The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Modifying /scripts/wwwacct

Discussion in 'General Discussion' started by nu-steve, May 7, 2002.

  1. nu-steve

    nu-steve Member

    Joined:
    Apr 13, 2002
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    I'm currently running all my user's domains with the following in their VirtualHost config in httpd.conf:

    php_admin_value open_basedir &/home/username:/tmp&

    so that they cannot peruse through other user's files with a php script. I don't want to have to add these by hand all the time, so I was looking at wwwacct which creates the file, and where it writes to httpd.conf (around like 643) and was wondering what happens if I edit the file to make the httpd.conf changes automatically add the aforementioned line to all newly created accounts. I realize there are two places to change, for named based and ip based accounts. Just wondering if wwwacct will get overwritten soon or if I can 'chattr +i' it so that it can't be changed, and if in fact wwwacct is updated I can just update it manually and then replace my changes. Or possibly get it set as an option to the script for everyone to use?

    Mainly wondering how often wwwacct gets updated and if I'd be safe editing it to fit this particular need.

    edit: I've noticed that this is only for creating accounts, the subdomain setup uses a different script all together, although I couldn't figure out where the code for it was, was hoping someone could point me to where the script for creating subdomains is so I can modify that appropriately.
     
  2. SHSaeed

    SHSaeed Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    245
    Likes Received:
    0
    Trophy Points:
    16
    I am wondering the exact same thing. I have to add the following line to my httpd.conf file for every new site:

    php_admin_value open_basedir &/home/username/:/tmp/phpuploads/&

    I tried to change the /scripts/wwwacct file, but only a few minutes later it seemed to have been replaced with the old script.
     
  3. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    Maybe you'd find this useful:
    http://web.cpanel.net/manual/remoteaccess.html

    See also:
    http://web.cpanel.net/bugzilla/show_bug.cgi?id=519
     
  4. bliz42

    bliz42 Member

    Joined:
    May 7, 2002
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    fix suggestion

    seems like it would be a smart thing to have a custom script that would run along with adding a user... or even better, to use a template for creating the new entry into httpd.conf, so we could just update the template all we wanted.
     
  5. moronhead

    moronhead Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    706
    Likes Received:
    0
    Trophy Points:
    16
    [b:db1e15c2e6]& php_admin_value open_basedir &/home/username:/tmp&

    so that they cannot peruse through other user's files with a php script.[/b:db1e15c2e6]

    Does turning on the safe mode in php.ini not handle this?
     
  6. SHSaeed

    SHSaeed Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    245
    Likes Received:
    0
    Trophy Points:
    16
    I just noticed that even though I've modified wwwacct to add the open_basedir line to all domains, it does not add them to subdomains. I'm guessing there's another script that adds subdomains to httpd.conf. Anyone know which one?
     
  7. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    up
     
  8. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    [quote:5af1fe33c7][i:5af1fe33c7]Originally posted by moronhead[/i:5af1fe33c7]

    [b:5af1fe33c7]& php_admin_value open_basedir &/home/username:/tmp&

    so that they cannot peruse through other user's files with a php script.[/b:5af1fe33c7]

    Does turning on the safe mode in php.ini not handle this?[/quote:5af1fe33c7]


    if you use php_admin_value open_basedir &/home/username:/tmp& for every account , you may disable safe mode .
     
  9. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    Could be fantastic to have
    php_admin_value open_basedir &/home/username:/tmp&
    created by whm for every new account .


    please post your comment here
    http://web.cpanel.net/bugzilla/show_bug.cgi?id=519
     
  10. SHSaeed

    SHSaeed Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    245
    Likes Received:
    0
    Trophy Points:
    16
    [quote:b2105032eb][i:b2105032eb]Originally posted by Radio_Head[/i:b2105032eb]

    Could be fantastic to have
    php_admin_value open_basedir &/home/username:/tmp&

    created by whm for every new account .[/quote:b2105032eb]

    That can be done simply by modifying /scripts/wwwacct, the problem is subdomains.
     
  11. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    [quote:0536873edb][i:0536873edb]Originally posted by (SH)Saeed[/i:0536873edb]

    [quote:0536873edb][i:0536873edb]Originally posted by Radio_Head[/i:0536873edb]

    Could be fantastic to have
    php_admin_value open_basedir &/home/username:/tmp&

    created by whm for every new account .[/quote:0536873edb]

    That can be done simply by modifying /scripts/wwwacct, the problem is subdomains.[/quote:0536873edb]

    (!) Thank you , ok :p .
     
Loading...

Share This Page