WordPress.org
Get WordPress

Plugin Directory

Changeset 1214702


Ignore:
Timestamp:
08/07/2015 09:00:37 AM (11 years ago)
Author:
samface
Message:

more bug fixes for the file permissions inspection routine

Location:
angry-creative-logger/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • angry-creative-logger/trunk/plugin.php

    r1214050 r1214702  
    44Plugin URI: http://angrycreative.se
    55Description: Inspects and logs possible issues with your Wordpress installation.
    6 Version: 0.8.1
     6Version: 0.8.2
    77Author: Robin Björklund, Sammy Nordström, Angry Creative AB
    88*/
    99
    10 define( 'ACI_PLUGIN_VERSION', '0.8.1' );
     10define( 'ACI_PLUGIN_VERSION', '0.8.2' );
    1111
    1212define( 'ACI_PLUGIN_DIR', dirname( __FILE__ ) );

  • angry-creative-logger/trunk/readme.txt

    r1214050 r1214702  
    11=== Angry Creative Inspector ===
    22Contributors: ac-robin, samface, angrycreative
    3 Tags: inspect, inspection, monitor, monitoring, log, logging, check, checking, validate, validation, permissions, install, installation
     3Tags: inspect, inspection, monitor, monitoring, log, logging, check, checking, validate, validation, permissions, install, installation, wp-cli
    44Requires at least: 4.0
    5 Tested up to: 4.2.2
    6 Stable tag: 0.8.1
     5Tested up to: 4.2.4
     6Stable tag: 0.8.2
    77License: GPLv2 or later
    88License URI: http://www.gnu.org/licenses/gpl-2.0.html
    99
    10 Inspects and logs possible issues with your Wordpress installation.
     10Inspects, logs and with the aid of WP-CLI it may even repair possible issues with your Wordpress installation.
    1111
    1212== Description ==
    1313
    14 Inspects and logs possible issues with your Wordpress installation.
     14Inspects, logs and with the aid of WP-CLI it may even repair possible issues with your Wordpress installation.
     15
     16TO-DO: Documentation :)
    1517
    1618== Installation ==

  • angry-creative-logger/trunk/routines/file_permissions.php

    r1214050 r1214702  
    8989
    9090        if ( is_link( rtrim( ABSPATH, '/' ) ) ) {
    91             self::$_real_abspath = readlink( rtrim( ABSPATH, '/' ) );
     91            self::$_real_abspath = realpath( readlink( rtrim( ABSPATH, '/' ) ) );
    9292        } else {
    9393            self::$_real_abspath = rtrim( ABSPATH, '/' );
     
    141141            }
    142142
     143            $original_gid = posix_getegid();
    143144            $original_uid = posix_geteuid();
    144145
    145             if ( !posix_seteuid( $httpd_usr['uid'] ) ) {
     146            if ( !posix_setegid( $httpd_usr['gid'] ) || $httpd_usr['gid'] != posix_getegid() ) {
     147                $groupinfo = posix_getgrgid( $httpd_usr['gid'] );
     148                AC_Inspector::log( 'Unable change the group of the current process to ' . $groupinfo['name'] . ' (gid: ' . $httpd_usr['gid'] . '), do you have the appropriate sudo privileges?', __CLASS__, array( 'error' => true ) );
     149                return;
     150            }
     151
     152            if ( !posix_seteuid( $httpd_usr['uid'] ) || $httpd_usr['uid'] != posix_geteuid() ) {
    146153                AC_Inspector::log( 'Unable change the owner of the current process to ' . HTTPD_USER . ' (uid: ' . $httpd_usr['uid'] . '), do you have the appropriate sudo privileges?', __CLASS__, array( 'error' => true ) );
    147154                return;
     
    162169
    163170            if ( is_link( self::$_real_abspath.'/'.$folder_base ) ) {
    164                 $resolved_folder_path = readlink( self::$_real_abspath.'/'.$folder_base );
     171                $resolved_folder_path = realpath( readlink( self::$_real_abspath.'/'.$folder_base ) );
    165172            } else {
    166173                $resolved_folder_path = self::$_real_abspath.'/'.$folder_base;
     
    221228                    $response = cli\choose( "Bad file permissions detected, continue the inspection", $choices = 'yn', $default = 'n' );
    222229                    if ( $response !== 'y' ) {
    223                         if ( !posix_seteuid( $original_uid ) ) {
    224                             AC_Inspector::log( 'Unable restore the owner of the current process (uid: ' . $original_uid . '). File permissions will have to be repaired manually.', __CLASS__, array( 'error' => true ) );
     230                        if ( !posix_setegid( $original_gid ) || $original_gid != posix_getegid() ) {
     231                            AC_Inspector::log( 'Unable to restore the group of the current process (gid: ' . $original_gid . '). File permissions will have to be repaired manually.', __CLASS__, array( 'error' => true ) );
     232                        }
     233                        if ( !posix_seteuid( $original_uid ) || $original_uid != posix_geteuid() ) {
     234                            AC_Inspector::log( 'Unable to restore the owner of the current process (uid: ' . $original_uid . '). File permissions will have to be repaired manually.', __CLASS__, array( 'error' => true ) );
    225235                        }
    226236                        return;
     
    239249                $file = str_replace('//', '/', $file);
    240250
    241                 if ( !$allowed_dir && is_writable( $file ) ) {
     251                if ( !$allowed_dir && @touch($file, date('U', filemtime($file)), time() ) ) {
    242252                    $bad_file_perm = true;
    243253                    AC_Inspector::log( "Writable file `$file` is in a file directory that should not be writeable. Check your file permissions.", __CLASS__ );
    244                 } else if ( $allowed_dir && !is_writable( $file ) ) {
     254                } else if ( $allowed_dir && !@touch($file, date('U', filemtime($file)), time() ) ) {
    245255                    $bad_file_perm = true;
    246256                    AC_Inspector::log( "Unwritable file `$file` is in a file directory that should be writeable. Check your file permissions.", __CLASS__ );
     
    250260                    $response = cli\choose( "Bad file permissions detected, continue the inspection", $choices = 'yn', $default = 'n' );
    251261                    if ( $response !== 'y' ) {
    252                         if ( !posix_seteuid( $original_uid ) ) {
    253                             AC_Inspector::log( 'Unable restore the owner of the current process (uid: ' . $original_uid . '). File permissions will have to be repaired manually.', __CLASS__, array( 'error' => true ) );
     262                        if ( !posix_setegid( $original_gid ) || $original_gid != posix_getegid() ) {
     263                            AC_Inspector::log( 'Unable to restore the group of the current process (gid: ' . $original_gid . '). File permissions will have to be repaired manually.', __CLASS__, array( 'error' => true ) );
     264                        }
     265                        if ( !posix_seteuid( $original_uid ) || $original_uid != posix_geteuid() ) {
     266                            AC_Inspector::log( 'Unable to restore the owner of the current process (uid: ' . $original_uid . '). File permissions will have to be repaired manually.', __CLASS__, array( 'error' => true ) );
    254267                        }
    255268                        return;
     
    285298        if ( defined( 'WP_CLI' ) && WP_CLI ) {
    286299
    287             if ( !posix_seteuid( $original_uid ) ) {
    288                 AC_Inspector::log( 'Unable restore the owner of the current process (uid: ' . $original_uid . '). File permissions will have to be repaired manually.', __CLASS__, array( 'error' => true ) );
     300            if ( !posix_setegid( $original_gid ) || $original_gid != posix_getegid() ) {
     301                AC_Inspector::log( 'Unable to restore the group of the current process (gid: ' . $original_gid . '). File permissions will have to be repaired manually.', __CLASS__, array( 'error' => true ) );
     302            }
     303            if ( !posix_seteuid( $original_uid ) || $original_uid != posix_geteuid() ) {
     304                AC_Inspector::log( 'Unable to restore the owner of the current process (uid: ' . $original_uid . '). File permissions will have to be repaired manually.', __CLASS__, array( 'error' => true ) );
    289305            }
    290306
     
    304320
    305321        if ( is_link( $path ) ) {
    306             $path = readlink( $path );
     322            $path = realpath( readlink( $path ) );
    307323        }
    308324
     
    325341            if ( !empty( $group ) ) {
    326342                try {
    327                     $chowned = @chown( $path, $group );
     343                    $chowned = @chgrp( $path, $group );
    328344                    if ( !$chowned ) {
    329345                        throw new Exception( "Failed changing group ownership of directory '$path' to '$group'" );
     
    341357            }
    342358
    343             $ownership_str = ( $owner ) ? 'user ' . $owner : '';
     359            $ownership_str = ( !empty( $owner ) ) ? 'user ' . $owner : '';
    344360            if ( !empty( $group ) ) {
    345361                if ( empty( $ownership_str ) ) {
    346362                    $ownership_str = 'group ' . $group;
    347363                } else {
    348                     $ownership_str = ' and group ' . $group;
     364                    $ownership_str .= ' and group ' . $group;
    349365                }
    350366            }
     
    355371                    $fullpath = $path . '/' . $file;
    356372                    if ( is_link( $fullpath ) ) {
    357                         $fullpath = readlink( $fullpath );
     373                        $fullpath = realpath( readlink( $fullpath ) );
    358374                    }
    359375                    if ( $recursive || !is_dir( $fullpath ) ) {
     
    416432
    417433        if ( is_link( $path ) ) {
    418             $path = readlink( $path );
     434            $path = realpath( readlink( $path ) );
    419435        }
    420436
     
    441457                    $fullpath = $path . '/' . $file;
    442458                    if ( is_link( $fullpath ) ) {
    443                         $fullpath = readlink( $fullpath );
     459                        $fullpath = realpath( readlink( $fullpath ) );
    444460                    }
    445461                    if ( $recursive || !is_dir( $fullpath ) ) {
     
    483499    public static function repair() {
    484500
    485         if ( !function_exists( 'posix_getuid' ) ) {
     501        if ( !function_exists( 'posix_geteuid' ) ) {
    486502            AC_Inspector::log( 'Repairing file permissions requires a POSIX-enabled PHP server.', __CLASS__, array( 'error' => true ) );
    487503            return;
    488504        }
    489505
    490         if ( posix_getuid() !== 0 ) {
     506        if ( posix_geteuid() !== 0 ) {
    491507            AC_Inspector::log( 'Repairing file permissions must be performed as root.', __CLASS__, array( 'error' => true ) );
    492508            return;
     
    533549
    534550            if ( is_link( self::$_real_abspath.'/'.$folder_base ) ) {
    535                 $resolved_folder_path = readlink( self::$_real_abspath.'/'.$folder_base );
     551                $resolved_folder_path = realpath( readlink( self::$_real_abspath.'/'.$folder_base ) );
    536552            } else {
    537553                $resolved_folder_path = self::$_real_abspath.'/'.$folder_base;
Note: See TracChangeset for help on using the changeset viewer.