Commit 07695569 authored by Thomas Müller's avatar Thomas Müller
Browse files

Merge pull request #12419 from owncloud/read-only-config

Allow read-only configuration
parents 8db4dd75 fc116f56
......@@ -441,6 +441,15 @@ $CONFIG = array(
*/
'check_for_working_htaccess' => true,
/**
* In certain environments it is desired to have a read-only config file.
* When this switch is set to ``true`` ownCloud will not verify whether the
* configuration is writable. However, it will not be possible to configure
* all options via the web-interface. Furthermore, when updating ownCloud
* it is required to make the config file writable again for the update
* process.
*/
'config_is_read_only' => false,
/**
* Logging
......
......@@ -188,9 +188,9 @@ class OC {
public static function checkConfig() {
$l = \OC::$server->getL10N('lib');
if (file_exists(self::$configDir . "/config.php")
and !is_writable(self::$configDir . "/config.php")
) {
$configFileWritable = file_exists(self::$configDir . "/config.php") && is_writable(self::$configDir . "/config.php");
if (!$configFileWritable && !OC_Helper::isReadOnlyConfigEnabled()
|| !$configFileWritable && \OCP\Util::needUpgrade()) {
if (self::$CLI) {
echo $l->t('Cannot write into "config" directory!')."\n";
echo $l->t('This can usually be fixed by giving the webserver write access to the config directory')."\n";
......
......@@ -973,4 +973,12 @@ class OC_Helper {
return array('free' => $free, 'used' => $used, 'total' => $total, 'relative' => $relative);
}
/**
* Returns whether the config file is set manually to read-only
* @return bool
*/
public static function isReadOnlyConfigEnabled() {
return \OC::$server->getConfig()->getSystemValue('config_is_read_only', false);
}
}
......@@ -33,6 +33,7 @@ $template->assign('mail_smtppassword', $config->getSystemValue("mail_smtppasswor
$template->assign('entries', $entries);
$template->assign('entriesremain', $entriesRemaining);
$template->assign('htaccessworking', $htAccessWorking);
$template->assign('readOnlyConfigEnabled', OC_Helper::isReadOnlyConfigEnabled());
$template->assign('isLocaleWorking', OC_Util::isSetLocaleWorking());
$template->assign('isPhpCharSetUtf8', OC_Util::isPhpCharSetUtf8());
$template->assign('isAnnotationsWorking', OC_Util::isAnnotationsWorking());
......
......@@ -86,14 +86,28 @@ if (!$_['isConnectedViaHTTPS']) {
// is htaccess working ?
if (!$_['htaccessworking']) {
?>
<div class="section">
<h2><?php p($l->t('Security Warning'));?></h2>
<div class="section">
<h2><?php p($l->t('Security Warning')); ?></h2>
<span class="securitywarning">
<?php p($l->t('Your data directory and your files are probably accessible from the internet. The .htaccess file is not working. We strongly suggest that you configure your webserver in a way that the data directory is no longer accessible or you move the data directory outside the webserver document root.')); ?>
</span>
</div>
</div>
<?php
}
// is read only config enabled
if ($_['readOnlyConfigEnabled']) {
?>
<div class="section">
<h2><?php p($l->t('Read-Only config enabled'));?></h2>
<span class="securitywarning">
<?php p($l->t('The Read-Only config has been enabled. This prevents setting some configurations via the web-interface. Furthermore, the file needs to be made writable manually for every update.')); ?>
</span>
</div>
<?php
}
// Are doc blocks accessible?
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment