Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-www/webapp-config/files/webapp-config_fixperms.patch
blob: b9afd2cd8bdca1f1119963054d5f210a1b14c287 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

diff -Nup -Nrup webapp-config-1.10-r11.orig/config/webapp-config webapp-config-1.10-r11.patched-1/config/webapp-config
--- webapp-config-1.10-r11.orig/config/webapp-config	2003-07-21 15:52:49.000000000 +0100
+++ webapp-config-1.10-r11.patched-1/config/webapp-config	2005-05-09 05:30:51.000000000 +0100
@@ -94,7 +94,8 @@ VHOST_CONFIG_UID="`id -nu`"
 #
 # you can override this setting by using the -g switch to webapp-config
 
-VHOST_CONFIG_GID="`id -ng`"
+#VHOST_CONFIG_GID="`id -ng`"
+VHOST_CONFIG_GID="apache"
 
 # what type of shared directories should be created?
 # the default is 'virtual', which means that each install of the app
@@ -176,7 +177,7 @@ VHOST_PERMS_SERVEROWNED_DIR=775
 VHOST_PERMS_SERVEROWNED_FILE=664
 
 VHOST_PERMS_CONFIGOWNED_DIR=755
-VHOST_PERMS_CONFIGOWNED_FILE=644
+VHOST_PERMS_CONFIGOWNED_FILE=640
 
 VHOST_PERM_DEFAULTOWNED_DIR=755
 
diff -Nup -Nrup webapp-config-1.10-r11.orig/sbin/webapp-config webapp-config-1.10-r11.patched-1/sbin/webapp-config
--- webapp-config-1.10-r11.orig/sbin/webapp-config	2003-07-21 15:52:49.000000000 +0100
+++ webapp-config-1.10-r11.patched-1/sbin/webapp-config	2005-05-09 05:30:12.000000000 +0100
@@ -77,7 +77,7 @@ G_PN=
 G_PVR=
 G_HOSTNAME="${VHOST_HOSTNAME:-localhost}"
 G_CONFIG_UID="${VHOST_CONFIG_UID:-root}"
-G_CONFIG_GID="${VHOST_CONFIG_GID:-root}"
+G_CONFIG_GID="${VHOST_CONFIG_GID:-apache}"
 G_VIRTUAL_DIRS="${VHOST_CONFIG_VIRTUAL_DIRS:-virtual}"
 G_VIRTUAL_FILES="${VHOST_CONFIG_VIRTUAL_FILES:-virtual}"
 G_FORCE_VIRTUAL=0
@@ -92,7 +92,7 @@ G_PERMS_SERVEROWNED_DIR="${VHOST_PERMS_S
 G_PERMS_SERVEROWNED_FILE="${VHOST_PERMS_SERVEROWNED_FILE:-664}"
 G_PERMS_DEFAULTOWNED_DIR="${VHOST_PERMS_DEFAULTOWNED_DIR:-755}"
 G_PERMS_CONFIGOWNED_DIR="${VHOST_PERMS_CONFIGOWNED_DIR:-755}"
-G_PERMS_CONFIGOWNED_FILE="${VHOST_PERMS_CONFIGOWNED_FILE:-644}"
+G_PERMS_CONFIGOWNED_FILE="${VHOST_PERMS_CONFIGOWNED_FILE:-640}"
 G_PERMS_VIRTUAL_DIR="${VHOST_PERMS_VIRTUALOWNED_DIR:-755}"
 G_PERMS_VIRTUAL_FILE="${VHOST_PERMS_VIRTUALOWNED_FILE:-o-w}"
 G_PERMS_INSTALLDIR="${VHOST_PERMS_INSTALLDIR:-755}"
@@ -3048,6 +3048,17 @@ main ()
 
 #        echo $G_WORK
 	"fn_${G_WORK}"
+
+	# Due to a mild balls-up in earlier versions of webapp-config, some directories
+	# (notably /var/www/$site and /var/www/$site/htdocs) were created mode 777
+	# (a la world-writable).  Because of this, we run some checks after installing
+	# apps to find any such directories, remove the 'others write' bit from said
+	# directories mode, and warn the user that this has been done.  Ugh.
+	libsh_einfo "Checking permissions on web site and document root directories .."
+	find `dirname ${VHOST_ROOT}` -maxdepth 2 -type d -perm -o=w |while read d; do
+	  libsh_ewarn "Removing 'others write' bit from directory ${d}"
+	  chmod o-w "$d"
+	done
 }
 
 main "$@"