From e1ceb050e19c7574bca146a8da7047ee4ff456b5 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Sun, 10 Jul 2016 05:02:35 -0400
Subject: [PATCH] Merge branch 'stable-3.1'
---
server/lib/classes/system.inc.php | 349 ++++++++++++++++++++++++++++++++++++++++++++++++++++-----
1 files changed, 317 insertions(+), 32 deletions(-)
diff --git a/server/lib/classes/system.inc.php b/server/lib/classes/system.inc.php
index a393384..978a891 100644
--- a/server/lib/classes/system.inc.php
+++ b/server/lib/classes/system.inc.php
@@ -34,7 +34,9 @@
var $server_id;
var $server_conf;
var $data;
-
+ var $min_uid = 500;
+ var $min_gid = 500;
+
/**
* Construct for this class
*
@@ -42,7 +44,7 @@
*/
- public function system(){
+ public function __construct(){
//global $go_info;
//$this->server_id = $go_info['isp']['server_id'];
//$this->server_conf = $go_info['isp']['server_conf'];
@@ -606,6 +608,30 @@
/**
+ * Get the user from an user id
+ *
+ */
+ function getuser($uid){
+ global $app;
+ $user_datei = $this->server_conf['passwd_datei'];
+ $users = $app->file->no_comments($user_datei);
+ $lines = explode("\n", $users);
+ if(is_array($lines)){
+ foreach($lines as $line){
+ if(trim($line) != ''){
+ list($f1, $f2, $f3,) = explode(':', $line);
+ if($f3 == $uid) return $f1;
+ }
+ }
+ }
+ return false;
+ }
+
+
+
+
+
+ /**
* Get the user id from an user
*
*/
@@ -626,6 +652,30 @@
} else {
return false;
}
+ }
+
+
+
+
+
+ /**
+ * Get the group from a group id
+ *
+ */
+ function getgroup($gid){
+ global $app;
+ $group_datei = $this->server_conf['group_datei'];
+ $groups = $app->file->no_comments($group_datei);
+ $lines = explode("\n", $groups);
+ if(is_array($lines)){
+ foreach($lines as $line){
+ if(trim($line) != ""){
+ list($f1, $f2, $f3, $f4) = explode(':', $line);
+ if($f3 == $gid) return $f1;
+ }
+ }
+ }
+ return false;
}
@@ -851,7 +901,7 @@
//* We allow only some characters in the path
// * is allowed, for example it is part of wildcard certificates/keys: *.example.com.crt
- if(!preg_match('@^/[-a-zA-Z0-9_/.*~]{1,}$@', $path)) return false;
+ if(!preg_match('@^/[-a-zA-Z0-9_/.*]{1,}[~]?$@', $path)) return false;
//* Check path for symlinks
$path_parts = explode('/', $path);
@@ -865,6 +915,38 @@
}
+ /**
+ * This function checks the free space for a given directory
+ * @param path check path
+ * @param limit min. free space in bytes
+ * @return bool - true when the the free space is above limit ohterwise false, opt. available disk-space
+ */
+
+ function check_free_space($path, $limit = 0, &$free_space = 0) {
+ $path = rtrim($path, '/');
+
+ /**
+ * Make sure that we have only existing directories in the path.
+
+ * Given a file name instead of a directory, the behaviour of the disk_free_space
+ function is unspecified and may differ between operating systems and PHP versions.
+ */
+ while(!is_dir($path) && $path != '/') $path = realpath(dirname($path));
+
+ $free_space = disk_free_space($out);
+
+ if (!$free_space) {
+ $free_space = 0;
+ return false;
+ }
+
+ if ($free_space >= $limit) {
+ return true;
+ } else {
+ return false;
+ }
+
+ }
@@ -1476,9 +1558,13 @@
}
}
- function maildirmake($maildir_path, $user = '', $subfolder = '') {
+ function maildirmake($maildir_path, $user = '', $subfolder = '', $group = '') {
- global $app;
+ global $app, $conf;
+
+ // load the server configuration options
+ $app->uses("getconf");
+ $mail_config = $app->getconf->get_server_config($conf["server_id"], 'mail');
if($subfolder != '') {
$dir = escapeshellcmd($maildir_path.'/.'.$subfolder);
@@ -1490,22 +1576,24 @@
if($user != '' && $user != 'root' && $this->is_user($user)) {
$user = escapeshellcmd($user);
- // I assume that the name of the (vmail group) is the same as the name of the mail user in ISPConfig 3
- $group = $user;
if(is_dir($dir)) $this->chown($dir, $user);
- if(is_dir($dir)) $this->chgrp($dir, $group);
$chown_mdsub = true;
+ }
+
+ if($group != '' && $group != 'root' && $this->is_group($group)) {
+ $group = escapeshellcmd($group);
+ if(is_dir($dir)) $this->chgrp($dir, $group);
+
+ $chgrp_mdsub = true;
}
$maildirsubs = array('cur', 'new', 'tmp');
foreach ($maildirsubs as $mdsub) {
if(!is_dir($dir.'/'.$mdsub)) mkdir($dir.'/'.$mdsub, 0700, true);
- if ($chown_mdsub) {
- chown($dir.'/'.$mdsub, $user);
- chgrp($dir.'/'.$mdsub, $group);
- }
+ if ($chown_mdsub) chown($dir.'/'.$mdsub, $user);
+ if ($chgrp_mdsub) chgrp($dir.'/'.$mdsub, $group);
}
chmod($dir, 0700);
@@ -1521,25 +1609,30 @@
//* Add the subfolder to the subscriptions and courierimapsubscribed files
if($subfolder != '') {
+
// Courier
- if(!is_file($maildir_path.'/courierimapsubscribed')) {
- $tmp_file = escapeshellcmd($maildir_path.'/courierimapsubscribed');
- touch($tmp_file);
- chmod($tmp_file, 0744);
- chown($tmp_file, 'vmail');
- chgrp($tmp_file, 'vmail');
+ if($mail_config['pop3_imap_daemon'] == 'courier') {
+ if(!is_file($maildir_path.'/courierimapsubscribed')) {
+ $tmp_file = escapeshellcmd($maildir_path.'/courierimapsubscribed');
+ touch($tmp_file);
+ chmod($tmp_file, 0744);
+ chown($tmp_file, 'vmail');
+ chgrp($tmp_file, 'vmail');
+ }
+ $this->replaceLine($maildir_path.'/courierimapsubscribed', 'INBOX.'.$subfolder, 'INBOX.'.$subfolder, 1, 1);
}
- $this->replaceLine($maildir_path.'/courierimapsubscribed', 'INBOX.'.$subfolder, 'INBOX.'.$subfolder, 1, 1);
// Dovecot
- if(!is_file($maildir_path.'/subscriptions')) {
- $tmp_file = escapeshellcmd($maildir_path.'/subscriptions');
- touch($tmp_file);
- chmod($tmp_file, 0744);
- chown($tmp_file, 'vmail');
- chgrp($tmp_file, 'vmail');
+ if($mail_config['pop3_imap_daemon'] == 'dovecot') {
+ if(!is_file($maildir_path.'/subscriptions')) {
+ $tmp_file = escapeshellcmd($maildir_path.'/subscriptions');
+ touch($tmp_file);
+ chmod($tmp_file, 0744);
+ chown($tmp_file, 'vmail');
+ chgrp($tmp_file, 'vmail');
+ }
+ $this->replaceLine($maildir_path.'/subscriptions', $subfolder, $subfolder, 1, 1);
}
- $this->replaceLine($maildir_path.'/subscriptions', $subfolder, $subfolder, 1, 1);
}
$app->log('Created Maildir '.$maildir_path.' with subfolder: '.$subfolder, LOGLEVEL_DEBUG);
@@ -1708,23 +1801,215 @@
return $return_var == 0 ? true : false;
}
- function getinitcommand($servicename, $action, $init_script_directory = ''){
- global $conf;
- // systemd
- if(is_executable('/bin/systemd')){
- return 'systemctl '.$action.' '.$servicename.'.service';
+ function mount_backup_dir($backup_dir, $mount_cmd = '/usr/local/ispconfig/server/scripts/backup_dir_mount.sh'){
+ global $app, $conf;
+
+ if($this->is_mounted($backup_dir)) return true;
+
+ $mounted = true;
+ if ( is_file($mount_cmd) &&
+ is_executable($mount_cmd) &&
+ fileowner($mount_cmd) === 0
+ ) {
+ if (!$this->is_mounted($backup_dir)){
+ exec($mount_cmd);
+ sleep(1);
+ if (!$this->is_mounted($backup_dir)) $mounted = false;
+ }
+ } else $mounted = false;
+ if (!$mounted) {
+ //* send email to admin that backup directory could not be mounted
+ $global_config = $app->getconf->get_global_config('mail');
+ if($global_config['admin_mail'] != ''){
+ $subject = 'Backup directory '.$backup_dir.' could not be mounted';
+ $message = "Backup directory ".$backup_dir." could not be mounted.\n\nThe command\n\n".$mount_cmd."\n\nfailed.";
+ mail($global_config['admin_mail'], $subject, $message);
+ }
}
+
+ return $mounted;
+ }
+
+ function umount_backup_dir($backup_dir, $mount_cmd = '/usr/local/ispconfig/server/scripts/backup_dir_umount.sh'){
+ global $app, $conf;
+
+ if ( is_file($mount_cmd) &&
+ is_executable($mount_cmd) &&
+ fileowner($mount_cmd) === 0
+ ) {
+ if ($this->is_mounted($backup_dir)){
+ exec($mount_cmd);
+ sleep(1);
+ }
+ }
+
+ $unmounted = $this->is_mounted($backup_dir) == 0 ? true : false;
+ if(!$unmounted) {
+ //* send email to admin that backup directory could not be unmounted
+ $global_config = $app->getconf->get_global_config('mail');
+ if($global_config['admin_mail'] != ''){
+ $subject = 'Backup directory '.$backup_dir.' could not be unmounted';
+ $message = "Backup directory ".$backup_dir." could not be unmounted.\n\nThe command\n\n".$mount_cmd."\n\nfailed.";
+ mail($global_config['admin_mail'], $subject, $message);
+ }
+ }
+
+ return $unmounted;
+
+ }
+
+ function _getinitcommand($servicename, $action, $init_script_directory = '', $check_service) {
+ global $conf;
// upstart
if(is_executable('/sbin/initctl')){
exec('/sbin/initctl version 2>/dev/null | /bin/grep -q upstart', $retval['output'], $retval['retval']);
if(intval($retval['retval']) == 0) return 'service '.$servicename.' '.$action;
}
+
+ // systemd
+ if(is_executable('/bin/systemd') || is_executable('/usr/bin/systemctl')){
+ if ($check_service) {
+ exec("systemctl is-enabled ".$servicename." 2>&1", $out, $ret_val);
+ }
+ if ($ret_val == 0 || !$check_service) {
+ return 'systemctl '.$action.' '.$servicename.'.service';
+ }
+ }
+
// sysvinit
if($init_script_directory == '') $init_script_directory = $conf['init_scripts'];
if(substr($init_script_directory, -1) === '/') $init_script_directory = substr($init_script_directory, 0, -1);
- return $init_script_directory.'/'.$servicename.' '.$action;
+ if($check_service && is_executable($init_script_directory.'/'.$servicename)) {
+ return $init_script_directory.'/'.$servicename.' '.$action;
+ }
+ if (!$check_service) {
+ return $init_script_directory.'/'.$servicename.' '.$action;
+ }
}
+ function getinitcommand($servicename, $action, $init_script_directory = '', $check_service=false) {
+ if (is_array($servicename)) {
+ foreach($servicename as $service) {
+ $out = $this->_getinitcommand($service, $action, $init_script_directory, true);
+ if ($out != '') return $out;
+ }
+ } else {
+ return $this->_getinitcommand($servicename, $action, $init_script_directory, $check_service);
+ }
+ }
+
+ function getapacheversion($get_minor = false) {
+ global $app;
+
+ $cmd = '';
+ if($this->is_installed('apache2ctl')) $cmd = 'apache2ctl -v';
+ elseif($this->is_installed('apachectl')) $cmd = 'apachectl -v';
+ else {
+ $app->log("Could not check apache version, apachectl not found.", LOGLEVEL_WARN);
+ return '2.2';
+ }
+
+ exec($cmd, $output, $return_var);
+ if($return_var != 0 || !$output[0]) {
+ $app->log("Could not check apache version, apachectl did not return any data.", LOGLEVEL_WARN);
+ return '2.2';
+ }
+
+ if(preg_match('/version:\s*Apache\/(\d+)(\.(\d+)(\.(\d+))*)?(\D|$)/i', $output[0], $matches)) {
+ return $matches[1] . (isset($matches[3]) ? '.' . $matches[3] : '') . (isset($matches[5]) && $get_minor == true ? '.' . $matches[5] : '');
+ } else {
+ $app->log("Could not check apache version, did not find version string in apachectl output.", LOGLEVEL_WARN);
+ return '2.2';
+ }
+ }
+
+ function getapachemodules() {
+ global $app;
+
+ $cmd = '';
+ if($this->is_installed('apache2ctl')) $cmd = 'apache2ctl -t -D DUMP_MODULES';
+ elseif($this->is_installed('apachectl')) $cmd = 'apachectl -t -D DUMP_MODULES';
+ else {
+ $app->log("Could not check apache modules, apachectl not found.", LOGLEVEL_WARN);
+ return array();
+ }
+
+ exec($cmd . ' 2>/dev/null', $output, $return_var);
+ if($return_var != 0 || !$output[0]) {
+ $app->log("Could not check apache modules, apachectl did not return any data.", LOGLEVEL_WARN);
+ return array();
+ }
+
+ $modules = array();
+ for($i = 0; $i < count($output); $i++) {
+ if(preg_match('/^\s*(\w+)\s+\((shared|static)\)\s*$/', $output[$i], $matches)) {
+ $modules[] = $matches[1];
+ }
+ }
+
+ return $modules;
+ }
+
+ //* ISPConfig mail function
+ public function mail($to, $subject, $text, $from, $filepath = '', $filetype = 'application/pdf', $filename = '', $cc = '', $bcc = '', $from_name = '') {
+ global $app, $conf;
+
+ if($conf['demo_mode'] == true) $app->error("Mail sending disabled in demo mode.");
+
+ $app->uses('getconf,ispcmail');
+ $mail_config = $app->getconf->get_global_config('mail');
+ if($mail_config['smtp_enabled'] == 'y') {
+ $mail_config['use_smtp'] = true;
+ $app->ispcmail->setOptions($mail_config);
+ }
+ $app->ispcmail->setSender($from, $from_name);
+ $app->ispcmail->setSubject($subject);
+ $app->ispcmail->setMailText($text);
+
+ if($filepath != '') {
+ if(!file_exists($filepath)) $app->error("Mail attachement does not exist ".$filepath);
+ $app->ispcmail->readAttachFile($filepath);
+ }
+
+ if($cc != '') $app->ispcmail->setHeader('Cc', $cc);
+ if($bcc != '') $app->ispcmail->setHeader('Bcc', $bcc);
+
+ $app->ispcmail->send($to);
+ $app->ispcmail->finish();
+
+ return true;
+ }
+
+ public function is_allowed_user($username, $check_id = true, $restrict_names = false) {
+ global $app;
+
+ $name_blacklist = array('root','ispconfig','vmail','getmail');
+ if(in_array($username,$name_blacklist)) return false;
+
+ if(preg_match('/^[a-zA-Z0-9\.\-_]{1,32}$/', $username) == false) return false;
+
+ if($check_id && intval($this->getuid($username)) < $this->min_uid) return false;
+
+ if($restrict_names == true && preg_match('/^web\d+$/', $username) == false) return false;
+
+ return true;
+ }
+
+ public function is_allowed_group($groupname, $check_id = true, $restrict_names = false) {
+ global $app;
+
+ $name_blacklist = array('root','ispconfig','vmail','getmail');
+ if(in_array($groupname,$name_blacklist)) return false;
+
+ if(preg_match('/^[a-zA-Z0-9\.\-_]{1,32}$/', $groupname) == false) return false;
+
+ if($check_id && intval($this->getgid($groupname)) < $this->min_gid) return false;
+
+ if($restrict_names == true && preg_match('/^client\d+$/', $groupname) == false) return false;
+
+ return true;
+ }
+
}
?>
--
Gitblit v1.9.1