From 3764dc4ad0b85b25cfe1247f68c5df00a2f0445d Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 27 Oct 2009 11:34:34 -0400
Subject: [PATCH] Implemented: FS#539 - ssl domain must be selectable
---
install/lib/installer_base.lib.php | 250 +++++++++++++++++++++++++++++++++++++++++++------
1 files changed, 216 insertions(+), 34 deletions(-)
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 77d0c43..f489e08 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -127,6 +127,7 @@
if(is_installed('pure-ftpd') || is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true;
if(is_installed('mydns') || is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
if(is_installed('jk_chrootsh')) $conf['jailkit']['installed'] = true;
+ if(is_installed('pdns_server') || is_installed('pdns_control')) $conf['powerdns']['installed'] = true;
}
@@ -204,12 +205,17 @@
$tpl_ini_array['web']['vhost_conf_enabled_dir'] = $conf['apache']['vhost_conf_enabled_dir'];
$tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs'];
$tpl_ini_array['fastcgi']['fastcgi_phpini_path'] = $conf['fastcgi']['fastcgi_phpini_path'];
+ $tpl_ini_array['fastcgi']['fastcgi_starter_path'] = $conf['fastcgi']['fastcgi_starter_path'];
$tpl_ini_array['server']['hostname'] = $conf['hostname'];
$tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']);
$tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir'];
$tpl_ini_array['web']['website_path'] = $conf['web']['website_path'];
$tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks'];
-
+ $tpl_ini_array['cron']['crontab_dir'] = $conf['cron']['crontab_dir'];
+ $tpl_ini_array['web']['security_level'] = 20;
+ $tpl_ini_array['web']['user'] = $conf['apache']['user'];
+ $tpl_ini_array['web']['group'] = $conf['apache']['group'];
+
$server_ini_content = array_to_ini($tpl_ini_array);
$server_ini_content = mysql_real_escape_string($server_ini_content);
@@ -232,30 +238,10 @@
$sql = "INSERT INTO `server` (`server_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES ('".$conf['server_id']."',1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1);";
$this->db->query($sql);
- //* insert the ispconfig user in the remote server
- $from_host = $conf['hostname'];
- $from_ip = gethostbyname($conf['hostname']);
-
//* username for the ispconfig user
$conf['mysql']['master_ispconfig_user'] = 'ispcsrv'.$conf['server_id'];
-
- //* Delete ISPConfig user in the master database, in case that it exists
- $this->dbmaster->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['master_ispconfig_user']."' AND Host = '".$from_host."';");
- $this->dbmaster->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['master_database']."' AND Host = '".$from_host."';");
- $this->dbmaster->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['master_ispconfig_user']."' AND Host = '".$from_ip."';");
- $this->dbmaster->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['master_database']."' AND Host = '".$from_ip."';");
- $this->dbmaster->query('FLUSH PRIVILEGES;');
-
- //* Create the ISPConfig database user in the local database
- /*$query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['master_database'].".* "
- ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$from_host."' "
- ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";*/
- $query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['master_database'].".* "
- ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$from_ip."' "
- ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
- if(!$this->dbmaster->query($query)) {
- $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
- }
+
+ $this->grant_master_database_rights();
} else {
//* Insert the server, if its not a mster / slave setup
@@ -268,6 +254,100 @@
}
+ public function grant_master_database_rights()
+ {
+ global $conf;
+
+ if($conf['mysql']['master_slave_setup'] != 'y') return;
+
+ //* insert the ispconfig user in the remote server
+ $from_host = $conf['hostname'];
+ $from_ip = gethostbyname($conf['hostname']);
+
+ //* Delete ISPConfig user in the master database, in case that it exists
+ $this->dbmaster->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['master_ispconfig_user']."' AND Host = '".$from_host."';");
+ $this->dbmaster->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['master_database']."' AND Host = '".$from_host."';");
+ $this->dbmaster->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['master_ispconfig_user']."' AND Host = '".$from_ip."';");
+ $this->dbmaster->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['master_database']."' AND Host = '".$from_ip."';");
+ $this->dbmaster->query('FLUSH PRIVILEGES;');
+
+ $hosts = array($from_host, $from_ip);
+
+ foreach($hosts as $src_host) {
+ //* Create the ISPConfig database user in the remote database
+ $query = "GRANT SELECT ON ".$conf['mysql']['master_database'].".`server` "
+ ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
+ ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
+ if(!$this->dbmaster->query($query)) {
+ $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
+ }
+
+ $query = "GRANT SELECT, INSERT ON ".$conf['mysql']['master_database'].".`sys_log` "
+ ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
+ ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
+ if(!$this->dbmaster->query($query)) {
+ $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
+ }
+
+ $query = "GRANT SELECT, UPDATE(`status`) ON ".$conf['mysql']['master_database'].".`sys_datalog` "
+ ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
+ ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
+ if(!$this->dbmaster->query($query)) {
+ $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
+ }
+
+ $query = "GRANT UPDATE(`status`) ON ".$conf['mysql']['master_database'].".`software_update_inst` "
+ ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
+ ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
+ if(!$this->dbmaster->query($query)) {
+ $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
+ }
+
+ $query = "GRANT UPDATE(`updated`) ON ".$conf['mysql']['master_database'].".`server` "
+ ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
+ ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
+ if(!$this->dbmaster->query($query)) {
+ $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
+ }
+
+ $query = "GRANT UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`) ON ".$conf['mysql']['master_database'].".`web_domain` "
+ ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
+ ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
+ if(!$this->dbmaster->query($query)) {
+ $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
+ }
+
+ $query = "GRANT SELECT ON ".$conf['mysql']['master_database'].".`sys_group` "
+ ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
+ ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
+ if(!$this->dbmaster->query($query)) {
+ $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
+ }
+
+ $query = "GRANT INSERT , DELETE ON ".$conf['mysql']['master_database'].".`monitor_data` "
+ ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
+ ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
+ if(!$this->dbmaster->query($query)) {
+ $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
+ }
+
+ $query = "GRANT SELECT, INSERT, UPDATE ON ".$conf['mysql']['master_database'].".`mail_traffic` "
+ ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
+ ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
+ if(!$this->dbmaster->query($query)) {
+ $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
+ }
+
+ $query = "GRANT SELECT, INSERT, UPDATE ON ".$conf['mysql']['master_database'].".`web_traffic` "
+ ."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
+ ."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
+ if(!$this->dbmaster->query($query)) {
+ $this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
+ }
+
+ }
+
+ }
//** writes postfix configuration files
public function process_postfix_config($configfile)
@@ -362,7 +442,7 @@
$postconf_commands = array (
'myhostname = '.$conf['hostname'],
'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
- 'mynetworks = 127.0.0.0/8',
+ 'mynetworks = 127.0.0.0/8 [::1]/128',
'virtual_alias_domains =',
'virtual_alias_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_forwardings.cf, mysql:'.$config_dir.'/mysql-virtual_email2email.cf',
'virtual_mailbox_domains = proxy:mysql:'.$config_dir.'/mysql-virtual_domains.cf',
@@ -438,7 +518,7 @@
$configfile = $config_dir.'/master.cf';
$content = rf($configfile);
$content = str_replace('flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
- 'flags=R user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
+ 'flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d '.$cf['vmail_username'].' ${extension} ${recipient} ${user} ${nexthop} ${sender}',
$content);
wf($configfile, $content);
@@ -696,6 +776,50 @@
}
+ public function configure_powerdns() {
+ global $conf;
+
+ //* Create the database
+ if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['powerdns']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
+ $this->error('Unable to create MySQL database: '.$conf['powerdns']['database'].'.');
+ }
+
+ //* Create the ISPConfig database user in the local database
+ $query = "GRANT ALL ON `".$conf['powerdns']['database']."` . * TO '".$conf['mysql']['ispconfig_user']."'@'localhost';";
+ if(!$this->db->query($query)) {
+ $this->error('Unable to create user for powerdns database Error: '.$this->db->errorMessage);
+ }
+
+ //* Reload database privelages
+ $this->db->query('FLUSH PRIVILEGES;');
+
+ //* load the powerdns databse dump
+ if($conf['mysql']['admin_password'] == '') {
+ caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
+ __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
+ } else {
+ caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
+ __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
+ }
+
+ //* Create the powerdns config file
+ $configfile = 'pdns.local';
+ if(is_file($conf["powerdns"]["config_dir"].'/'.$configfile)) copy($conf["powerdns"]["config_dir"].'/'.$configfile,$conf["powerdns"]["config_dir"].'/'.$configfile.'~');
+ if(is_file($conf["powerdns"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["powerdns"]["config_dir"].'/'.$configfile.'~');
+ $content = rf("tpl/".$configfile.".master");
+ $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
+ $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
+ $content = str_replace('{powerdns_database}',$conf['powerdns']['database'],$content);
+ $content = str_replace('{mysql_server_host}',$conf["mysql"]["host"],$content);
+ wf($conf["powerdns"]["config_dir"].'/'.$configfile,$content);
+ exec('chmod 600 '.$conf["powerdns"]["config_dir"].'/'.$configfile);
+ exec('chown root:root '.$conf["powerdns"]["config_dir"].'/'.$configfile);
+
+
+ }
+
+
+
public function configure_apache()
{
global $conf;
@@ -706,6 +830,7 @@
if(is_file('/etc/suphp/suphp.conf')) {
replaceLine('/etc/suphp/suphp.conf','php=php:/usr/bin','x-httpd-suphp=php:/usr/bin/php-cgi',0);
//replaceLine('/etc/suphp/suphp.conf','docroot=','docroot=/var/clients',0);
+ replaceLine('/etc/suphp/suphp.conf','umask=0077','umask=0022',0);
}
if(is_file('/etc/apache2/sites-enabled/000-default')) {
@@ -727,7 +852,7 @@
$content = rf("tpl/apache_ispconfig.conf.master");
$records = $this->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ".$conf["server_id"]." AND virtualhost = 'y'");
- if(count($records) > 0) {
+ if(is_array($records) && count($records) > 0) {
foreach($records as $rec) {
$content .= "NameVirtualHost ".$rec["ip_address"].":80\n";
$content .= "NameVirtualHost ".$rec["ip_address"].":443\n";
@@ -739,6 +864,23 @@
if(!@is_link($vhost_conf_enabled_dir."/000-ispconfig.conf")) {
exec("ln -s ".$vhost_conf_dir."/ispconfig.conf ".$vhost_conf_enabled_dir."/000-ispconfig.conf");
}
+
+ //* make sure that webalizer finds its config file when it is directly in /etc
+ if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
+ exec('mkdir /etc/webalizer');
+ exec('ln -s /etc/webalizer.conf /etc/webalizer/webalizer.conf');
+ }
+
+ if(is_file('/etc/webalizer/webalizer.conf')) {
+ // Change webalizer mode to incremental
+ replaceLine('/etc/webalizer/webalizer.conf','#IncrementalName','IncrementalName webalizer.current',0,0);
+ replaceLine('/etc/webalizer/webalizer.conf','#Incremental','Incremental yes',0,0);
+ replaceLine('/etc/webalizer/webalizer.conf','#HistoryName','HistoryName webalizer.hist',0,0);
+ }
+
+ //* add a sshusers group
+ $command = 'groupadd sshusers';
+ if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
@@ -803,7 +945,32 @@
}
-
+ public function configure_vlogger()
+ {
+ global $conf;
+
+ //** Configure vlogger to use traffic logging to mysql (master) db
+ $configfile = 'vlogger-dbi.conf';
+ if(is_file($conf["vlogger"]["config_dir"].'/'.$configfile)) copy($conf["vlogger"]["config_dir"].'/'.$configfile,$conf["vlogger"]["config_dir"].'/'.$configfile.'~');
+ if(is_file($conf["vlogger"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["vlogger"]["config_dir"].'/'.$configfile.'~');
+ $content = rf("tpl/".$configfile.".master");
+ if($conf['mysql']['master_slave_setup'] == 'y') {
+ $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['master_ispconfig_user'],$content);
+ $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['master_ispconfig_password'], $content);
+ $content = str_replace('{mysql_server_database}',$conf['mysql']['master_database'],$content);
+ $content = str_replace('{mysql_server_ip}',$conf["mysql"]["master_host"],$content);
+ } else {
+ $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
+ $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
+ $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
+ $content = str_replace('{mysql_server_ip}',$conf["mysql"]["host"],$content);
+ }
+ wf($conf["vlogger"]["config_dir"].'/'.$configfile,$content);
+ exec('chmod 600 '.$conf["vlogger"]["config_dir"].'/'.$configfile);
+ exec('chown root:root '.$conf["vlogger"]["config_dir"].'/'.$configfile);
+
+ }
+
public function install_ispconfig()
{
global $conf;
@@ -852,7 +1019,10 @@
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
+ $content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
+ $content = str_replace('{language}', $conf['language'], $content);
+
wf("$install_dir/interface/lib/$configfile", $content);
//* Create the config file for ISPConfig server
@@ -873,6 +1043,8 @@
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
+ $content = str_replace('{language}', $conf['language'], $content);
+
wf("$install_dir/server/lib/$configfile", $content);
@@ -1026,10 +1198,16 @@
}
- //* Install the SVN update script
- exec('cp ../helper_scripts/update_from_svn.sh /usr/local/bin/ispconfig_update_from_svn.sh');
- exec('chown root /usr/local/bin/ispconfig_update_from_svn.sh');
- exec('chmod 700 /usr/local/bin/ispconfig_update_from_svn.sh');
+ //* Install the update script
+ if(is_file('/usr/local/bin/ispconfig_update_from_svn.sh')) unlink('/usr/local/bin/ispconfig_update_from_svn.sh');
+ exec('chown root /usr/local/ispconfig/server/scripts/update_from_svn.sh');
+ exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_svn.sh');
+ exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
+ exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
+ exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
+ exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
+ if(!is_link('/usr/local/bin/ispconfig_update_from_svn.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_svn.sh');
+ if(!is_link('/usr/local/bin/ispconfig_update.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh');
//* Make the logs readable for the ispconfig user
if(@is_file('/var/log/mail.log')) exec('chmod +r /var/log/mail.log');
@@ -1042,6 +1220,10 @@
//* Create the ispconfig log directory
if(!is_dir('/var/log/ispconfig')) mkdir('/var/log/ispconfig');
if(!is_file('/var/log/ispconfig/ispconfig.log')) exec('touch /var/log/ispconfig/ispconfig.log');
+
+ exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh');
+ exec('chown getmail /usr/local/bin/run-getmail.sh');
+ exec('chmod 744 /usr/local/bin/run-getmail.sh');
}
@@ -1103,12 +1285,12 @@
$existing_cron_jobs = file('crontab.txt');
$cron_jobs = array(
- '*/5 * * * * '.$cf['program'].' -n -g '.$cf['config_dir'].' -r '.$cf['config_dir'].'/*.conf > /dev/null 2>> /var/log/ispconfig/cron.log'
+ '*/5 * * * * /usr/local/bin/run-getmail.sh > /dev/null 2>> /var/log/ispconfig/cron.log'
);
// remove existing ispconfig cronjobs, in case the syntax has changed
- foreach($cron_jobs as $key => $val) {
- if(stristr($val,$cf['program'])) unset($existing_cron_jobs[$key]);
+ foreach($existing_cron_jobs as $key => $val) {
+ if(stristr($val,'getmail')) unset($existing_cron_jobs[$key]);
}
foreach($cron_jobs as $cron_job) {
--
Gitblit v1.9.1