root/alternc/trunk/src/basedir_prot.sh

Revision 2117, 2.2 kB (checked in by anarcat, 3 months ago)

Major redesign of the MySQL backend interface to fix a security issue.
See: #318.

As of now, the MySQL configuration used everywhere by AlternC is not
stored in the main configuration file (/etc/alternc/local.sh) but in a
MySQL configuration file in /etc/alternc/my.cnf, which enables us to
call mysql without exposing the password on the commandline.

The changes here are quite invasive but will allow us to factor out
the MySQL configuration better. See #364.

This includes a partial rewrite of the mysql.sh logic, which is now ran
from the postinst script (and not alternc.install) which will allow us
to actually change the MySQL root user properly. See #601.

This commit was tested like this:

  • clean install on etch (working)
  • upgrade from a clean 0.9.7 (working)
  • Property svn:executable set to *
Line 
1 #!/bin/sh
2
3 set -e
4
5 # Ceci créé un hack php pour chacun des domaines hébergés par alternc
6 # ce hack consiste à restreindre chaque usager à son propre répertoire
7 # dans alternc/html/u/user avec open_base_dir
8
9 # ce script a les dépendances suivantes:
10 # (mysql, /etc/alternc/local.sh) OR /usr/bin/get_account_by_domain dans
11 # l'ancien package alternc-admintools désormais dans alternc natif.
12 # cut, awk, sort
13
14 override_d=/var/alternc/apacheconf
15 override_f=${override_d}/override_php.conf
16 extra_paths="/var/alternc/dns/redir:/usr/share/php/:/var/alternc/tmp/:/tmp/"
17
18 . /etc/alternc/local.sh
19 . /usr/lib/alternc/functions.sh
20
21 echo -n "adding open_base_dir protection for:"
22 # boucle sur tous les domaines hébergés, ou sur les arguments de la
23 # ligne de commande
24 if [ $# -gt 0 ]; then
25         for i in "$*"
26         do
27                 if echo "$i" | grep -q '^\*\.'
28                 then
29                     echo skipping wildcard "$i" >&2
30                     continue
31                 fi
32                 if echo "$i" | grep -q /var/alternc/dns > /dev/null; then
33                         dom="$i"
34                 else
35                     initial_domain=`print_domain_letter "$i"`
36                     dom="/var/alternc/dns/$initial_domain/$i"
37                 fi
38                 doms="$doms $dom"
39         done
40 else
41         doms=`find /var/alternc/dns -type l`
42 fi
43
44 for i in $doms
45 do
46         # don't "protect" squirrelmail, it legitimatly needs to consult
47         # files out of its own directory
48         if readlink "$i" | grep -q '^/var/alternc/bureau/admin/webmail/*$' || \
49            readlink "$i" | grep -q '^/var/alternc/bureau/*$'
50         then
51                 continue
52         fi
53         domain=`basename "$i"`
54         account=`get_account_by_domain $domain`
55         if [ -z "$account" ]; then
56                 continue
57         fi
58         # la première lettre de l'avant-dernière partie du domaine (e.g.
59         # www.alternc.org -> a)
60         initial_domain=`print_domain_letter "$domain"`
61         # la première lettre du username
62         initial_account=`print_user_letter "$account"`
63         path1="/var/alternc/dns/$initial_domain/$domain"
64         path2="/var/alternc/html/$initial_account/$account"
65
66         mkdir -p "$override_d/$initial_domain"
67         if append_no_dupe "$override_d/$initial_domain/$domain" <<EOF
68 <Directory ${path1}>
69   php_admin_value open_basedir ${path2}/:${extra_paths}
70 </Directory>
71 EOF
72         then
73                 true
74         else
75                 echo -n " $domain"
76                 add_dom_entry "Include $override_d/$initial_domain/$domain"
77         fi
78 done
79
80 echo .
Note: See TracBrowser for help on using the browser.