File: //scripts.20110531.215904.25158/initsuexec
#!/usr/bin/perl
# cpanel - initsuexec Copyright(c) 2010 cPanel, Inc.
# All rights Reserved.
# copyright@cpanel.net http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited
BEGIN { unshift @INC, '/usr/local/cpanel'; }
use strict;
use Cpanel::RcsRecord ();
use Cpanel::PwCache ();
use Cpanel::SafeFile ();
use Cpanel::HttpUtils::ApRestart ();
use Cpanel::HttpUtils::Version ();
use Cpanel::AcctUtils::DomainOwner ();
use Cpanel::AcctUtils::DomainOwnerCache ();
use Cpanel::Logger ();
Cpanel::PwCache::init_passwdless_pwcache();
Cpanel::AcctUtils::DomainOwnerCache::cachedomainowners();
exit if !-e '/usr/local/apache/conf/httpd.conf';
my $logger = Cpanel::Logger->new();
my $restart_apache = ( grep( /^--no-restart/, @ARGV ) ) ? 0 : 1;
system '/scripts/initfpsuexec';
system '/scripts/updateuserdomains';
my $has_suexec = -e '/usr/local/apache/bin/suexec' ? 1 : 0;
my $has_apache2_auth_passthrough = -e '/usr/local/apache/modules/mod_auth_passthrough.so' ? 1 : 0;
if ( !$has_suexec ) {
chmod 04755, '/usr/local/cpanel/cgi-sys/scgiwrap'; # mode must be an octal number
unless ($has_apache2_auth_passthrough) {
# System call here is fine
system 'chmod 0640 /usr/local/apache/conf/sites/*';
system 'chown root:nobody /usr/local/apache/conf/sites/*';
exit;
}
}
else {
chmod 0755, '/usr/local/cpanel/cgi-sys/scgiwrap';
}
my @CFILE;
my $in_virtual_host = 0;
my $has_user_group = 0;
my $owner = '';
Cpanel::RcsRecord::rcsrecord('/usr/local/apache/conf/httpd.conf');
my $httplock = Cpanel::SafeFile::safeopen( \*HC, '+<', '/usr/local/apache/conf/httpd.conf' );
if ( !$httplock ) { $logger->die("Could not edit /usr/local/apache/conf/httpd.conf"); }
my $http_ver = Cpanel::HttpUtils::Version::get_current_apache_version_key();
while (<HC>) {
push @CFILE, $_;
}
seek( HC, 0, 0 );
for my $line (@CFILE) {
if ( $line !~ /^#/ ) {
if ( $line =~ /<virtualhost/i ) {
$in_virtual_host = 1;
$owner = '';
$has_user_group = 0;
}
if ( $line =~ /<\/virtualhost/i ) {
if ( $owner && $owner ne 'root' && $owner ne 'nobody' && $owner ne '*' && Cpanel::PwCache::getpwnam($owner) && !$has_user_group && $has_suexec ) {
my $new = " <IfModule !mod_disable_suexec.c>\n";
$new .=
$http_ver eq '1'
? " User $owner\n Group $owner\n"
: " SuexecUserGroup $owner $owner\n";
$new .= " </IfModule>\n";
print HC $new;
}
$in_virtual_host = 0;
}
if ($in_virtual_host) {
if ( $line =~ /^(\s*)user /i || $line =~ m{^\s*SuexecUserGroup} ) {
$has_user_group = 1;
}
if ( $line =~ /ServerName (\S+)/i ) {
my $server_name = $1;
$server_name =~ s/^www\.//g;
$owner = Cpanel::AcctUtils::DomainOwner::getdomainowner($server_name);
if ( $has_suexec || $has_apache2_auth_passthrough ) {
my ( $uid, $gid ) = ( Cpanel::PwCache::getpwnam($owner) )[ 2, 3 ]; # really don't use $uid ...
if ($gid) {
foreach my $file ( "/usr/local/apache/conf/sites/${server_name}.conf", "/usr/local/apache/conf/sites/www.${server_name}.conf" ) {
if ( -e $file ) {
chmod 0640, $file;
chown 0, $gid, $file;
}
}
}
}
}
}
}
print HC $line;
}
truncate( HC, tell(HC) );
Cpanel::SafeFile::safeclose( \*HC, $httplock );
Cpanel::RcsRecord::rcsrecord('/usr/local/apache/conf/httpd.conf');
Cpanel::HttpUtils::ApRestart::safeaprestart() if ($restart_apache);