How to create a new theme with safemode in effect?

Puc conDoin · April 20, 2005, 11:05:05 AM

How can I create a new theme when safemode is in effect?

Owdy · April 20, 2005, 12:05:31 PM

Do you mean creating or installing a theme?

Install= http://support.simplemachines.org/faq/?action=display&faq=57
Try last 2 methods.

Creating=
http://www.simplemachines.org/community/index.php?topic=16843.0
http://support.simplemachines.org/docs/themes.quick-start.php

Puc conDoin · April 20, 2005, 12:56:39 PM

Thanx, I need to create a new directory and put those 3 files from the default in it?

And then I can install the theme by pointing to that directory?

Owdy · April 20, 2005, 01:00:57 PM

Quote from: Puc conDoin on April 20, 2005, 12:56:39 PM
Thanx, I need to create a new directory and put those 3 files from the default in it?

Try that 'Create a copy of Default named' method. If you have safe mode, it creates directory, but not copy files. Then, copy those files from default theme what you wanna modify. Index.template and style.css is good start.

Puc conDoin · April 20, 2005, 01:58:01 PM

It didn't work that way.

I created the directory myself and put the 3 files from default theme in it.
After that, I duplicated the 4 database entry's for the classic theme, and edited those to match the new theme's directory.

This is one of the most complicated ways to create a new theme, but this worked.

Owdy · April 20, 2005, 02:02:28 PM

Im glad it worked. That sure is complicated

You could try that install from dir version also.

1. create dir
2. upload index.template, style.css and theme_info.xml to that dir
3 install from dir.

You can get theme_info.xml from classic theme or any custom themes from here. Safe mode is pain. Imagine, without it, you could install theme just one click

Puc conDoin · April 20, 2005, 03:58:26 PM

I know the possibilities with safemode off...

Having the same problems with Mambo, but they are going to fix this in an upcoming release.

Maybe SMF wil be made safemode friendly in the future?

[Unknown] · April 20, 2005, 04:00:55 PM

SMF 1.1 works much better in safe mode. Most specifically, the package manager does. That said, if it's configured properly 1.0 works wonderfully.

See Lycos UK, which runs safe mode, and on which SMF 1.0.3 runs beautifully.

-[Unknown]

Miraenda · April 20, 2005, 10:54:01 PM

How would configured properly be exactly in order to run successfully in safe mode? I plan to change this setting soon on my server in preparation for upgrading to PHP5 on it.

[Unknown] · April 20, 2005, 11:20:33 PM

Well, there's two parts to it.

One, if you use safe_mode, you should use PHP suExec. The biggest flaw in safe_mode is that files created by PHP aren't owned by it, and as such PHP can't access them. Many times, this also means that PHP can create files anywhere it wants, it just can't access the files it creates - imagine it creating a file in /etc/init.d (if that directory were 777 for some strange reason.)

So, what I mean is that safe_mode ain't that great. I've described before what the best scheme is, which is essentially how cPanel does things by default (/home/username owned by username:nogroup/nobody, etc.) The only difference is open_basedir.

While safe_mode is, without PHP suExec, a very annoying and less-than problem solving solution, open_basedir is almost perfect. You can add just /tmp, /home/username, and similar by hostname in httpd.conf, and have all the security you'd ever want with safe_mode - but with a lot more freedom for the user.

I mean, what inside of /home/username/public_html do you *not* want PHP accessing? In theory, everything in that directory should be owned by username, and no one else - right?

Another solution, if you must use safe_mode, is to basically sticky the uid in all the directories; that means, to 6777 or 4777, etc., the /home/username directories. This won't make safe_mode perfect, but it will mean that files created by PHP (or anyone else) inside the /home/username/public_html (etc.) directories will be owned by the user. Again, this is usually what you want anyway.

-[Unknown]

Miraenda · April 20, 2005, 11:28:57 PM

Thank you for providing a detailed and clear explanation.

Puc conDoin · April 21, 2005, 04:35:41 AM

Quote from: [Unknown] on April 20, 2005, 11:20:33 PM
One, if you use safe_mode, you should use PHP suExec. The biggest flaw in safe_mode is that files created by PHP aren't owned by it, and as such PHP can't access them. Many times, this also means that PHP can create files anywhere it wants, it just can't access the files it creates - imagine it creating a file in /etc/init.d (if that directory were 777 for some strange reason.)

Another solution, if you must use safe_mode, is to basically sticky the uid in all the directories; that means, to 6777 or 4777, etc., the /home/username directories. This won't make safe_mode perfect, but it will mean that files created by PHP (or anyone else) inside the /home/username/public_html (etc.) directories will be owned by the user. Again, this is usually what you want anyway.

-[Unknown]

What is PHP suExec?

Can you explain this 'sticky uid' thing?

[Unknown] · April 23, 2005, 11:35:01 PM

Unless you're the host, it's unlikely there's anything you can do about it.

http://en.wikipedia.org/wiki/Chmod

http://httpd.apache.org/docs/suexec.html

-[Unknown]

News:

How to create a new theme with safemode in effect?