diff options
-rw-r--r-- | config/config.sample.php | 9 | ||||
-rw-r--r-- | lib/base.php | 6 | ||||
-rw-r--r-- | lib/private/helper.php | 8 | ||||
-rw-r--r-- | settings/admin.php | 1 | ||||
-rw-r--r-- | settings/templates/admin.php | 20 |
5 files changed, 38 insertions, 6 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index 26cc356fd04..78faf064a8b 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -441,6 +441,15 @@ $CONFIG = array( */ 'check_for_working_htaccess' => true, +/** + * In certain environments it is desired to have a read-only config file. + * When this switch is set to ``true`` ownCloud will not verify whether the + * configuration is writable. However, it will not be possible to configure + * all options via the web-interface. Furthermore, when updating ownCloud + * it is required to make the config file writable again for the update + * process. + */ +'config_is_read_only' => false, /** * Logging diff --git a/lib/base.php b/lib/base.php index cd5d8feb1f6..74b668551ab 100644 --- a/lib/base.php +++ b/lib/base.php @@ -188,9 +188,9 @@ class OC { public static function checkConfig() { $l = \OC::$server->getL10N('lib'); - if (file_exists(self::$configDir . "/config.php") - and !is_writable(self::$configDir . "/config.php") - ) { + $configFileWritable = file_exists(self::$configDir . "/config.php") && is_writable(self::$configDir . "/config.php"); + if (!$configFileWritable && !OC_Helper::isReadOnlyConfigEnabled() + || !$configFileWritable && \OCP\Util::needUpgrade()) { if (self::$CLI) { echo $l->t('Cannot write into "config" directory!')."\n"; echo $l->t('This can usually be fixed by giving the webserver write access to the config directory')."\n"; diff --git a/lib/private/helper.php b/lib/private/helper.php index d43eefcdc52..0e302275540 100644 --- a/lib/private/helper.php +++ b/lib/private/helper.php @@ -973,4 +973,12 @@ class OC_Helper { return array('free' => $free, 'used' => $used, 'total' => $total, 'relative' => $relative); } + + /** + * Returns whether the config file is set manually to read-only + * @return bool + */ + public static function isReadOnlyConfigEnabled() { + return \OC::$server->getConfig()->getSystemValue('config_is_read_only', false); + } } diff --git a/settings/admin.php b/settings/admin.php index a669974891c..50a4ac4f1c8 100644 --- a/settings/admin.php +++ b/settings/admin.php @@ -33,6 +33,7 @@ $template->assign('mail_smtppassword', $config->getSystemValue("mail_smtppasswor $template->assign('entries', $entries); $template->assign('entriesremain', $entriesRemaining); $template->assign('htaccessworking', $htAccessWorking); +$template->assign('readOnlyConfigEnabled', OC_Helper::isReadOnlyConfigEnabled()); $template->assign('isLocaleWorking', OC_Util::isSetLocaleWorking()); $template->assign('isPhpCharSetUtf8', OC_Util::isPhpCharSetUtf8()); $template->assign('isAnnotationsWorking', OC_Util::isAnnotationsWorking()); diff --git a/settings/templates/admin.php b/settings/templates/admin.php index 166e36a3605..d29ea4c7f7f 100644 --- a/settings/templates/admin.php +++ b/settings/templates/admin.php @@ -86,14 +86,28 @@ if (!$_['isConnectedViaHTTPS']) { // is htaccess working ? if (!$_['htaccessworking']) { ?> -<div class="section"> - <h2><?php p($l->t('Security Warning'));?></h2> + <div class="section"> + <h2><?php p($l->t('Security Warning')); ?></h2> <span class="securitywarning"> <?php p($l->t('Your data directory and your files are probably accessible from the internet. The .htaccess file is not working. We strongly suggest that you configure your webserver in a way that the data directory is no longer accessible or you move the data directory outside the webserver document root.')); ?> </span> -</div> + </div> +<?php +} + +// is read only config enabled +if ($_['readOnlyConfigEnabled']) { +?> +<div class="section"> + <h2><?php p($l->t('Read-Only config enabled'));?></h2> + + <span class="securitywarning"> + <?php p($l->t('The Read-Only config has been enabled. This prevents setting some configurations via the web-interface. Furthermore, the file needs to be made writable manually for every update.')); ?> + </span> + + </div> <?php } // Are doc blocks accessible? |