this action, cannot resume it.")){
$errorsList[]="Cannot finish the action! Error while inserting the error value in the DB for action n°".$c["id"]." : action '".$c["type"]."'\n";
break; // Else we go into an infinite loop... AAAAHHHHHH
}
}
}
}
}else{
// Lock with the current script's PID
if (file_put_contents(ALTERNC_DO_ACTION_LOCK,$MY_PID) === false){
$errorsList[]="Cannot open/write ALTERNC_DO_ACTION_LOCK\n";
mail_it();
exit(1);
}
}
//We get the next action to do
while ($rr=$action->get_action()){
$r=$rr[0];
$return="OK";
// Do we have to do this action with a specific user?
if($r["user"] != "root")
$SU="su ".$r["user"]." 2>&1 ;";
else
$SU="";
// We lock the action
d("-----------\nBeginning action n°".$r["id"]);
$action->begin($r["id"]);
// We process it
$params=@unserialize($r["parameters"]);
// We exec with the specified user
d("Executing action '".$r["type"]."' with user '".$r["user"]."'");
switch ($r["type"]){
case "FIX_USER" :
// Create the directory and make parent directories as needed
$returned = execute_cmd("$FIXPERM -u", $params["uid"]);
break;
case "CHMOD" :
$filename=my_realpath($params["filename"]);
if ($filename===false) {
$errorsList=array("Fail: path not allowed");
break;
}
$perms=$params["perms"];
// Checks the file or directory exists
if( !is_dir($filename) && ! is_file($filename)){
$errorsList=array("Fail: cannot retrieve CHMOD filename" );
}
// Checks the perms are correct
else if ( !is_int( $perms)){
$errorsList=array("Fail: Incorrect perms : $perms");
}
// Attempts to change the rights on the file or directory
else if( !chmod($filename, $perms)) {
$errorsList=array("Fail: cannot change perms ($perms) on filename ($filename)");
}
break;
case "CREATE_FILE" :
$dirname=my_realpath(dirname($params["filename"]));
$filename=basename($params["filename"]);
if ($dirname===false) {
$errorsList=array("Fail: path not allowed");
break;
}
$params["file"]=$dirname.DIRECTORY_SEPARATOR.$filename;
if(!file_exists($params["file"])) {
if ( file_put_contents($params["file"], $params["content"]) === false ) {
$errorsList=array("Fail: can't write into file ".$params["file"]);
} else {
if (!chown($params["file"], $r["user"])) {
$errorsList=array("Fail: cannot chown ".$params["file"]);
}
}
} else {
$errorsList=array("Fail: file already exists ".$params["file"]);
}
break;
case "CREATE_DIR" :
$dirname=my_realpath(dirname($params["dir"]));
$filename=basename($params["dir"]);
if ($dirname===false) {
$errorsList=array("Fail: path not allowed");
break;
}
$params["dir"]=$dirname.DIRECTORY_SEPARATOR.$filename;
// Create the directory and make parent directories as needed
$returned = execute_cmd("$SU mkdir", array('-p', $params["dir"]));
break;
case "DELETE" :
$dirname=my_realpath($params["dir"]);
if ($dirname===false) {
$errorsList=array("Fail: path not allowed");
break;
}
// Delete file/directory and its contents recursively
$returned = execute_cmd("$SU rm", array('-rf', $dirname));
break;
case "MOVE" :
// If destination dir does not exists, create it
$dirname=my_realpath(dirname($params["dst"]));
$filename=basename($params["dst"]);
if ($dirname===false) {
$errorsList=array("Fail: path not allowed");
break;
}
$params["dst"]=$dirname.DIRECTORY_SEPARATOR.$filename;
$params["src"]=my_realpath($params["src"]);
if ($params["src"]===false) {
$errorsList=array("Fail: path not allowed");
break;
}
if (!is_dir($params["dst"]))
if ( @mkdir($params["dst"], 0777, true)) {
if ( @chown($params["dst"], $r["user"]) ) {
$returned = execute_cmd("$SU mv -f", array($params["src"], $params["dst"]));
}
} else { //is_dir false
$errorsList=array("Fail: cannot create ".$params["dst"]);
} // is_dir
break;
case "FIX_DIR" :
$params["dir"]=my_realpath($params["dir"]);
if ($params["dir"]===false) {
$errorsList=array("Fail: path not allowed");
break;
}
$returned = execute_cmd($FIXPERM, array('-d', $params["dir"]));
if($returned['return_val'] != 0) {
$errorsList=array("Fixperms.sh failed, returned error code : ".$returned['return_val']);
}
break;
case "FIX_FILE" :
$params["file"]=my_realpath($params["file"]);
if ($params["file"]===false) {
$errorsList=array("Fail: path not allowed");
break;
}
$returned = execute_cmd($FIXPERM, array('-f', $params["file"]));
if($returned['return_val'] != 0){
$errorsList=array("Fixperms.sh failed, returned error code : ".$returned['return_val']);
}
break;
default :
$output=array("Fail: Sorry dude, i do not know this type of action");
break;
}
// Get the error (if exists).
if(isset($output[0])){
$return=$output[0];
$errorsList[]="\nAction n°".$r["id"]." '".$r["type"]."' failed! With user: ".$r["user"]."\nHere is the complete output:\n".print_r($output);
}
// We finished the action, notify the DB.
d("Finishing... return value is : $return\n");
if(!$action->finish($r["id"],addslashes($return))){
$errorsList[]="Cannot finish the action! Error while inserting the error value in the DB for action n°".$r["id"]." : action '".$r["type"]."'\nReturn value: ".addslashes($return)."\n";
break; // Else we go into an infinite loop... AAAAHHHHHH
}
}
// If an error occured, notify it to the admin
if(count($errorsList)) {
mail_it();
if( (php_sapi_name() === 'cli') ){
echo _("errors were met");
var_dump($errorsList);
}
}
// Unlock the script
// @todo This could be handled by m_admin
unlink(ALTERNC_DO_ACTION_LOCK);
// Exit this script
exit(0);
Reference in New Issue View Git Blame Copy Permalink