Fix permission issues on Ubuntu 24 causing 404 errors
Fixes #1583 The fixPermissions function in file manager was causing sites to become inaccessible after running "Fix Permissions" on Ubuntu 24. The root causes: 1. Async execution (popenExecutioner) caused race conditions where commands executed in unpredictable order 2. The public_html directory group was incorrectly changed from 'nogroup' to the user's group, breaking web server access Changes: - Changed all async popenExecutioner calls to sync executioner calls - Reordered commands to set permissions before ownership - Ensured public_html directory maintains correct group ownership (nogroup) - Added comments to clarify the purpose of each step This ensures the file manager's "Fix Permissions" feature works correctly on Ubuntu 24 while maintaining proper security.
This commit is contained in:
usmannasir
parent
9d0d5fbd35
commit
acc6cad623
|
|
@ -1039,8 +1039,9 @@ class FileManager:
|
||||||
'error_message': "Symlink attack."})
|
'error_message': "Symlink attack."})
|
||||||
return HttpResponse(final_json)
|
return HttpResponse(final_json)
|
||||||
|
|
||||||
|
# Set home directory ownership
|
||||||
command = 'chown %s:%s /home/%s' % (website.externalApp, website.externalApp, domainName)
|
command = 'chown %s:%s /home/%s' % (website.externalApp, website.externalApp, domainName)
|
||||||
ProcessUtilities.popenExecutioner(command)
|
ProcessUtilities.executioner(command)
|
||||||
|
|
||||||
### Sym link checks
|
### Sym link checks
|
||||||
|
|
||||||
|
|
@ -1053,21 +1054,21 @@ class FileManager:
|
||||||
'error_message': "Symlink attack."})
|
'error_message': "Symlink attack."})
|
||||||
return HttpResponse(final_json)
|
return HttpResponse(final_json)
|
||||||
|
|
||||||
command = 'chown -R -P %s:%s /home/%s/public_html/*' % (externalApp, externalApp, domainName)
|
# Set file permissions first (before ownership to avoid conflicts)
|
||||||
ProcessUtilities.popenExecutioner(command)
|
|
||||||
|
|
||||||
command = 'chown -R -P %s:%s /home/%s/public_html/.[^.]*' % (externalApp, externalApp, domainName)
|
|
||||||
ProcessUtilities.popenExecutioner(command)
|
|
||||||
|
|
||||||
# command = "chown root:%s /home/" % (groupName) + domainName + "/logs"
|
|
||||||
# ProcessUtilities.popenExecutioner(command)
|
|
||||||
|
|
||||||
command = "find %s -type d -exec chmod 0755 {} \;" % ("/home/" + domainName + "/public_html")
|
command = "find %s -type d -exec chmod 0755 {} \;" % ("/home/" + domainName + "/public_html")
|
||||||
ProcessUtilities.popenExecutioner(command)
|
ProcessUtilities.executioner(command)
|
||||||
|
|
||||||
command = "find %s -type f -exec chmod 0644 {} \;" % ("/home/" + domainName + "/public_html")
|
command = "find %s -type f -exec chmod 0644 {} \;" % ("/home/" + domainName + "/public_html")
|
||||||
ProcessUtilities.popenExecutioner(command)
|
ProcessUtilities.executioner(command)
|
||||||
|
|
||||||
|
# Set ownership for all files inside public_html to user:user
|
||||||
|
command = 'chown -R -P %s:%s /home/%s/public_html/*' % (externalApp, externalApp, domainName)
|
||||||
|
ProcessUtilities.executioner(command)
|
||||||
|
|
||||||
|
command = 'chown -R -P %s:%s /home/%s/public_html/.[^.]*' % (externalApp, externalApp, domainName)
|
||||||
|
ProcessUtilities.executioner(command)
|
||||||
|
|
||||||
|
# Set public_html directory itself to user:nogroup with 750 permissions
|
||||||
command = 'chown %s:%s /home/%s/public_html' % (externalApp, groupName, domainName)
|
command = 'chown %s:%s /home/%s/public_html' % (externalApp, groupName, domainName)
|
||||||
ProcessUtilities.executioner(command)
|
ProcessUtilities.executioner(command)
|
||||||
|
|
||||||
|
|
@ -1084,21 +1085,23 @@ class FileManager:
|
||||||
'error_message': "Symlink attack."})
|
'error_message': "Symlink attack."})
|
||||||
return HttpResponse(final_json)
|
return HttpResponse(final_json)
|
||||||
|
|
||||||
|
# Set file permissions first
|
||||||
command = "find %s -type d -exec chmod 0755 {} \;" % (childs.path)
|
command = "find %s -type d -exec chmod 0755 {} \;" % (childs.path)
|
||||||
ProcessUtilities.popenExecutioner(command)
|
ProcessUtilities.executioner(command)
|
||||||
|
|
||||||
command = "find %s -type f -exec chmod 0644 {} \;" % (childs.path)
|
command = "find %s -type f -exec chmod 0644 {} \;" % (childs.path)
|
||||||
ProcessUtilities.popenExecutioner(command)
|
ProcessUtilities.executioner(command)
|
||||||
|
|
||||||
|
# Set ownership for all files inside child domain to user:user
|
||||||
command = 'chown -R -P %s:%s %s/*' % (externalApp, externalApp, childs.path)
|
command = 'chown -R -P %s:%s %s/*' % (externalApp, externalApp, childs.path)
|
||||||
ProcessUtilities.popenExecutioner(command)
|
ProcessUtilities.executioner(command)
|
||||||
|
|
||||||
command = 'chown -R -P %s:%s %s/.[^.]*' % (externalApp, externalApp, childs.path)
|
command = 'chown -R -P %s:%s %s/.[^.]*' % (externalApp, externalApp, childs.path)
|
||||||
ProcessUtilities.popenExecutioner(command)
|
ProcessUtilities.executioner(command)
|
||||||
|
|
||||||
|
# Set child domain directory itself to 755 with user:nogroup
|
||||||
command = 'chmod 755 %s' % (childs.path)
|
command = 'chmod 755 %s' % (childs.path)
|
||||||
ProcessUtilities.popenExecutioner(command)
|
ProcessUtilities.executioner(command)
|
||||||
|
|
||||||
command = 'chown %s:%s %s' % (externalApp, groupName, childs.path)
|
command = 'chown %s:%s %s' % (externalApp, groupName, childs.path)
|
||||||
ProcessUtilities.popenExecutioner(command)
|
ProcessUtilities.executioner(command)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue