Alternc  latest
Alternc logiel libre pour l'hébergement
do_actions.php
Go to the documentation of this file.
1 #!/usr/bin/php -q
2 <?php
3 /*
4  $Id: do_actions.php,v 1.0 2013/04/19 13:40:32 axel Exp $
5  ----------------------------------------------------------------------
6  AlternC - Web Hosting System
7  Copyright (C) 2002 by the AlternC Development Team.
8  http://alternc.org/
9  ----------------------------------------------------------------------
10  Based on:
11  Valentin Lacambre's web hosting softwares: http://altern.org/
12  ----------------------------------------------------------------------
13  LICENSE
14 
15  This program is free software; you can redistribute it and/or
16  modify it under the terms of the GNU General Public License (GPL)
17  as published by the Free Software Foundation; either version 2
18  of the License, or (at your option) any later version.
19 
20  This program is distributed in the hope that it will be useful,
21  but WITHOUT ANY WARRANTY; without even the implied warranty of
22  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23  GNU General Public License for more details.
24 
25  To read the license please visit http://www.gnu.org/copyleft/gpl.html
26  ----------------------------------------------------------------------
27  Original Author of file: Axel Roger
28  Purpose of file: Do planed actions on files/directories.
29  ----------------------------------------------------------------------
30  */
31 /**
32  * This script check the MySQL DB for actions to do, and do them one by one.
33  *
34  * @copyright AlternC-Team 2002-2013 http://alternc.org/
35  */
36 
37 
38 //////////////////////////////////
39 /*
40 Fixme
41 
42  - check all those cases
43 
44 */
45 ///////////////////////////////////
46 
47 // Put this var to 1 if you want to enable debug prints
49 
50 // Collects errors along execution. If length > 1, an email is sent.
51 $errorsList=array();
52 
53 // Bootstraps
54 require_once("/usr/share/alternc/panel/class/config_nochk.php");
55 
56 // Script lock through filesystem
57 $admin->stop_if_jobs_locked();
58 
59 if( !defined("ALTERNC_DO_ACTION_LOCK")){
60  define("ALTERNC_DO_ACTION_LOCK",'/run/alternc/do_actions_cron.lock');
61 }
62 
63 $SCRIPT='/usr/bin/php do_actions.php';
64 $MY_PID=getmypid();
65 $FIXPERM='/usr/lib/alternc/fixperms.sh';
66 
67 
68 /**
69  *
70  * Debug function that print infos
71  *
72  * @global int $debug
73  * @param type $mess
74  */
75 function d($mess){
76  global $debug;
77  if ($debug == 1)
78  echo "$mess\n";
79 }
80 
81 /**
82  * Function to mail the panel's administrator if something failed
83  * @global array $errorsList
84  * @global type $L_FQDN
85  */
86 function mail_it(){
87  global $errorsList,$L_FQDN;
88  // Forces array
89  if( !is_array($errorsList)){
90  $errorsList = array($errorsList);
91  }
92  // Builds message from array
93  $msg = implode("\n", $errorsList);
94  // Attempts to send email
95  // @todo log if fails
96  mail("alterncpanel@$L_FQDN",'Script do_actions.php issues',"\n Errors reporting mail:\n\n$msg");
97 }
98 
99 /**
100  * Common routine for system calls
101  *
102  * @param type $command the command
103  * @param type $parameters of the command (they are going to be protected)
104  * @return array('output'=>'output of exec', 'return_val'=>'returned integer of exec')
105  */
106 function execute_cmd($command, $parameters=array()) {
107  $cmd_line = "$command ";
108  if (!empty($parameters)) {
109  if (is_array($parameters)) {
110  foreach($parameters as $pp) {
111  $cmd_line.= " ".escapeshellarg($pp)." ";
112  }
113  } else {
114  $cmd_line.= " ".escapeshellarg($parameters)." " ;
115  }
116  }
117  $cmd_line.= " 2>&1";
118  exec($cmd_line, $output, $code);
119  return array('executed' => $cmd_line, 'output'=>$output, 'return_val'=>$code);
120 }
121 
122 /** Check if a file or folder is in the list of allowed
123  * path (after dereferencing all ../ and symlinks
124  * @param $path string the path to check against
125  * @return string the dereferenced path, or FALSE if the path is NOT allowed (/var/www/alternc /var/mail/alternc)
126  */
127 function my_realpath($path) {
128  global $L_ALTERNC_HTML, $L_ALTERNC_MAIL;
129  // add here any allowed path:
130  $allowed=array(realpath($L_ALTERNC_HTML)."/", realpath($L_ALTERNC_MAIL)."/");
131  $path=realpath($path);
132  foreach($allowed as $one) {
133  // the path must be BELOW each allowed folder. forbid anything
134  if (strlen($path)>strlen($one) && substr($path,0,strlen($one))==$one) {
135  return $path;
136  }
137  }
138  return false;
139 }
140 
141 // Check if script isn't already running
142 if (file_exists(ALTERNC_DO_ACTION_LOCK) !== false){
143  d("Lock file already exists. ");
144  // Check if file is in process list
145  $PID=file_get_contents(ALTERNC_DO_ACTION_LOCK);
146  d("My PID is $MY_PID, PID in the lock file is $PID");
147  if ($PID == exec("pidof $SCRIPT | tr ' ' '\n' | grep -v $MY_PID")){
148  // Previous cron is not finished yet, just exit
149  d("Previous cron is already running, we just exit and let it finish :-)");
150  exit(0);
151  }else{
152  // Previous cron failed!
153  $errorsList[]="Lock file already exists. No process with PID $PID found! Previous cron failed...\n";
154 
155  // No need to remove anything, we're going to recreate it
156  //d("Removing lock file and trying to process the failed action...");
157  // Delete the lock and continue to the next action
158  //unlink(ALTERNC_DO_ACTION_LOCK);
159 
160  // Lock with the current script's PID
161  if (file_put_contents(ALTERNC_DO_ACTION_LOCK,$MY_PID) === false){
162  $errorsList[]="Cannot open/write ALTERNC_DO_ACTION_LOCK\n";
163  mail_it();
164  exit(1);
165  }
166 
167  // Get the action(s) that was processing when previous script failed
168  // (Normally, there will be at most 1 job pending... but who know?)
169  while($cc=$action->get_job()){
170  $c=$cc[0];
171  $params=unserialize($c["parameters"]);
172  // We can resume these types of action, so we reset the job to process it later
173  d("Previous job was the n°".$c["id"]." : '".$c["type"]."'");
174  if($c["type"] == "CREATE_FILE" && is_dir(dirname($params["file"])) || $c["type"] == "CREATE_DIR" || $c["type"] == "DELETE" || $c["type"] == "FIX_DIR" || $c["type"] == "FIX_FILE"){
175  d("Reset of the job! So it will be resumed...");
176  $action->reset_job($c["id"]);
177  }else{
178  // We can't resume the others types, notify the fail and finish this action
179  $errorsList[]="Can't resume the job n°".$c["id"]." action '".$c["type"]."', finishing it with a fail status.\n";
180  if(!$action->finish($c["id"],"Fail: Previous script crashed while processing this action, cannot resume it.")){
181  $errorsList[]="Cannot finish the action! Error while inserting the error value in the DB for action n°".$c["id"]." : action '".$c["type"]."'\n";
182  break; // Else we go into an infinite loop... AAAAHHHHHH
183  }
184  }
185  }
186  }
187 }else{
188  // Lock with the current script's PID
189  if (file_put_contents(ALTERNC_DO_ACTION_LOCK,$MY_PID) === false){
190  $errorsList[]="Cannot open/write ALTERNC_DO_ACTION_LOCK\n";
191  mail_it();
192  exit(1);
193  }
194 }
195 
196 //We get the next action to do
197 while ($rr=$action->get_action()){
198  $r=$rr[0];
199  $return="OK";
200  // Do we have to do this action with a specific user?
201  if($r["user"] != "root")
202  $SU="su ".$r["user"]." 2>&1 ;";
203  else
204  $SU="";
205  // We lock the action
206  d("-----------\nBeginning action n°".$r["id"]);
207  $action->begin($r["id"]);
208  // We process it
209  $params=@unserialize($r["parameters"]);
210  // We exec with the specified user
211  d("Executing action '".$r["type"]."' with user '".$r["user"]."'");
212  switch ($r["type"]){
213  case "FIX_USER" :
214  // Create the directory and make parent directories as needed
215  $returned = execute_cmd("$FIXPERM -u", $params["uid"]);
216  break;
217  case "CHMOD" :
218  $filename=my_realpath($params["filename"]);
219  if ($filename===false) {
220  $errorsList=array("Fail: path not allowed");
221  break;
222  }
223  $perms=$params["perms"];
224  // Checks the file or directory exists
225  if( !is_dir($filename) && ! is_file($filename)){
226  $errorsList=array("Fail: cannot retrieve CHMOD filename" );
227  }
228  // Checks the perms are correct
229  else if ( !is_int( $perms)){
230  $errorsList=array("Fail: Incorrect perms : $perms");
231  }
232  // Attempts to change the rights on the file or directory
233  else if( !chmod($filename, $perms)) {
234  $errorsList=array("Fail: cannot change perms ($perms) on filename ($filename)");
235  }
236 
237  break;
238  case "CREATE_FILE" :
239  $dirname=my_realpath(dirname($params["filename"]));
240  $filename=basename($params["filename"]);
241  if ($dirname===false) {
242  $errorsList=array("Fail: path not allowed");
243  break;
244  }
245  $params["file"]=$dirname.DIRECTORY_SEPARATOR.$filename;
246  if(!file_exists($params["file"])) {
247  if ( file_put_contents($params["file"], $params["content"]) === false ) {
248  $errorsList=array("Fail: can't write into file ".$params["file"]);
249  } else {
250  if (!chown($params["file"], $r["user"])) {
251  $errorsList=array("Fail: cannot chown ".$params["file"]);
252  }
253  }
254  } else {
255  $errorsList=array("Fail: file already exists ".$params["file"]);
256  }
257  break;
258  case "CREATE_DIR" :
259  $dirname=my_realpath(dirname($params["dir"]));
260  $filename=basename($params["dir"]);
261  if ($dirname===false) {
262  $errorsList=array("Fail: path not allowed");
263  break;
264  }
265  $params["dir"]=$dirname.DIRECTORY_SEPARATOR.$filename;
266  // Create the directory and make parent directories as needed
267  $returned = execute_cmd("$SU mkdir", array('-p', $params["dir"]));
268  break;
269  case "DELETE" :
270  $dirname=my_realpath($params["dir"]);
271  if ($dirname===false) {
272  $errorsList=array("Fail: path not allowed");
273  break;
274  }
275  // Delete file/directory and its contents recursively
276  $returned = execute_cmd("$SU rm", array('-rf', $dirname));
277  break;
278  case "MOVE" :
279  // If destination dir does not exists, create it
280  $dirname=my_realpath(dirname($params["dst"]));
281  $filename=basename($params["dst"]);
282  if ($dirname===false) {
283  $errorsList=array("Fail: path not allowed");
284  break;
285  }
286  $params["dst"]=$dirname.DIRECTORY_SEPARATOR.$filename;
287  $params["src"]=my_realpath($params["src"]);
288  if ($params["src"]===false) {
289  $errorsList=array("Fail: path not allowed");
290  break;
291  }
292 
293  if (!is_dir($params["dst"]))
294  if ( @mkdir($params["dst"], 0777, true)) {
295  if ( @chown($params["dst"], $r["user"]) ) {
296  $returned = execute_cmd("$SU mv -f", array($params["src"], $params["dst"]));
297  }
298  } else { //is_dir false
299  $errorsList=array("Fail: cannot create ".$params["dst"]);
300  } // is_dir
301 
302  break;
303  case "FIX_DIR" :
304  $params["dir"]=my_realpath($params["dir"]);
305  if ($params["dir"]===false) {
306  $errorsList=array("Fail: path not allowed");
307  break;
308  }
309  $returned = execute_cmd($FIXPERM, array('-d', $params["dir"]));
310  if($returned['return_val'] != 0) {
311  $errorsList=array("Fixperms.sh failed, returned error code : ".$returned['return_val']);
312  }
313  break;
314  case "FIX_FILE" :
315  $params["file"]=my_realpath($params["file"]);
316  if ($params["file"]===false) {
317  $errorsList=array("Fail: path not allowed");
318  break;
319  }
320  $returned = execute_cmd($FIXPERM, array('-f', $params["file"]));
321  if($returned['return_val'] != 0){
322  $errorsList=array("Fixperms.sh failed, returned error code : ".$returned['return_val']);
323  }
324  break;
325  default :
326  $output=array("Fail: Sorry dude, i do not know this type of action");
327  break;
328  }
329  // Get the error (if exists).
330  if(isset($output[0])){
331  $return=$output[0];
332  $errorsList[]="\nAction n°".$r["id"]." '".$r["type"]."' failed! With user: ".$r["user"]."\nHere is the complete output:\n".print_r($output);
333  }
334  // We finished the action, notify the DB.
335  d("Finishing... return value is : $return\n");
336  if(!$action->finish($r["id"],addslashes($return))){
337  $errorsList[]="Cannot finish the action! Error while inserting the error value in the DB for action n°".$r["id"]." : action '".$r["type"]."'\nReturn value: ".addslashes($return)."\n";
338  break; // Else we go into an infinite loop... AAAAHHHHHH
339  }
340 }
341 
342 // If an error occured, notify it to the admin
343 if(count($errorsList)) {
344  mail_it();
345 if( (php_sapi_name() === 'cli') ){
346  echo _("errors were met");
347  var_dump($errorsList);
348 
349 }
350 }
351 
352 // Unlock the script
353 // @todo This could be handled by m_admin
354 unlink(ALTERNC_DO_ACTION_LOCK);
355 
356 // Exit this script
357 exit(0);
exit
Definition: adm_doadd.php:70
$msg
Definition: bootstrap.php:75
$c
Definition: bootstrap.php:47
$r
Definition: aws_add.php:75
$MY_PID
Definition: do_actions.php:64
execute_cmd($command, $parameters=array())
Common routine for system calls.
Definition: do_actions.php:106
$errorsList
Definition: do_actions.php:51
d($mess)
Debug function that print infos.
Definition: do_actions.php:75
my_realpath($path)
Check if a file or folder is in the list of allowed path (after dereferencing all ....
Definition: do_actions.php:127
$debug
This script check the MySQL DB for actions to do, and do them one by one.
Definition: do_actions.php:48
if(!defined("ALTERNC_DO_ACTION_LOCK")) $SCRIPT
Definition: do_actions.php:63
mail_it()
Function to mail the panel's administrator if something failed.
Definition: do_actions.php:86
$FIXPERM
Definition: do_actions.php:65
$rr
Definition: ftp_edit.php:52