0

I have a big problem since few days with permissions on my Symfony2 application.

The background :

I write a PHP app with symfony2 which gives an overview of many Moodle instances on each servers that I own, this app is also able to auto install a new instance of Moodle. The symfony2 app use a function : shell_exec() that execute a shell script.

My question is : there is a way (secured) to allow www-data to write in /home/ directory and apache2 directory ?

I need to create some directory, like this :

/home/moodle/var/moodledata

/etc/apache2/site-available/000-moodle293.conf

Bellow, the script :

# Params order
# "the url of the site" "the shortname" "the release" "the version"
# "the admin username" "the admin password"
# "the www dir" "the moodledata dir" "mysql server ip"
# "mysql user" "mysql password"


urlWebsite=$1
shortName=$2
installRelease=$3
installVersion=$4
adminUser=$5
adminPassword=$6
wwwDir=$7
moodledatadir=$8
hostname=$9
userdb=${10}
passdb=${11}

version=$installVersion                       
release=$installRelease                       
wwwdirname=$shortName                         
wwwdir=$wwwDir$wwwdirname
wwwdirinstall=$wwwdir"/admin/cli/install.php"
lang="fr"                                            
changemod="2777"                                     
wwwroot=$urlWebsite                                  
homedir="/home/moodle/"                              
dataroot=$homedir$moodledatadir                      
dbhost=$hostname                                    
dbname=$shortName                                   
prefix="mdl_"                                        
dbport="3306"                                       
dbuser=$userdb                                      
dbpass=$passdb                                       
fullname=$wwwdirname                                 
shortname=$shortName                                 
adminuser="admin"                                    
adminpass="root"                                     

touch /etc/apache2/site-available/000-{shortname}.conf

wget https://download.moodle.org/${release}/moodle-${version}.tgz
tar -xvf moodle-${version}.tgz
rm moodle-${version}.tgz
mv moodle /var/www/$wwwdirname
mkdir $homedir
mkdir $homedir"var/"
mkdir $dataroot
chmod -R 0777 $dataroot
chmod -R 0777 $wwwdir
chown -R www-data.www-data $dataroot

/usr/bin/php5 $wwwdirinstall --non-interactive \
--lang=$lang \
--chmod=$changemod \
--wwwroot=$wwwroot \
--dataroot=$dataroot \
--dbhost=$dbhost \
--dbname=$dbname \
--prefix=$prefix \
--dbport=$dbport \
--dbuser=$dbuser \
--dbpass=$dbpass \
--fullname=$fullname \
--shortname=$shortname \
--adminuser=$adminuser \
--adminpass=$adminpass \
--agree-license

chmod -R 0755 $wwwdir
chown -R root.root $wwwdir
a2ensite 000-${shortname}.conf
service apache2 reload

What I tried :

Sudo

Sudo -S my_command < root_passwd

The script works, I tried the script "manually" with ./moodleInstall.sh all_the_params and that installed my new moodle instance on my local server, I also tried with shell_exec() to output some variables at the beginning of the shell script and it works. So the problem is file and directory permissions.

Thanks you for helping me !

Florian Doyen
  • 21
  • 5

1 Answers1

0

Use ACLs to give permissions to whatever you want.

Florin Asăvoaie
  • 7,057
  • 23
  • 35