From: Aaron <aschulz@wikimedia.org>
Date: Mon, 20 Aug 2012 20:03:50 +0000 (-0700)
Subject: [FileBackend] Allow enforcing POSIX file owner names.
X-Git-Tag: 1.31.0-rc.0~22641^2
X-Git-Url: http://git.cyclocoop.org/%28?a=commitdiff_plain;h=dcec58e09b6ecefaefd53a2db22c9c7467036cde;p=lhc%2Fweb%2Fwiklou.git

[FileBackend] Allow enforcing POSIX file owner names.

Change-Id: I9c703bc497f5d6983ef812d105357877c154e17b
---

diff --git a/includes/filebackend/FSFileBackend.php b/includes/filebackend/FSFileBackend.php
index c953d77520..a0befd6700 100644
--- a/includes/filebackend/FSFileBackend.php
+++ b/includes/filebackend/FSFileBackend.php
@@ -43,6 +43,8 @@ class FSFileBackend extends FileBackendStore {
 	/** @var Array Map of container names to root paths */
 	protected $containerPaths = array(); // for custom container paths
 	protected $fileMode; // integer; file permission mode
+	protected $fileOwner; // string; required OS username to own files
+	protected $currentUser; // string; OS username running this script
 
 	protected $hadWarningErrors = array();
 
@@ -71,9 +73,12 @@ class FSFileBackend extends FileBackendStore {
 			}
 		}
 
-		$this->fileMode = isset( $config['fileMode'] )
-			? $config['fileMode']
-			: 0644;
+		$this->fileMode = isset( $config['fileMode'] ) ? $config['fileMode'] : 0644;
+		if ( isset( $config['fileOwner'] ) && function_exists( 'posix_getuid' ) ) {
+			$this->fileOwner = $config['fileOwner'];
+			$info = posix_getpwuid( posix_getuid() );
+			$this->currentUser = $info['name']; // cache this, assuming it doesn't change
+		}
 	}
 
 	/**
@@ -164,6 +169,11 @@ class FSFileBackend extends FileBackendStore {
 			$ok = is_dir( $parentDir ) && is_writable( $parentDir );
 		}
 
+		if ( $this->fileOwner !== null && $this->currentUser !== $this->fileOwner ) {
+			$ok = false;
+			trigger_error( __METHOD__ . ": PHP process owner is not '{$this->fileOwner}'." );
+		}
+
 		return $ok;
 	}