protect phpstub with chattr +i and drop chattr -i for deleting domain

This commit is contained in:
Timotheus Pokorra 2024-01-17 19:59:42 +01:00
parent 6e2db93a0f
commit 15ca8d9dd4

View File

@ -242,6 +242,10 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
domDirsProcessor.appendProcessor( domDirsProcessor.appendProcessor(
new CopyFileProcessor("/usr/local/src/phpstub/phpstub", domainDir + "/fastcgi-ssl/phpstub", userName, pacName, "755") new CopyFileProcessor("/usr/local/src/phpstub/phpstub", domainDir + "/fastcgi-ssl/phpstub", userName, pacName, "755")
); );
domDirsProcessor.appendProcessor(
new ShellProcessor("chattr +i " + domainDir + " /fastcgi/phpstub && " +
"chattr +i " + domainDir + " /fastcgi-ssl/phpstub")
);
domDirsProcessor.appendProcessor( domDirsProcessor.appendProcessor(
new ShellProcessor("ln -sf " + domainDir + " /home/doms/ && " + new ShellProcessor("ln -sf " + domainDir + " /home/doms/ && " +
"chown --no-dereference " + userName + ":httpd /home/doms/" + domName "chown --no-dereference " + userName + ":httpd /home/doms/" + domName
@ -333,6 +337,8 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
" && rm -f /etc/apache2/pems-generated/" + domname + ".crt" + " && rm -f /etc/apache2/pems-generated/" + domname + ".crt" +
" && rm -f /etc/apache2/pems-generated/" + domname + ".key" + " && rm -f /etc/apache2/pems-generated/" + domname + ".key" +
" && rm -f /etc/apache2/pems-generated/" + domname + ".chain" + " && rm -f /etc/apache2/pems-generated/" + domname + ".chain" +
" && chattr -i " + homedir + "/doms/" + domname + "/fastcgi/phpstub" +
" && chattr -i " + homedir + "/doms/" + domname + "/fastcgi-ssl/phpstub" +
" && mkdir " + homedir + "/doms.bak" + " && mkdir " + homedir + "/doms.bak" +
" && mv " + homedir + "/doms/" + domname + " " + homedir + "/doms.bak/" + " && mv " + homedir + "/doms/" + domname + " " + homedir + "/doms.bak/" +
" && chown -R " + username + ":" + username + " " + homedir + "/doms.bak" + " && chown -R " + username + ":" + username + " " + homedir + "/doms.bak" +
@ -349,6 +355,8 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
" && rm -f /etc/apache2/pems-generated/" + domname + ".crt" + " && rm -f /etc/apache2/pems-generated/" + domname + ".crt" +
" && rm -f /etc/apache2/pems-generated/" + domname + ".key" + " && rm -f /etc/apache2/pems-generated/" + domname + ".key" +
" && rm -f /etc/apache2/pems-generated/" + domname + ".chain" + " && rm -f /etc/apache2/pems-generated/" + domname + ".chain" +
" && chattr -i " + homedir + "/doms/" + domname + "/fastcgi/phpstub" +
" && chattr -i " + homedir + "/doms/" + domname + "/fastcgi-ssl/phpstub" +
" && rm -rf " + homedir + "/doms/" + domname + " && rm -rf " + homedir + "/doms/" + domname +
" && invoke-rc.d apache2 reload >/dev/null 2>&1"); " && invoke-rc.d apache2 reload >/dev/null 2>&1");
} }