From 69137f818c9cd4b8cad5c4684605cdeb45ce9e3a Mon Sep 17 00:00:00 2001 From: Edmund Tan Date: Tue, 22 Jul 2025 03:14:03 +0800 Subject: [PATCH] fix install script15 --- UI/includes/enrollment.php | 57 ++++++++++++++++++++++++++++++-------- 1 file changed, 45 insertions(+), 12 deletions(-) diff --git a/UI/includes/enrollment.php b/UI/includes/enrollment.php index d163a38..f0a7a21 100644 --- a/UI/includes/enrollment.php +++ b/UI/includes/enrollment.php @@ -242,11 +242,17 @@ class EnrollmentManager { foreach ($directories as $dir => $permissions) { if (!is_dir($dir)) { - if (!mkdir($dir, $permissions, true)) { + // Use sudo to create system directories + if (!executeCommand("mkdir -p '$dir'")) { throw new Exception("Failed to create directory: $dir"); } + if (!executeCommand("chmod " . decoct($permissions) . " '$dir'")) { + throw new Exception("Failed to set permissions for directory: $dir"); + } + } else { + // Ensure permissions are correct even if directory exists + executeCommand("chmod " . decoct($permissions) . " '$dir'"); } - chmod($dir, $permissions); } return true; @@ -256,17 +262,33 @@ class EnrollmentManager { * Save configuration files */ private function saveConfiguration() { - // Save JWT - if (!file_put_contents(JWT_FILE, $this->routerData['jwt'])) { + // Save JWT using temp file and sudo + $tempJwtFile = tempnam(sys_get_temp_dir(), 'ziti-jwt'); + file_put_contents($tempJwtFile, $this->routerData['jwt']); + + if (!executeCommand("cp '$tempJwtFile' " . JWT_FILE)) { + unlink($tempJwtFile); throw new Exception('Failed to save JWT file'); } - chmod(JWT_FILE, 0600); + unlink($tempJwtFile); - // Save router configuration - if (!file_put_contents(ROUTER_CONFIG, $this->routerData['routerConfig']['yaml'])) { + if (!executeCommand("chmod 600 " . JWT_FILE)) { + throw new Exception('Failed to set JWT file permissions'); + } + + // Save router configuration using temp file and sudo + $tempConfigFile = tempnam(sys_get_temp_dir(), 'ziti-config'); + file_put_contents($tempConfigFile, $this->routerData['routerConfig']['yaml']); + + if (!executeCommand("cp '$tempConfigFile' " . ROUTER_CONFIG)) { + unlink($tempConfigFile); throw new Exception('Failed to save router configuration'); } - chmod(ROUTER_CONFIG, 0644); + unlink($tempConfigFile); + + if (!executeCommand("chmod 644 " . ROUTER_CONFIG)) { + throw new Exception('Failed to set router config permissions'); + } // Fix router configuration for proper enrollment $this->fixRouterConfiguration(); @@ -278,8 +300,8 @@ class EnrollmentManager { * Fix router configuration (replicate bash script logic) */ private function fixRouterConfiguration() { - // Create backup - copy(ROUTER_CONFIG, ROUTER_CONFIG . '.backup'); + // Create backup using sudo + executeCommand("cp " . ROUTER_CONFIG . " " . ROUTER_CONFIG . ".backup"); $routerName = $this->routerData['routerInfo']['name']; $routerId = $this->routerData['routerInfo']['id']; @@ -357,8 +379,19 @@ metadata: generatedBy: "ZitiNexus" EOF; - file_put_contents(ROUTER_CONFIG, $configContent); - chmod(ROUTER_CONFIG, 0644); + // Write updated config using temp file and sudo + $tempConfigFile = tempnam(sys_get_temp_dir(), 'ziti-fixed-config'); + file_put_contents($tempConfigFile, $configContent); + + if (!executeCommand("cp '$tempConfigFile' " . ROUTER_CONFIG)) { + unlink($tempConfigFile); + throw new Exception('Failed to save updated router configuration'); + } + unlink($tempConfigFile); + + if (!executeCommand("chmod 644 " . ROUTER_CONFIG)) { + throw new Exception('Failed to set updated router config permissions'); + } } /**