From 10b4c85a7686da07bddb5779f8ceea48acdf412e Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Thu, 03 Jan 2013 06:51:45 -0500
Subject: [PATCH] Merged revisons 3687-3748 from 3.0.5 stable branch.

---
 install/dist/lib/opensuse.lib.php |   27 +++++++++++++++++++++++----
 1 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/install/dist/lib/opensuse.lib.php b/install/dist/lib/opensuse.lib.php
index f33fc84..32c1e79 100644
--- a/install/dist/lib/opensuse.lib.php
+++ b/install/dist/lib/opensuse.lib.php
@@ -914,8 +914,15 @@
 		exec("chmod -R 770 $install_dir/server/aps_packages");
 		
 		//* make sure that the server config file (not the interface one) is only readable by the root user
-		exec("chmod 600 $install_dir/server/lib/$configfile");
-		exec("chown root:root $install_dir/server/lib/$configfile");
+		chmod($install_dir.'/server/lib/config.inc.php', 0600);
+		chown($install_dir.'/server/lib/config.inc.php', 'root');
+		chgrp($install_dir.'/server/lib/config.inc.php', 'root');
+		
+		//* Make sure thet the interface config file is readable by user ispconfig only
+		chmod($install_dir.'/interface/lib/config.inc.php', 0600);
+		chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
+		chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
+		
 		if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) {
 			exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
 			exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");
@@ -970,6 +977,11 @@
 			} else {
 				$content = str_replace('{ssl_comment}', '#', $content);
 			}
+			if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) {
+				$content = str_replace('{ssl_bundle_comment}', '', $content);
+			} else {
+				$content = str_replace('{ssl_bundle_comment}', '#', $content);
+			}
 		
 			$content = str_replace('/var/www/', '/srv/www/', $content);
 		
@@ -1008,11 +1020,11 @@
 			$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
 		
 			if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
-				$content = str_replace('{ssl_on}', ' ssl', $content);
+				$content = str_replace('{ssl_on}', ' on', $content);
 				$content = str_replace('{ssl_comment}', '', $content);
 				$content = str_replace('{fastcgi_ssl}', 'on', $content);
 			} else {
-				$content = str_replace('{ssl_on}', '', $content);
+				$content = str_replace('{ssl_on}', ' off', $content);
 				$content = str_replace('{ssl_comment}', '#', $content);
 				$content = str_replace('{fastcgi_ssl}', 'off', $content);
 			}
@@ -1098,6 +1110,13 @@
 			exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
 		}
 		
+		//* Create the ispconfig auth log file and set uid/gid
+		if(!is_file($conf['ispconfig_log_dir'].'/auth.log')) {
+			touch($conf['ispconfig_log_dir'].'/auth.log');
+		}
+		exec('chown ispconfig:ispconfig '. $conf['ispconfig_log_dir'].'/auth.log');
+		exec('chmod 660 '. $conf['ispconfig_log_dir'].'/auth.log');
+		
 		//* Remove Domain module as its functions are available in the client module now
 		if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
 		

--
Gitblit v1.9.1