From 1ca31cfe69e2d10cce65c4323eb652b355f4c904 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 4 Mar 2006 16:40:38 +0100 Subject: [PATCH] simplified file permission handling This patch simpliefies the configuration of the file and directory creation modes. There is no need to set the umask anymore. Only the wanted permissions for files and directories are set. An init function compares the wanted modes with the ones that would be choosen by the system automatically (consulting the system's umask) and sets the modes for chmod when needed. darcs-hash:20060304154038-7ad00-5ef1db3a87e42563a602f9d050c681d2ea74682f.gz --- bin/indexer.php | 2 +- conf/dokuwiki.php | 5 +- inc/init.php | 59 +++++++++++-------- inc/io.php | 14 ++--- lib/exe/indexer.php | 2 +- lib/exe/media.php | 2 +- lib/plugins/config/lang/en/lang.php | 1 - lib/plugins/config/lang/fr/lang.php | 2 - lib/plugins/config/lang/ja/lang.php | 1 - lib/plugins/config/lang/pl/lang.php | 1 - lib/plugins/config/lang/ru/lang.php | 1 - .../config/settings/config.metadata.php | 9 ++- lib/plugins/config/settings/extra.class.php | 20 +++---- 13 files changed, 59 insertions(+), 60 deletions(-) diff --git a/bin/indexer.php b/bin/indexer.php index 4f80d4642..aa7a2fc5f 100755 --- a/bin/indexer.php +++ b/bin/indexer.php @@ -105,7 +105,7 @@ function _lock(){ sleep(15); } } - if(isset($conf['dmask'])) { chmod($lock, $conf['dmask']); } + if($conf['dperm']) chmod($lock, $conf['dperm']); if($said) print "\n"; } diff --git a/conf/dokuwiki.php b/conf/dokuwiki.php index 227c08043..539da08e8 100644 --- a/conf/dokuwiki.php +++ b/conf/dokuwiki.php @@ -8,9 +8,8 @@ /* Datastorage and Permissions */ -$conf['umask'] = ''; //set the global umask - empty for system default -$conf['fmode'] = 0666; //set file creation mode -$conf['dmode'] = 0777; //set direction creation mode +$conf['fmode'] = 0644; //set file creation mode +$conf['dmode'] = 0755; //set directory creation mode $conf['lang'] = 'en'; //your language $conf['basedir'] = ''; //absolute dir from serveroot - blank for autodetection diff --git a/inc/init.php b/inc/init.php index 1557070e5..10c7240d8 100644 --- a/inc/init.php +++ b/inc/init.php @@ -77,31 +77,8 @@ $conf['usegzip'] = 0; } - // Legacy support for old umask/dmask scheme - if(isset($conf['dmask'])) { - unset($conf['dmask']); - unset($conf['fmask']); - unset($conf['umask']); - } - - // Set defaults for fmode, dmode and umask. - if(!isset($conf['fmode']) || $conf['fmode'] === '') { - $conf['fmode'] = 0666; - } - if(!isset($conf['dmode']) || $conf['dmode'] === '') { - $conf['dmode'] = 0777; - } - if(!isset($conf['umask']) || $conf['umask'] === '') { - $conf['umask'] = umask(); - } - - // Precalculate the fmask and dmask, so we can set later. - if(($conf['umask'] != umask()) or ($conf['fmode'] != 0666)) { - $conf['fmask'] = $conf['fmode'] & ~$conf['umask']; - } - if(($conf['umask'] != umask()) or ($conf['dmode'] != 0666)) { - $conf['dmask'] = $conf['dmode'] & ~$conf['umask']; - } + // precalculate file creation modes + init_creationmodes(); // make real paths and check them init_paths(); @@ -149,7 +126,7 @@ function init_files(){ $fh = @fopen($file,'a'); if($fh){ fclose($fh); - if(isset($conf['fmask'])) { chmod($file, $conf['fmask']); } + if($conf['fperm']) chmod($file, $conf['fperm']); }else{ nice_die("$file is not writable. Check your permissions settings!"); } @@ -188,6 +165,36 @@ function init_path($path){ return $p; } +/** + * Sets the internal config values fperm and dperm which, when set, + * will be used to change the permission of a newly created dir or + * file with chmod. Considers the influence of the system's umask + * setting the values only if needed. + */ +function init_creationmodes(){ + global $conf; + + // Legacy support for old umask/dmask scheme + unset($conf['dmask']); + unset($conf['fmask']); + unset($conf['umask']); + unset($conf['fperm']); + unset($conf['dperm']); + + // get system umask + $umask = umask(); + + // check what is set automatically by the system on file creation + // and set the fperm param if it's not what we want + $auto_fmode = 0666 & ~$umask; + if($auto_fmode != $conf['fmode']) $conf['fperm'] = $conf['fmode']; + + // check what is set automatically by the system on file creation + // and set the dperm param if it's not what we want + $auto_dmode = $conf['dmode'] & ~$umask; + if($auto_dmode != $conf['dmode']) $conf['dperm'] = $conf['dmode']; +} + /** * remove magic quotes recursivly * diff --git a/inc/io.php b/inc/io.php index 1b8d2dadf..9160f4718 100644 --- a/inc/io.php +++ b/inc/io.php @@ -87,7 +87,7 @@ function io_saveFile($file,$content,$append=false){ fclose($fh); } - if(!$fileexists and isset($conf['fmask'])) { chmod($file, $conf['fmask']); } + if(!$fileexists and $conf['fperm']) chmod($file, $conf['fperm']); io_unlock($file); return true; } @@ -178,7 +178,7 @@ function io_lock($file){ //waited longer than 3 seconds? -> stale lock if ((time() - $timeStart) > 3) break; $locked = @mkdir($lockDir, $conf['dmode']); - if($locked and isset($conf['dmask'])) { chmod($lockDir, $conf['dmask']); } + if($locked && $conf['dperm']) chmod($lockDir, $conf['dperm']); } while ($locked === false); } @@ -229,7 +229,7 @@ function io_mkdir_p($target){ return io_mkdir_ftp($dir); }else{ $ret = @mkdir($target,$conf['dmode']); // crawl back up & create dir tree - if($ret and isset($conf['dmask'])) { chmod($target, $conf['dmask']); } + if($ret && $conf['dperm']) chmod($target, $conf['dperm']); return $ret; } } @@ -264,8 +264,8 @@ function io_mkdir_ftp($dir){ //create directory $ok = @ftp_mkdir($conn, $dir); - //set permissions (using the directory umask and dmode) - @ftp_site($conn,sprintf("CHMOD %04o %s",$conf['dmask'],$dir)); + //set permissions + @ftp_site($conn,sprintf("CHMOD %04o %s",$conf['dmode'],$dir)); @ftp_close($conn); return $ok; @@ -320,7 +320,7 @@ function io_download($url,$file,$useAttachment=false,$defaultName=''){ if(!$fp) return false; fwrite($fp,$data); fclose($fp); - if(!$fileexists and isset($conf['fmask'])) { chmod($file, $conf['fmask']); } + if(!$fileexists and $conf['fperm']) chmod($file, $conf['fperm']); if ($useAttachment) return $name; return true; } @@ -335,7 +335,7 @@ function io_rename($from,$to){ global $conf; if(!@rename($from,$to)){ if(@copy($from,$to)){ - if(isset($conf['fmask'])) { chmod($file, $conf['fmask']); } + if($conf['fperm']) chmod($file, $conf['fperm']); @unlink($from); return true; } diff --git a/lib/exe/indexer.php b/lib/exe/indexer.php index 8fe9e35d4..28eaa8284 100644 --- a/lib/exe/indexer.php +++ b/lib/exe/indexer.php @@ -60,7 +60,7 @@ function runIndexer(){ return false; } } - if(isset($conf['dmask'])) { chmod($lock, $conf['dmask']); } + if($conf['dperm']) chmod($lock, $conf['dperm']); require_once(DOKU_INC.'inc/indexer.php'); diff --git a/lib/exe/media.php b/lib/exe/media.php index bbdf1814e..ae0b6efe7 100644 --- a/lib/exe/media.php +++ b/lib/exe/media.php @@ -124,7 +124,7 @@ function media_upload($NS,$AUTH){ io_makeFileDir($fn); if(move_uploaded_file($file['tmp_name'], $fn)) { // set the correct permission here - if(isset($conf['fmask'])) { chmod($fn, $conf['fmask']); } + if($conf['fperm']) chmod($fn, $fperm); msg($lang['uploadsucc'],1); return true; }else{ diff --git a/lib/plugins/config/lang/en/lang.php b/lib/plugins/config/lang/en/lang.php index cb13a5a12..a40f265a6 100644 --- a/lib/plugins/config/lang/en/lang.php +++ b/lib/plugins/config/lang/en/lang.php @@ -20,7 +20,6 @@ $lang['locked'] = 'The settings file can not be updated, if this is unintent /* -------------------- Config Options --------------------------- */ -$lang['umask'] = 'global permission mask'; $lang['fmode'] = 'file creation mode'; $lang['dmode'] = 'directory creation mode'; $lang['lang'] = 'language'; diff --git a/lib/plugins/config/lang/fr/lang.php b/lib/plugins/config/lang/fr/lang.php index 10092c97e..231b1e78f 100644 --- a/lib/plugins/config/lang/fr/lang.php +++ b/lib/plugins/config/lang/fr/lang.php @@ -18,8 +18,6 @@ $lang['locked'] = 'Le fichier des paramètres ne peut être modifié, si cec vérifiez que le nom et les droits du fichier sont corrects.'; // settings prompts -$lang['umask'] = 'masque pour les nouveaux fichiers'; //set the umask for new files -$lang['dmask'] = 'masque pour les nouveaux répertoires'; //directory mask accordingly $lang['lang'] = 'langue'; //your language $lang['basedir'] = 'répertoire de base'; //absolute dir from serveroot - blank for autodetection $lang['baseurl'] = 'url de base'; //URL to server including protocol - blank for autodetect diff --git a/lib/plugins/config/lang/ja/lang.php b/lib/plugins/config/lang/ja/lang.php index 0c33cb802..8c555aa97 100644 --- a/lib/plugins/config/lang/ja/lang.php +++ b/lib/plugins/config/lang/ja/lang.php @@ -19,7 +19,6 @@ $lang['locked'] = '設定用ファイルを更新できません。もし意 ローカル設定ファイルの名前と権限を確認して下さい。'; // settings prompts -$lang['umask'] = 'グローバル権限マスク'; //set the umask for new files $lang['fmode'] = 'ファイル作成マスク'; //directory mask accordingly $lang['dmode'] = 'フォルダ作成マスク'; //directory mask accordingly $lang['lang'] = '使用言語'; //your language diff --git a/lib/plugins/config/lang/pl/lang.php b/lib/plugins/config/lang/pl/lang.php index 79118c51b..deddd0587 100644 --- a/lib/plugins/config/lang/pl/lang.php +++ b/lib/plugins/config/lang/pl/lang.php @@ -17,7 +17,6 @@ $lang['nochoice'] = '(brak innych możliwości)'; $lang['locked'] = 'Plik ustawień nie mógł zostać zmieniony, upewnij się, czy uprawnienia do plik są odpowiednie.'; // settings prompts -$lang['umask'] = 'maska uprawnień nowego pliku'; //set the umask for new files $lang['fmode'] = 'tryb tworzenia pliku'; //directory mask accordingly $lang['dmode'] = 'tryb tworzenia katalogu'; //directory mask accordingly $lang['lang'] = 'język'; //your language diff --git a/lib/plugins/config/lang/ru/lang.php b/lib/plugins/config/lang/ru/lang.php index a824115f2..06156e90d 100644 --- a/lib/plugins/config/lang/ru/lang.php +++ b/lib/plugins/config/lang/ru/lang.php @@ -18,7 +18,6 @@ $lang['locked'] = 'Файл настройки недоступен для убедитесь, что файл локальной настройки имеет правильное имя и права доступа.'; // settings prompts -$lang['umask'] = 'Общая маска запрета доступа (umask)'; //set the umask for new files $lang['fmode'] = 'Права для создаваемых файлов'; //directory mask accordingly $lang['dmode'] = 'Права для создаваемых директорий'; //directory mask accordingly $lang['lang'] = 'Язык'; //your language diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php index d39ee7b50..7aa570f63 100644 --- a/lib/plugins/config/settings/config.metadata.php +++ b/lib/plugins/config/settings/config.metadata.php @@ -2,7 +2,7 @@ /** * Metadata for configuration manager plugin * - * Note: This file should be included within a function to ensure it + * Note: This file should be included within a function to ensure it * doesn't class with the settings it is describing. * * Format: @@ -58,12 +58,12 @@ $file['default'] = "DOKU_CONF.'dokuwiki.php'"; // optional $file['protected'] = "DOKU_CONF.'local.protected.php'"; // optional // test value (FIXME, remove before publishing) -//$meta['test'] = array('multichoice','_choices' => array('')); - +//$meta['test'] = array('multichoice','_choices' => array('')); + // --------------[ setting metadata ]------------------------------------ // - for description of format and fields see top of file // - order the settings in the order you wish them to appear -// - any settings not mentioned will come after the last setting listed and +// - any settings not mentioned will come after the last setting listed and // will use the default class with no parameters $meta['title'] = array(''); @@ -72,7 +72,6 @@ $meta['savedir'] = array('savedir'); $meta['lang'] = array('dirchoice','_dir' => DOKU_INC.'inc/lang/'); $meta['template'] = array('dirchoice','_dir' => DOKU_INC.'lib/tpl/'); -$meta['umask'] = array('numeric','_pattern' => '/0[0-7]{3}/'); // only accept octal representation $meta['dmode'] = array('numeric','_pattern' => '/0[0-7]{3}/'); // only accept octal representation $meta['fmode'] = array('numeric','_pattern' => '/0[0-7]{3}/'); // only accept octal representation $meta['basedir'] = array(''); diff --git a/lib/plugins/config/settings/extra.class.php b/lib/plugins/config/settings/extra.class.php index 145e3c850..805806e8b 100644 --- a/lib/plugins/config/settings/extra.class.php +++ b/lib/plugins/config/settings/extra.class.php @@ -7,11 +7,11 @@ if (!class_exists('setting_sepchar')) { class setting_sepchar extends setting_multichoice { - + function setting_sepchar($key,$param=NULL) { $str = '_-.'; - for ($i=0;$i_choices[] = $str{$i}; - + for ($i=0;$i_choices[] = $str{$i}; + // call foundation class constructor $this->setting($key,$param); } @@ -23,7 +23,7 @@ if (!class_exists('setting_savedir')) { function update($input) { if ($this->is_protected()) return false; - + $value = is_null($this->_local) ? $this->_default : $this->_local; if ($value == $input) return false; @@ -32,7 +32,7 @@ if (!class_exists('setting_savedir')) { $this->_input = $input; return false; } - + $this->_local = $input; return true; } @@ -50,7 +50,7 @@ if (!class_exists('setting_authtype')) { sort($authtypes); $this->_choices = $authtypes; - + parent::initialize($default,$local,$protected); } } @@ -61,18 +61,18 @@ if (!class_exists('setting_im_convert')) { function update($input) { if ($this->is_protected()) return false; - + $input = trim($input); - + $value = is_null($this->_local) ? $this->_default : $this->_local; if ($value == $input) return false; if ($input && !@file_exists($input)) { $this->_error = true; $this->_input = $input; - return false; + return false; } - + $this->_local = $input; return true; }