Server : Apache System : Linux server1.cgrithy.com 3.10.0-1160.95.1.el7.x86_64 #1 SMP Mon Jul 24 13:59:37 UTC 2023 x86_64 User : nobody ( 99) PHP Version : 8.1.23 Disable Function : NONE Directory : /scripts/ |
#!/usr/local/cpanel/3rdparty/bin/perl # cpanel - scripts/initsuexec Copyright 2022 cPanel, L.L.C. # All rights reserved. # copyright@cpanel.net http://cpanel.net # This code is subject to the cPanel license. Unauthorized copying is prohibited use strict; use Cpanel::PwCache::Build (); use Cpanel::PwCache (); use Cpanel::SafeFile (); use Cpanel::HttpUtils::ApRestart::BgSafe (); use Cpanel::HttpUtils::Version (); use Cpanel::AcctUtils::DomainOwner::Tiny (); use Cpanel::Config::Httpd::Perms (); use Cpanel::Logger (); use Cpanel::ConfigFiles::Apache (); my $apacheconf = Cpanel::ConfigFiles::Apache->new(); Cpanel::PwCache::Build::init_passwdless_pwcache(); Cpanel::AcctUtils::DomainOwner::Tiny::build_domain_cache(); exit if !-e $apacheconf->file_conf(); my $logger = Cpanel::Logger->new(); my $restart_apache = ( grep( /^--no-restart/, @ARGV ) ) ? 0 : 1; system '/usr/local/cpanel/scripts/updateuserdomains'; my $has_suexec = -x $apacheconf->bin_suexec() ? 1 : 0; my $has_apache2_auth_passthrough = -e $apacheconf->dir_modules() . "/mod_auth_passthrough.so" ? 1 : 0; my $has_scgiwrap = ( !$has_suexec && !Cpanel::Config::Httpd::Perms::webserver_runs_as_user() ); if ($has_scgiwrap) { warn "scgiwrap has been removed in cPanel & WHM 62. Please use Apache suEXEC instead.\n"; } my @CFILE; my $in_virtual_host = 0; my $has_user_group = 0; my $owner = ''; my $scgiwrap_alias = 'ScriptAlias /scgi-bin /usr/local/cpanel/cgi-sys/scgiwrap'; my $httplock = Cpanel::SafeFile::safeopen( \*HC, '+<', $apacheconf->file_conf() ); if ( !$httplock ) { $logger->die( 'Could not edit ' . $apacheconf->file_conf() ); } my $http_ver = Cpanel::HttpUtils::Version::get_current_apache_version_key(); while (<HC>) { push @CFILE, $_; } seek( HC, 0, 0 ); foreach my $line (@CFILE) { if ( $line !~ /^#/ ) { if ( $line =~ /<virtualhost/i ) { $in_virtual_host = 1; $owner = ''; $has_user_group = 0; } if ( $line =~ /<\/virtualhost/i ) { if ( $owner && $owner ne 'root' && $owner ne 'nobody' && $owner ne '*' && Cpanel::PwCache::getpwnam($owner) && !$has_user_group && $has_suexec ) { my $new = " <IfModule !mod_disable_suexec.c>\n"; $new .= $http_ver eq '1' ? " User $owner\n Group $owner\n" : " SuexecUserGroup $owner $owner\n"; $new .= " </IfModule>\n"; print HC $new; } $in_virtual_host = 0; } if ($in_virtual_host) { if ( $line =~ /^(\s*)user /i || $line =~ m{^\s*SuexecUserGroup} ) { $has_user_group = 1; } if ( $line =~ /ServerName (\S+)/i ) { my $server_name = $1; $server_name =~ s/^www\.//g; $owner = Cpanel::AcctUtils::DomainOwner::Tiny::getdomainowner($server_name); if ( $has_suexec || $has_apache2_auth_passthrough ) { my ( $uid, $gid ) = ( Cpanel::PwCache::getpwnam($owner) )[ 2, 3 ]; # really don't use $uid ... if ($gid) { foreach my $file ( $apacheconf->dir_conf() . "/sites/${server_name}.conf", $apacheconf->dir_conf() . "/sites/www.${server_name}.conf" ) { if ( -e $file ) { chmod 0640, $file; chown 0, $gid, $file; } } } } } } next if $line =~ /\Q$scgiwrap_alias\E/; } print HC $line; } truncate( HC, tell(HC) ); Cpanel::SafeFile::safeclose( \*HC, $httplock ); Cpanel::HttpUtils::ApRestart::BgSafe::restart() if ($restart_apache);