gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -196,7 +196,8 @@

			$tpl_ini_array = ini_to_array(rf('tpl/server.ini.master'));

			// TODO: Update further distribution specific parameters for server config here
			//* Update further distribution specific parameters for server config here
			//* HINT: Every line added here has to be added in update.lib.php too!!
			$tpl_ini_array['web']['vhost_conf_dir'] = $conf['apache']['vhost_conf_dir'];
			$tpl_ini_array['web']['vhost_conf_enabled_dir'] = $conf['apache']['vhost_conf_enabled_dir'];
			$tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs'];
			@@ -211,6 +212,8 @@
			$tpl_ini_array['web']['security_level'] = 20;
			$tpl_ini_array['web']['user'] = $conf['apache']['user'];
			$tpl_ini_array['web']['group'] = $conf['apache']['group'];
			$tpl_ini_array['web']['php_ini_path_apache'] = $conf['apache']['php_ini_path_apache'];
			$tpl_ini_array['web']['php_ini_path_cgi'] = $conf['apache']['php_ini_path_cgi'];
			$tpl_ini_array['mail']['pop3_imap_daemon'] = ($conf['dovecot']['installed'] == true)?'dovecot':'courier';
			$tpl_ini_array['mail']['mail_filter_syntax'] = ($conf['dovecot']['installed'] == true)?'sieve':'maildrop';
			$tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user'];
			@@ -282,9 +285,11 @@

			$hosts[$from_host]['user'] = $conf['mysql']['master_ispconfig_user'];
			$hosts[$from_host]['db'] = $conf['mysql']['master_database'];
			$hosts[$from_host]['pwd'] = $conf['mysql']['master_ispconfig_password'];

			$hosts[$from_ip]['user'] = $conf['mysql']['master_ispconfig_user'];
			$hosts[$from_ip]['db'] = $conf['mysql']['master_database'];
			$hosts[$from_ip]['pwd'] = $conf['mysql']['master_ispconfig_password'];
			} else{
			/*
			* it is NOT a master-slave - Setup so we have to find out all clients and their
			@@ -298,17 +303,27 @@
			foreach ($data as $item){
			$hosts[$item['Host']]['user'] = $item['User'];
			$hosts[$item['Host']]['db'] = $conf['mysql']['master_database'];
			$hosts[$item['Host']]['pwd'] = ''; // the user already exists, so we need no pwd!
			}
			}


			if(is_array($hosts)) {
			foreach($hosts as $host => $value) {
			/*
			* Delete ISPConfig user in the master database, in case that it exists
			* If a pwd exists, this means, we have to add the new user (and his pwd).
			* if not, the user already exists and we do not need the pwd
			*/
			if ($value['pwd'] != ''){
			$query = "CREATE USER '".$value['user']."'@'".$host."' IDENTIFIED BY '" . $value['pwd'] . "'";
			$this->dbmaster->query($query); // ignore the error
			}

			/*
			* Try to delete all rights of the user in case that it exists.
			* In Case that it will not exist, do nothing (ignore the error!)
			*/
			$query = "REVOKE ALL PRIVILEGES, GRANT OPTION FROM '".$value['user']."'@'".$host."' ";
			if(!$this->dbmaster->query($query)) {
			$this->error('Unable to remove rights of user in master database: '.$value['db'].' Error: '.$this->dbmaster->errorMessage);
			}
			$this->dbmaster->query($query); // ignore the error

			//* Create the ISPConfig database user in the remote database
			$query = "GRANT SELECT ON ".$value['db'].".`server` TO '".$value['user']."'@'".$host."' ";
			@@ -371,6 +386,7 @@
			* It is all done. Relod the rights...
			*/
			$this->dbmaster->query('FLUSH PRIVILEGES;');
			}

			}

			@@ -531,7 +547,7 @@

			//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
			$command = 'chmod 755 /var/run/courier/authdaemon/';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
			if(is_file('/var/run/courier/authdaemon/')) caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);

			//* Changing maildrop lines in posfix master.cf
			if(is_file($config_dir.'/master.cf')) {
			@@ -630,6 +646,8 @@
			$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
			$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
			wf("$pam/smtp", $content);
			// On some OSes smtp is world readable which allows for reading database information. Removing world readable rights should have no effect.
			if(is_file("$pam/smtp")) exec("chmod o= $pam/smtp");
			exec("chmod 660 $pam/smtp");
			exec("chown daemon:daemon $pam/smtp");

			@@ -839,6 +857,7 @@
			//exec('mkdir -p '.$config_dir.'/conf/ChrootEveryone');
			exec('echo "yes" > '.$config_dir.'/conf/ChrootEveryone');
			exec('echo "yes" > '.$config_dir.'/conf/BrokenClientsCompatibility');
			exec('echo "yes" > '.$config_dir.'/conf/DisplayDotFiles');

			if(is_file('/etc/default/pure-ftpd-common')) {
			replaceLine('/etc/default/pure-ftpd-common','STANDALONE_OR_INETD=inetd','STANDALONE_OR_INETD=standalone',1,0);
			@@ -917,7 +936,20 @@
			public function configure_bind() {
			global $conf;

			//* Nothing to do
			//* Check if the zonefile directory has a slash at the end
			$content=$conf['bind']['bind_zonefiles_dir'];
			if(substr($content,-1,1) != '/') {
			$content .= '/';
			}

			//* Create the slave subdirectory
			$content .= 'slave';
			$content_mkdir = 'mkdir -p '.$content;
			exec($content_mkdir);

			//* Chown the slave subdirectory to $conf['bind']['bind_user']
			exec('chown '.$conf['bind']['bind_user'].':'.$conf['bind']['bind_group'].' '.$content);
			exec('chmod 770 '.$content);

			}

			@@ -930,7 +962,7 @@
			exec('mkdir -p /var/log/ispconfig/httpd');

			if(is_file('/etc/suphp/suphp.conf')) {
			replaceLine('/etc/suphp/suphp.conf','php=php:/usr/bin','x-httpd-suphp=php:/usr/bin/php-cgi',0);
			replaceLine('/etc/suphp/suphp.conf','php=php:/usr/bin','x-httpd-suphp="php:/usr/bin/php-cgi"',0);
			//replaceLine('/etc/suphp/suphp.conf','docroot=','docroot=/var/clients',0);
			replaceLine('/etc/suphp/suphp.conf','umask=0077','umask=0022',0);
			}
			@@ -1134,6 +1166,25 @@
			}

			}

			public function make_ispconfig_ssl_cert() {
			global $conf;

			$ssl_crt_file = '/usr/local/ispconfig/interface/ssl/ispserver.crt';
			$ssl_csr_file = '/usr/local/ispconfig/interface/ssl/ispserver.csr';
			$ssl_key_file = '/usr/local/ispconfig/interface/ssl/ispserver.key';

			if(!is_dir('/usr/local/ispconfig/interface/ssl')) exec("mkdir -p /usr/local/ispconfig/interface/ssl");

			$ssl_pw = substr(md5(mt_rand()),0,6);
			exec("openssl genrsa -des3 -passout pass:$ssl_pw -out $ssl_key_file 4096");
			exec("openssl req -new -passin pass:$ssl_pw -passout pass:$ssl_pw -key $ssl_key_file -out $ssl_csr_file");
			exec("openssl req -x509 -passin pass:$ssl_pw -passout pass:$ssl_pw -key $ssl_key_file -in $ssl_csr_file -out $ssl_crt_file -days 3650");
			exec("openssl rsa -passin pass:$ssl_pw -in $ssl_key_file -out $ssl_key_file.insecure");
			exec("mv $ssl_key_file $ssl_key_file.secure");
			exec("mv $ssl_key_file.insecure $ssl_key_file");

			}

			public function install_ispconfig() {
			global $conf;
			@@ -1228,9 +1279,15 @@
			$module_name = substr($file,0,-8);
			$tmp = new $module_name;
			if($tmp->onInstall()) {
			if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
			if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) {
			@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
			// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file);
			}
			if (strpos($file, '_core_module') !== false) {
			if(!@is_link($install_dir.'/server/mods-core/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
			if(!@is_link($install_dir.'/server/mods-core/'.$file)) {
			@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
			// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file);
			}
			}
			}
			unset($tmp);
			@@ -1249,9 +1306,15 @@
			$plugin_name = substr($file,0,-8);
			$tmp = new $plugin_name;
			if(method_exists($tmp,'onInstall') && $tmp->onInstall()) {
			if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
			if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) {
			@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
			//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-enabled/'.$file);
			}
			if (strpos($file, '_core_plugin') !== false) {
			if(!@is_link($install_dir.'/server/plugins-core/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
			if(!@is_link($install_dir.'/server/plugins-core/'.$file)) {
			@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
			//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-core/'.$file);
			}
			}
			}
			unset($tmp);
			@@ -1351,6 +1414,12 @@
			} else {
			$content = str_replace('{vhost_port_listen}', '', $content);
			}

			if(is_file('/usr/local/ispconfig/interface/ssl/ispserver.crt') && is_file('/usr/local/ispconfig/interface/ssl/ispserver.key')) {
			$content = str_replace('{ssl_comment}', '', $content);
			} else {
			$content = str_replace('{ssl_comment}', '#', $content);
			}

			wf("$vhost_conf_dir/ispconfig.vhost", $content);

			@@ -1400,7 +1469,7 @@

			//* Add Log-Rotation
			if (is_dir('/etc/logrotate.d')) {
			unlink('/etc/logrotate.d/logispc3');
			@unlink('/etc/logrotate.d/logispc3'); // ignore, if the file is not there
			$fh = fopen('/etc/logrotate.d/logispc3', 'w');
			fwrite($fh,
			"/var/log/ispconfig/ispconfig.log { \n" .
			@@ -1610,4 +1679,4 @@
			}
			}

			?>
			?>