github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-07-05 12:36:23 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update v-fix-php-ini-disable-functions

Browse source
This commit is contained in:
myvesta 2024-11-08 23:58:05 +01:00 committed by GitHub
parent 89fc5a1ebd
commit 24d84de6d2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 16 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

25
bin/v-fix-php-ini-disable-functions
View file

@ -3,26 +3,33 @@
whoami=$(whoami)
if [ "$whoami" != "root" ]; then
echo "You must be root to execute this script"
exit 1
exit 1;
fi
if [ -f "/tmp/patched" ]; then rm /tmp/patched; fi;
echo "=== Fixing php.ini files to have the correct disable_functions line"
export NOTFOUNDVAL="exec,system,passthru,shell_exec"
export LINEBEGINSWITH="disable_functions ="
export NEWVAL="disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,exec,system,passthru,shell_exec,proc_open,popen"
echo "== Fixing existing lines"
find /etc/php/*/fpm/ -type f -name "php.ini" -exec grep -L "$NOTFOUNDVAL" {} \; | xargs sh -c 'for arg do if [ ! -f "$arg.disable_patching" ]; then echo "= Patching $arg"; sed -i "s|^$LINEBEGINSWITH.*|$NEWVAL|g" $arg; fi; done' _
find /etc/php/*/fpm/ -type f -name "php.ini" -exec grep -L "$NOTFOUNDVAL" {} \; | xargs sh -c 'found=0; for arg do if [ ! -f "$arg.disable_patching" ]; then if [ $found -eq 0 ]; then echo "== Fixing existing lines"; found=1; touch /tmp/patched; fi; echo "= Patching $arg"; sed -i "s|^$LINEBEGINSWITH.*|$NEWVAL|g" $arg; fi; done' _
export NOTFOUNDVAL2="^$LINEBEGINSWITH"
export REMOVELINETHATCONTAINS=$LINEBEGINSWITH
echo "== Adding missing lines"
find /etc/php/*/fpm/ -type f -name "php.ini" -exec grep -L "$NOTFOUNDVAL2" {} \; | xargs sh -c 'for arg do if [ ! -f "$arg.disable_patching" ]; then echo "= Patching $arg"; sed -i "s|.*$REMOVELINETHATCONTAINS.*||g" $arg; echo "$NEWVAL" >> $arg; fi; done' _
find /etc/php/*/fpm/ -type f -name "php.ini" -exec grep -L "$NOTFOUNDVAL2" {} \; | xargs sh -c 'found=0; for arg do if [ ! -f "$arg.disable_patching" ]; then if [ $found -eq 0 ]; then echo "== Adding missing lines"; found=1; touch /tmp/patched; fi; echo "= Patching $arg"; sed -i "s|.*$REMOVELINETHATCONTAINS.*||g" $arg; echo "$NEWVAL" >> $arg; fi; done' _
echo "== Restarting all PHP-FPM services"
systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | xargs systemctl restart
if [ -f "/tmp/patched" ]; then
rm /tmp/patched
echo "=== Everything done."
exit 0
echo "== Restarting all PHP-FPM services"
systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | xargs systemctl restart
echo "=== Everything done."
else
echo "=== Everything is already correct."
fi
exit 0;