| | |
|---|
| | | $this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage); |
|---|
| | | } |
|---|
| | | |
|---|
| | | $query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`) ON ".$value['db'].".`web_domain` TO '".$value['user']."'@'".$host."' "; |
|---|
| | | $query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ".$value['db'].".`web_domain` TO '".$value['user']."'@'".$host."' "; |
|---|
| | | if ($verbose){ |
|---|
| | | echo $query ."\n"; |
|---|
| | | } |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | $query = "GRANT SELECT, UPDATE ON ".$value['db'].".`aps_instances` TO '".$value['user']."'@'".$host."' "; |
|---|
| | | if ($verbose){ |
|---|
| | | echo $query ."\n"; |
|---|
| | | } |
|---|
| | | if(!$this->dbmaster->query($query)) { |
|---|
| | | $this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage); |
|---|
| | | } |
|---|
| | | |
|---|
| | | $query = "GRANT SELECT, INSERT, DELETE ON ".$value['db'].".`web_backup` TO '".$value['user']."'@'".$host."' "; |
|---|
| | | if ($verbose){ |
|---|
| | | echo $query ."\n"; |
|---|
| | | } |
|---|
| | |
|---|
| | | if(!stristr($options,'dont-create-certs')) { |
|---|
| | | //* Create the SSL certificate |
|---|
| | | $command = 'cd '.$config_dir.'; ' |
|---|
| | | .'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509'; |
|---|
| | | .'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509'; |
|---|
| | | exec($command); |
|---|
| | | |
|---|
| | | $command = 'chmod o= '.$config_dir.'/smtpd.key'; |
|---|
| | |
|---|
| | | exec("chmod -R 770 $install_dir/server/aps_packages"); |
|---|
| | | |
|---|
| | | //* make sure that the server config file (not the interface one) is only readable by the root user |
|---|
| | | chmod($install_dir.'/server/lib/'.$configfile, 0600); |
|---|
| | | chown($install_dir.'/server/lib/'.$configfile, 'root'); |
|---|
| | | chgrp($install_dir.'/server/lib/'.$configfile, 'root'); |
|---|
| | | chmod($install_dir.'/server/lib/config.inc.php', 0600); |
|---|
| | | chown($install_dir.'/server/lib/config.inc.php', 'root'); |
|---|
| | | chgrp($install_dir.'/server/lib/config.inc.php', 'root'); |
|---|
| | | |
|---|
| | | //* Make sure thet the interface config file is readable by user ispconfig only |
|---|
| | | chmod($install_dir.'/interface/lib/config.inc.php', 0600); |
|---|
| | | chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig'); |
|---|
| | | chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig'); |
|---|
| | | |
|---|
| | | chmod($install_dir.'/server/lib/remote_action.inc.php', 0600); |
|---|
| | | chown($install_dir.'/server/lib/remote_action.inc.php', 'root'); |
|---|
| | |
|---|
| | | $content = str_replace('{ssl_comment}', '', $content); |
|---|
| | | } else { |
|---|
| | | $content = str_replace('{ssl_comment}', '#', $content); |
|---|
| | | } |
|---|
| | | if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) { |
|---|
| | | $content = str_replace('{ssl_bundle_comment}', '', $content); |
|---|
| | | } else { |
|---|
| | | $content = str_replace('{ssl_bundle_comment}', '#', $content); |
|---|
| | | } |
|---|
| | | |
|---|
| | | wf($vhost_conf_dir.'/ispconfig.vhost', $content); |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | ?> |
|---|
| | | ?> |
|---|
