Marius Burkard
2016-05-23 9376d70f0ccba49ead95ef47f0ecba568ea2d6e1
commit | author | age
20218c 1 <?php
M 2
3 /*
4 Copyright (c) 2007, Till Brehm, projektfarm Gmbh
5 All rights reserved.
6
7 Redistribution and use in source and binary forms, with or without modification,
8 are permitted provided that the following conditions are met:
9
10     * Redistributions of source code must retain the above copyright notice,
11       this list of conditions and the following disclaimer.
12     * Redistributions in binary form must reproduce the above copyright notice,
13       this list of conditions and the following disclaimer in the documentation
14       and/or other materials provided with the distribution.
15     * Neither the name of ISPConfig nor the names of its contributors
16       may be used to endorse or promote products derived from this software without
17       specific prior written permission.
18
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
20 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
21 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
23 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
24 BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
26 OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
27 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
28 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
b1a6a5 31 class installer extends installer_base
cb8c86 32 {
W 33     public function configure_jailkit()
b1a6a5 34     {
MC 35         global $conf;
36
cb8c86 37         if (is_dir($conf['jailkit']['config_dir']))
W 38         {
ff1d9a 39             $jkinit_content = $this->get_template_file($conf['jailkit']['jk_init'], true); //* get contents
cb8c86 40             $this->write_config_file($conf['jailkit']['config_dir'] . '/' . $conf['jailkit']['jk_init'], $jkinit_content);
b1a6a5 41
ff1d9a 42             $jkchroot_content = $this->get_template_file($conf['jailkit']['jk_chrootsh'], true); //* get contents
cb8c86 43             $this->write_config_file($conf['jailkit']['config_dir'] . '/' . $conf['jailkit']['jk_chrootsh'], $jkchroot_content);
W 44         }
b1a6a5 45
ff1d9a 46         $command = 'chown root:root /var/www';
W 47         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
b1a6a5 48     }
MC 49
cb8c86 50     public function configure_postfix($options = '')
b1a6a5 51     {
b51c22 52         global $conf,$autoinstall;
b1a6a5 53
MC 54         $cf = $conf['postfix'];
cb8c86 55         $config_dir = $cf['config_dir'];
b1a6a5 56
cb8c86 57         if(!is_dir($config_dir)){
b1a6a5 58             $this->error("The postfix configuration directory '$config_dir' does not exist.");
MC 59         }
60
61         //* Install virtual mappings
62         foreach (glob('tpl/mysql-virtual_*.master') as $filename) {
63             $this->process_postfix_config( basename($filename, '.master') );
64         }
65
ff1d9a 66         //* Changing mode and group of the new created config files.
cb8c86 67         caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
b1a6a5 68             __FILE__, __LINE__, 'chmod on mysql-virtual_*.cf*', 'chmod on mysql-virtual_*.cf* failed');
MC 69         caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
70             __FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed');
71
ff1d9a 72         //* Creating virtual mail user and group
cb8c86 73         $command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
W 74         if (!is_group($cf['vmail_groupname'])) {
75             caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
76         }
20218c 77
cb8c86 78         $command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
W 79         if (!is_user($cf['vmail_username'])) {
b1a6a5 80             caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
cb8c86 81         }
20218c 82
b67344 83         //* These postconf commands will be executed on installation and update
badfbe 84         $server_ini_rec = $this->db->queryOneRecord("SELECT config FROM ?? WHERE server_id = ?", $conf["mysql"]["database"].'.server', $conf['server_id']);
20f478 85         $server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
D 86         unset($server_ini_rec);
87
88         //* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
89         $rbl_list = '';
90         if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
91             $rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
92             foreach ($rbl_hosts as $key => $value) {
93                 $rbl_list .= ", reject_rbl_client ". $value;
94             }
95         }
96         unset($rbl_hosts);
97
98         //* If Postgrey is installed, configure it
99         $greylisting = '';
100         if($conf['postgrey']['installed'] == true) {
101             $greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
102         }
103         
104         $reject_sender_login_mismatch = '';
105         if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
106             $reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
107         }
108         unset($server_ini_array);
109         
b1a6a5 110         $postconf_placeholders = array('{config_dir}' => $config_dir,
MC 111             '{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
112             '{vmail_userid}' => $cf['vmail_userid'],
113             '{vmail_groupid}' => $cf['vmail_groupid'],
20f478 114             '{rbl_list}' => $rbl_list,
D 115             '{greylisting}' => $greylisting,
116             '{reject_slm}' => $reject_sender_login_mismatch,
117         );
b1a6a5 118
MC 119         $postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/gentoo_postfix.conf.master', 'tpl/gentoo_postfix.conf.master');
120         $postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
121         $postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
122
b67344 123         //* These postconf commands will be executed on installation only
T 124         if($this->is_update == false) {
b1a6a5 125             $postconf_commands = array_merge($postconf_commands, array(
MC 126                     'myhostname = '.$conf['hostname'],
127                     'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
128                     'mynetworks = 127.0.0.0/8 [::1]/128'
129                 ));
b67344 130         }
b1a6a5 131
ff1d9a 132         //* Create the header and body check files
cb8c86 133         touch($config_dir.'/header_checks');
W 134         touch($config_dir.'/mime_header_checks');
135         touch($config_dir.'/nested_header_checks');
136         touch($config_dir.'/body_checks');
b1a6a5 137
616ad0 138         //* Create auxillary postfix conf files
FS 139         $configfile = 'helo_access';
140         if(is_file($config_dir.'/'.$configfile)) {
141             copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
142             chmod($config_dir.'/'.$configfile.'~', 0400);
143         }
144         $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
145         $content = strtr($content, $postconf_placeholders);
146         # todo: look up this server's ip addrs and loop through each
147         # todo: look up domains hosted on this server and loop through each
148         wf($config_dir.'/'.$configfile, $content);
149
150         $configfile = 'blacklist_helo';
151         if(is_file($config_dir.'/'.$configfile)) {
152             copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
153             chmod($config_dir.'/'.$configfile.'~', 0400);
154         }
155         $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
156         $content = strtr($content, $postconf_placeholders);
157         wf($config_dir.'/'.$configfile, $content);
b1a6a5 158
ff1d9a 159         //* Make a backup copy of the main.cf file
cb8c86 160         copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
b1a6a5 161
ff1d9a 162         //* Executing the postconf commands
cb8c86 163         foreach($postconf_commands as $cmd) {
W 164             $command = "postconf -e '$cmd'";
ff1d9a 165             caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
cb8c86 166         }
b1a6a5 167
ff1d9a 168         //* Create the SSL certificate
b1a6a5 169         if (!stristr($options, 'dont-create-certs'))
cb8c86 170         {
b04e82 171             if(AUTOINSTALL){
TB 172                 $command = 'cd '.$config_dir.'; '
35846d 173                     ."openssl req -new -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509";
b04e82 174             } else {
TB 175                 $command = 'cd '.$config_dir.'; '
35846d 176                     .'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
b04e82 177             }
cb8c86 178             exec($command);
b1a6a5 179
cb8c86 180             $command = 'chmod o= '.$config_dir.'/smtpd.key';
W 181             caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
182         }
b1a6a5 183
ff1d9a 184         //* We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
W 185         $command = 'chmod 755  /var/lib/courier/authdaemon/';
186         if (is_dir('/var/lib/courier/authdaemon')) {
187             caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
188         }
b1a6a5 189
ff1d9a 190         //* Changing maildrop lines in posfix master.cf
cb8c86 191         $configfile = $config_dir.'/master.cf';
W 192         $content = rf($configfile);
193
b1a6a5 194         $content = preg_replace('/^#?maildrop/m', 'maildrop', $content);
MC 195         $content = preg_replace('/^#?(\s+)flags=DRhu user=vmail argv=\/usr\/bin\/maildrop -d/m',
196             '$1flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail \${extension} \${recipient} \${user} \${nexthop} \${sender}',
197             $content);
198
cb8c86 199         $this->write_config_file($configfile, $content);
b1a6a5 200
ff1d9a 201         //* Writing the Maildrop mailfilter file
615a0a 202         $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailfilter.master', 'tpl/mailfilter.master');
cb8c86 203         $content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
b1a6a5 204
cb8c86 205         $this->write_config_file($cf['vmail_mailbox_base'].'/.mailfilter', $content);
b1a6a5 206
ff1d9a 207         //* Create the directory for the custom mailfilters
b1a6a5 208         if (!is_dir($cf['vmail_mailbox_base'].'/mailfilters'))
cb8c86 209         {
W 210             $command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
ff1d9a 211             caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
cb8c86 212         }
ec5716 213
T 214         //* postfix-dkim
215         $full_file_name=$config_dir.'/tag_as_originating.re';
216         if(is_file($full_file_name)) {
217             copy($full_file_name, $config_dir.$configfile.'~');
b1a6a5 218         }
MC 219         $this->write_config_file($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026');
ec5716 220
b1a6a5 221         $full_file_name=$config_dir.'/tag_as_foreign.re';
MC 222         if(is_file($full_file_name)) {
223             copy($full_file_name, $config_dir.$configfile.'~');
224         }
225         $this->write_config_file($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024');
226
ff1d9a 227         //* Chmod and chown the .mailfilter file
cb8c86 228         $command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
W 229         caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
b1a6a5 230
cb8c86 231         $command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
W 232         caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
b1a6a5 233
cb8c86 234     }
b1a6a5 235
MC 236     public function configure_saslauthd()
cb8c86 237     {
W 238         global $conf;
b1a6a5 239
ff1d9a 240         $content = $this->get_template_file('sasl_smtpd.conf', true, true); //* get contents & insert db cred
cb8c86 241         $this->write_config_file($conf['saslauthd']['config_dir'].'/smtpd.conf', $content);
b1a6a5 242
ff1d9a 243         //* Edit the file saslauthd config file
W 244         $content = rf($conf['saslauthd']['config_file']);
cb8c86 245         $content = preg_replace('/(?<=\n)SASLAUTHD_OPTS="\$\{SASLAUTHD_OPTS\}[^"]+"/', 'SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam -r -c -s 128 -t 30 -n 5"', $content);
b1a6a5 246
ff1d9a 247         $this->write_config_file($conf['saslauthd']['config_file'], $content);
cb8c86 248     }
b1a6a5 249
cb8c86 250     public function configure_courier()
b1a6a5 251     {
MC 252         global $conf;
253
ff1d9a 254         //* authmysqlrc
W 255         $content = $this->get_template_file('authmysqlrc', true, true); //* get contents & insert db cred
cb8c86 256         $this->write_config_file($conf['courier']['config_dir'].'/authmysqlrc', $content);
b1a6a5 257
ff1d9a 258         //* authdaemonrc
cb8c86 259         $configfile = $conf['courier']['config_dir'].'/authdaemonrc';
W 260
261         $content = rf($configfile);
262         $content = preg_replace('/(?<=\n)authmodulelist="[^"]+"/', "authmodulelist=\"authmysql\"", $content);
263         $this->write_config_file($configfile, $content);
b1a6a5 264
ff1d9a 265         //* create certificates
W 266         $command = 'mkimapdcert';
267         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
b1a6a5 268
ff1d9a 269         $command = 'mkpop3dcert';
cb8c86 270         caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
b1a6a5 271     }
MC 272
273     public function configure_dovecot()
274     {
275         global $conf;
276
a8aad2 277         $virtual_transport = 'dovecot';
8b23f8 278
FS 279         $configure_lmtp = false;
a8aad2 280         
DM 281         // check if virtual_transport must be changed
282         if ($this->is_update) {
cc7a82 283             $tmp = $this->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"].".server", $conf['server_id']);
a8aad2 284             $ini_array = ini_to_array(stripslashes($tmp['config']));
DM 285             // ini_array needs not to be checked, because already done in update.php -> updateDbAndIni()
286             
287             if(isset($ini_array['mail']['mailbox_virtual_uidgid_maps']) && $ini_array['mail']['mailbox_virtual_uidgid_maps'] == 'y') {
288                 $virtual_transport = 'lmtp:unix:private/dovecot-lmtp';
8b23f8 289                 $configure_lmtp = true;
a8aad2 290             }
DM 291         }
292
bd5d26 293         $config_dir = $conf['postfix']['config_dir'];
9c6782 294
b1a6a5 295         //* Configure master.cf and add a line for deliver
9c6782 296         if(!$this->get_postfix_service('dovecot', 'unix')) {
bd5d26 297             //* backup
FS 298             if(is_file($config_dir.'/master.cf')){
299                 copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
300             }
301             if(is_file($config_dir.'/master.cf~')){
302                 chmod($config_dir.'/master.cf~2', 0400);
303             }
304             //* Configure master.cf and add a line for deliver
305             $content = rf($conf["postfix"]["config_dir"].'/master.cf');
9c6782 306             $deliver_content = 'dovecot   unix  -       n       n       -       -       pipe'."\n".'  flags=DROhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n";
091066 307             af($config_dir.'/master.cf', $deliver_content);
bd5d26 308             unset($content);
FS 309             unset($deliver_content);
310         }
b1a6a5 311
ff1d9a 312         //* Reconfigure postfix to use dovecot authentication
W 313         $postconf_commands = array (
b1a6a5 314             'dovecot_destination_recipient_limit = 1',
a8aad2 315             'virtual_transport = '.$virtual_transport,
b1a6a5 316             'smtpd_sasl_type = dovecot',
MC 317             'smtpd_sasl_path = private/auth'
ff1d9a 318         );
b1a6a5 319
ff1d9a 320         //* Make a backup copy of the main.cf file
b1a6a5 321         copy($conf['postfix']['config_dir'].'/main.cf', $conf['postfix']['config_dir'].'/main.cf~3');
MC 322
323         //* Executing the postconf commands
324         foreach($postconf_commands as $cmd)
ff1d9a 325         {
W 326             $command = "postconf -e '$cmd'";
327             caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
328         }
b1a6a5 329
bd5d26 330         $config_dir = $conf['dovecot']['config_dir'];
ff1d9a 331         //* copy dovecot.conf
W 332         $configfile = $config_dir.'/dovecot.conf';
333         $content = $this->get_template_file('dovecot.conf', true);
334         $this->write_config_file($configfile, $content);
b1a6a5 335
8b23f8 336         //* dovecot-lmtpd
FS 337         if($configure_lmtp) {
338             replaceLine($config_dir.'/'.$configfile, 'protocols = imap pop3', 'protocols = imap pop3 lmtp', 1, 0);
339         }
340
ff1d9a 341         //* dovecot-sql.conf
W 342         $configfile = $config_dir.'/dovecot-sql.conf';
343         $content = $this->get_template_file('debian_dovecot-sql.conf', true, true);
344         $this->write_config_file($configfile, $content);
b1a6a5 345     }
MC 346
cb8c86 347     public function configure_spamassassin()
b1a6a5 348     {
cb8c86 349         return true;
b1a6a5 350     }
MC 351
cb8c86 352     public function configure_getmail()
b1a6a5 353     {
cb8c86 354         global $conf;
b1a6a5 355
cb8c86 356         $config_dir = $conf['getmail']['config_dir'];
b1a6a5 357
cb8c86 358         if (!is_dir($config_dir)) {
ff1d9a 359             exec('mkdir -p '.escapeshellcmd($config_dir));
cb8c86 360         }
W 361
362         $command = "useradd -d $config_dir ".$conf['getmail']['user'];
363         if (!is_user('getmail')) {
364             caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
365         }
b1a6a5 366
cb8c86 367         $command = "chown -R getmail $config_dir";
W 368         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
b1a6a5 369
cb8c86 370         $command = "chmod -R 700 $config_dir";
W 371         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
b1a6a5 372
ff1d9a 373         //* Getmail will be run from cron. In order to have access to cron the getmail user needs to be part of the cron group.
cb8c86 374         $command = "gpasswd -a getmail " . $conf['cron']['group'];
W 375         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
376     }
b1a6a5 377
MC 378     public function configure_amavis()
379     {
cb8c86 380         global $conf;
b1a6a5 381
ff1d9a 382         //* Amavisd-new user config file
cb8c86 383         $conf_file = 'amavisd-ispconfig.conf';
W 384         $conf_path = dirname($conf['amavis']['config_file']) . '/' . $conf_file;
b1a6a5 385
ff1d9a 386         $content = $this->get_template_file($conf_file, true, true); //* get contents & insert db cred
cb8c86 387         $this->write_config_file($conf_path, $content);
b1a6a5 388
ff1d9a 389         //* Activate config directory in default file
cb8c86 390         $amavis_conf = rf($conf['amavis']['config_file']);
b1a6a5 391         if (stripos($amavis_conf, $conf_path) === false)
cb8c86 392         {
ff1d9a 393             $amavis_conf = preg_replace('/^(1;.*)$/m', "include_config_files('$conf_path');\n$1", $amavis_conf);
cb8c86 394             $this->write_config_file($conf['amavis']['config_file'], $amavis_conf);
W 395         }
b1a6a5 396
ff1d9a 397         //* Adding the amavisd commands to the postfix configuration
cb8c86 398         $postconf_commands = array (
W 399             'content_filter = amavis:[127.0.0.1]:10024',
400             'receive_override_options = no_address_mappings'
401         );
b1a6a5 402
MC 403         foreach($postconf_commands as $cmd) {
cb8c86 404             $command = "postconf -e '$cmd'";
ff1d9a 405             caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
cb8c86 406         }
b1a6a5 407
bd5d26 408         $config_dir = $conf['postfix']['config_dir'];
FS 409
410         // Adding amavis-services to the master.cf file if the service does not already exists
9c6782 411         $add_amavis = !$this->get_postfix_service('amavis','unix');
FS 412         $add_amavis_10025 = !$this->get_postfix_service('127.0.0.1:10025','inet');
413         $add_amavis_10027 = !$this->get_postfix_service('127.0.0.1:10027','inet');
bd5d26 414
FS 415         if ($add_amavis || $add_amavis_10025 || $add_amavis_10027) {
416             //* backup master.cf
417             if(is_file($config_dir.'/master.cf')) copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
418             // adjust amavis-config
419             if($add_amavis) {
420                 $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', 'tpl/master_cf_amavis.master');
421                 af($config_dir.'/master.cf', $content);
422                 unset($content);
423             }
424             if ($add_amavis_10025) {
425                 $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10025.master', 'tpl/master_cf_amavis10025.master');
426                 af($config_dir.'/master.cf', $content);
427                 unset($content);
428             }
429             if ($add_amavis_10027) {
430                 $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10027.master', 'tpl/master_cf_amavis10027.master');
431                 af($config_dir.'/master.cf', $content);
432                 unset($content);
433             }
44ae08 434         }
b1a6a5 435
ff1d9a 436         //* Add the clamav user to the amavis group
cb8c86 437         exec('usermod -a -G amavis clamav');
b1a6a5 438     }
MC 439
440     public function configure_pureftpd()
441     {
cb8c86 442         global $conf;
b1a6a5 443
cb8c86 444         //* configure pure-ftpd for MySQL authentication against the ispconfig database
ff1d9a 445         $content = $this->get_template_file('pureftpd_mysql.conf', true, true); //* get contents & insert db cred
W 446         $content = str_replace('{server_id}', $conf['server_id'], $content);
b1a6a5 447
cb8c86 448         $this->write_config_file($conf['pureftpd']['mysql_config_file'], $content, 600, 'root', 'root');
b1a6a5 449
ff1d9a 450         //* enable pure-ftpd and server settings
cb8c86 451         $content = rf($conf["pureftpd"]["config_file"]);
b1a6a5 452
cb8c86 453         $content = preg_replace('/#?IS_CONFIGURED="(?:yes|no)"/', 'IS_CONFIGURED="yes"', $content);
W 454         $content = str_replace('AUTH="-l unix"', 'AUTH="-l mysql:'.$conf['pureftpd']['mysql_config_file'].'"', $content);
b1a6a5 455
ff1d9a 456         //* Logging defaults to syslog's ftp facility. Override this behaviour for better compatibility with debian/ubuntu
W 457         //* and specify the format.
cb8c86 458         $logdir = '/var/log/pure-ftpd';
W 459         if (!is_dir($logdir)) {
460             mkdir($logdir, 0755, true);
461         }
b1a6a5 462
ff1d9a 463         /**
cb8c86 464          * @link http://download.pureftpd.org/pub/pure-ftpd/doc/README
W 465          * -b brokenclientscompatibility
466          * -A chrooteveryone
467          * -E noanonymous
468          * -O altlog <format>:<log file>
469          * -Z customerproof (Add safe guards against common customer mistakes ie. like chmod 0 on their own files)
b1a6a5 470          * -D displaydotfiles
ff1d9a 471          * -H dontresolve
cb8c86 472          */
b1a6a5 473
MC 474
ff1d9a 475         $content = preg_replace('/MISC_OTHER="[^"]+"/', 'MISC_OTHER="-b -A -E -Z -D -H -O clf:'.$logdir.'/transfer.log"', $content);
b1a6a5 476
ff1d9a 477         $this->write_config_file($conf['pureftpd']['config_file'], $content);
b1a6a5 478     }
MC 479
480     public function configure_powerdns()
cb8c86 481     {
W 482         global $conf;
b1a6a5 483
cb8c86 484         //* Create the database
cc7a82 485         if(!$this->db->query('CREATE DATABASE IF NOT EXISTS ?? DEFAULT CHARACTER SET ?', $conf['powerdns']['database'], $conf['mysql']['charset'])) {
cb8c86 486             $this->error('Unable to create MySQL database: '.$conf['powerdns']['database'].'.');
W 487         }
b1a6a5 488
cb8c86 489         //* Create the ISPConfig database user in the local database
cc7a82 490         $query = 'GRANT ALL ON ??.* TO ?@?';
MC 491         if(!$this->db->query($query, $conf['powerdns']['database'], $conf['mysql']['ispconfig_user'], 'localhost')) {
cb8c86 492             $this->error('Unable to create user for powerdns database Error: '.$this->db->errorMessage);
W 493         }
b1a6a5 494
cb8c86 495         //* load the powerdns databse dump
W 496         if($conf['mysql']['admin_password'] == '') {
b1a6a5 497             caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
MC 498                 __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
cb8c86 499         } else {
b1a6a5 500             caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
MC 501                 __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
cb8c86 502         }
b1a6a5 503
cb8c86 504         //* Create the powerdns config file
ff1d9a 505         $content = $this->get_template_file('pdns.local', true, true); //* get contents & insert db cred
cb8c86 506         $content = str_replace('{powerdns_database}', $conf['powerdns']['database'], $content);
b1a6a5 507
cb8c86 508         $this->write_config_file($conf["powerdns"]["config_dir"].'/'.$conf["powerdns"]["config_file"], $content, 600, 'root', 'root');
W 509
ff1d9a 510         //* Create symlink to init script to start the correct config file
cb8c86 511         if( !is_link($conf['init_scripts'].'/'.$conf['powerdns']['init_script']) ) {
W 512             symlink($conf['init_scripts'].'/pdns', $conf['init_scripts'].'/'.$conf['powerdns']['init_script']);
513         }
514     }
b1a6a5 515
d090db 516     public function configure_bind() {
W 517         global $conf;
518
b1a6a5 519         //* Check if the zonefile directory has a slash at the end
MC 520         $content=$conf['bind']['bind_zonefiles_dir'];
521         if(substr($content, -1, 1) != '/') {
522             $content .= '/';
d090db 523         }
b1a6a5 524
d090db 525         //* New default format of named.conf uses views. Check which version the system is using and include our zones file.
W 526         $named_conf = rf($conf['bind']['named_conf_path']);
b1a6a5 527         if (stripos($named_conf, 'include "'.$conf['bind']['named_conf_local_path'].'";') === false)
d090db 528         {
W 529             preg_match_all("/(?<=\n)view \"(?:public|internal)\" in \{.*\n\};/Us", $named_conf, $views);
530             if (count($views[0]) == 2) {
531                 foreach ($views[0] as $view) {
532                     $named_conf = str_replace($view, substr($view, 0, -2)."include \"{$conf['bind']['named_conf_local_path']}\";\n};", $named_conf);
533                 }
b1a6a5 534
d090db 535                 wf($conf['bind']['named_conf_path'], $named_conf);
W 536             }
537             else {
538                 af($conf['bind']['named_conf_path'], 'include "'.$conf['bind']['named_conf_local_path'].'";');
539             }
540         }
541     }
b1a6a5 542
cb8c86 543     public function configure_apache()
b1a6a5 544     {
cb8c86 545         global $conf;
b1a6a5 546
91324a 547         if($conf['apache']['installed'] == false) return;
ff1d9a 548         //* Create the logging directory for the vhost logfiles
W 549         if (!is_dir($conf['ispconfig_log_dir'].'/httpd')) {
550             mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
cb8c86 551         }
b1a6a5 552
MC 553         if (is_file($conf['suphp']['config_file']))
cb8c86 554         {
W 555             $content = rf($conf['suphp']['config_file']);
b1a6a5 556
ff1d9a 557             if (!preg_match('|^x-httpd-suphp=php:/usr/bin/php-cgi$|m', $content))
W 558             {
b1a6a5 559                 $content = preg_replace('/;Handler for php-scripts/', ";Handler for php-scripts\nx-httpd-suphp=php:/usr/bin/php-cgi", $content);
MC 560                 $content = preg_replace('/;?umask=\d+/', 'umask=0022', $content);
ff1d9a 561             }
b1a6a5 562
cb8c86 563             $this->write_config_file($conf['suphp']['config_file'], $content);
W 564         }
b1a6a5 565
ff1d9a 566         //* Enable ISPConfig default vhost settings
cb8c86 567         $default_vhost_path = $conf['apache']['vhost_conf_dir'].'/'.$conf['apache']['vhost_default'];
b1a6a5 568         if (is_file($default_vhost_path))
cb8c86 569         {
W 570             $content = rf($default_vhost_path);
b1a6a5 571
cb8c86 572             $content = preg_replace('/^#?\s*NameVirtualHost.*$/m', 'NameVirtualHost *:80', $content);
W 573             $content = preg_replace('/<VirtualHost[^>]+>/', '<VirtualHost *:80>', $content);
b1a6a5 574
cb8c86 575             $this->write_config_file($default_vhost_path, $content);
W 576         }
b1a6a5 577
ff1d9a 578         //* Generate default ssl certificates
cb8c86 579         if (!is_dir($conf['apache']['ssl_dir'])) {
W 580             mkdir($conf['apache']['ssl_dir']);
581         }
b1a6a5 582
MC 583         if ($conf['services']['mail'] == true)
cb8c86 584         {
W 585             copy($conf['postfix']['config_dir']."/smtpd.key", $conf['apache']['ssl_dir']."/server.key");
586             copy($conf['postfix']['config_dir']."/smtpd.cert", $conf['apache']['ssl_dir']."/server.crt");
587         }
588         else
589         {
590             if (!is_file($conf['apache']['ssl_dir'] . '/server.crt')) {
591                 exec("openssl req -new -outform PEM -out {$conf['apache']['ssl_dir']}/server.crt -newkey rsa:2048 -nodes -keyout {$conf['apache']['ssl_dir']}/server.key -keyform PEM -days 365 -x509");
592             }
593         }
b1a6a5 594
MC 595
596
ff1d9a 597         //* Copy the ISPConfig configuration include
ccbf14 598         $tpl = new tpl('apache_ispconfig.conf.master');
TB 599         $tpl->setVar('apache_version',getapacheversion());
600         
2af58c 601         $records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
ccbf14 602         $ip_addresses = array();
TB 603         
604         if(is_array($records) && count($records) > 0) {
605             foreach($records as $rec) {
606                 if($rec['ip_type'] == 'IPv6') {
607                     $ip_address = '['.$rec['ip_address'].']';
608                 } else {
609                     $ip_address = $rec['ip_address'];
610                 }
611                 $ports = explode(',', $rec['virtualhost_port']);
612                 if(is_array($ports)) {
613                     foreach($ports as $port) {
614                         $port = intval($port);
615                         if($port > 0 && $port < 65536 && $ip_address != '') {
616                             $ip_addresses[] = array('ip_address' => $ip_address, 'port' => $port);
617                         }
618                     }
619                 }
620             }
621         }
855547 622         
3de838 623         if(count($ip_addresses) > 0) $tpl->setLoop('ip_adresses',$ip_addresses);
ccbf14 624
TB 625         wf($conf['apache']['vhost_conf_dir'].'/000-ispconfig.conf', $tpl->grab());
626         unset($tpl);
b1a6a5 627
ff1d9a 628         //* Gentoo by default does not include .vhost files. Add include line to config file.
cb8c86 629         $content = rf($conf['apache']['config_file']);
W 630         if ( strpos($content, 'Include /etc/apache2/vhosts.d/*.vhost') === false ) {
b1a6a5 631             $content = preg_replace('|(Include /etc/apache2/vhosts.d/\*.conf)|', "$1\nInclude /etc/apache2/vhosts.d/*.vhost", $content);
cb8c86 632         }
b1a6a5 633
cb8c86 634         $this->write_config_file($conf['apache']['config_file'], $content);
b1a6a5 635
ff1d9a 636         //* make sure that webalizer finds its config file when it is directly in /etc
b1a6a5 637         if(is_file('/etc/webalizer.conf') && !is_dir('/etc/webalizer'))
cb8c86 638         {
W 639             mkdir('/etc/webalizer', 0755);
640             symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
641         }
b1a6a5 642
MC 643         if(is_file('/etc/webalizer/webalizer.conf')) //* Change webalizer mode to incremental
644             {
645             replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
646             replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental     yes', 0, 0);
647             replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName     webalizer.hist', 0, 0);
cb8c86 648         }
b1a6a5 649
ff1d9a 650         //* add a sshusers group
b1a6a5 651         if (!is_group('sshusers'))
cb8c86 652         {
W 653             $command = 'groupadd sshusers';
654             caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
655         }
b1a6a5 656     }
MC 657
658     public function configure_apps_vhost()
cb8c86 659     {
W 660         global $conf;
b1a6a5 661
cb8c86 662         //* Create the ispconfig apps vhost user and group
165152 663         if($conf['apache']['installed'] == true){
91324a 664             $apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
F 665             $apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
666             $install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
b1a6a5 667
91324a 668             $command = 'groupadd '.$apps_vhost_user;
F 669             if ( !is_group($apps_vhost_group) ) {
670                 caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
671             }
b1a6a5 672
91324a 673             $command = "useradd -g '$apps_vhost_group' -d $install_dir $apps_vhost_group";
F 674             if ( !is_user($apps_vhost_user) ) {
675                 caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
676             }
b1a6a5 677
91324a 678             $command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
F 679             caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
b1a6a5 680
99b55b 681             if(!@is_dir($install_dir)){
91324a 682                 mkdir($install_dir, 0755, true);
99b55b 683             } else {
F 684                 chmod($install_dir, 0755);
91324a 685             }
F 686             chown($install_dir, $apps_vhost_user);
687             chgrp($install_dir, $apps_vhost_group);
b1a6a5 688
91324a 689             //* Copy the apps vhost file
F 690             $vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
691             $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
692             $apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '') ? '' : 'ServerName '.$conf['web']['apps_vhost_servername'];
b1a6a5 693
91324a 694             //* Dont just copy over the virtualhost template but add some custom settings
F 695             $content = $this->get_template_file('apache_apps.vhost', true);
b1a6a5 696
91324a 697             $content = str_replace('{apps_vhost_ip}', $conf['web']['apps_vhost_ip'], $content);
F 698             $content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
699             $content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
700             $content = str_replace('{website_basedir}', $conf['web']['website_basedir'], $content);
701             $content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
b1a6a5 702
91324a 703             //* comment out the listen directive if port is 80 or 443
F 704             if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
705                 $content = str_replace('{vhost_port_listen}', '#', $content);
706             } else {
707                 $content = str_replace('{vhost_port_listen}', '', $content);
708             }
b1a6a5 709
91324a 710             $this->write_config_file("$vhost_conf_dir/apps.vhost", $content);
b1a6a5 711
MC 712             //if ( !is_file($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter') )
cc6568 713             //{
b1a6a5 714             $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_apps_fcgi_starter.master', 'tpl/apache_apps_fcgi_starter.master');
MC 715             $content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
716             $content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
717             mkdir($conf['web']['website_basedir'].'/php-fcgi-scripts/apps', 0755, true);
718             //copy('tpl/apache_apps_fcgi_starter.master',$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
719             wf($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter', $content);
720             exec('chmod +x '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
721             exec('chown -R ispapps:ispapps '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps');
722
cc6568 723             //}
91324a 724         }
165152 725         if($conf['nginx']['installed'] == true){
91324a 726             $apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
F 727             $apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
728             $install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
729
730             $command = 'groupadd '.$apps_vhost_user;
731             if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
732
733             $command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
734             if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
735
736
737             $command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
738             caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
739
6e2d48 740             if(!@is_dir($install_dir)){
F 741                 mkdir($install_dir, 0755, true);
742             } else {
743                 chmod($install_dir, 0755);
744             }
91324a 745             chown($install_dir, $apps_vhost_user);
F 746             chgrp($install_dir, $apps_vhost_group);
747
748             //* Copy the apps vhost file
749             $vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
750             $vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
751             $apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'_':$conf['web']['apps_vhost_servername'];
752
753             // Dont just copy over the virtualhost template but add some custom settings
615a0a 754             $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_apps.vhost.master', 'tpl/nginx_apps.vhost.master');
b1a6a5 755
91324a 756             if($conf['web']['apps_vhost_ip'] == '_default_'){
F 757                 $apps_vhost_ip = '';
758             } else {
759                 $apps_vhost_ip = $conf['web']['apps_vhost_ip'].':';
760             }
b1a6a5 761
ca0b77 762             $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
b1a6a5 763             if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77 764             if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F 765             $fpm_socket = $socket_dir.'apps.sock';
8ab3cd 766             $cgi_socket = escapeshellcmd($conf['nginx']['cgi_socket']);
91324a 767
F 768             $content = str_replace('{apps_vhost_ip}', $apps_vhost_ip, $content);
769             $content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
770             $content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
771             $content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
ca0b77 772             //$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
F 773             $content = str_replace('{fpm_socket}', $fpm_socket, $content);
8ab3cd 774             $content = str_replace('{cgi_socket}', $cgi_socket, $content);
134721 775             
TB 776             // SSL in apps vhost is off by default. Might change later.
777             $content = str_replace('{ssl_on}', 'off', $content);
778             $content = str_replace('{ssl_comment}', '#', $content);
779             
91324a 780             wf($vhost_conf_dir.'/apps.vhost', $content);
b1a6a5 781
91324a 782             // PHP-FPM
F 783             // Dont just copy over the php-fpm pool template but add some custom settings
615a0a 784             $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apps_php_fpm_pool.conf.master', 'tpl/apps_php_fpm_pool.conf.master');
91324a 785             $content = str_replace('{fpm_pool}', 'apps', $content);
ca0b77 786             //$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
F 787             $content = str_replace('{fpm_socket}', $fpm_socket, $content);
91324a 788             $content = str_replace('{fpm_user}', $apps_vhost_user, $content);
F 789             $content = str_replace('{fpm_group}', $apps_vhost_group, $content);
790             wf($conf['nginx']['php_fpm_pool_dir'].'/apps.conf', $content);
791
792             //copy('tpl/nginx_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
793             //* and create the symlink
7e1cfb 794             if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
F 795             if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
b1a6a5 796                 symlink($vhost_conf_dir.'/apps.vhost', $vhost_conf_enabled_dir.'/000-apps.vhost');
91324a 797             }
b1a6a5 798
cb8c86 799         }
W 800     }
b1a6a5 801
MC 802     public function install_ispconfig()
803     {
cb8c86 804         global $conf;
b1a6a5 805
cb8c86 806         $install_dir = $conf['ispconfig_install_dir'];
b1a6a5 807
MC 808         //* Create the ISPConfig installation directory
809         if(!is_dir($install_dir))
cb8c86 810         {
W 811             $command = "mkdir $install_dir";
812             caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
813         }
b1a6a5 814
ff1d9a 815         //* Create a ISPConfig user and group
b1a6a5 816         if (!is_group('ispconfig'))
cb8c86 817         {
W 818             $command = 'groupadd ispconfig';
819             caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
820         }
b1a6a5 821
MC 822         if (!is_user('ispconfig'))
cb8c86 823         {
W 824             $command = "useradd -g ispconfig -d $install_dir ispconfig";
825             caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
826         }
b1a6a5 827
ff1d9a 828         //* copy the ISPConfig interface part
cb8c86 829         $command = "cp -rf ../interface $install_dir";
W 830         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
b1a6a5 831
ff1d9a 832         //* copy the ISPConfig server part
cb8c86 833         $command = "cp -rf ../server $install_dir";
W 834         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
a13af2 835         
fb6c56 836         //* Make a backup of the security settings
TB 837         if(is_file('/usr/local/ispconfig/security/security_settings.ini')) copy('/usr/local/ispconfig/security/security_settings.ini','/usr/local/ispconfig/security/security_settings.ini~');
838         
a13af2 839         //* copy the ISPConfig security part
TB 840         $command = 'cp -rf ../security '.$install_dir;
841         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
fb6c56 842         
TB 843         //* Apply changed security_settings.ini values to new security_settings.ini file
844         if(is_file('/usr/local/ispconfig/security/security_settings.ini~')) {
845             $security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~'));
846             $security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini'));
847             if(is_array($security_settings_new) && is_array($security_settings_old)) {
848                 foreach($security_settings_new as $section => $sval) {
849                     if(is_array($sval)) {
850                         foreach($sval as $key => $val) {
851                             if(isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) {
852                                 $security_settings_new[$section][$key] = $security_settings_old[$section][$key];
853                             }
854                         }
855                     }
856                 }
857                 file_put_contents('/usr/local/ispconfig/security/security_settings.ini',array_to_ini($security_settings_new));
858             }
859         }
b1a6a5 860
MC 861
ff1d9a 862         //* Create the config file for ISPConfig interface
cb8c86 863         $configfile = 'config.inc.php';
ff1d9a 864         $content = $this->get_template_file($configfile, true, true); //* get contents & insert db cred
b1a6a5 865
cb8c86 866         $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
W 867         $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
868         $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
869         $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
82e9b9 870         $content = str_replace('{mysql_master_server_port}', $conf['mysql']['master_port'], $content);
b1a6a5 871
cb8c86 872         $content = str_replace('{server_id}', $conf['server_id'], $content);
W 873         $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
874         $content = str_replace('{language}', $conf['language'], $content);
8cf78b 875         $content = str_replace('{timezone}', $conf['timezone'], $content);
41eaa8 876         $content = str_replace('{theme}', $conf['theme'], $content);
992797 877         $content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
b1a6a5 878
cb8c86 879         $this->write_config_file("$install_dir/interface/lib/$configfile", $content);
b1a6a5 880
ff1d9a 881         //* Create the config file for ISPConfig server
cb8c86 882         $this->write_config_file("$install_dir/server/lib/$configfile", $content);
b1a6a5 883
fb3a98 884         //* Create the config file for remote-actions (but only, if it does not exist, because
T 885         //  the value is a autoinc-value and so changed by the remoteaction_core_module
ff1d9a 886         if (!file_exists($install_dir.'/server/lib/remote_action.inc.php')) {
W 887             $content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
fb3a98 888             wf($install_dir.'/server/lib/remote_action.inc.php', $content);
ff1d9a 889         }
b1a6a5 890
MC 891         // Enable the server modules and plugins.
cb8c86 892         // TODO: Implement a selector which modules and plugins shall be enabled.
W 893         $dir = $install_dir.'/server/mods-available/';
894         if (is_dir($dir)) {
895             if ($dh = opendir($dir)) {
896                 while (($file = readdir($dh)) !== false) {
b1a6a5 897                     if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC 898                         include_once $install_dir.'/server/mods-available/'.$file;
899                         $module_name = substr($file, 0, -8);
cb8c86 900                         $tmp = new $module_name;
W 901                         if($tmp->onInstall()) {
ff1d9a 902                             if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) {
W 903                                 @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
904                                 // @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file);
905                             }
cb8c86 906                             if (strpos($file, '_core_module') !== false) {
ff1d9a 907                                 if(!@is_link($install_dir.'/server/mods-core/'.$file)) {
W 908                                     @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
909                                     // @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file);
910                                 }
cb8c86 911                             }
W 912                         }
913                         unset($tmp);
914                     }
915                 }
916                 closedir($dh);
917             }
918         }
ff1d9a 919
cb8c86 920         $dir = $install_dir.'/server/plugins-available/';
W 921         if (is_dir($dir)) {
922             if ($dh = opendir($dir)) {
923                 while (($file = readdir($dh)) !== false) {
91324a 924                     if($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') continue;
F 925                     if($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') continue;
b1a6a5 926                     if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC 927                         include_once $install_dir.'/server/plugins-available/'.$file;
928                         $plugin_name = substr($file, 0, -8);
cb8c86 929                         $tmp = new $plugin_name;
b1a6a5 930                         if(method_exists($tmp, 'onInstall') && $tmp->onInstall()) {
ff1d9a 931                             if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) {
W 932                                 @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
933                             }
cb8c86 934                             if (strpos($file, '_core_plugin') !== false) {
ff1d9a 935                                 if(!@is_link($install_dir.'/server/plugins-core/'.$file)) {
W 936                                     @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
937                                 }
cb8c86 938                             }
W 939                         }
940                         unset($tmp);
941                     }
942                 }
943                 closedir($dh);
944             }
945         }
b1a6a5 946
ff1d9a 947         //* Update the server config
cb8c86 948         $mail_server_enabled = ($conf['services']['mail'])?1:0;
W 949         $web_server_enabled = ($conf['services']['web'])?1:0;
950         $dns_server_enabled = ($conf['services']['dns'])?1:0;
951         $file_server_enabled = ($conf['services']['file'])?1:0;
952         $db_server_enabled = ($conf['services']['db'])?1:0;
953         $vserver_server_enabled = ($conf['services']['vserver'])?1:0;
b1a6a5 954
2af58c 955         $sql = "UPDATE `server` SET mail_server = ?, web_server = ?, dns_server = ?, file_server = ?, db_server = ?, vserver_server = ? WHERE server_id = ?";
b1a6a5 956
2af58c 957         $this->db->query($sql, $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $conf['server_id']);
cb8c86 958         if($conf['mysql']['master_slave_setup'] == 'y') {
2af58c 959             $this->dbmaster->query($sql, $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $conf['server_id']);
cb8c86 960         }
b1a6a5 961
3e0fc8 962         // chown install dir to root and chmod 755
TB 963         $command = 'chown root:root '.$install_dir;
964         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
965         $command = 'chmod 755 '.$install_dir;
cb8c86 966         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
W 967
fa029b 968         //* Chmod the files and directories in the install dir
3e0fc8 969         $command = 'chmod -R 750 '.$install_dir.'/*';
TB 970         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
971
972         //* chown the interface files to the ispconfig user and group
973         $command = 'chown -R ispconfig:ispconfig '.$install_dir.'/interface';
974         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
975         
976         //* chown the server files to the root user and group
977         $command = 'chown -R root:root '.$install_dir.'/server';
cb8c86 978         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
fa029b 979         
TB 980         //* chown the security files to the root user and group
981         $command = 'chown -R root:root '.$install_dir.'/security';
982         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
983         
984         //* chown the security directory and security_settings.ini to root:ispconfig
985         $command = 'chown root:ispconfig '.$install_dir.'/security/security_settings.ini';
986         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
987         $command = 'chown root:ispconfig '.$install_dir.'/security';
988         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
cb1221 989         $command = 'chown root:ispconfig '.$install_dir.'/security/ids.whitelist';
TB 990         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
991         $command = 'chown root:ispconfig '.$install_dir.'/security/ids.htmlfield';
992         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
993         $command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
cb8c86 994         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
b1a6a5 995
ff1d9a 996         //* Make the global language file directory group writable
cb8c86 997         exec("chmod -R 770 $install_dir/interface/lib/lang");
b1a6a5 998
ff1d9a 999         //* Make the temp directory for language file exports writable
W 1000         if(is_dir($install_dir.'/interface/web/temp')) {
1001             exec("chmod -R 770 $install_dir/interface/web/temp");
1002         }
b1a6a5 1003
MC 1004         //* Make all interface language file directories group writable
cb8c86 1005         $handle = @opendir($install_dir.'/interface/web');
b1a6a5 1006         while ($file = @readdir($handle)) {
MC 1007             if ($file != '.' && $file != '..') {
1008                 if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) {
cb8c86 1009                     $handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang');
b1a6a5 1010                     chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang', 0770);
MC 1011                     while ($lang_file = @readdir($handle2)) {
cb8c86 1012                         if ($lang_file != '.' && $lang_file != '..') {
b1a6a5 1013                             chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file, 0770);
cb8c86 1014                         }
W 1015                     }
1016                 }
1017             }
1018         }
b1a6a5 1019
477d4e 1020         //* Make the APS directories group writable
T 1021         exec("chmod -R 770 $install_dir/interface/web/sites/aps_meta_packages");
1022         exec("chmod -R 770 $install_dir/server/aps_packages");
b1a6a5 1023
MC 1024         //* make sure that the server config file (not the interface one) is only readable by the root user
bfcdef 1025         chmod($install_dir.'/server/lib/config.inc.php', 0600);
T 1026         chown($install_dir.'/server/lib/config.inc.php', 'root');
1027         chgrp($install_dir.'/server/lib/config.inc.php', 'root');
b1a6a5 1028
bfcdef 1029         //* Make sure thet the interface config file is readable by user ispconfig only
T 1030         chmod($install_dir.'/interface/lib/config.inc.php', 0600);
1031         chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
1032         chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
ff1d9a 1033
W 1034         chmod($install_dir.'/server/lib/remote_action.inc.php', 0600);
1035         chown($install_dir.'/server/lib/remote_action.inc.php', 'root');
1036         chgrp($install_dir.'/server/lib/remote_action.inc.php', 'root');
1037
1038         if(@is_file($install_dir.'/server/lib/mysql_clientdb.conf')) {
1039             chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
1040             chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
1041             chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
cb8c86 1042         }
b1a6a5 1043
8cf78b 1044         if(is_dir($install_dir.'/interface/invoices')) {
e94a9f 1045             exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
T 1046             exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
edf806 1047         }
980485 1048         
TB 1049         exec('chown -R root:root /usr/local/ispconfig/interface/ssl');
b1a6a5 1050
cb8c86 1051         // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
W 1052         // and must be fixed as this will allow the apache user to read the ispconfig files.
1053         // Later this must run as own apache server or via suexec!
63b369 1054         if($conf['apache']['installed'] == true){
F 1055             $command = 'usermod -a -G ispconfig '.$conf['apache']['user'];
1056             caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec 1057             if(is_group('ispapps')){
F 1058                 $command = 'usermod -a -G ispapps '.$conf['apache']['user'];
1059                 caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
1060             }
63b369 1061         }
F 1062         if($conf['nginx']['installed'] == true){
1063             $command = 'usermod -a -G ispconfig '.$conf['nginx']['user'];
1064             caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec 1065             if(is_group('ispapps')){
F 1066                 $command = 'usermod -a -G ispapps '.$conf['nginx']['user'];
1067                 caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
1068             }
63b369 1069         }
b1a6a5 1070
ff1d9a 1071         //* Make the shell scripts executable
cb8c86 1072         $command = "chmod +x $install_dir/server/scripts/*.sh";
W 1073         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
b1a6a5 1074
7e1cfb 1075         if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
91324a 1076             //* Copy the ISPConfig vhost for the controlpanel
F 1077             $content = $this->get_template_file("apache_ispconfig.vhost", true);
1078             $content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);
b1a6a5 1079
91324a 1080             //* comment out the listen directive if port is 80 or 443
F 1081             if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
1082                 $content = str_replace('{vhost_port_listen}', '#', $content);
1083             } else {
1084                 $content = str_replace('{vhost_port_listen}', '', $content);
1085             }
b1a6a5 1086
91324a 1087             if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
F 1088                 $content = str_replace('{ssl_comment}', '', $content);
1089             } else {
1090                 $content = str_replace('{ssl_comment}', '#', $content);
1091             }
10b4c8 1092             if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) {
T 1093                 $content = str_replace('{ssl_bundle_comment}', '', $content);
1094             } else {
1095                 $content = str_replace('{ssl_bundle_comment}', '#', $content);
1096             }
b1a6a5 1097
91324a 1098             $vhost_path = $conf['apache']['vhost_conf_dir'].'/ispconfig.vhost';
F 1099             $this->write_config_file($vhost_path, $content);
b1a6a5 1100
526b99 1101             if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
615a0a 1102                 $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
526b99 1103                 $content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
T 1104                 $content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
cc6568 1105                 @mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
526b99 1106                 wf('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
91324a 1107                 exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
F 1108                 chmod('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', 0755);
b1a6a5 1109                 @symlink($install_dir.'/interface/web', '/var/www/ispconfig');
91324a 1110                 exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
F 1111             }
cb8c86 1112         }
91324a 1113
7e1cfb 1114         if($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true){
91324a 1115             //* Copy the ISPConfig vhost for the controlpanel
F 1116             $vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
1117             $vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
1118
1119             // Dont just copy over the virtualhost template but add some custom settings
615a0a 1120             $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
91324a 1121             $content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
b1a6a5 1122
91324a 1123             if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
10b4c8 1124                 $content = str_replace('{ssl_on}', ' on', $content);
91324a 1125                 $content = str_replace('{ssl_comment}', '', $content);
F 1126                 $content = str_replace('{fastcgi_ssl}', 'on', $content);
1127             } else {
10b4c8 1128                 $content = str_replace('{ssl_on}', ' off', $content);
91324a 1129                 $content = str_replace('{ssl_comment}', '#', $content);
F 1130                 $content = str_replace('{fastcgi_ssl}', 'off', $content);
1131             }
b1a6a5 1132
ca0b77 1133             $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
b1a6a5 1134             if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77 1135             if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F 1136             $fpm_socket = $socket_dir.'ispconfig.sock';
b1a6a5 1137
ca0b77 1138             //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F 1139             $content = str_replace('{fpm_socket}', $fpm_socket, $content);
91324a 1140
F 1141             wf($vhost_conf_dir.'/ispconfig.vhost', $content);
b1a6a5 1142
91324a 1143             unset($content);
b1a6a5 1144
91324a 1145             // PHP-FPM
F 1146             // Dont just copy over the php-fpm pool template but add some custom settings
615a0a 1147             $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
91324a 1148             $content = str_replace('{fpm_pool}', 'ispconfig', $content);
ca0b77 1149             //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F 1150             $content = str_replace('{fpm_socket}', $fpm_socket, $content);
91324a 1151             $content = str_replace('{fpm_user}', 'ispconfig', $content);
F 1152             $content = str_replace('{fpm_group}', 'ispconfig', $content);
1153             wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);
1154
1155             //copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
1156             //* and create the symlink
7e1cfb 1157             if($this->is_update == false) {
91324a 1158                 if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
F 1159                 if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
b1a6a5 1160                     symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
91324a 1161                 }
F 1162             }
cb8c86 1163         }
b1a6a5 1164
ff1d9a 1165         //* Install the update script
b34f99 1166         if (is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) {
MC 1167             unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
cb8c86 1168         }
b1a6a5 1169
b34f99 1170         chown($install_dir.'/server/scripts/update_from_dev.sh', 'root');
MC 1171         chmod($install_dir.'/server/scripts/update_from_dev.sh', 0700);
ff1d9a 1172         chown($install_dir.'/server/scripts/update_from_tgz.sh', 'root');
W 1173         chmod($install_dir.'/server/scripts/update_from_tgz.sh', 0700);
1174         chown($install_dir.'/server/scripts/ispconfig_update.sh', 'root');
1175         chmod($install_dir.'/server/scripts/ispconfig_update.sh', 0700);
b1a6a5 1176
b34f99 1177         if (!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) {
MC 1178             symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_dev.sh');
cb8c86 1179         }
b1a6a5 1180
cb8c86 1181         if (!is_link('/usr/local/bin/ispconfig_update.sh')) {
ff1d9a 1182             symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
cb8c86 1183         }
b1a6a5 1184
ff1d9a 1185         //* Make the logs readable for the ispconfig user
cb8c86 1186         if (is_file('/var/log/maillog')) {
W 1187             exec('chmod +r /var/log/maillog');
1188         }
1189         if (is_file('/var/log/messages')) {
1190             exec('chmod +r /var/log/messages');
1191         }
1192         if (is_file('/var/log/clamav/clamav.log')) {
1193             exec('chmod +r /var/log/clamav/clamav.log');
1194         }
1195         if (is_file('/var/log/clamav/freshclam.log')) {
1196             exec('chmod +r /var/log/clamav/freshclam.log');
1197         }
b1a6a5 1198
ff1d9a 1199         //* Create the ispconfig log directory
e38d14 1200         if (!is_dir($conf['ispconfig_log_dir'])) {
J 1201             mkdir($conf['ispconfig_log_dir']);
cb8c86 1202         }
e38d14 1203         if (!is_file($conf['ispconfig_log_dir'].'/ispconfig.log')) {
ff1d9a 1204             touch($conf['ispconfig_log_dir'].'/ispconfig.log');
cb8c86 1205         }
b1a6a5 1206
0799f8 1207         //* Create the ispconfig auth log file and set uid/gid
T 1208         if(!is_file($conf['ispconfig_log_dir'].'/auth.log')) {
1209             touch($conf['ispconfig_log_dir'].'/auth.log');
1210         }
1211         exec('chown ispconfig:ispconfig '. $conf['ispconfig_log_dir'].'/auth.log');
1212         exec('chmod 660 '. $conf['ispconfig_log_dir'].'/auth.log');
b1a6a5 1213
ff1d9a 1214         rename($install_dir.'/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh');
b1a6a5 1215
ff1d9a 1216         if (is_user('getmail')) {
W 1217             chown('/usr/local/bin/run-getmail.sh', 'getmail');
1218         }
1219         chmod('/usr/local/bin/run-getmail.sh', 0744);
b1a6a5 1220
d71bae 1221         //* Remove Domain module as its functions are available in the client module now
T 1222         if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
021aec 1223         
TB 1224         // Add symlink for patch tool
1225         if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
c83951 1226         
TB 1227         // Change mode of a few files from amavisd
1228         if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);
1229         if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
1230         if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
1231         if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);
1232         
b1a6a5 1233     }
MC 1234
20218c 1235 }
M 1236
e38d14 1237 ?>