Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 23rd April 2007, 16:53
meemu meemu is offline
Member
 
Join Date: Apr 2007
Posts: 39
Thanks: 2
Thanked 8 Times in 5 Posts
Default

Thanks Till. I hadn't checked the file's permissions. It's true.

Can I bother you with one more problem? I promise I'll write a howto for debian etch with fastcgi in the next couple of days.

I have a web application with a shared code base. It is used via Alias and shtml includes. The solution I came up with is is to add the sharing respective ispconfig user to the shared application's user group.
The weird thing is that ispconfig keeps overwriting my group file. In there I have:

sharedwebappgroup:x:9001:sharedwebappuser,www-data,web1_user

On changes in the ispconfig web interface it removes the web1_user

I thought it might use some sort of minimum gid but doesn't look like.

Is there a way of "protecting" this from overwrites by ispconfig?


Thanks in advance and for all your help
Reply With Quote
Sponsored Links
  #12  
Old 24th April 2007, 18:47
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,739 Times in 2,574 Posts
Default

Quote:
Originally Posted by meemu
sharedwebappgroup:x:9001:sharedwebappuser,www-data,web1_user

On changes in the ispconfig web interface it removes the web1_user

I thought it might use some sort of minimum gid but doesn't look like.

Is there a way of "protecting" this from overwrites by ispconfig?


Thanks in advance and for all your help
Are you talking about the /etc/group file? You'd have to modify the ISPConfig sources to change that behaviour.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #13  
Old 24th April 2007, 19:55
meemu meemu is offline
Member
 
Join Date: Apr 2007
Posts: 39
Thanks: 2
Thanked 8 Times in 5 Posts
Default

Yes that's what I had in mind. Any starting points?
Reply With Quote
  #14  
Old 25th April 2007, 13:57
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,739 Times in 2,574 Posts
Default

The interesting functions are in /root/ispconfig/scripts/lib/classes/ispconfig_system.lib.php.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #15  
Old 25th April 2007, 15:33
meemu meemu is offline
Member
 
Join Date: Apr 2007
Posts: 39
Thanks: 2
Thanked 8 Times in 5 Posts
Default

Does not look like an easy hack to me. I am not sure I understand what is happening here. In general, does it parse the whole group file, the parse it line by line and write it back? Or does it skip something under certain circumstances?
After a quick glance I have the feeling it parses it line by line, looks for any entries containing ispconfig groups/users and does an integrity check on those. Is that how it works?
What approach would you recommend for what I'm trying to do?
Something like a minimum gid and below that it won't touch the entry?

Thanks for all your help. I promise I'll convert the walkthrough into a howto as soon as I have gone live with this machine.
Reply With Quote
  #16  
Old 25th April 2007, 17:35
meemu meemu is offline
Member
 
Join Date: Apr 2007
Posts: 39
Thanks: 2
Thanked 8 Times in 5 Posts
Default

What I've found is this:

Code:
    foreach($group_file_lines as $group_file_line){
      if(trim($group_file_line) != ""){
        list($f1, $f2, $f3, $f4) = explode(":", $group_file_line);
        $group_users = explode(",", str_replace(" ", "", $f4));
        if(in_array($user_username, $group_users)){
          $g_users = array();
          foreach($group_users as $group_user){
            if($group_user != $user_username) $g_users[] = $group_user;
          }
          $f4 = implode(",", $g_users);
        }
        $new_group_file[] = $f1.":".$f2.":".$f3.":".$f4;
      }
    }
As far as I understand, this means the update script runs for each ispconf user. Checks each line of group and amends it according to what is in the ispconfig db (isp_isp_user, isp_dep tables).

I'd like to think something like this could solve my problem:


Code:
...
define (GID_MIN_PROTECTED,9000);
define (GID_MAX_PROTECTED,9999);
...
    foreach($group_file_lines as $group_file_line){
      if(trim($group_file_line) != ""){
        list($f1, $f2, $f3, $f4) = explode(":", $group_file_line);
        $group_users = explode(",", str_replace(" ", "", $f4));
        if(  ($f3 >= GID_MIN_PROTECTED) && ($f3 <= GID_MAX_PROTECTED) ) { 
          $new_group_file[] = $f1.":".$f2.":".$f3.":".$f4;
          continue;
        }
        if(in_array($user_username, $group_users)){
          $g_users = array();
          foreach($group_users as $group_user){
            if($group_user != $user_username) $g_users[] = $group_user;
          }
          $f4 = implode(",", $g_users);
        }
        $new_group_file[] = $f1.":".$f2.":".$f3.":".$f4;
      }
    }
Would this break something?


Thanks
Reply With Quote
  #17  
Old 25th April 2007, 17:43
meemu meemu is offline
Member
 
Join Date: Apr 2007
Posts: 39
Thanks: 2
Thanked 8 Times in 5 Posts
Default

turning this into my blog...

actually I think this might be more elegant:
Code:
        if($f3 < $this->server_conf["groupid_von"]) {
          $new_group_file[] = $f1.":".$f2.":".$f3.":".$f4;
          continue;
        }
This way the admispconfig user could be broken. But it doesn't need to get changed after the install install.
Reply With Quote
  #18  
Old 25th April 2007, 18:43
meemu meemu is offline
Member
 
Join Date: Apr 2007
Posts: 39
Thanks: 2
Thanked 8 Times in 5 Posts
Default No success

I have tried this but it doesn't work oddly enough. The update still removes the user, though it does not seem to be happening at this point.

Any other pointers?
Reply With Quote
  #19  
Old 25th April 2007, 19:01
meemu meemu is offline
Member
 
Join Date: Apr 2007
Posts: 39
Thanks: 2
Thanked 8 Times in 5 Posts
Default resolved

Finally figured it out. This patch protects groups with a gid lower than what is configured in the ispconfig server config as "gid_von" from being changed on updates.

/root/ispconfig/scripts/lib/classes/ispconfig_system.lib.php

Code:
172a173,177
>         // hack to prevent ispconfig from overwriting other groups that contain that user
>         if( intval($f3) < intval($this->server_conf["groupid_von"])) {
>         $new_group_file[] = $f1.":".$f2.":".$f3.":".$f4;
>         continue;
>       }
174c179
<         if(in_array($user_username, $group_users)){
---
>               if(in_array($user_username, $group_users)){
176c181
<           foreach($group_users as $group_user){
---
>                 foreach($group_users as $group_user){
178c183
<           }
---
>                 }
545a551,555
>       // hack to prevent ispconfig from overwriting other groups that contain that user
>       if(intval($f3) < intval($this->server_conf["groupid_von"])) {
>         $new_group_file[] = $f1.":".$f2.":".$f3.":".$f4;
>         continue;
>       }
976c986
< ?>
\ No newline at end of file
---
> ?>
Reply With Quote
The Following 2 Users Say Thank You to meemu For This Useful Post:
falko (26th April 2007), till (25th April 2007)
  #20  
Old 25th April 2007, 19:39
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,703
Thanks: 819
Thanked 5,320 Times in 4,173 Posts
 
Default

Thanks for the patch. I added it to the bugtracker for integration in ISPConfig.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ERROR: The PHP binary coming with ISPConfig does not work properly on your system! qvindesland Installation/Configuration 22 21st May 2007 16:05
SP-Server Setup - Ubuntu 5.10 "Breezy Badger" - Page 6 (changes) LuisC-SM HOWTO-Related Questions 0 21st April 2006 15:16
The PHP binary coming with ISPConfig does not work properly on your system! lykos Installation/Configuration 3 1st April 2006 07:53
ERROR: The PHP binary coming with ISPConfig does not work properly on your system! xinefnarg Installation/Configuration 2 28th March 2006 16:45
ISPConfig system stoped johnking Installation/Configuration 7 27th October 2005 02:37


All times are GMT +2. The time now is 20:14.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.