From 5b3d2c2b17c9191a60017a8d08db06b8a9366b16 Mon Sep 17 00:00:00 2001
From: florian030 <florian@schaal-24.de>
Date: Tue, 25 Feb 2014 09:16:14 -0500
Subject: [PATCH] changes according to comments on merge-request

---
 install/lib/installer_base.lib.php |   80 ++++++++++++++++++++++++++++++++-------
 1 files changed, 65 insertions(+), 15 deletions(-)

diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 1f691ae..dd7ce0d 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -132,7 +132,7 @@
 		if(is_installed('named') || is_installed('bind') || is_installed('bind9')) $conf['bind']['installed'] = true;
 		if(is_installed('squid')) $conf['squid']['installed'] = true;
 		if(is_installed('nginx')) $conf['nginx']['installed'] = true;
-		// if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
+		if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
 		if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
 		if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
 		if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
@@ -474,7 +474,15 @@
 					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
 				}
 
-				$query = "GRANT SELECT, UPDATE ON ".$value['db'].".`aps_instances` TO '".$value['user']."'@'".$host."' ";
+				$query = "GRANT SELECT, UPDATE, DELETE ON ".$value['db'].".`aps_instances` TO '".$value['user']."'@'".$host."' ";
+				if ($verbose){
+					echo $query ."\n";
+				}
+				if(!$this->dbmaster->query($query)) {
+					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
+				}
+				
+				$query = "GRANT SELECT, DELETE ON ".$value['db'].".`aps_instances_settings` TO '".$value['user']."'@'".$host."' ";
 				if ($verbose){
 					echo $query ."\n";
 				}
@@ -666,6 +674,15 @@
 
 		//* mysql-virtual_relayrecipientmaps.cf
 		$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
+
+		//* postfix-dkim
+		$full_file_name=$config_dir.'/tag_as_originating.re';
+		if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
+		wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026');
+
+		$full_file_name=$config_dir.'/tag_as_foreign.re';
+		if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
+		wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024');
 
 		//* Changing mode and group of the new created config files.
 		caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
@@ -963,6 +980,7 @@
 			} else {
 				copy('tpl/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
 			}
+			replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
 		} else {
 			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master')) {
 				copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master', $config_dir.'/'.$configfile);
@@ -987,6 +1005,9 @@
 		chmod($config_dir.'/'.$configfile, 0600);
 		chown($config_dir.'/'.$configfile, 'root');
 		chgrp($config_dir.'/'.$configfile, 'root');
+		
+		// Dovecot shall ignore mounts in website directory
+		exec("doveadm mount add '/var/www/*' ignore");
 
 	}
 
@@ -1031,9 +1052,21 @@
 		if(is_file($conf['postfix']['config_dir'].'/master.cf')) copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~');
 		$content = rf($conf['postfix']['config_dir'].'/master.cf');
 		// Only add the content if we had not addded it before
-		if(!stristr($content, '127.0.0.1:10025')) {
+		if(!preg_match('/^amavis\s+unix\s+/m', $content)) {
 			unset($content);
 			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', 'tpl/master_cf_amavis.master');
+			af($conf['postfix']['config_dir'].'/master.cf', $content);
+			$content = rf($conf['postfix']['config_dir'].'/master.cf');
+		}
+		if(!preg_match('/^127.0.0.1:10025\s+/m', $content)) {
+			unset($content);
+			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10025.master', 'tpl/master_cf_amavis10025.master');
+			af($conf['postfix']['config_dir'].'/master.cf', $content);
+			$content = rf($conf['postfix']['config_dir'].'/master.cf');
+		}
+		if(!preg_match('/^127.0.0.1:10027\s+/m', $content)) {
+			unset($content);
+			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10027.master', 'tpl/master_cf_amavis10027.master');
 			af($conf['postfix']['config_dir'].'/master.cf', $content);
 		}
 		unset($content);
@@ -1041,7 +1074,20 @@
 		// Add the clamav user to the amavis group
 		exec('adduser clamav amavis');
 
-
+		// Create the director for DKIM-Keys
+		if(!is_dir('/var/lib/amavis/dkim')) mkdir('/var/lib/amavis/dkim', 0750, true);
+		// get shell-user for amavis
+		$amavis_user=exec('grep -o "^amavis:\|^vscan:" /etc/passwd');
+		if(!empty($amavis_user)) {
+			$amavis_user=rtrim($amavis_user, ":");
+			exec('chown '.$amavis_user.' /var/lib/amavis/dkim');
+		}
+		// get shell-group for amavis
+		$amavis_group=exec('grep -o "^amavis:\|^vscan:" /etc/group');
+		if(!empty($amavis_group)) {
+			$amavis_group=rtrim($amavis_group, ":");
+			exec('chgrp '.$amavis_group.' /var/lib/amavis/dkim');
+		}
 	}
 
 	public function configure_spamassassin() {
@@ -1377,19 +1423,17 @@
 		exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile);
 	}
 
-	/*
 	public function configure_ufw_firewall()
 	{
 		$configfile = 'ufw.conf';
-		if(is_file('/etc/ufw/ufw.conf')) copy('/etc/ufw/ufw.conf','/etc/ufw/ufw.conf~');
+		if(is_file('/etc/ufw/ufw.conf')) copy('/etc/ufw/ufw.conf', '/etc/ufw/ufw.conf~');
 		$content = rf("tpl/".$configfile.".master");
-		wf('/etc/ufw/ufw.conf',$content);
+		wf('/etc/ufw/ufw.conf', $content);
 		exec('chmod 600 /etc/ufw/ufw.conf');
 		exec('chown root:root /etc/ufw/ufw.conf');
 	}
-	*/
 
-	public function configure_firewall() {
+	public function configure_bastille_firewall() {
 		global $conf;
 
 		$dist_init_scripts = $conf['init_scripts'];
@@ -1495,7 +1539,8 @@
 			if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 
 
-			$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
+			//$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
+			$command = 'usermod -a -G '.$apps_vhost_group.' '.$conf['apache']['user'];
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 
 			if(!@is_dir($install_dir)){
@@ -1510,6 +1555,11 @@
 			$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
 			$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
 			$apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'':'ServerName '.$conf['web']['apps_vhost_servername'];
+			
+			//* Get the apps vhost port
+			if($this->is_update == true) {
+				$conf['web']['apps_vhost_port'] = get_apps_vhost_port_number();
+			}
 
 			// Dont just copy over the virtualhost template but add some custom settings
 			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_apps.vhost.master', 'tpl/apache_apps.vhost.master');
@@ -2003,14 +2053,14 @@
 		}
 
 		//* Install the update script
-		if(is_file('/usr/local/bin/ispconfig_update_from_svn.sh')) unlink('/usr/local/bin/ispconfig_update_from_svn.sh');
-		chown($install_dir.'/server/scripts/update_from_svn.sh', 'root');
-		chmod($install_dir.'/server/scripts/update_from_svn.sh', 0700);
+		if(is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
+		chown($install_dir.'/server/scripts/update_from_dev.sh', 'root');
+		chmod($install_dir.'/server/scripts/update_from_dev.sh', 0700);
 		chown($install_dir.'/server/scripts/update_from_tgz.sh', 'root');
 		chmod($install_dir.'/server/scripts/update_from_tgz.sh', 0700);
 		chown($install_dir.'/server/scripts/ispconfig_update.sh', 'root');
 		chmod($install_dir.'/server/scripts/ispconfig_update.sh', 0700);
-		if(!is_link('/usr/local/bin/ispconfig_update_from_svn.sh')) symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_svn.sh');
+		if(!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_dev.sh');
 		if(!is_link('/usr/local/bin/ispconfig_update.sh')) symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
 
 		//* Make the logs readable for the ispconfig user
@@ -2111,7 +2161,7 @@
 
 		$root_cron_jobs = array(
 			"* * * * * ".$install_dir."/server/server.sh 2>&1 > /dev/null | while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done",
-			"30 00 * * * ".$install_dir."/server/cron_daily.sh 2>&1 > /dev/null | while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done"
+			"* * * * * ".$install_dir."/server/cron.sh 2>&1 > /dev/null | while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done"
 		);
 
 		if ($conf['nginx']['installed'] == true) {

--
Gitblit v1.9.1