diff -Nur --no-dereference smeserver-php-3.0.0.old/root/etc/e-smith/db/accounts/migrate/20ibay-php smeserver-php-3.0.0/root/etc/e-smith/db/accounts/migrate/20ibay-php --- smeserver-php-3.0.0.old/root/etc/e-smith/db/accounts/migrate/20ibay-php 2021-03-16 00:26:20.889000000 -0400 +++ smeserver-php-3.0.0/root/etc/e-smith/db/accounts/migrate/20ibay-php 2021-03-16 01:59:53.230000000 -0400 @@ -11,6 +11,7 @@ PHPAutoPrependFile => "AutoPrependFile", PHPCustomPool => "CustomPool", PHPMaxInputTime => "MaxInputTime", + MaxExecTime => "MaxExecutionTime", ); foreach my $ibay ($DB->get_all_by_prop(type => 'ibay')) @@ -22,6 +23,13 @@ next if (defined $ibay->prop($old2new{$key}) ); $DB->set_prop($ibay->key, $old2new{$key}, $value); } + for my $key (qw(MemoryLimit UploadMaxFilesize PostMaxSize MaxExecutionTime)) + { + next unless (defined $ibay->prop($key)); + my $value = $DB->get_prop_and_delete($ibay->key, $key) if ($ibay->prop($key) eq "disabled"); + next unless $key eq "MaxExecutionTime"; + $DB->set_prop($ibay->key,MaxExecutionTime,0) if ($ibay->prop($key) eq "unlimited"); + } } } diff -Nur --no-dereference smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95AddType00PHP2ibays smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95AddType00PHP2ibays --- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95AddType00PHP2ibays 2021-03-16 00:26:20.895000000 -0400 +++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/95AddType00PHP2ibays 2021-03-16 01:59:52.746000000 -0400 @@ -1,4 +1,5 @@ { + use esmith::php; my $status = $php{status} || 'disabled'; if ($status eq 'enabled') { @@ -13,12 +14,11 @@ { $OUT .= "\nkey . "/html>\n"; # configuration to enable php-fpm for the ibay + my $version = PhpFpmVersionToUse($ibay); if ($fastcgi_mod eq 'mod_proxy_fcgi') { - use esmith::php; - my $version = PhpFpmVersionToUse($ibay); my $name = lc $key; - my $FilesMathes = ( ($ibay->prop('AllowPHTML') || 'disabled') eq 'enabled' ) ? '(xml|phtml|html|htm|php|phar)': '(phar|php)'; + my $FilesMathes = ( ($ibay->prop('AllowPHTML') || $defaultPHPproperties{'AllowPHTML'}) eq 'enabled' ) ? '(xml|phtml|html|htm|php|phar)': '(phar|php)'; $OUT .=<<"_EOF"; SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=\$1 @@ -29,25 +29,33 @@ _EOF } - else + else { - $OUT .= " AddType application/x-httpd-php .php .phtml\n"; + my $FilesMathes = ( ($ibay->prop('AllowPHTML') || $defaultPHPproperties{'AllowPHTML'}) eq 'enabled' ) ? '.xml .phtml .html .htm ': ''; + $OUT .= " AddType application/x-httpd-php .php .phar $FilesMathes\n"; $OUT .= " AddType application/x-httpd-php-source .phps\n"; # the following block is only in case phpmodule is enabled. if (exists $php{status} and $php{status} eq "enabled" and $phpModule eq "enabled") { - my $allowurlfopen = $properties{'AllowUrlfOpen'} || 'disabled'; - my $memoryLimit = $properties{'MemoryLimit'} || 'disabled'; - my $upmaxfileSize = $properties{'UploadMaxFilesize'} || 'disabled'; - my $postmaxSize = $properties{'PostMaxSize'} || 'disabled'; - my $maxexecutionTime = $properties{'MaxExecTime'} || 'disabled'; - $maxexecutionTime = '0' if $maxexecutionTime eq 'unlimited'; - $OUT .= " php_admin_flag allow_url_fopen on\n" if ($allowurlfopen eq 'enabled'); - $OUT .= " php_admin_value memory_limit $memoryLimit\n" if ($memoryLimit ne 'disabled'); - $OUT .= " php_admin_value upload_max_filesize $upmaxfileSize\n" if ($upmaxfileSize ne 'disabled'); - $OUT .= " php_admin_value post_max_size $postmaxSize\n" if ($postmaxSize ne 'disabled'); - $OUT .= " php_admin_value max_execution_time $maxexecutionTime\n" if ($maxexecutionTime ne 'disabled'); + my $allow_url_fopen = $properties{'AllowUrlfOpen'} || $defaultPHPproperties{'AllowUrlfOpen'} ; + my $memoryLimit = $properties{'MemoryLimit'} || $defaultPHPproperties{'MemoryLimit'}; + my $upmaxfileSize = $properties{'UploadMaxFilesize'} || $defaultPHPproperties{'UploadMaxFilesize'}; + my $postmaxSize = $properties{'PostMaxSize'} || $defaultPHPproperties{'PostMaxSize'}; + my $file_upload = $properties{'FileUpload'} || $defaultPHPproperties{'FileUpload'}; + my $maxexecutionTime = (defined $properties{'MaxExecutionTime'}) ? $properties{'MaxExecutionTime'} : $defaultPHPproperties{'MaxExecutionTime'}; + my $max_input_time = (defined $properties{'MaxInputTime'}) ? $properties{'MaxInputTime'} : $defaultPHPproperties{'MaxInputTime'}; + $maxexecutionTime = '0' if $maxexecutionTime eq 'unlimited'; + $file_upload = ($file_upload =~ m/^1|yes|on|enabled$/) ? 'on' : 'off'; + $allow_url_fopen = ($allow_url_fopen =~ m/^1|yes|on|enabled$/) ? 'on' : 'off'; + + $OUT .= " php_admin_flag allow_url_fopen $allow_url_fopen\n"; + $OUT .= " php_admin_value memory_limit $memoryLimit\n"; + $OUT .= " php_admin_value upload_max_filesize $upmaxfileSize\n"; + $OUT .= " php_admin_value post_max_size $postmaxSize\n" ; + $OUT .= " php_admin_flag file_upload $file_upload\n"; + $OUT .= " php_admin_value max_input_time $max_input_time\n"; + $OUT .= " php_admin_value max_execution_time $maxexecutionTime\n"; # Set upload_tmp_dir and sys_temp_dir where php can upload files or write tmp files $tmpdir= "/var/lib/php/$key/tmp"; @@ -61,8 +69,12 @@ # Set the sandbox within which PHP is confined to play my $basedir = $ibay->prop('PHPBaseDir') || ("/home/e-smith/files/ibays/$key/"); - $basedir = $tmpdir . ":" . $basedir unless ($tmpdir eq 'disabled' || ! -d $tmpdir); - $basedir = $sessdir . ":" . $basedir unless ($sessdir eq 'disabled' || ! -d $sessdir); + $basedir .= ":/var/lib/php/$key/"; + $basedir .= ":/usr/share/php/:/usr/share/pear/"; + if ( -d "/opt/remi/php$version/root/usr/share/pear/" && -d "/opt/remi/php$version/root/usr/share/php/") + { + $basedir .= ":/opt/remi/php$version/root/usr/share/pear/:/opt/remi/php$version/root/usr/share/php/"; + } $OUT .= " php_admin_value open_basedir $basedir\n"; } } diff -Nur --no-dereference smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/php-fpm.d/ibays.conf/10Ibays smeserver-php-3.0.0/root/etc/e-smith/templates/etc/php-fpm.d/ibays.conf/10Ibays --- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/php-fpm.d/ibays.conf/10Ibays 2021-03-16 00:26:20.891000000 -0400 +++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/php-fpm.d/ibays.conf/10Ibays 2021-03-16 01:59:53.487000000 -0400 @@ -12,26 +12,24 @@ my $key = $ibay->key; my $name = lc $key; my $pool_name = 'php' . $version . '-' . $name; - my $memory_limit = $ibay->prop('MemoryLimit') || '128M'; - my $max_execution_time = $ibay->prop('MaxExecutionTime') || '30'; - my $max_input_time = $ibay->prop('MaxInputTime') || '60'; - my $allow_url_fopen = $ibay->prop('AllowUrlFopen') || 'disabled'; - my $post_max_size = $ibay->prop('PostMaxSize') || '20M'; - my $upload_max_filesize = $ibay->prop('UploadMaxFilesize') || '10M'; - my $file_upload = $ibay->prop('FileUpload') || 'enabled'; - my $open_basedir = $ibay->prop('PHPBaseDir') || '/home/e-smith/files/ibays/' . $key . - ':/var/lib/php/' . $key; - my $disabled_functions = (defined $ibay->prop('DisabledFunctions')) ? $ibay->prop('DisabledFunctions') : 'system,show_source,' . - 'symlink,exec,dl,shell_exec,' . - 'passthru,phpinfo,' . - 'escapeshellarg,escapeshellcmd'; - my $autoprepend = $ibay->prop('AutoPrependFile') || 'enabled'; + my $memory_limit = $ibay->prop('MemoryLimit') || $defaultPHPproperties{'MemoryLimit'}; + my $max_execution_time = (defined $ibay->prop('MaxExecutionTime') ) ? $ibay->prop('MaxExecutionTime') : $defaultPHPproperties{'MaxExecutionTime'}; + my $max_input_time = (defined $ibay->prop('MaxInputTime'))? $ibay->prop('MaxInputTime') : $defaultPHPproperties{'MaxInputTime'}; + my $allow_url_fopen = $ibay->prop('AllowUrlFopen') || $defaultPHPproperties{'AllowUrlfOpen'}; + my $post_max_size = $ibay->prop('PostMaxSize') || $defaultPHPproperties{'PostMaxSize'}; + my $upload_max_filesize = $ibay->prop('UploadMaxFilesize') || $defaultPHPproperties{'UploadMaxFilesize'}; + my $file_upload = $ibay->prop('FileUpload') || $defaultPHPproperties{'FileUpload'}; + my $open_basedir = $ibay->prop('PHPBaseDir') || '/home/e-smith/files/ibays/' . $key . '/', + ':/var/lib/php/' . $key . '/'; + + my $disabled_functions = (defined $ibay->prop('DisabledFunctions')) ? $ibay->prop('DisabledFunctions') : $defaultPHPproperties{'DisabledFunctions'}; + my $autoprepend = $ibay->prop('AutoPrependFile') || $defaultPHPproperties{'AutoPrependFile'}; my $MailForceSender = $ibay->prop('MailForceSender') || "$name\@$DomainName"; # TODO => check ibay associated domains. - my $limitExtensions = ( ($ibay->prop('AllowPHTML') || 'disabled') eq 'enabled' ) ? "security.limit_extensions= .php .htm .html .phar .phtml .xml " : ""; + my $limitExtensions = ( ($ibay->prop('AllowPHTML') || $defaultPHPproperties{'AllowPHTML'} ) eq 'enabled' ) ? "security.limit_extensions= .php .htm .html .phar .phtml .xml " : ""; # Format vars my $autoprep = ( $autoprepend eq "disabled") ? "" : "/usr/share/php/auth_translation.php"; - my $autoprepath = ( $autoprepend eq "disabled") ? "" : ",/usr/share/php/"; + my $autoprepath = ( -d "/opt/remi/php$version/root/usr/share/pear/" && -d "/opt/remi/php$version/root/usr/share/php/" ) ? ":/usr/share/php/:/usr/share/pear/:/opt/remi/php$version/root/usr/share/pear/:/opt/remi/php$version/root/usr/share/php/" : ":/usr/share/php/:/usr/share/pear/"; $file_upload = ($file_upload =~ m/^1|yes|on|enabled$/) ? 'on' : 'off'; $allow_url_fopen = ($allow_url_fopen =~ m/^1|yes|on|enabled$/) ? 'on' : 'off'; $disabled_functions = join(', ', split /[,;:]/, $disabled_functions); diff -Nur --no-dereference smeserver-php-3.0.0.old/root/usr/share/perl5/vendor_perl/esmith/php.pm smeserver-php-3.0.0/root/usr/share/perl5/vendor_perl/esmith/php.pm --- smeserver-php-3.0.0.old/root/usr/share/perl5/vendor_perl/esmith/php.pm 2021-03-16 00:26:20.868000000 -0400 +++ smeserver-php-3.0.0/root/usr/share/perl5/vendor_perl/esmith/php.pm 2021-03-16 01:59:53.000000000 -0400 @@ -8,7 +8,27 @@ our $BASEPHP = 54; our @ISA = qw(Exporter); -our @EXPORT = qw( listPHPVersionFPM listPHPVersionShort listPHPVersionHash listPHPVersionHashShort PHPdefault VersionToUse PhpFpmVersionToUse); +our @EXPORT = qw( listPHPVersionFPM listPHPVersionShort listPHPVersionHash listPHPVersionHashShort PHPdefault PHPbase VersionToUse PhpFpmVersionToUse $defaultdisabledfunc %defaultPHPproperties); + +our $defaultdisabledfunc='system,show_source,' . + 'symlink,exec,dl,shell_exec,' . + 'passthru,phpinfo,' . + 'escapeshellarg,escapeshellcmd'; +my $configdb = esmith::ConfigDB->open_ro or die "Could not open accounts db"; +our %defaultPHPproperties = ( + MemoryLimit => '128M', + MaxExecutionTime => '30', + MaxInputTime => '60', + AllowUrlFopen => 'disabled', + PostMaxSize => '20M', + UploadMaxFilesize => '10M', + FileUpload => 'enabled', + PHPBaseDir => '/home/e-smith/files/ibays/$key:/var/lib/php/$key', + DisabledFunctions => $defaultdisabledfunc, + MailForceSender => "admin@".$configdb->get_value('DomainName'), + AllowPHTML => 'disabled', + AutoPrependFile => 'enabled', +); =head1 NAME @@ -164,6 +184,14 @@ return $PHPVersion; } +=head2 PHPbase +return the php base, i.e. 54 for php-fpm provided by CentOS 7. + +=cut +sub PHPbase { + return $BASEPHP; +} + =head2 VersionToUse argument 1 : output from $account->get('ibayname') or similar (shares,custom) it is expected to find in this entry a property PHPVersion