From 3a94180e026d9353d13522e8d04cb15b11dc2bb2 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Wed, 24 Feb 2010 08:38:44 -0500
Subject: [PATCH] - Added install instructions for debian 5.0 with dovecot and bind. - Improved debian installer.
---
install/lib/installer_base.lib.php | 205 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 203 insertions(+), 2 deletions(-)
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index f671db1..42b27b0 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -121,6 +121,7 @@
if(is_installed('apache') || is_installed('apache2') || is_installed('httpd')) $conf['apache']['installed'] = true;
if(is_installed('getmail')) $conf['getmail']['installed'] = true;
if(is_installed('couriertcpd')) $conf['courier']['installed'] = true;
+ if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
if(is_installed('saslsauthd')) $conf['saslauthd']['installed'] = true;
if(is_installed('amavisd-new')) $conf['amavis']['installed'] = true;
if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
@@ -215,6 +216,13 @@
$tpl_ini_array['web']['security_level'] = 20;
$tpl_ini_array['web']['user'] = $conf['apache']['user'];
$tpl_ini_array['web']['group'] = $conf['apache']['group'];
+ $tpl_ini_array['mail']['pop3_imap_daemon'] = ($conf['dovecot']['installed'] == true)?'dovecot':'courier';
+ $tpl_ini_array['mail']['mail_filter_syntax'] = ($conf['dovecot']['installed'] == true)?'sieve':'maildrop';
+ $tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user'];
+ $tpl_ini_array['dns']['bind_group'] = $conf['bind']['bind_group'];
+ $tpl_ini_array['dns']['bind_zonefiles_dir'] = $conf['bind']['bind_zonefiles_dir'];
+ $tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path'];
+ $tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path'];
$server_ini_content = array_to_ini($tpl_ini_array);
$server_ini_content = mysql_real_escape_string($server_ini_content);
@@ -225,6 +233,8 @@
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
+
+
if($conf['mysql']['master_slave_setup'] == 'y') {
@@ -648,6 +658,72 @@
wf($configfile, $content);
}
+ public function configure_dovecot()
+ {
+ global $conf;
+
+ $config_dir = $conf['dovecot']['config_dir'];
+
+ //* Configure master.cf and add a line for deliver
+ if(is_file($config_dir.'/master.cf')){
+ copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
+ }
+ if(is_file($config_dir.'/master.cf~')){
+ exec('chmod 400 '.$config_dir.'/master.cf~2');
+ }
+ $content = rf($conf["postfix"]["config_dir"].'/master.cf');
+ // Only add the content if we had not addded it before
+ if(!stristr($content,"dovecot/deliver")) {
+ $deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
+ af($conf["postfix"]["config_dir"].'/master.cf',$deliver_content);
+ }
+ unset($content);
+ unset($deliver_content);
+
+
+ //* Reconfigure postfix to use dovecot authentication
+ // Adding the amavisd commands to the postfix configuration
+ $postconf_commands = array (
+ 'dovecot_destination_recipient_limit = 1',
+ 'virtual_transport = dovecot',
+ 'smtpd_sasl_type = dovecot',
+ 'smtpd_sasl_path = private/auth'
+ );
+
+ // Make a backup copy of the main.cf file
+ copy($conf["postfix"]["config_dir"].'/main.cf',$conf["postfix"]["config_dir"].'/main.cf~3');
+
+ // Executing the postconf commands
+ foreach($postconf_commands as $cmd) {
+ $command = "postconf -e '$cmd'";
+ caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ //* copy dovecot.conf
+ $configfile = 'dovecot.conf';
+ if(is_file("$config_dir/$configfile")){
+ copy("$config_dir/$configfile", "$config_dir/$configfile~");
+ }
+ copy('tpl/debian_dovecot.conf.master',"$config_dir/$configfile");
+
+ //* dovecot-sql.conf
+ $configfile = 'dovecot-sql.conf';
+ if(is_file("$config_dir/$configfile")){
+ copy("$config_dir/$configfile", "$config_dir/$configfile~");
+ }
+ exec("chmod 400 $config_dir/$configfile~");
+ $content = rf("tpl/debian_dovecot-sql.conf.master");
+ $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
+ $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
+ $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
+ $content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content);
+ wf("$config_dir/$configfile", $content);
+
+ exec("chmod 600 $config_dir/$configfile");
+ exec("chown root:root $config_dir/$configfile");
+
+ }
+
public function configure_amavis() {
global $conf;
@@ -737,7 +813,7 @@
$config_dir = $conf['pureftpd']['config_dir'];
- //* configure pam for SMTP authentication agains the ispconfig database
+ //* configure pure-ftpd for MySQL authentication against the ispconfig database
$configfile = 'db/mysql.conf';
if(is_file("$config_dir/$configfile")){
copy("$config_dir/$configfile", "$config_dir/$configfile~");
@@ -758,6 +834,18 @@
//exec('mkdir -p '.$config_dir.'/conf/ChrootEveryone');
exec('echo "yes" > '.$config_dir.'/conf/ChrootEveryone');
exec('echo "yes" > '.$config_dir.'/conf/BrokenClientsCompatibility');
+
+ if(is_file('/etc/default/pure-ftpd-common')) {
+ replaceLine('/etc/default/pure-ftpd-common','STANDALONE_OR_INETD=inetd','STANDALONE_OR_INETD=standalone',1,0);
+ replaceLine('/etc/default/pure-ftpd-common','VIRTUALCHROOT=false','VIRTUALCHROOT=true',1,0);
+ }
+
+ if(is_file('/etc/inetd.conf')) {
+ replaceLine('/etc/inetd.conf','ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper','#ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper',1,0);
+ if(is_file('/etc/init.d/openbsd-inetd')) exec('/etc/init.d/openbsd-inetd restart');
+ }
+
+ if(!is_file('/etc/pure-ftpd/conf/DontResolve')) exec("echo 'yes' > /etc/pure-ftpd/conf/DontResolve");
}
public function configure_mydns()
@@ -903,7 +991,7 @@
if(is_dir("/etc/Bastille.backup")) caselog("rm -rf /etc/Bastille.backup", __FILE__, __LINE__);
if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__);
- @mkdir("/etc/Bastille", octdec($directory_mode));
+ @mkdir("/etc/Bastille", 0700);
if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__);
caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
@@ -1383,6 +1471,119 @@
}
+ /**
+ * Helper function - get the path to a template file based on
+ * the local part of the filename. Checks first for the existence
+ * of a distribution specific file and if not found looks in the
+ * base template folder. Optionally the behaviour can be changed
+ * by setting the 2nd parameter which will fetch the contents
+ * of the template file and return it instead of the path. The 3rd
+ * parameter further extends this behaviour by filtering the contents
+ * by inserting the ispconfig database credentials using the {} placeholders.
+ *
+ * @param string $tLocal local part of filename
+ * @param bool $tRf
+ * @param bool $tDBCred
+ * @return string Relative path to the chosen template file
+ */
+ protected function get_template_file($tLocal, $tRf=false, $tDBCred=false)
+ {
+ global $conf, $dist;
+
+ $final_path = '';
+ $dist_template = 'dist/tpl/'.strtolower($dist['name'])."/$tLocal.master";
+ if (file_exists($dist_template)) {
+ $final_path = $dist_template;
+ } else {
+ $final_path = "tpl/$tLocal.master";
+ }
+
+ if (!$tRf) {
+ return $final_path;
+ } else {
+ return (!$tDBCred) ? rf($final_path) : $this->insert_db_credentials(rf($final_path));
+ }
+ }
+
+ /**
+ * Helper function - writes the contents to a config file
+ * and performs a backup if the file exist. Additionally
+ * if the file exists the new file will be given the
+ * same rights and ownership as the original. Optionally the
+ * rights and/or ownership can be overriden by appending umask,
+ * user and group to the parameters. Providing only uid and gid
+ * values will result in only a chown.
+ *
+ * @param $tConf
+ * @param $tContents
+ * @return bool
+ */
+ protected function write_config_file($tConf, $tContents)
+ {
+ // Backup config file before writing new contents and stat file
+ if ( is_file($tConf) )
+ {
+ $stat = exec('stat -c \'%a %U %G\' '.escapeshellarg($tConf), $output, $res);
+ if ($res == 0) { // stat successfull
+ list($access, $user, $group) = split(" ", $stat);
+ }
+
+ if ( copy($tConf, $tConf.'~') ) {
+ exec('chmod 400 '.$tConf.'~');
+ }
+ }
+
+ wf($tConf, $tContents); // write file
+
+ if (func_num_args() >= 4) // override rights and/or ownership
+ {
+ $args = func_get_args();
+ $output = array_slice($args, 2);
+
+ switch (sizeof($output)) {
+ case 3:
+ $umask = array_shift($output);
+ if (is_numeric($umask) && preg_match('/^0?[0-7]{3}$/', $umask)) {
+ $access = $umask;
+ }
+ case 2:
+ if (is_user($output[0]) && is_group($output[1])) {
+ list($user,$group) = $output;
+ }
+ break;
+ }
+ }
+
+ if (!empty($user) && !empty($group)) {
+ exec("chown $user:$group $tConf");
+ }
+
+ if (!empty($access)) {
+ exec("chmod $access $tConf");
+ }
+ }
+
+ /**
+ * Helper function - filter the contents of a config
+ * file by inserting the common ispconfig database
+ * credentials.
+ *
+ * @param $tContents
+ * @return string
+ */
+ protected function insert_db_credentials($tContents)
+ {
+ global $conf;
+
+ $tContents = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $tContents);
+ $tContents = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $tContents);
+ $tContents = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $tContents);
+ $tContents = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $tContents);
+ $tContents = str_replace('{mysql_server_host}',$conf['mysql']['host'], $tContents);
+ $tContents = str_replace('{mysql_server_port}',$conf["mysql"]["port"], $tContents);
+
+ return $tContents;
+ }
}
?>
\ No newline at end of file
--
Gitblit v1.9.1