Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Developers' Forum

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 30th October 2008, 14:46
skeldof skeldof is offline
Junior Member
 
Join Date: Oct 2008
Posts: 11
Thanks: 1
Thanked 2 Times in 2 Posts
Lightbulb ISPC3 SVN bugs and comments

Hi I've been tinkering with ISPConfig 4 Svn for a few days. Just thought I'd pass on some bugs I've spotted. After finding and signing up to the bugtracker I realised I couldn't post there.

The interface/web/admin/lib/lang/en_users.lng file was accidently replaced with nl version in revision 407.

More obvious what a client has the rights to edit and delete? ie admin creates a web domain. It appears as though the client can edit it but none of the changes get applied. Possibly some way to change the ownership?

Some way for the client to be aware what their limits are?

Clients cannot see FTP or shell users in their domains that the admin created.

Client created domains end up in clients/client0/webX yet symlinks are created to them in clients/clientY.

Log folder. It is a symlink in clients/clientY/webX to /var/log/ispconfig/... which cannot be accessed by a chrooted user. Should this not be around the other way? Apache uses clients/clientY/webX/log for ErrorLog anyway. Does anything maintain the size of ErrorLog? Or will these just grow?

BTW should the user choose to randomly remove the log symlink apache will fail to start. Needs owning folders to be an unrelated UID/GID.

I was poking through the install.php file and noticed that Expert does not configure jailkit.

Are e-mail quotas in MB, KB, Bytes, bits...?



More comments/wishes than bugs:

I see you're still maintaining /etc/passwd and /etc/group. Why not NSS with mysql backend (libnss-mysql on Debian)?

Display the owning client login name in the Email/Sites/DNS pages, certainly on the admin screen. Less important on the client's view

Some way to have shell and ftp users include the domain, rather than the client having to blindly guess at creating a system wide unique log in. I believe this was the way in ISPC2? Maybe a similar system for mysql but working with that daft 16 character username limit .

Hide options that are disabled for clients? eg remove "Email Catchall" option if set to 0, or the "Add x" when limit has been reached (or change to "limit reached"?)

Client level quota limits. Seems a little pointless having the client able to set arbitrary site quota limits themselves. I note this exists for e-mail, but client is only aware when they hit it.

Better restriction of what the client can set. I realise this would be quite a tall order. For example say that all sites a particular client can create are suexec, with suphp and cannot have SSI. Also to be able to create shell users, but they are jailkit only. etc. :/.

When creating shell/ftp users could there be some way to filter by client and then domain, rather than just domain? Although this only affects the admin view.

Oops that was a bit long.

Keep up the good work
Reply With Quote
Sponsored Links
  #2  
Old 30th October 2008, 14:58
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,736
Thanks: 840
Thanked 5,597 Times in 4,408 Posts
Default

Please update your system to the latest SVN version, many things have already been fixed.

If you sent me your login name of the bugtracker, I can activate it. Its a lot of work to add bugs and feature requests posted here to the bugtracker afterwards.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 31st October 2008, 17:09
skeldof skeldof is offline
Junior Member
 
Join Date: Oct 2008
Posts: 11
Thanks: 1
Thanked 2 Times in 2 Posts
Default

Hi,

Thanks for the quick reply. I forgot to mention I was testing with rev 490, which was the lastest at the time.

You have been duly contacted about my bugtracker login
Reply With Quote
  #4  
Old 31st October 2008, 17:34
quentusrex quentusrex is offline
Senior Member
 
Join Date: May 2008
Posts: 174
Thanks: 6
Thanked 11 Times in 7 Posts
Default

"Client created domains end up in clients/client0/webX yet symlinks are created to them in clients/clientY."

Yup. there is a bug here. It seems that I have found if the admin creates a website for a client, then the website is not added to the client's folder, but rather to the admin's folder.

I think that the problem lies when the site is created and how the clients id is retrieved. But after looking at file interface/web/sites/web_domain_edit.php I think this could be a feature rather than a bug. It's worth asking Till about.
Reply With Quote
  #5  
Old 31st October 2008, 17:43
quentusrex quentusrex is offline
Senior Member
 
Join Date: May 2008
Posts: 174
Thanks: 6
Thanked 11 Times in 7 Posts
Default

I've fixed the en_users.lng file. I've also fixed the e-mail quota issue.

Quote:
Originally Posted by skeldof View Post
Hi I've been tinkering with ISPConfig 4 Svn for a few days. Just thought I'd pass on some bugs I've spotted. After finding and signing up to the bugtracker I realised I couldn't post there.

The interface/web/admin/lib/lang/en_users.lng file was accidently replaced with nl version in revision 407.

More obvious what a client has the rights to edit and delete? ie admin creates a web domain. It appears as though the client can edit it but none of the changes get applied. Possibly some way to change the ownership?

Some way for the client to be aware what their limits are?

Clients cannot see FTP or shell users in their domains that the admin created.

Client created domains end up in clients/client0/webX yet symlinks are created to them in clients/clientY.

Log folder. It is a symlink in clients/clientY/webX to /var/log/ispconfig/... which cannot be accessed by a chrooted user. Should this not be around the other way? Apache uses clients/clientY/webX/log for ErrorLog anyway. Does anything maintain the size of ErrorLog? Or will these just grow?

BTW should the user choose to randomly remove the log symlink apache will fail to start. Needs owning folders to be an unrelated UID/GID.

I was poking through the install.php file and noticed that Expert does not configure jailkit.

Are e-mail quotas in MB, KB, Bytes, bits...?



More comments/wishes than bugs:

I see you're still maintaining /etc/passwd and /etc/group. Why not NSS with mysql backend (libnss-mysql on Debian)?

Display the owning client login name in the Email/Sites/DNS pages, certainly on the admin screen. Less important on the client's view

Some way to have shell and ftp users include the domain, rather than the client having to blindly guess at creating a system wide unique log in. I believe this was the way in ISPC2? Maybe a similar system for mysql but working with that daft 16 character username limit .

Hide options that are disabled for clients? eg remove "Email Catchall" option if set to 0, or the "Add x" when limit has been reached (or change to "limit reached"?)

Client level quota limits. Seems a little pointless having the client able to set arbitrary site quota limits themselves. I note this exists for e-mail, but client is only aware when they hit it.

Better restriction of what the client can set. I realise this would be quite a tall order. For example say that all sites a particular client can create are suexec, with suphp and cannot have SSI. Also to be able to create shell users, but they are jailkit only. etc. :/.

When creating shell/ftp users could there be some way to filter by client and then domain, rather than just domain? Although this only affects the admin view.

Oops that was a bit long.

Keep up the good work
Reply With Quote
The Following User Says Thank You to quentusrex For This Useful Post:
skeldof (31st October 2008)
  #6  
Old 31st October 2008, 17:57
skeldof skeldof is offline
Junior Member
 
Join Date: Oct 2008
Posts: 11
Thanks: 1
Thanked 2 Times in 2 Posts
Default

Quote:
Originally Posted by quentusrex View Post
"Client created domains end up in clients/client0/webX yet symlinks are created to them in clients/clientY."

Yup. there is a bug here. It seems that I have found if the admin creates a website for a client, then the website is not added to the client's folder, but rather to the admin's folder.

I think that the problem lies when the site is created and how the clients id is retrieved. But after looking at file interface/web/sites/web_domain_edit.php I think this could be a feature rather than a bug. It's worth asking Till about.
I think we misunderstand each other . Say I have a client with ID 3. The admin creates them a website www.test.com, ID 7. The folder structure /var/clients/client3/web7 gets created. The symlinks /var/www/www.test.com and /var/clients/client3/www.test.com both point to /var/clients/client3/web7

However if client 3 then creates a website www.test2.com, ID 8 this gets created as /var/clients/client0/web8. The symlinks /var/www/www.test2.com and /var/clients/client3/www.test2.com both point at /var/clients/client0/web8
Reply With Quote
  #7  
Old 31st October 2008, 18:04
quentusrex quentusrex is offline
Senior Member
 
Join Date: May 2008
Posts: 174
Thanks: 6
Thanked 11 Times in 7 Posts
Default

Interesting.... I would think if the client with ID=3 creates the site it woudl be in /var/clients/client3/web7/ and if the admin creates the site it would be in /var/clients/client0/web8/ Is this not the case? could you double check?

Does this effect the users? If the client creates the first site, and the admin creates the second one, does this change anything about how the client interacts with the site?

I will look into this...
Reply With Quote
  #8  
Old 31st October 2008, 18:23
skeldof skeldof is offline
Junior Member
 
Join Date: Oct 2008
Posts: 11
Thanks: 1
Thanked 2 Times in 2 Posts
Default

I just created a new user, logged in with them and created a site. /var/clients/client4 was not created. The site ended up in /var/clients/client0/web9. The symlink /var/www/moo.com pointed at /var/clients/client0/web9.

Then created a site with admin. It was created as /var/clients/client4/web10. Two symlinks correct as before.

This sounds like a continuation of bugtracker bug #236 where it was only fixed for admin.
Reply With Quote
  #9  
Old 31st October 2008, 18:42
quentusrex quentusrex is offline
Senior Member
 
Join Date: May 2008
Posts: 174
Thanks: 6
Thanked 11 Times in 7 Posts
Default

If it is the same problem, then the solution will be in the file: interface/web/mail/mail_domain_edit.php

And most likely on lines 228 and 268.

skeldof, do you think you could look through the file and see if you can spot the bug?
Reply With Quote
  #10  
Old 31st October 2008, 18:48
quentusrex quentusrex is offline
Senior Member
 
Join Date: May 2008
Posts: 174
Thanks: 6
Thanked 11 Times in 7 Posts
 
Default

// get the ID of the client
if($_SESSION["s"]["user"]["typ"] != 'admin') {
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
$client_id = intval($client["client_id"]);
} else {
//$client_id = intval($this->dataRecord["client_group_id"]);
$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($this->dataRecord["client_group_id"]));
$client_id = intval($client["client_id"]);
}

// Set the values for document_root, system_user and system_group
$system_user = 'web'.$this->id;
$system_group = 'client'.$client_id;
$document_root = str_replace("[client_id]",$client_id,$document_root);


It seems that SQL statement returns the wrong id ....
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 03:22.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.