From d87f76019fc231ec20d95126a7fee0487e7be5f0 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 14 Aug 2012 10:56:20 -0400
Subject: [PATCH] - Added new web folder named private to web folder layout. The folder is intended to store data that shall not be visible in the web directory, it is owned by the user of the web. - Changed ownership of web root directory to root user in all security modes to prevent symlink attacks. - Apache log files are now owned by user root. - Improved functions in system library.
---
install/lib/installer_base.lib.php | 524 ++++++++++++++++++++++++++++++++++++++++++++-------------
1 files changed, 404 insertions(+), 120 deletions(-)
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index c7ec0ca..16b64c3 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -118,12 +118,12 @@
if(is_installed('mysql') || is_installed('mysqld')) $conf['mysql']['installed'] = true;
if(is_installed('postfix')) $conf['postfix']['installed'] = true;
if(is_installed('mailman')) $conf['mailman']['installed'] = true;
- if(is_installed('apache') || is_installed('apache2') || is_installed('httpd')) $conf['apache']['installed'] = true;
+ if(is_installed('apache') || is_installed('apache2') || is_installed('httpd') || is_installed('httpd2')) $conf['apache']['installed'] = true;
if(is_installed('getmail')) $conf['getmail']['installed'] = true;
if(is_installed('courierlogger')) $conf['courier']['installed'] = true;
if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
if(is_installed('saslauthd')) $conf['saslauthd']['installed'] = true;
- if(is_installed('amavisd-new')) $conf['amavis']['installed'] = true;
+ if(is_installed('amavisd-new') || is_installed('amavisd')) $conf['amavis']['installed'] = true;
if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
if(is_installed('pure-ftpd') || is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true;
if(is_installed('mydns') || is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
@@ -132,11 +132,12 @@
if(is_installed('named') || is_installed('bind') || is_installed('bind9')) $conf['bind']['installed'] = true;
if(is_installed('squid')) $conf['squid']['installed'] = true;
if(is_installed('nginx')) $conf['nginx']['installed'] = true;
- if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
+ // if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
+ if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
- if ($conf['services']['web'] && $conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) $this->ispconfig_interface_installed = true;
+ if ($conf['services']['web'] && (($conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) || ($conf['nginx']['installed'] && is_file($conf['nginx']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")))) $this->ispconfig_interface_installed = true;
}
/** Create the database for ISPConfig */
@@ -157,10 +158,10 @@
$this->error('Stopped: Database already contains some tables.');
} else {
if($conf['mysql']['admin_password'] == '') {
- caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
+ caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
} else {
- caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
+ caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
}
$db_tables = $this->db->getTables();
@@ -233,9 +234,20 @@
$tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path'];
$tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path'];
+ $tpl_ini_array['web']['nginx_vhost_conf_dir'] = $conf['nginx']['vhost_conf_dir'];
+ $tpl_ini_array['web']['nginx_vhost_conf_enabled_dir'] = $conf['nginx']['vhost_conf_enabled_dir'];
+ $tpl_ini_array['web']['nginx_user'] = $conf['nginx']['user'];
+ $tpl_ini_array['web']['nginx_group'] = $conf['nginx']['group'];
+ $tpl_ini_array['web']['nginx_cgi_socket'] = $conf['nginx']['cgi_socket'];
+ $tpl_ini_array['web']['php_fpm_init_script'] = $conf['nginx']['php_fpm_init_script'];
+ $tpl_ini_array['web']['php_fpm_ini_path'] = $conf['nginx']['php_fpm_ini_path'];
+ $tpl_ini_array['web']['php_fpm_pool_dir'] = $conf['nginx']['php_fpm_pool_dir'];
+ $tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port'];
+ $tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir'];
+
if ($conf['nginx']['installed'] == true) {
- $tpl_ini_array['nginx']['vhost_conf_dir'] = $conf['nginx']['vhost_conf_dir'];
- $tpl_ini_array['nginx']['vhost_conf_enabled_dir'] = $conf['nginx']['vhost_conf_enabled_dir'];
+ $tpl_ini_array['web']['server_type'] = 'nginx';
+ $tpl_ini_array['global']['webserver'] = 'nginx';
}
if (array_key_exists('awstats', $conf)) {
@@ -252,9 +264,9 @@
$dns_server_enabled = ($conf['services']['dns'])?1:0;
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
- $vserver_server_enabled = ($conf['services']['vserver'])?1:0;
- $proxy_server_enabled = ($conf['services']['proxy'])?1:0;
- $firewall_server_enabled = ($conf['services']['firewall'])?1:0;
+ $vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
+ $proxy_server_enabled = (isset($conf['services']['proxy']) && $conf['services']['proxy'])?1:0;
+ $firewall_server_enabled = (isset($conf['services']['firewall']) && $conf['services']['firewall'])?1:0;
//** Get the database version number based on the patchfiles
$found = true;
@@ -458,6 +470,15 @@
if(!$this->dbmaster->query($query)) {
$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
}
+
+ $query = "GRANT SELECT, UPDATE ON ".$value['db'].".`aps_instances` TO '".$value['user']."'@'".$host."' ";
+ if ($verbose){
+ echo $query ."\n";
+ }
+ if(!$this->dbmaster->query($query)) {
+ $this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
+ }
+
}
/*
@@ -502,6 +523,10 @@
copy('tpl/'.$jk_init.'.master', $config_dir.'/'.$jk_init);
copy('tpl/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh);
}
+
+ //* help jailkit fo find its ini files
+ if(!is_link('/usr/jk_socketd.ini')) exec('ln -s /etc/jailkit/jk_socketd.ini /usr/jk_socketd.ini');
+ if(!is_link('/usr/jk_init.ini')) exec('ln -s /etc/jailkit/jk_init.ini /usr/jk_init.ini');
}
@@ -554,7 +579,7 @@
$virtual_domains = "' '";
$content = str_replace('{hostname}', $conf['hostname'], $content);
- if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = ''
+ if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = '';
$content = str_replace('{default_language}', $old_options['DEFAULT_SERVER_LANGUAGE'], $content);
$content = str_replace('{virtual_domains}', $virtual_domains, $content);
@@ -612,11 +637,24 @@
$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ //* These postconf commands will be executed on installation and update
+ $server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ".$conf['server_id']);
+ $server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
+ unset($server_ini_rec);
+
+ //* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
+ $rbl_list = '';
+ if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
+ $rbl_hosts = explode(",",str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
+ foreach ($rbl_hosts as $key => $value) {
+ $rbl_list .= ", reject_rbl_client ". $value;
+ }
+ }
+ unset($rbl_hosts);
+ unset($server_ini_array);
$postconf_commands = array (
- 'myhostname = '.$conf['hostname'],
- 'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
- 'mynetworks = 127.0.0.0/8 [::1]/128',
'alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases',
'alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases',
'virtual_alias_domains =',
@@ -626,10 +664,11 @@
'virtual_mailbox_base = '.$cf['vmail_mailbox_base'],
'virtual_uid_maps = static:'.$cf['vmail_userid'],
'virtual_gid_maps = static:'.$cf['vmail_groupid'],
+ 'inet_protocols=all',
'smtpd_sasl_auth_enable = yes',
'broken_sasl_auth_clients = yes',
'smtpd_sasl_authenticated_header = yes',
- 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination',
+ 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination'. $rbl_list,
'smtpd_use_tls = yes',
'smtpd_tls_security_level = may',
'smtpd_tls_cert_file = '.$config_dir.'/smtpd.cert',
@@ -640,6 +679,7 @@
'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps',
'smtpd_sender_restrictions = check_sender_access mysql:'.$config_dir.'/mysql-virtual_sender.cf',
'smtpd_client_restrictions = check_client_access mysql:'.$config_dir.'/mysql-virtual_client.cf',
+ 'smtpd_client_message_rate_limit = 100',
'maildrop_destination_concurrency_limit = 1',
'maildrop_destination_recipient_limit = 1',
'virtual_transport = maildrop',
@@ -649,6 +689,15 @@
'body_checks = regexp:'.$config_dir.'/body_checks',
'owner_request_special = no'
);
+
+ //* These postconf commands will be executed on installation only
+ if($this->is_update == false) {
+ $postconf_commands = array_merge($postconf_commands,array(
+ 'myhostname = '.$conf['hostname'],
+ 'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
+ 'mynetworks = 127.0.0.0/8 [::1]/128'
+ ));
+ }
//* Create the header and body check files
touch($config_dir.'/header_checks');
@@ -658,9 +707,9 @@
//* Create the mailman files
exec('mkdir -p /var/lib/mailman/data');
- touch('/var/lib/mailman/data/aliases');
- exec('postmap /var/lib/mailman/data/aliases');
- touch('/var/lib/mailman/data/virtual-mailman');
+ if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
+ exec('postalias /var/lib/mailman/data/aliases');
+ if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
exec('postmap /var/lib/mailman/data/virtual-mailman');
//* Make a backup copy of the main.cf file
@@ -716,19 +765,32 @@
}
//* Chmod and chown the .mailfilter file
- $command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
+ $command = 'chown '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
- $command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
+ $command = 'chmod 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
public function configure_saslauthd() {
global $conf;
+
+ //* Get saslsauthd version
+ exec('saslauthd -v 2>&1',$out);
+ $parts = explode(' ',$out[0]);
+ $saslversion = $parts[1];
+ unset($parts);
+ unset($out);
-
- $configfile = 'sasl_smtpd.conf';
+ if(version_compare($saslversion , '2.1.23') > 0) {
+ //* Configfile for saslauthd versions 2.1.24 and newer
+ $configfile = 'sasl_smtpd2.conf';
+ } else {
+ //* Configfile for saslauthd versions up to 2.1.23
+ $configfile = 'sasl_smtpd.conf';
+ }
+
if(is_file($conf['postfix']['config_dir'].'/sasl/smtpd.conf')) copy($conf['postfix']['config_dir'].'/sasl/smtpd.conf',$conf['postfix']['config_dir'].'/sasl/smtpd.conf~');
if(is_file($conf['postfix']['config_dir'].'/sasl/smtpd.conf~')) chmod($conf['postfix']['config_dir'].'/sasl/smtpd.conf~', 0400);
$content = rf('tpl/'.$configfile.'.master');
@@ -863,19 +925,32 @@
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
- //* copy dovecot.conf
+ //* backup dovecot.conf
$configfile = 'dovecot.conf';
if(is_file($config_dir.'/'.$configfile)) {
copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
}
- copy('tpl/debian_dovecot.conf.master',$config_dir.'/'.$configfile);
+
+ //* Get the dovecot version
+ exec('dovecot --version',$tmp);
+ $parts = explode('.',trim($tmp[0]));
+ $dovecot_version = $parts[0];
+ unset($tmp);
+ unset($parts);
+
+ //* Copy dovecot configuration file
+ if($dovecot_version == 2) {
+ copy('tpl/debian_dovecot2.conf.master',$config_dir.'/'.$configfile);
+ } else {
+ copy('tpl/debian_dovecot.conf.master',$config_dir.'/'.$configfile);
+ }
//* dovecot-sql.conf
$configfile = 'dovecot-sql.conf';
if(is_file($config_dir.'/'.$configfile)) {
copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
}
- chmod($config_dir.'/'.$configfile.'~', 0400);
+ if(is_file($config_dir.'/'.$configfile.'~')) chmod($config_dir.'/'.$configfile.'~', 0400);
$content = rf('tpl/debian_dovecot-sql.conf.master');
$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
@@ -908,10 +983,14 @@
// Adding the amavisd commands to the postfix configuration
- $postconf_commands = array (
- 'content_filter = amavis:[127.0.0.1]:10024',
- 'receive_override_options = no_address_mappings'
- );
+ // Add array for no error in foreach and maybe future options
+ $postconf_commands = array ();
+
+ // Check for amavisd -> pure webserver with postfix for mailing without antispam
+ if ($conf['amavis']['installed']) {
+ $postconf_commands[] = 'content_filter = amavis:[127.0.0.1]:10024';
+ $postconf_commands[] = 'receive_override_options = no_address_mappings';
+ }
// Make a backup copy of the main.cf file
copy($conf['postfix']['config_dir'].'/main.cf',$conf['postfix']['config_dir'].'/main.cf~2');
@@ -1099,6 +1178,7 @@
public function configure_apache() {
global $conf;
+ if($conf['apache']['installed'] == false) return;
//* Create the logging directory for the vhost logfiles
if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
@@ -1124,15 +1204,29 @@
$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
// copy('tpl/apache_ispconfig.conf.master',$vhost_conf_dir.'/ispconfig.conf');
-
+
$content = rf('tpl/apache_ispconfig.conf.master');
$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
+
if(is_array($records) && count($records) > 0) {
foreach($records as $rec) {
- $content .= 'NameVirtualHost '.$rec['ip_address'].":80\n";
- $content .= 'NameVirtualHost '.$rec['ip_address'].":443\n";
+ if($rec['ip_type'] == 'IPv6') {
+ $ip_address = '['.$rec['ip_address'].']';
+ } else {
+ $ip_address = $rec['ip_address'];
+ }
+ $ports = explode(',',$rec['virtualhost_port']);
+ if(is_array($ports)) {
+ foreach($ports as $port) {
+ $port = intval($port);
+ if($port > 0 && $port < 65536 && $ip_address != '') {
+ $content .= 'NameVirtualHost '.$ip_address.":".$port."\n";
+ }
+ }
+ }
}
}
+
$content .= "\n";
wf($vhost_conf_dir.'/ispconfig.conf',$content);
@@ -1164,9 +1258,36 @@
}
- public function configure_nginx()
- {
+ public function configure_nginx(){
global $conf;
+
+ if($conf['nginx']['installed'] == false) return;
+ //* Create the logging directory for the vhost logfiles
+ if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
+
+ //* make sure that webalizer finds its config file when it is directly in /etc
+ if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
+ mkdir('/etc/webalizer');
+ symlink('/etc/webalizer.conf','/etc/webalizer/webalizer.conf');
+ }
+
+ if(is_file('/etc/webalizer/webalizer.conf')) {
+ // Change webalizer mode to incremental
+ replaceLine('/etc/webalizer/webalizer.conf','#IncrementalName','IncrementalName webalizer.current',0,0);
+ replaceLine('/etc/webalizer/webalizer.conf','#Incremental','Incremental yes',0,0);
+ replaceLine('/etc/webalizer/webalizer.conf','#HistoryName','HistoryName webalizer.hist',0,0);
+ }
+
+ // Check the awsatst script
+ if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
+ if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl','/usr/share/awstats/tools/awstats_buildstaticpages.pl');
+ if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local','LogFormat=4','LogFormat=1',0,1);
+
+ //* add a sshusers group
+ $command = 'groupadd sshusers';
+ if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ /*
$row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$conf["server_id"]."");
$ip_address = gethostbyname($row["server_name"]);
$server_name = $row["server_name"];
@@ -1194,7 +1315,12 @@
exec('chown www-data:www-data /var/cache/nginx/cache');
mkdir('/var/cache/nginx/temp');
exec('chown www-data:www-data /var/cache/nginx/temp');
+ */
}
+
+ public function configure_fail2ban() {
+ // To Do
+ }
public function configure_squid()
{
@@ -1215,6 +1341,7 @@
exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile);
}
+ /*
public function configure_ufw_firewall()
{
$configfile = 'ufw.conf';
@@ -1224,6 +1351,7 @@
exec('chmod 600 /etc/ufw/ufw.conf');
exec('chown root:root /etc/ufw/ufw.conf');
}
+ */
public function configure_firewall() {
global $conf;
@@ -1302,7 +1430,7 @@
$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
- $content = str_replace('{mysql_server_ip}',$conf['mysql']['host'],$content);
+ $content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content);
}
wf($conf['vlogger']['config_dir'].'/'.$configfile,$content);
chmod($conf['vlogger']['config_dir'].'/'.$configfile, 0600);
@@ -1315,65 +1443,139 @@
global $conf;
//* Create the ispconfig apps vhost user and group
+ if($conf['apache']['installed'] == true){
+ $apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
+ $apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
+ $install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
- $apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
- $apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
- $install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
+ $command = 'groupadd '.$apps_vhost_user;
+ if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
- $command = 'groupadd '.$apps_vhost_user;
- if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
-
- $command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
- if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ $command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
+ if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
- $command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
- caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ $command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
- if(!@is_dir($install_dir)) mkdir($install_dir, 0755, true);
- chown($install_dir, $apps_vhost_user);
- chgrp($install_dir, $apps_vhost_group);
+ if(!@is_dir($install_dir)){
+ mkdir($install_dir, 0755, true);
+ } else {
+ chmod($install_dir, 0755);
+ }
+ chown($install_dir, $apps_vhost_user);
+ chgrp($install_dir, $apps_vhost_group);
- //* Copy the apps vhost file
- $vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
- $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
- $apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'':'ServerName '.$conf['web']['apps_vhost_servername'];
+ //* Copy the apps vhost file
+ $vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
+ $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
+ $apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'':'ServerName '.$conf['web']['apps_vhost_servername'];
- // Dont just copy over the virtualhost template but add some custom settings
- $content = rf('tpl/apache_apps.vhost.master');
+ // Dont just copy over the virtualhost template but add some custom settings
+ $content = rf('tpl/apache_apps.vhost.master');
- $content = str_replace('{apps_vhost_ip}', $conf['web']['apps_vhost_ip'], $content);
- $content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
- $content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
- $content = str_replace('{website_basedir}', $conf['web']['website_basedir'], $content);
- $content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
+ $content = str_replace('{apps_vhost_ip}', $conf['web']['apps_vhost_ip'], $content);
+ $content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
+ $content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
+ $content = str_replace('{website_basedir}', $conf['web']['website_basedir'], $content);
+ $content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
- // comment out the listen directive if port is 80 or 443
- if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
- $content = str_replace('{vhost_port_listen}', '#', $content);
- } else {
- $content = str_replace('{vhost_port_listen}', '', $content);
- }
+ // comment out the listen directive if port is 80 or 443
+ if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
+ $content = str_replace('{vhost_port_listen}', '#', $content);
+ } else {
+ $content = str_replace('{vhost_port_listen}', '', $content);
+ }
- wf($vhost_conf_dir.'/apps.vhost', $content);
+ wf($vhost_conf_dir.'/apps.vhost', $content);
- //copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
- //* and create the symlink
- if($this->install_ispconfig_interface == true) {
+ //copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
+ //* and create the symlink
if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
symlink($vhost_conf_dir.'/apps.vhost',$vhost_conf_enabled_dir.'/000-apps.vhost');
}
- }
- if(!is_file($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter')) {
- mkdir($conf['web']['website_basedir'].'/php-fcgi-scripts/apps', 0755, true);
- copy('tpl/apache_apps_fcgi_starter.master',$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
- exec('chmod +x '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
- exec('chown -R ispapps:ispapps '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps');
+
+ if(!is_file($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter')) {
+ mkdir($conf['web']['website_basedir'].'/php-fcgi-scripts/apps', 0755, true);
+ copy('tpl/apache_apps_fcgi_starter.master',$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
+ exec('chmod +x '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
+ exec('chown -R ispapps:ispapps '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps');
+ }
}
+ if($conf['nginx']['installed'] == true){
+ $apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
+ $apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
+ $install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
+ $command = 'groupadd '.$apps_vhost_user;
+ if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ $command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
+ if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+
+ $command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ if(!@is_dir($install_dir)){
+ mkdir($install_dir, 0755, true);
+ } else {
+ chmod($install_dir, 0755);
+ }
+ chown($install_dir, $apps_vhost_user);
+ chgrp($install_dir, $apps_vhost_group);
+
+ //* Copy the apps vhost file
+ $vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
+ $vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
+ $apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'_':$conf['web']['apps_vhost_servername'];
+
+ // Dont just copy over the virtualhost template but add some custom settings
+ $content = rf('tpl/nginx_apps.vhost.master');
+
+ if($conf['web']['apps_vhost_ip'] == '_default_'){
+ $apps_vhost_ip = '';
+ } else {
+ $apps_vhost_ip = $conf['web']['apps_vhost_ip'].':';
+ }
+
+ $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
+ if(substr($socket_dir,-1) != '/') $socket_dir .= '/';
+ if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
+ $fpm_socket = $socket_dir.'apps.sock';
+ $cgi_socket = escapeshellcmd($conf['nginx']['cgi_socket']);
+
+ $content = str_replace('{apps_vhost_ip}', $apps_vhost_ip, $content);
+ $content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
+ $content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
+ $content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
+ //$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
+ $content = str_replace('{cgi_socket}', $cgi_socket, $content);
+
+ wf($vhost_conf_dir.'/apps.vhost', $content);
+
+ // PHP-FPM
+ // Dont just copy over the php-fpm pool template but add some custom settings
+ $content = rf('tpl/apps_php_fpm_pool.conf.master');
+ $content = str_replace('{fpm_pool}', 'apps', $content);
+ //$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
+ $content = str_replace('{fpm_user}', $apps_vhost_user, $content);
+ $content = str_replace('{fpm_group}', $apps_vhost_group, $content);
+ wf($conf['nginx']['php_fpm_pool_dir'].'/apps.conf', $content);
+
+ //copy('tpl/nginx_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
+ //* and create the symlink
+ if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
+ if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
+ symlink($vhost_conf_dir.'/apps.vhost',$vhost_conf_enabled_dir.'/000-apps.vhost');
+ }
+
+ }
}
public function make_ispconfig_ssl_cert() {
@@ -1447,6 +1649,7 @@
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
+ $content = str_replace('{timezone}', $conf['timezone'], $content);
wf($install_dir.'/interface/lib/'.$configfile, $content);
@@ -1469,6 +1672,7 @@
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
+ $content = str_replace('{timezone}', $conf['timezone'], $content);
wf($install_dir.'/server/lib/'.$configfile, $content);
@@ -1512,6 +1716,8 @@
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
+ if($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') continue;
+ if($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') continue;
if($file != '.' && $file != '..' && substr($file,-8,8) == '.inc.php') {
include_once($install_dir.'/server/plugins-available/'.$file);
$plugin_name = substr($file,0,-8);
@@ -1541,13 +1747,9 @@
$dns_server_enabled = ($conf['services']['dns'])?1:0;
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
- $vserver_server_enabled = ($conf['services']['vserver'])?1:0;
+ $vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
$proxy_server_enabled = ($conf['services']['proxy'])?1:0;
$firewall_server_enabled = ($conf['services']['firewall'])?1:0;
-
-
-
-
$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled', proxy_server = '$proxy_server_enabled', firewall_server = '$firewall_server_enabled' WHERE server_id = ".intval($conf['server_id']);
@@ -1588,6 +1790,10 @@
}
}
}
+
+ //* Make the APS directories group writable
+ exec("chmod -R 770 $install_dir/interface/web/sites/aps_meta_packages");
+ exec("chmod -R 770 $install_dir/server/aps_packages");
//* make sure that the server config file (not the interface one) is only readable by the root user
chmod($install_dir.'/server/lib/'.$configfile, 0600);
@@ -1603,56 +1809,127 @@
chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
}
+
+ if(is_dir($install_dir.'/interface/invoices')) {
+ exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
+ exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
+ }
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
- $command = 'adduser www-data ispconfig';
- caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ if($conf['apache']['installed'] == true){
+ $command = 'adduser '.$conf['apache']['user'].' ispconfig';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ if(is_group('ispapps')){
+ $command = 'adduser '.$conf['apache']['user'].' ispapps';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+ }
+ if($conf['nginx']['installed'] == true){
+ $command = 'adduser '.$conf['nginx']['user'].' ispconfig';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ if(is_group('ispapps')){
+ $command = 'adduser '.$conf['nginx']['user'].' ispapps';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+ }
//* Make the shell scripts executable
$command = "chmod +x $install_dir/server/scripts/*.sh";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
- //* Copy the ISPConfig vhost for the controlpanel
- $vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
- $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
+ if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
+ //* Copy the ISPConfig vhost for the controlpanel
+ $vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
+ $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
+ // Dont just copy over the virtualhost template but add some custom settings
+ $content = rf('tpl/apache_ispconfig.vhost.master');
+ $content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);
- // Dont just copy over the virtualhost template but add some custom settings
- $content = rf('tpl/apache_ispconfig.vhost.master');
- $content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);
-
- // comment out the listen directive if port is 80 or 443
- if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
- $content = str_replace('{vhost_port_listen}', '#', $content);
- } else {
- $content = str_replace('{vhost_port_listen}', '', $content);
- }
+ // comment out the listen directive if port is 80 or 443
+ if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
+ $content = str_replace('{vhost_port_listen}', '#', $content);
+ } else {
+ $content = str_replace('{vhost_port_listen}', '', $content);
+ }
- if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
- $content = str_replace('{ssl_comment}', '', $content);
- } else {
- $content = str_replace('{ssl_comment}', '#', $content);
- }
+ if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
+ $content = str_replace('{ssl_comment}', '', $content);
+ } else {
+ $content = str_replace('{ssl_comment}', '#', $content);
+ }
- wf($vhost_conf_dir.'/ispconfig.vhost', $content);
+ wf($vhost_conf_dir.'/ispconfig.vhost', $content);
- //copy('tpl/apache_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
- //* and create the symlink
- if($this->install_ispconfig_interface == true && $this->is_update == false) {
- if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
- if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
- symlink($vhost_conf_dir.'/ispconfig.vhost',$vhost_conf_enabled_dir.'/000-ispconfig.vhost');
+ //copy('tpl/apache_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
+ //* and create the symlink
+ if($this->is_update == false) {
+ if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
+ if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
+ symlink($vhost_conf_dir.'/ispconfig.vhost',$vhost_conf_enabled_dir.'/000-ispconfig.vhost');
+ }
+ }
+ if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
+ mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
+ copy('tpl/apache_ispconfig_fcgi_starter.master','/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
+ exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
+ symlink($install_dir.'/interface/web','/var/www/ispconfig');
+ exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
+
}
}
- if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
- mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
- copy('tpl/apache_ispconfig_fcgi_starter.master','/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
- exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
- symlink($install_dir.'/interface/web','/var/www/ispconfig');
- exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
+
+ if($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true){
+ //* Copy the ISPConfig vhost for the controlpanel
+ $vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
+ $vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
+ // Dont just copy over the virtualhost template but add some custom settings
+ $content = rf('tpl/nginx_ispconfig.vhost.master');
+ $content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
+
+ if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
+ $content = str_replace('{ssl_on}', 'on', $content);
+ $content = str_replace('{ssl_comment}', '', $content);
+ $content = str_replace('{fastcgi_ssl}', 'on', $content);
+ } else {
+ $content = str_replace('{ssl_on}', 'off', $content);
+ $content = str_replace('{ssl_comment}', '#', $content);
+ $content = str_replace('{fastcgi_ssl}', 'off', $content);
+ }
+
+ $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
+ if(substr($socket_dir,-1) != '/') $socket_dir .= '/';
+ if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
+ $fpm_socket = $socket_dir.'ispconfig.sock';
+
+ //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
+
+ wf($vhost_conf_dir.'/ispconfig.vhost', $content);
+
+ unset($content);
+
+ // PHP-FPM
+ // Dont just copy over the php-fpm pool template but add some custom settings
+ $content = rf('tpl/php_fpm_pool.conf.master');
+ $content = str_replace('{fpm_pool}', 'ispconfig', $content);
+ //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
+ $content = str_replace('{fpm_user}', 'ispconfig', $content);
+ $content = str_replace('{fpm_group}', 'ispconfig', $content);
+ wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);
+
+ //copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
+ //* and create the symlink
+ if($this->is_update == false) {
+ if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
+ if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
+ symlink($vhost_conf_dir.'/ispconfig.vhost',$vhost_conf_enabled_dir.'/000-ispconfig.vhost');
+ }
+ }
}
//* Install the update script
@@ -1679,10 +1956,12 @@
if(!is_dir($conf['ispconfig_log_dir'])) mkdir($conf['ispconfig_log_dir'], 0755);
touch($conf['ispconfig_log_dir'].'/ispconfig.log');
}
-
- rename($install_dir.'/server/scripts/run-getmail.sh','/usr/local/bin/run-getmail.sh');
- if(is_user('getmail')) chown('/usr/local/bin/run-getmail.sh', 'getmail');
- chmod('/usr/local/bin/run-getmail.sh', 0744);
+
+ if(is_user('getmail')) {
+ rename($install_dir.'/server/scripts/run-getmail.sh','/usr/local/bin/run-getmail.sh');
+ if(is_user('getmail')) chown('/usr/local/bin/run-getmail.sh', 'getmail');
+ chmod('/usr/local/bin/run-getmail.sh', 0744);
+ }
//* Add Log-Rotation
if (is_dir('/etc/logrotate.d')) {
@@ -1729,7 +2008,7 @@
wf($install_dir.'/server/lib/mysql_clientdb.conf',$content);
chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
- chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
+ chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
}
@@ -1751,6 +2030,11 @@
"* * * * * ".$install_dir."/server/server.sh > /dev/null 2>> ".$conf['ispconfig_log_dir']."/cron.log",
"30 00 * * * ".$install_dir."/server/cron_daily.sh > /dev/null 2>> ".$conf['ispconfig_log_dir']."/cron.log"
);
+
+ if ($conf['nginx']['installed'] == true) {
+ $root_cron_jobs[] = "0 0 * * * ".$install_dir."/server/scripts/create_daily_nginx_access_logs.sh &> /dev/null";
+ }
+
foreach($root_cron_jobs as $cron_job) {
if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
$existing_root_cron_jobs[] = $cron_job."\n";
@@ -1841,7 +2125,7 @@
if ( is_file($tConf) ) {
$stat = exec('stat -c \'%a %U %G\' '.escapeshellarg($tConf), $output, $res);
if ($res == 0) { // stat successfull
- list($access, $user, $group) = split(" ", $stat);
+ list($access, $user, $group) = explode(" ", $stat);
}
if ( copy($tConf, $tConf.'~') ) {
--
Gitblit v1.9.1