aboutsummaryrefslogtreecommitdiff
path: root/manifests
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2018-04-12 12:45:58 -0300
committerSilvio Rhatto <rhatto@riseup.net>2018-04-12 12:45:58 -0300
commit6be10162eb293103a71f213a53422eb7135a91b3 (patch)
tree43c6270af796f519aadec6132ac88892cfb0c836 /manifests
parent503e7ebdb208accb0f421368be67c7b320f02b9d (diff)
downloadpuppet-php-6be10162eb293103a71f213a53422eb7135a91b3.tar.gz
puppet-php-6be10162eb293103a71f213a53422eb7135a91b3.tar.bz2
FPM support at php::series7::hardened (3)
Diffstat (limited to 'manifests')
-rw-r--r--manifests/series7/hardened.pp19
1 files changed, 10 insertions, 9 deletions
diff --git a/manifests/series7/hardened.pp b/manifests/series7/hardened.pp
index 296b8b1..2579f79 100644
--- a/manifests/series7/hardened.pp
+++ b/manifests/series7/hardened.pp
@@ -3,17 +3,18 @@ class php::series7::hardened {
$disable_functions = 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, show_source, dl, symlink, system_exec'
# $disable_functions = 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, curl_init, parse_ini_file, show_source, dl, symlink, syslog, mail, system_exec'
- php::config {
- 'allow_url_fopen' : series => '7', value => 'Off';
- 'allow_url_include' : series => '7', value => 'Off';
- 'disable_functions' : series => '7', value => $disable_functions;
- }
-
if $fpm == 'present' {
php::config {
- 'allow_url_fopen_fpm' : name => 'allow_url_fopen', series => '7', sapi => 'fpm', value => 'Off';
- 'allow_url_include_fpm' : name => 'allow_url_include', series => '7', sapi => 'fpm', value => 'Off';
- 'disable_functions_fpm' : name => 'disable_functions', series => '7', sapi => 'fpm', value => $disable_functions;
+ 'allow_url_fopen' : series => '7', sapi => 'fpm', value => 'Off';
+ 'allow_url_include' : series => '7', sapi => 'fpm', value => 'Off';
+ 'disable_functions' : series => '7', sapi => 'fpm', value => $disable_functions;
+ }
+ }
+ else {
+ php::config {
+ 'allow_url_fopen' : series => '7', value => 'Off';
+ 'allow_url_include' : series => '7', value => 'Off';
+ 'disable_functions' : series => '7', value => $disable_functions;
}
}
}