diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2018-04-12 12:45:58 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2018-04-12 12:45:58 -0300 |
| commit | 6be10162eb293103a71f213a53422eb7135a91b3 (patch) | |
| tree | 43c6270af796f519aadec6132ac88892cfb0c836 /manifests | |
| parent | 503e7ebdb208accb0f421368be67c7b320f02b9d (diff) | |
| download | puppet-php-6be10162eb293103a71f213a53422eb7135a91b3.tar.gz puppet-php-6be10162eb293103a71f213a53422eb7135a91b3.tar.bz2 | |
FPM support at php::series7::hardened (3)
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/series7/hardened.pp | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/manifests/series7/hardened.pp b/manifests/series7/hardened.pp index 296b8b1..2579f79 100644 --- a/manifests/series7/hardened.pp +++ b/manifests/series7/hardened.pp @@ -3,17 +3,18 @@ class php::series7::hardened { $disable_functions = 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, show_source, dl, symlink, system_exec' # $disable_functions = 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, curl_init, parse_ini_file, show_source, dl, symlink, syslog, mail, system_exec' - php::config { - 'allow_url_fopen' : series => '7', value => 'Off'; - 'allow_url_include' : series => '7', value => 'Off'; - 'disable_functions' : series => '7', value => $disable_functions; - } - if $fpm == 'present' { php::config { - 'allow_url_fopen_fpm' : name => 'allow_url_fopen', series => '7', sapi => 'fpm', value => 'Off'; - 'allow_url_include_fpm' : name => 'allow_url_include', series => '7', sapi => 'fpm', value => 'Off'; - 'disable_functions_fpm' : name => 'disable_functions', series => '7', sapi => 'fpm', value => $disable_functions; + 'allow_url_fopen' : series => '7', sapi => 'fpm', value => 'Off'; + 'allow_url_include' : series => '7', sapi => 'fpm', value => 'Off'; + 'disable_functions' : series => '7', sapi => 'fpm', value => $disable_functions; + } + } + else { + php::config { + 'allow_url_fopen' : series => '7', value => 'Off'; + 'allow_url_include' : series => '7', value => 'Off'; + 'disable_functions' : series => '7', value => $disable_functions; } } } |