Permission problem /var/www/clients/clientX/webX/web

Discussion in 'General' started by rnjn, Jun 16, 2017.

  1. till

    till Super Moderator Staff Member ISPConfig Developer

    Your problem is not related to ISPConfig. You want to access a file in realtime that is owned by a specific Linux user and can only be written by this Linux user, so the application process that wants to write this file must run either as this user or it must run as root. You named softaculous above as an example, softaculous independently independant from ISPConfig's processes and does not use any functions form ISPConfig to access the files in the websites.

    You need a pure-ftpd binary that is built without capability support then, or use a full virtualization that supports capabilities. https://www.faqforge.com/linux/cont...irtual-machines-without-capabilities-enabled/
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Btw. Docker does not make much sense for a web hosting server with multiple websites in my opinion as it neither supports quota, so all your sites can grow unlimited in size, and you would have to store many files from /etc folder outside of the docker vm as ispconfig must be able to add users to /etc/passwd and groups to /etc/group and so on and these must be stored in a way that you don't loose them when restarting the container or host system.
     
  3. rnjn

    rnjn New Member

    Ok.
    Now created a new table in ispconfig database and created a server plugin which binds to this table event. Issue is plugin not getting executed for the table event. Following is what we have done:
    1. Created a new table in ispconfig database.
    2. Created plugin at /usr/local/ispconfig/server/plugins-enabled/installerv1_plugin_inc.php and a registered a update event.
    3. Created file at /usr/local/ispconfig/server/mods-enabled and registered TableHook.
    When any table field is updated, the plugin is not getting executed. Please help.
     
    Last edited: Jun 27, 2017
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    You can get more debug output from the event handling process by setting:

    var $debug = true;

    in line 35 of the file server/lib/plugins/modules.inc.php
     
  5. rnjn

    rnjn New Member

    Thanks fot the replay.
    Enabled var $debug = true; I can see TableHook registered, but process function is not called.
    27.06.2017-07:27 - DEBUG - Loading Module: installer_v1_module
    27.06.2017-07:27 - DEBUG - Registered TableHook 'installer_v1' in module 'installer_v1_module' for processing function 'process'
    I have a doubt here. Does plugin event work if I update values like below?
    $app->db->query("UPDATE installer_v1 SET install_id=? WHERE id=?", 1, 1);
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    No, you have to use the datalogUpdate and datalogInsert functions of the ISPConfig mysql library.
     
  7. rythmCorrect

    rythmCorrect New Member

    Hello till,
    We have developed the server plugin. It works fine but there is delay due to the cron job which we do not want. Is there a way to run php application as root independent of cron and server plugins?
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    You can run applications written in any programming language as any user on Linux. So yes, applications written in PHP can be run as root. But I have some slight concerns that you might not have the expertise to develop a daemon that runs as root in a secure way yet if you don't know that, so you should really think twice if you want to develop such a software yourself or if it's not better that you ask an experienced developer to develop a daemon program for you before you put your servers and maybe other servers at risk.
     
    ahrasis likes this.
  9. rythmCorrect

    rythmCorrect New Member

    OK, thanks for the replay :). Btw I added the same installer application in another Control Panel as a plugin and I never faced any sort of permission issues there. Becoz the php always runs as the user who is currently logged in to the panel. No server plugins or cron jobs needed. More importantly no need to go at root level!
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    What that panel does sounds really risky, running the panel itself as the user of the client web means that all webs have access to the config of all other sites, so it is way easier that one client takes over the site of another client. Or the panel does not support user separation at all and runs itself and all sites as e.g. www-data, which is not less risky.
     
    Jesse Norell likes this.
  11. rythmCorrect

    rythmCorrect New Member

    I meant only the 3rd party plugin run as the currently logged in user, not the panel. and there is a clear user separation.
     

Share This Page