From b0ebbdedaa0805599b97a9d3bbc96c0a5cf2bbac Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sun, 21 Mar 2010 06:04:32 -0400
Subject: [PATCH] Fixed: FS#1124 - Traffic quota on some systems not working
---
install/lib/installer_base.lib.php | 242 +++++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 228 insertions(+), 14 deletions(-)
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 7b4eba8..20eb61a 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -121,6 +121,7 @@
if(is_installed('apache') || is_installed('apache2') || is_installed('httpd')) $conf['apache']['installed'] = true;
if(is_installed('getmail')) $conf['getmail']['installed'] = true;
if(is_installed('couriertcpd')) $conf['courier']['installed'] = true;
+ if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
if(is_installed('saslsauthd')) $conf['saslauthd']['installed'] = true;
if(is_installed('amavisd-new')) $conf['amavis']['installed'] = true;
if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
@@ -128,7 +129,7 @@
if(is_installed('mydns') || is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
if(is_installed('jk_chrootsh')) $conf['jailkit']['installed'] = true;
if(is_installed('pdns_server') || is_installed('pdns_control')) $conf['powerdns']['installed'] = true;
-
+ if(is_installed('named') || is_installed('bind') || is_installed('bind9')) $conf['bind']['installed'] = true;
}
@@ -215,6 +216,13 @@
$tpl_ini_array['web']['security_level'] = 20;
$tpl_ini_array['web']['user'] = $conf['apache']['user'];
$tpl_ini_array['web']['group'] = $conf['apache']['group'];
+ $tpl_ini_array['mail']['pop3_imap_daemon'] = ($conf['dovecot']['installed'] == true)?'dovecot':'courier';
+ $tpl_ini_array['mail']['mail_filter_syntax'] = ($conf['dovecot']['installed'] == true)?'sieve':'maildrop';
+ $tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user'];
+ $tpl_ini_array['dns']['bind_group'] = $conf['bind']['bind_group'];
+ $tpl_ini_array['dns']['bind_zonefiles_dir'] = $conf['bind']['bind_zonefiles_dir'];
+ $tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path'];
+ $tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path'];
$server_ini_content = array_to_ini($tpl_ini_array);
$server_ini_content = mysql_real_escape_string($server_ini_content);
@@ -225,6 +233,8 @@
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
+
+
if($conf['mysql']['master_slave_setup'] == 'y') {
@@ -296,21 +306,21 @@
$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
}
- $query = "GRANT UPDATE(`status`) ON ".$conf['mysql']['master_database'].".`software_update_inst` "
+ $query = "GRANT SELECT, UPDATE(`status`) ON ".$conf['mysql']['master_database'].".`software_update_inst` "
."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
if(!$this->dbmaster->query($query)) {
$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
}
- $query = "GRANT UPDATE(`updated`) ON ".$conf['mysql']['master_database'].".`server` "
+ $query = "GRANT SELECT, UPDATE(`updated`) ON ".$conf['mysql']['master_database'].".`server` "
."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
if(!$this->dbmaster->query($query)) {
$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
}
- $query = "GRANT UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`) ON ".$conf['mysql']['master_database'].".`web_domain` "
+ $query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`) ON ".$conf['mysql']['master_database'].".`web_domain` "
."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
if(!$this->dbmaster->query($query)) {
@@ -324,7 +334,7 @@
$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
}
- $query = "GRANT INSERT , DELETE ON ".$conf['mysql']['master_database'].".`monitor_data` "
+ $query = "GRANT SELECT, INSERT , DELETE ON ".$conf['mysql']['master_database'].".`monitor_data` "
."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
if(!$this->dbmaster->query($query)) {
@@ -425,6 +435,9 @@
//* mysql-virtual_relaydomains.cf
$this->process_postfix_config('mysql-virtual_relaydomains.cf');
+
+ //* mysql-virtual_relayrecipientmaps.cf
+ $this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
//* Changing mode and group of the new created config files.
caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
@@ -460,6 +473,7 @@
'smtpd_tls_key_file = '.$config_dir.'/smtpd.key',
'transport_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_transports.cf',
'relay_domains = mysql:'.$config_dir.'/mysql-virtual_relaydomains.cf',
+ 'relay_recipient_maps = mysql:'.$config_dir.'/mysql-virtual_relayrecipientmaps.cf',
'virtual_create_maildirsize = yes',
'virtual_maildir_extended = yes',
'virtual_mailbox_limit_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailbox_limit_maps.cf',
@@ -644,12 +658,78 @@
wf($configfile, $content);
}
+ public function configure_dovecot()
+ {
+ global $conf;
+
+ $config_dir = $conf['dovecot']['config_dir'];
+
+ //* Configure master.cf and add a line for deliver
+ if(is_file($config_dir.'/master.cf')){
+ copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
+ }
+ if(is_file($config_dir.'/master.cf~')){
+ exec('chmod 400 '.$config_dir.'/master.cf~2');
+ }
+ $content = rf($conf["postfix"]["config_dir"].'/master.cf');
+ // Only add the content if we had not addded it before
+ if(!stristr($content,"dovecot/deliver")) {
+ $deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
+ af($conf["postfix"]["config_dir"].'/master.cf',$deliver_content);
+ }
+ unset($content);
+ unset($deliver_content);
+
+
+ //* Reconfigure postfix to use dovecot authentication
+ // Adding the amavisd commands to the postfix configuration
+ $postconf_commands = array (
+ 'dovecot_destination_recipient_limit = 1',
+ 'virtual_transport = dovecot',
+ 'smtpd_sasl_type = dovecot',
+ 'smtpd_sasl_path = private/auth'
+ );
+
+ // Make a backup copy of the main.cf file
+ copy($conf["postfix"]["config_dir"].'/main.cf',$conf["postfix"]["config_dir"].'/main.cf~3');
+
+ // Executing the postconf commands
+ foreach($postconf_commands as $cmd) {
+ $command = "postconf -e '$cmd'";
+ caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ //* copy dovecot.conf
+ $configfile = 'dovecot.conf';
+ if(is_file("$config_dir/$configfile")){
+ copy("$config_dir/$configfile", "$config_dir/$configfile~");
+ }
+ copy('tpl/debian_dovecot.conf.master',"$config_dir/$configfile");
+
+ //* dovecot-sql.conf
+ $configfile = 'dovecot-sql.conf';
+ if(is_file("$config_dir/$configfile")){
+ copy("$config_dir/$configfile", "$config_dir/$configfile~");
+ }
+ exec("chmod 400 $config_dir/$configfile~");
+ $content = rf("tpl/debian_dovecot-sql.conf.master");
+ $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
+ $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
+ $content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
+ $content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content);
+ wf("$config_dir/$configfile", $content);
+
+ exec("chmod 600 $config_dir/$configfile");
+ exec("chown root:root $config_dir/$configfile");
+
+ }
+
public function configure_amavis() {
global $conf;
// amavisd user config file
$configfile = 'amavisd_user_config';
- if(is_file($conf["amavis"]["config_dir"].'/conf.d/50-user')) copy($conf["amavis"]["config_dir"].'/conf.d/50-user',$conf["courier"]["config_dir"].'/50-user~');
+ if(is_file($conf["amavis"]["config_dir"].'/conf.d/50-user')) copy($conf["amavis"]["config_dir"].'/conf.d/50-user',$conf["amavis"]["config_dir"].'/50-user~');
if(is_file($conf["amavis"]["config_dir"].'/conf.d/50-user~')) exec('chmod 400 '.$conf["amavis"]["config_dir"].'/conf.d/50-user~');
$content = rf("tpl/".$configfile.".master");
$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
@@ -733,7 +813,7 @@
$config_dir = $conf['pureftpd']['config_dir'];
- //* configure pam for SMTP authentication agains the ispconfig database
+ //* configure pure-ftpd for MySQL authentication against the ispconfig database
$configfile = 'db/mysql.conf';
if(is_file("$config_dir/$configfile")){
copy("$config_dir/$configfile", "$config_dir/$configfile~");
@@ -754,6 +834,18 @@
//exec('mkdir -p '.$config_dir.'/conf/ChrootEveryone');
exec('echo "yes" > '.$config_dir.'/conf/ChrootEveryone');
exec('echo "yes" > '.$config_dir.'/conf/BrokenClientsCompatibility');
+
+ if(is_file('/etc/default/pure-ftpd-common')) {
+ replaceLine('/etc/default/pure-ftpd-common','STANDALONE_OR_INETD=inetd','STANDALONE_OR_INETD=standalone',1,0);
+ replaceLine('/etc/default/pure-ftpd-common','VIRTUALCHROOT=false','VIRTUALCHROOT=true',1,0);
+ }
+
+ if(is_file('/etc/inetd.conf')) {
+ replaceLine('/etc/inetd.conf','/usr/sbin/pure-ftpd-wrapper','#ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper',0,0);
+ if(is_file('/etc/init.d/openbsd-inetd')) exec('/etc/init.d/openbsd-inetd restart');
+ }
+
+ if(!is_file('/etc/pure-ftpd/conf/DontResolve')) exec("echo 'yes' > /etc/pure-ftpd/conf/DontResolve");
}
public function configure_mydns()
@@ -815,6 +907,13 @@
exec('chmod 600 '.$conf["powerdns"]["config_dir"].'/'.$configfile);
exec('chown root:root '.$conf["powerdns"]["config_dir"].'/'.$configfile);
+
+ }
+
+ public function configure_bind() {
+ global $conf;
+
+ //* Nothing to do
}
@@ -892,7 +991,7 @@
if(is_dir("/etc/Bastille.backup")) caselog("rm -rf /etc/Bastille.backup", __FILE__, __LINE__);
if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__);
- @mkdir("/etc/Bastille", octdec($directory_mode));
+ @mkdir("/etc/Bastille", 0700);
if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__);
caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
@@ -977,9 +1076,9 @@
//* Create the ispconfig apps vhost user and group
- $apps_vhost_user = $conf['web']['apps_vhost_user'];
- $apps_vhost_group = $conf['web']['apps_vhost_group'];
- $install_dir = $conf['web']['website_basedir'].'/apps';
+ $apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
+ $apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
+ $install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
$command = 'groupadd '.$apps_vhost_user;
if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
@@ -991,7 +1090,8 @@
$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
- exec('mkdir -p '.escapeshellcmd($conf['web']['website_basedir'].'/apps'));
+ exec('mkdir -p '.$install_dir);
+ exec("chown $apps_vhost_user:$apps_vhost_group $install_dir");
//* Copy the apps vhost file
$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
@@ -1004,6 +1104,7 @@
$content = str_replace('{apps_vhost_ip}', $conf['web']['apps_vhost_ip'], $content);
$content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
$content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
+ $content = str_replace('{website_basedir}', $conf['web']['website_basedir'], $content);
$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
@@ -1190,7 +1291,7 @@
exec("chmod -R 770 $install_dir/interface/lib/lang");
//* Make the temp directory for language file exports writable
- exec("chmod -R 770 $install_dir/interface/web/temp");
+ if(is_dir("$install_dir/interface/web/temp")) exec("chmod -R 770 $install_dir/interface/web/temp");
//* Make all interface language file directories group writable
$handle = @opendir($install_dir.'/interface/web');
@@ -1285,7 +1386,7 @@
if(!is_file('/var/log/ispconfig/ispconfig.log')) exec('touch /var/log/ispconfig/ispconfig.log');
exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh');
- exec('chown getmail /usr/local/bin/run-getmail.sh');
+ if(is_user('getmail')) exec('chown getmail /usr/local/bin/run-getmail.sh');
exec('chmod 744 /usr/local/bin/run-getmail.sh');
@@ -1371,6 +1472,119 @@
}
+ /**
+ * Helper function - get the path to a template file based on
+ * the local part of the filename. Checks first for the existence
+ * of a distribution specific file and if not found looks in the
+ * base template folder. Optionally the behaviour can be changed
+ * by setting the 2nd parameter which will fetch the contents
+ * of the template file and return it instead of the path. The 3rd
+ * parameter further extends this behaviour by filtering the contents
+ * by inserting the ispconfig database credentials using the {} placeholders.
+ *
+ * @param string $tLocal local part of filename
+ * @param bool $tRf
+ * @param bool $tDBCred
+ * @return string Relative path to the chosen template file
+ */
+ protected function get_template_file($tLocal, $tRf=false, $tDBCred=false)
+ {
+ global $conf, $dist;
+
+ $final_path = '';
+ $dist_template = 'dist/tpl/'.strtolower($dist['name'])."/$tLocal.master";
+ if (file_exists($dist_template)) {
+ $final_path = $dist_template;
+ } else {
+ $final_path = "tpl/$tLocal.master";
+ }
+
+ if (!$tRf) {
+ return $final_path;
+ } else {
+ return (!$tDBCred) ? rf($final_path) : $this->insert_db_credentials(rf($final_path));
+ }
+ }
+
+ /**
+ * Helper function - writes the contents to a config file
+ * and performs a backup if the file exist. Additionally
+ * if the file exists the new file will be given the
+ * same rights and ownership as the original. Optionally the
+ * rights and/or ownership can be overriden by appending umask,
+ * user and group to the parameters. Providing only uid and gid
+ * values will result in only a chown.
+ *
+ * @param $tConf
+ * @param $tContents
+ * @return bool
+ */
+ protected function write_config_file($tConf, $tContents)
+ {
+ // Backup config file before writing new contents and stat file
+ if ( is_file($tConf) )
+ {
+ $stat = exec('stat -c \'%a %U %G\' '.escapeshellarg($tConf), $output, $res);
+ if ($res == 0) { // stat successfull
+ list($access, $user, $group) = split(" ", $stat);
+ }
+
+ if ( copy($tConf, $tConf.'~') ) {
+ exec('chmod 400 '.$tConf.'~');
+ }
+ }
+
+ wf($tConf, $tContents); // write file
+
+ if (func_num_args() >= 4) // override rights and/or ownership
+ {
+ $args = func_get_args();
+ $output = array_slice($args, 2);
+
+ switch (sizeof($output)) {
+ case 3:
+ $umask = array_shift($output);
+ if (is_numeric($umask) && preg_match('/^0?[0-7]{3}$/', $umask)) {
+ $access = $umask;
+ }
+ case 2:
+ if (is_user($output[0]) && is_group($output[1])) {
+ list($user,$group) = $output;
+ }
+ break;
+ }
+ }
+
+ if (!empty($user) && !empty($group)) {
+ exec("chown $user:$group $tConf");
+ }
+
+ if (!empty($access)) {
+ exec("chmod $access $tConf");
+ }
+ }
+
+ /**
+ * Helper function - filter the contents of a config
+ * file by inserting the common ispconfig database
+ * credentials.
+ *
+ * @param $tContents
+ * @return string
+ */
+ protected function insert_db_credentials($tContents)
+ {
+ global $conf;
+
+ $tContents = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $tContents);
+ $tContents = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $tContents);
+ $tContents = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $tContents);
+ $tContents = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $tContents);
+ $tContents = str_replace('{mysql_server_host}',$conf['mysql']['host'], $tContents);
+ $tContents = str_replace('{mysql_server_port}',$conf["mysql"]["port"], $tContents);
+
+ return $tContents;
+ }
}
?>
\ No newline at end of file
--
Gitblit v1.9.1