awstats_process.sh + cagefs

Version 1.513

Bugfix
Finished

With the change to run awstats_process.sh, the security of cagefs caused a few issues: 1) Couldn't access /usr/local/awstats/ to run the perl scripts to compute the stats. 2) Couldn't access the user_logs to view the given User log for reading. Numerous changes required in the awstats_process.sh. A) Determine if the given User has cagefs enabled: /usr/sbin/cagefsctl --list-enabled | grep username B) Append /usr/local/awstats/ to the paths in: /etc/cagefs/conf.d/directadmin.cfg and run: cagefsctl --update run as the User, and check for: /usr/local/awstats/tools/awstats_buildstaticpages.pl if not readable, run: cagefsctl --force-update C) if the awstats.user folder is in the way, instead of aborting, remove it (as the User) and continue normally. This should clean up any of the aborted run scenarios. D) Delete the symbolic links in "awstats" before the copy to awstats.user, because cagefs doesn't like the User creating links pointing to root files. (so that cp makes a matching diff) E) Add: %/var/log/user_logs to: /etc/cagefs/cagefs.mp and run: cagefsctl --remount username so that the log: /var/log/user_logs/username/domain.com.log is readable by the User, using the "split username" method: https://docs.cloudlinux.com/index.html?split_by_username.html ------------ WORKAROUND If you'd like this fix now, you can either grab the pre-release binaries, or just grab the updated script: wget -O /usr/local/directadmin/scripts/awstats_process.sh http://files1.directadmin.com/services/all/awstats/awstats_process.sh and you can run it manually for any User if you want to update things now: /usr/local/directadmin/scripts/awstats_process.sh USERNAME DOMAIN.COM

Interested to try DirectAdmin? Get a 30-day Free Trial!