From cbc0d672b7e2a0668cfa9c9aefc2d044bb12745a Mon Sep 17 00:00:00 2001
From: Dominik Müller <info@profi-webdesign.com>
Date: Fri, 16 May 2014 16:34:20 -0400
Subject: [PATCH] change uid/gid fields in mail_user from unsigned to signed (in incremental sql-files this was already done in upd_0064.sql)

---
 install/lib/installer_base.lib.php |   63 ++++++++++++++++++++++++++-----
 1 files changed, 52 insertions(+), 11 deletions(-)

diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 0998cf8..7669572 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -132,7 +132,7 @@
 		if(is_installed('named') || is_installed('bind') || is_installed('bind9')) $conf['bind']['installed'] = true;
 		if(is_installed('squid')) $conf['squid']['installed'] = true;
 		if(is_installed('nginx')) $conf['nginx']['installed'] = true;
-		// if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
+		if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
 		if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
 		if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
 		if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
@@ -633,6 +633,7 @@
 
 		//* Create aliasaes
 		exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');
+		if(is_file('/var/lib/mailman/data/virtual-mailman')) exec('postmap /var/lib/mailman/data/virtual-mailman');
 
 	}
 
@@ -674,6 +675,15 @@
 
 		//* mysql-virtual_relayrecipientmaps.cf
 		$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
+
+		//* postfix-dkim
+		$full_file_name=$config_dir.'/tag_as_originating.re';
+		if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
+		wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026');
+
+		$full_file_name=$config_dir.'/tag_as_foreign.re';
+		if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
+		wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024');
 
 		//* Changing mode and group of the new created config files.
 		caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
@@ -998,7 +1008,7 @@
 		chgrp($config_dir.'/'.$configfile, 'root');
 		
 		// Dovecot shall ignore mounts in website directory
-		exec("doveadm mount add '/var/www/*' ignore");
+		if(is_installed('doveadm')) exec("doveadm mount add '/var/www/*' ignore > /dev/null 2> /dev/null");
 
 	}
 
@@ -1043,9 +1053,21 @@
 		if(is_file($conf['postfix']['config_dir'].'/master.cf')) copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~');
 		$content = rf($conf['postfix']['config_dir'].'/master.cf');
 		// Only add the content if we had not addded it before
-		if(!stristr($content, '127.0.0.1:10025')) {
+		if(!preg_match('/^amavis\s+unix\s+/m', $content)) {
 			unset($content);
 			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', 'tpl/master_cf_amavis.master');
+			af($conf['postfix']['config_dir'].'/master.cf', $content);
+			$content = rf($conf['postfix']['config_dir'].'/master.cf');
+		}
+		if(!preg_match('/^127.0.0.1:10025\s+/m', $content)) {
+			unset($content);
+			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10025.master', 'tpl/master_cf_amavis10025.master');
+			af($conf['postfix']['config_dir'].'/master.cf', $content);
+			$content = rf($conf['postfix']['config_dir'].'/master.cf');
+		}
+		if(!preg_match('/^127.0.0.1:10027\s+/m', $content)) {
+			unset($content);
+			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10027.master', 'tpl/master_cf_amavis10027.master');
 			af($conf['postfix']['config_dir'].'/master.cf', $content);
 		}
 		unset($content);
@@ -1053,7 +1075,20 @@
 		// Add the clamav user to the amavis group
 		exec('adduser clamav amavis');
 
-
+		// Create the director for DKIM-Keys
+		if(!is_dir('/var/lib/amavis/dkim')) mkdir('/var/lib/amavis/dkim', 0750, true);
+		// get shell-user for amavis
+		$amavis_user=exec('grep -o "^amavis:\|^vscan:" /etc/passwd');
+		if(!empty($amavis_user)) {
+			$amavis_user=rtrim($amavis_user, ":");
+			exec('chown '.$amavis_user.' /var/lib/amavis/dkim');
+		}
+		// get shell-group for amavis
+		$amavis_group=exec('grep -o "^amavis:\|^vscan:" /etc/group');
+		if(!empty($amavis_group)) {
+			$amavis_group=rtrim($amavis_group, ":");
+			exec('chgrp '.$amavis_group.' /var/lib/amavis/dkim');
+		}
 	}
 
 	public function configure_spamassassin() {
@@ -1406,19 +1441,17 @@
 		exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile);
 	}
 
-	/*
 	public function configure_ufw_firewall()
 	{
 		$configfile = 'ufw.conf';
-		if(is_file('/etc/ufw/ufw.conf')) copy('/etc/ufw/ufw.conf','/etc/ufw/ufw.conf~');
+		if(is_file('/etc/ufw/ufw.conf')) copy('/etc/ufw/ufw.conf', '/etc/ufw/ufw.conf~');
 		$content = rf("tpl/".$configfile.".master");
-		wf('/etc/ufw/ufw.conf',$content);
+		wf('/etc/ufw/ufw.conf', $content);
 		exec('chmod 600 /etc/ufw/ufw.conf');
 		exec('chown root:root /etc/ufw/ufw.conf');
 	}
-	*/
 
-	public function configure_firewall() {
+	public function configure_bastille_firewall() {
 		global $conf;
 
 		$dist_init_scripts = $conf['init_scripts'];
@@ -1597,7 +1630,8 @@
 			if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 
 
-			$command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
+			//$command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
+			$command = 'usermod -a -G '.$apps_vhost_group.' '.$conf['nginx']['user'];
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 
 			if(!@is_dir($install_dir)){
@@ -2103,6 +2137,13 @@
 
 		//* Remove Domain module as its functions are available in the client module now
 		if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
+		
+		//* Disable rkhunter run and update in debian cronjob as ispconfig is running and updating rkhunter
+		if(is_file('/etc/default/rkhunter')) {
+			replaceLine('/etc/default/rkhunter', 'CRON_DAILY_RUN="yes"', 'CRON_DAILY_RUN="no"', 1, 0);
+			replaceLine('/etc/default/rkhunter', 'CRON_DB_UPDATE="yes"', 'CRON_DB_UPDATE="no"', 1, 0);
+		}
+		
 
 
 	}
@@ -2148,7 +2189,7 @@
 
 		$root_cron_jobs = array(
 			"* * * * * ".$install_dir."/server/server.sh 2>&1 > /dev/null | while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done",
-			"30 00 * * * ".$install_dir."/server/cron_daily.sh 2>&1 > /dev/null | while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done"
+			"* * * * * ".$install_dir."/server/cron.sh 2>&1 > /dev/null | while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done"
 		);
 
 		if ($conf['nginx']['installed'] == true) {

--
Gitblit v1.9.1