Run PHP Composer Install within Script Installer

3 posts / 0 new
Last post
#1 Thu, 08/10/2017 - 06:41
xdeveloper

Run PHP Composer Install within Script Installer

Hi,

I am a developer of a very small PHP tool. It is a PHP application that has composer dependencies (defined in composer.json).

I wrote a script installer for Virtualmin to make deploying it withing Virtualmin just a few button clicks. I am facing the following issue: how can I let the installer download the dependencies for for the application.

Currently I added the following to my script_name_install function:

system("cd $opts->{'dir'} && composer install > $opts->{'dir'}/storage/logs/composer-installer.log");

But then I noticed that the dependencies are being created as the user root, so I changed that to:

system("su -c "cd $opts->{'dir'} && composer install > $opts->{'dir'}/composer-installer.log" -s /bin/bash $dbuser");

But I am not so sure it's the best way to make that, so how do you suggest I implement such a thing?

Thank you!

Thu, 08/10/2017 - 07:38
Joe
Joe's picture

You can call functions as the domain owner user, using the "run_as_domain_user" function.

You can grep for that in the scripts directory for examples, and there's some examples that use it in the docs: https://www.virtualmin.com/documentation/developer/scripts

The signature is: run_as_domain_user(&domain, command, background, [never-su])

And, it's defined in security-lib.pl in the base dir of Virtualmin if you want to see the code for what it does exactly.

It may be fine to do it "manually" though there tends to be some extra protections in the Virtualmin functions to do things, like cleaning the environment and other stuff. If you trust your users not to do malicious things this isn't a problem. Jamie's been building security sensitive software for a long time and has been bitten by just about everything, so he thinks of more possible failure modes than us mere mortals do.

--

Check out the forum guidelines!

Thu, 08/10/2017 - 07:59
xdeveloper

THANK YOU Joe, this is really helpful, I will be testing it now, and give some feedback later.

EDIT: it worked! Thank you again!

Topic locked