ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
Marius Cramer
2015-06-07 fc0edb2f00bcdc6baaaa29f9041e82f3003b9b44 
 install/dist/lib/fedora.lib.php


@@ -29,87 +29,22 @@


*/




class installer_dist extends installer_base {




   public function configure_mailman($status = 'insert') {


      global $conf;




      $config_dir = $conf['mailman']['config_dir'].'/';


      $full_file_name = $config_dir.'mm_cfg.py';


      //* Backup exiting file


      if(is_file($full_file_name)) {


         copy($full_file_name, $config_dir.'mm_cfg.py~');


   protected $mailman_group = 'mailman';


	


   public function __construct() {


      //** check apache modules */


      $mods = getapachemodules();


      if(in_array('authz_compat', $mods, true)) {


         swriteln($inst->lng('    WARNING! You are using mod_authz_compat.'));


         swriteln($inst->lng('    Please make sure that your apache config uses the new auth syntax:'));


         swriteln($inst->lng('    <Directory />'));


         swriteln($inst->lng('    Options None'));


         swriteln($inst->lng('    AllowOverride None'));


         swriteln($inst->lng('    Require all denied'));


         swriteln($inst->lng('    </Directory>'."\n"));


			


         swriteln($inst->lng('    If it uses the old syntax (deny from all) ISPConfig would fail to work.'));


      }




      // load files


      $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mm_cfg.py.master', 'tpl/mm_cfg.py.master');


      $old_file = rf($full_file_name);




      $old_options = array();


      $lines = explode("\n", $old_file);


      foreach ($lines as $line)


      {


         if (trim($line) != '' && substr($line, 0, 1) != '#')


         {


            @list($key, $value) = @explode("=", $line);


            if (!empty($value))


            {


               $key = rtrim($key);


               $old_options[$key] = trim($value);


            }


         }


      }




      if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');


      exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');




      $virtual_domains = '';


      if($status == 'update')


      {


         // create virtual_domains list


         $domainAll = $this->db->queryAllRecords("SELECT domain FROM mail_mailinglist GROUP BY domain");




         if(is_array($domainAll)) {


            foreach($domainAll as $domain)


            {


               if ($domainAll[0]['domain'] == $domain['domain'])


                  $virtual_domains .= "'".$domain['domain']."'";


               else


                  $virtual_domains .= ", '".$domain['domain']."'";


            }


         }


      }


      else


         $virtual_domains = "' '";




      $content = str_replace('{hostname}', $conf['hostname'], $content);


      if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = '';


      $content = str_replace('{default_language}', $old_options['DEFAULT_SERVER_LANGUAGE'], $content);


      $content = str_replace('{virtual_domains}', $virtual_domains, $content);




      wf($full_file_name, $content);




      //* Write virtual_to_transport.sh script


      $config_dir = $conf['mailman']['config_dir'].'/';


      $full_file_name = $config_dir.'virtual_to_transport.sh';




      //* Backup exiting virtual_to_transport.sh script


      if(is_file($full_file_name)) {


         copy($full_file_name, $config_dir.'virtual_to_transport.sh~');


      }




      if(is_dir('/etc/mailman')) {


         if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh')) {


            copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh', $full_file_name);


         } else {


            copy('tpl/mailman-virtual_to_transport.sh', $full_file_name);


         }


         chgrp($full_file_name, 'mailman');


         chmod($full_file_name, 0750);


      }




      //* Create aliasaes


      exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');




   }




   function configure_postfix($options = '')


@@ -143,6 +78,9 @@


      //* mysql-virtual_sender.cf


      $this->process_postfix_config('mysql-virtual_sender.cf');




      //* mysql-virtual_sender_login_maps.cf


      $this->process_postfix_config('mysql-virtual_sender_login_maps.cf');


		


      //* mysql-virtual_client.cf


      $this->process_postfix_config('mysql-virtual_client.cf');




@@ -195,23 +133,28 @@


         }


      }


      unset($rbl_hosts);


      unset($server_ini_array);


      


      //* If Postgrey is installed, configure it


      $greylisting = '';


      if($conf['postgrey']['installed'] == true) {


         $greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';


         $greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';


      }


      


      //* These postconf commands will be executed on installation and update


      $reject_sender_login_mismatch = '';


      if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {


         $reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';


      }


      unset($server_ini_array);


		


      $postconf_placeholders = array('{config_dir}' => $config_dir,


         '{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],


         '{vmail_userid}' => $cf['vmail_userid'],


         '{vmail_groupid}' => $cf['vmail_groupid'],


         '{rbl_list}' => $rbl_list,


         '{greylisting}' => $greylisting,


         '{reject_slm}' => $reject_sender_login_mismatch,


      );




		


      $postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_postfix.conf.master', 'tpl/fedora_postfix.conf.master');


      $postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);


      $postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines


@@ -350,9 +293,6 @@


      wf("$pam/smtp", $content);


      // On some OSes smtp is world readable which allows for reading database information.  Removing world readable rights should have no effect.


      if(is_file("$pam/smtp"))    exec("chmod o= $pam/smtp");


      //exec("chmod 660 $pam/smtp");


      //exec("chown root:root $pam/smtp");




   }




   public function configure_courier()


@@ -370,6 +310,7 @@


      $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);


      $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);


      $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);


      $content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);


      wf("$config_dir/$configfile", $content);




      exec("chmod 660 $config_dir/$configfile");


@@ -488,6 +429,7 @@


      $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);


      $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);


      $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);


      $content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);


      $content = str_replace('{server_id}', $conf['server_id'], $content);


      wf("$config_dir/$configfile", $content);




@@ -514,6 +456,7 @@


      $content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);


      $content = str_replace('{hostname}', $conf['hostname'], $content);


      wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);


      chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);






      // Adding the amavisd commands to the postfix configuration


@@ -644,6 +587,7 @@


      $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);


      $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);


      $content = str_replace('{mysql_server_host}', $conf["mysql"]["host"], $content);


      $content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);


      $content = str_replace('{server_id}', $conf["server_id"], $content);


      wf($conf["mydns"]["config_dir"].'/'.$configfile, $content);


      exec('chmod 600 '.$conf["mydns"]["config_dir"].'/'.$configfile);


@@ -670,7 +614,7 @@




      //* Chown the slave subdirectory to $conf['bind']['bind_user']


      exec('chown '.$conf['bind']['bind_user'].':'.$conf['bind']['bind_group'].' '.$content);


      exec('chmod 770 '.$content);


      exec('chmod 2770 '.$content);




   }




@@ -791,7 +735,7 @@


      if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


   }




   public function configure_firewall()


   public function configure_bastille_firewall()


   {


      global $conf;




@@ -854,7 +798,6 @@


      unset($iptables_location);




   }






   public function install_ispconfig()


   {


@@ -923,11 +866,13 @@


      $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);


      $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);


      $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);


      $content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);




      $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);


      $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);


      $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);


      $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);


      $content = str_replace('{mysql_master_server_port}', $conf['mysql']['master_port'], $content);




      $content = str_replace('{server_id}', $conf['server_id'], $content);


      $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);


@@ -948,11 +893,13 @@


      $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);


      $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);


      $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);


      $content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);




      $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);


      $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);


      $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);


      $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);


      $content = str_replace('{mysql_master_server_port}', $conf['mysql']['master_port'], $content);




      $content = str_replace('{server_id}', $conf['server_id'], $content);


      $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);


@@ -969,7 +916,6 @@


         $content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';


         wf($install_dir.'/server/lib/remote_action.inc.php', $content);


      }






      //* Enable the server modules and plugins.


      // TODO: Implement a selector which modules and plugins shall be enabled.


@@ -1127,11 +1073,6 @@


      if($conf['nginx']['installed'] == true){


         $command = 'usermod -a -G ispconfig '.$conf['nginx']['user'];


         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


         //if(is_user('ispapps')){


         // Allow the ispapps vhost access to /etc/squirrelmail


         //$command = 'usermod -a -G '.$conf['apache']['group'].' ispapps';


         //caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


         //}


         if(is_group('ispapps')){


            $command = 'usermod -a -G ispapps '.$conf['nginx']['user'];


            caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


@@ -1318,7 +1259,12 @@


      


      // Add symlink for patch tool


      if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');




		


      // Change mode of a few files from amavisd


      if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);


      if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);


      if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);


      if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);


   }


}