Jump to content
Froxlor Forum

Archived

This topic is now archived and is closed to further replies.

  • 0
glampe

Froxlor 0.9.32 directory permissions

Question

After I upgraded to 9.32, whenever I create a new customer the customer's web folder is not accessible. It has 750 permissions, when the customers created before have 755.

 

I changed line 138 in cron_tasks.php from 750 to 755 and it seems to have fixed the problem.

safe_exec('chmod 0750 ' . escapeshellarg($userhomedir));
safe_exec('chmod 0755 ' . escapeshellarg($userhomedir));

Has anyone else had this issue?

Share this post


Link to post
Share on other sites

5 answers to this question

Recommended Posts

I think know why there is a problem :

 

I have nginx + php-fpm :

This two problems have the same question i think, it is about security :

 

1srt problem:

nginx is runing under www-data by default and i think it should not be runing under froxlorlocal

panel is runing under froxlorlocal

 

froxlorlocal is member of customer groups but not www-data and www-data can't access files.

 

2nd problem :

cron is checking the value 'Webserver user-name' and 'Webserver group-name' and changing owner and group of userdata.inc.php

I'm using puppet to control the server and configuration files. The cron should not touch this file.

 

Suggestions :

I prefer that nginx runing with www-data because it is standard. The installer froxlor should check, if possible, the owner of the webserver (not the owner of php currently running) and use it to configure the value of 'Webserver user-name' and 'Webserver group-name'.

And the cron should not touch the file userdata.inc.php

Share this post


Link to post
Share on other sites

Thats not the Problem at all. Webserver runs under webserver and PHP under the corresponding user. Thats what fpm is about.

 

Just use the latest configs for libnss-mysql and youre good to go.

Share this post


Link to post
Share on other sites





×
×
  • Create New...