gitlabFork/ISPConfig3.git - Solinfo Gitblit

Merge remote-tracking branch 'origin/stable-3.0.5'

Marius Cramer

2014-02-17 ebbe6374fc9c308daf729d2ad1b2f8007ed771ce

commit \| author \| age
532ae5	1	<?php
L	2
	3	/*
	4	Copyright (c) 2007-2010, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	class installer_base {
	32
	33	var $wb = array();
	34	var $language = 'en';
	35	var $db;
	36	public $conf;
	37	public $install_ispconfig_interface = true;
	38	public $is_update = false; // true if it is an update, falsi if it is a new install
	39
	40
	41	public function __construct() {
	42	global $conf; //TODO: maybe $conf should be passed to constructor
	43	//$this->conf = $conf;
	44	}
	45
	46	//: TODO Implement the translation function and language files for the installer.
	47	public function lng($text) {
	48	return $text;
	49	}
	50
	51	public function error($msg) {
	52	die('ERROR: '.$msg."\n");
	53	}
	54
	55	public function warning($msg) {
b1a6a5	56	echo 'WARNING: '.$msg."\n";
532ae5	57	}
a8ccf6	58
532ae5	59	public function simple_query($query, $answers, $default) {
L	60	$finished = false;
	61	do {
	62	$answers_str = implode(',', $answers);
	63	swrite($this->lng($query).' ('.$answers_str.') ['.$default.']: ');
	64	$input = sread();
	65
	66	//* Stop the installation
	67	if($input == 'quit') {
	68	swriteln($this->lng("Installation terminated by user.\n"));
	69	die();
	70	}
	71
	72	//* Select the default
	73	if($input == '') {
	74	$answer = $default;
	75	$finished = true;
	76	}
	77
	78	//* Set answer id valid
	79	if(in_array($input, $answers)) {
	80	$answer = $input;
	81	$finished = true;
	82	}
	83
	84	} while ($finished == false);
	85	swriteln();
	86	return $answer;
	87	}
	88
b1a6a5	89	public function free_query($query, $default) {
532ae5	90	swrite($this->lng($query).' ['.$default.']: ');
L	91	$input = sread();
	92
	93	//* Stop the installation
	94	if($input == 'quit') {
	95	swriteln($this->lng("Installation terminated by user.\n"));
	96	die();
	97	}
	98
	99	$answer = ($input == '') ? $default : $input;
	100	swriteln();
	101	return $answer;
	102	}
	103
	104	/*
	105	// TODO: this function is not used atmo I think - pedro
	106	function request_language(){
a8ccf6	107
532ae5	108	swriteln(lng('Enter your language'));
L	109	swriteln(lng('de, en'));
a8ccf6	110
532ae5	111	}
L	112	*/
	113
	114	//** Detect installed applications
	115	public function find_installed_apps() {
	116	global $conf;
	117
	118	if(is_installed('mysql') \|\| is_installed('mysqld')) $conf['mysql']['installed'] = true;
	119	if(is_installed('postfix')) $conf['postfix']['installed'] = true;
	120	if(is_installed('mailman')) $conf['mailman']['installed'] = true;
e09a27	121	if(is_installed('apache') \|\| is_installed('apache2') \|\| is_installed('httpd') \|\| is_installed('httpd2')) $conf['apache']['installed'] = true;
532ae5	122	if(is_installed('getmail')) $conf['getmail']['installed'] = true;
1ca823	123	if(is_installed('courierlogger')) $conf['courier']['installed'] = true;
532ae5	124	if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
74d2dc	125	if(is_installed('saslauthd')) $conf['saslauthd']['installed'] = true;
ac28b5	126	if(is_installed('amavisd-new') \|\| is_installed('amavisd')) $conf['amavis']['installed'] = true;
532ae5	127	if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
L	128	if(is_installed('pure-ftpd') \|\| is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true;
	129	if(is_installed('mydns') \|\| is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
	130	if(is_installed('jk_chrootsh')) $conf['jailkit']['installed'] = true;
	131	if(is_installed('pdns_server') \|\| is_installed('pdns_control')) $conf['powerdns']['installed'] = true;
	132	if(is_installed('named') \|\| is_installed('bind') \|\| is_installed('bind9')) $conf['bind']['installed'] = true;
80e3c9	133	if(is_installed('squid')) $conf['squid']['installed'] = true;
T	134	if(is_installed('nginx')) $conf['nginx']['installed'] = true;
bd68aa	135	if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
5eb43f	136	if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
522ef8	137	if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
80e3c9	138	if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
a8ccf6	139
d7cfd7	140	if ($conf['services']['web'] && (($conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) \|\| ($conf['nginx']['installed'] && is_file($conf['nginx']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")))) $this->ispconfig_interface_installed = true;
532ae5	141	}
L	142
	143	/** Create the database for ISPConfig */
b1a6a5	144
MC	145
532ae5	146	public function configure_database() {
L	147	global $conf;
	148
	149	//** Create the database
	150	if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['mysql']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
	151	$this->error('Unable to create MySQL database: '.$conf['mysql']['database'].'.');
	152	}
	153
	154	//* Set the database name in the DB library
	155	$this->db->dbName = $conf['mysql']['database'];
	156
	157	//* Load the database dump into the database, if database contains no tables
	158	$db_tables = $this->db->getTables();
	159	if(count($db_tables) > 0) {
	160	$this->error('Stopped: Database already contains some tables.');
	161	} else {
	162	if($conf['mysql']['admin_password'] == '') {
02bf99	163	caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
b1a6a5	164	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
532ae5	165	} else {
02bf99	166	caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
b1a6a5	167	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
532ae5	168	}
L	169	$db_tables = $this->db->getTables();
	170	if(count($db_tables) == 0) {
	171	$this->error('Unable to load SQL-Dump into database table.');
	172	}
	173
	174	//* Load system.ini into the sys_ini table
	175	$system_ini = $this->db->quote(rf('tpl/system.ini.master'));
	176	$this->db->query("UPDATE sys_ini SET config = '$system_ini' WHERE sysini_id = 1");
	177
	178	}
	179	}
	180
	181	//** Create the server record in the database
	182	public function add_database_server_record() {
	183
	184	global $conf;
	185
	186	if($conf['mysql']['host'] == 'localhost') {
	187	$from_host = 'localhost';
	188	} else {
	189	$from_host = $conf['hostname'];
	190	}
	191
	192	// Delete ISPConfig user in the local database, in case that it exists
	193	$this->db->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['ispconfig_user']."' AND Host = '".$from_host."';");
	194	$this->db->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['database']."' AND Host = '".$from_host."';");
	195	$this->db->query('FLUSH PRIVILEGES;');
	196
	197	//* Create the ISPConfig database user in the local database
	198	$query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['database'].".* "
b1a6a5	199	."TO '".$conf['mysql']['ispconfig_user']."'@'".$from_host."' "
MC	200	."IDENTIFIED BY '".$conf['mysql']['ispconfig_password']."';";
532ae5	201	if(!$this->db->query($query)) {
L	202	$this->error('Unable to create database user: '.$conf['mysql']['ispconfig_user'].' Error: '.$this->db->errorMessage);
	203	}
	204
	205	//* Reload database privelages
	206	$this->db->query('FLUSH PRIVILEGES;');
	207
	208	//* Set the database name in the DB library
	209	$this->db->dbName = $conf['mysql']['database'];
	210
	211	$tpl_ini_array = ini_to_array(rf('tpl/server.ini.master'));
	212
	213	//* Update further distribution specific parameters for server config here
	214	//* HINT: Every line added here has to be added in update.lib.php too!!
	215	$tpl_ini_array['web']['vhost_conf_dir'] = $conf['apache']['vhost_conf_dir'];
	216	$tpl_ini_array['web']['vhost_conf_enabled_dir'] = $conf['apache']['vhost_conf_enabled_dir'];
	217	$tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs'];
	218	$tpl_ini_array['fastcgi']['fastcgi_phpini_path'] = $conf['fastcgi']['fastcgi_phpini_path'];
	219	$tpl_ini_array['fastcgi']['fastcgi_starter_path'] = $conf['fastcgi']['fastcgi_starter_path'];
526b99	220	$tpl_ini_array['fastcgi']['fastcgi_bin'] = $conf['fastcgi']['fastcgi_bin'];
532ae5	221	$tpl_ini_array['server']['hostname'] = $conf['hostname'];
L	222	$tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']);
	223	$tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir'];
	224	$tpl_ini_array['web']['website_path'] = $conf['web']['website_path'];
	225	$tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks'];
	226	$tpl_ini_array['cron']['crontab_dir'] = $conf['cron']['crontab_dir'];
	227	$tpl_ini_array['web']['security_level'] = 20;
	228	$tpl_ini_array['web']['user'] = $conf['apache']['user'];
	229	$tpl_ini_array['web']['group'] = $conf['apache']['group'];
	230	$tpl_ini_array['web']['php_ini_path_apache'] = $conf['apache']['php_ini_path_apache'];
	231	$tpl_ini_array['web']['php_ini_path_cgi'] = $conf['apache']['php_ini_path_cgi'];
	232	$tpl_ini_array['mail']['pop3_imap_daemon'] = ($conf['dovecot']['installed'] == true)?'dovecot':'courier';
	233	$tpl_ini_array['mail']['mail_filter_syntax'] = ($conf['dovecot']['installed'] == true)?'sieve':'maildrop';
	234	$tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user'];
	235	$tpl_ini_array['dns']['bind_group'] = $conf['bind']['bind_group'];
	236	$tpl_ini_array['dns']['bind_zonefiles_dir'] = $conf['bind']['bind_zonefiles_dir'];
	237	$tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path'];
	238	$tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path'];
a8ccf6	239
dba68f	240	$tpl_ini_array['web']['nginx_vhost_conf_dir'] = $conf['nginx']['vhost_conf_dir'];
T	241	$tpl_ini_array['web']['nginx_vhost_conf_enabled_dir'] = $conf['nginx']['vhost_conf_enabled_dir'];
	242	$tpl_ini_array['web']['nginx_user'] = $conf['nginx']['user'];
	243	$tpl_ini_array['web']['nginx_group'] = $conf['nginx']['group'];
	244	$tpl_ini_array['web']['nginx_cgi_socket'] = $conf['nginx']['cgi_socket'];
	245	$tpl_ini_array['web']['php_fpm_init_script'] = $conf['nginx']['php_fpm_init_script'];
	246	$tpl_ini_array['web']['php_fpm_ini_path'] = $conf['nginx']['php_fpm_ini_path'];
	247	$tpl_ini_array['web']['php_fpm_pool_dir'] = $conf['nginx']['php_fpm_pool_dir'];
	248	$tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port'];
	249	$tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir'];
a8ccf6	250
80e3c9	251	if ($conf['nginx']['installed'] == true) {
4ffb51	252	$tpl_ini_array['web']['server_type'] = 'nginx';
F	253	$tpl_ini_array['global']['webserver'] = 'nginx';
80e3c9	254	}
a8ccf6	255
532ae5	256	if (array_key_exists('awstats', $conf)) {
L	257	foreach ($conf['awstats'] as $aw_sett => $aw_value) {
	258	$tpl_ini_array['web']['awstats_'.$aw_sett] = $aw_value;
	259	}
	260	}
	261
	262	$server_ini_content = array_to_ini($tpl_ini_array);
	263	$server_ini_content = mysql_real_escape_string($server_ini_content);
	264
	265	$mail_server_enabled = ($conf['services']['mail'])?1:0;
	266	$web_server_enabled = ($conf['services']['web'])?1:0;
	267	$dns_server_enabled = ($conf['services']['dns'])?1:0;
	268	$file_server_enabled = ($conf['services']['file'])?1:0;
	269	$db_server_enabled = ($conf['services']['db'])?1:0;
522ef8	270	$vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
c91bdc	271	$proxy_server_enabled = (isset($conf['services']['proxy']) && $conf['services']['proxy'])?1:0;
T	272	$firewall_server_enabled = (isset($conf['services']['firewall']) && $conf['services']['firewall'])?1:0;
a8ccf6	273
532ae5	274	//** Get the database version number based on the patchfiles
L	275	$found = true;
	276	$current_db_version = 1;
	277	while($found == true) {
	278	$next_db_version = intval($current_db_version + 1);
	279	$patch_filename = realpath(dirname(__FILE__).'/../').'/sql/incremental/upd_'.str_pad($next_db_version, 4, '0', STR_PAD_LEFT).'.sql';
	280	if(is_file($patch_filename)) {
	281	$current_db_version = $next_db_version;
	282	} else {
	283	$found = false;
	284	}
	285	}
	286	$current_db_version = intval($current_db_version);
	287
	288
	289	if($conf['mysql']['master_slave_setup'] == 'y') {
	290
	291	//* Insert the server record in master DB
80e3c9	292	$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
532ae5	293	$this->dbmaster->query($sql);
L	294	$conf['server_id'] = $this->dbmaster->insertID();
	295	$conf['server_id'] = $conf['server_id'];
	296
	297	//* Insert the same record in the local DB
80e3c9	298	$sql = "INSERT INTO `server` (`server_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES ('".$conf['server_id']."',1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
532ae5	299	$this->db->query($sql);
L	300
	301	//* username for the ispconfig user
	302	$conf['mysql']['master_ispconfig_user'] = 'ispcsrv'.$conf['server_id'];
	303
	304	$this->grant_master_database_rights();
	305
	306	} else {
	307	//* Insert the server, if its not a mster / slave setup
80e3c9	308	$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
532ae5	309	$this->db->query($sql);
L	310	$conf['server_id'] = $this->db->insertID();
	311	$conf['server_id'] = $conf['server_id'];
	312	}
	313
	314
	315	}
	316
100d41	317	public function grant_master_database_rights($verbose = false) {
532ae5	318	global $conf;
L	319
	320	/*
	321	* The following code is a little bit tricky:
	322	* * If we HAVE a master-slave - Setup then the client has to grant the rights for himself
	323	* at the master.
	324	* * If we DO NOT have a master-slave - Setup then we have two possibilities
	325	* 1) it is a single server
	326	* 2) it is the MASTER of n clients
	327	*/
	328	$hosts = array();
a8ccf6	329
532ae5	330	if($conf['mysql']['master_slave_setup'] == 'y') {
L	331	/*
	332	* it is a master-slave - Setup so the slave has to grant its rights in the master
	333	* database
	334	*/
	335
	336	//* insert the ispconfig user in the remote server
	337	$from_host = $conf['hostname'];
	338	$from_ip = gethostbyname($conf['hostname']);
a8ccf6	339
532ae5	340	$hosts[$from_host]['user'] = $conf['mysql']['master_ispconfig_user'];
L	341	$hosts[$from_host]['db'] = $conf['mysql']['master_database'];
	342	$hosts[$from_host]['pwd'] = $conf['mysql']['master_ispconfig_password'];
	343
	344	$hosts[$from_ip]['user'] = $conf['mysql']['master_ispconfig_user'];
	345	$hosts[$from_ip]['db'] = $conf['mysql']['master_database'];
	346	$hosts[$from_ip]['pwd'] = $conf['mysql']['master_ispconfig_password'];
	347	} else{
	348	/*
	349	* it is NOT a master-slave - Setup so we have to find out all clients and their
	350	* host
	351	*/
	352	$query = "SELECT Host, User FROM mysql.user WHERE User like 'ispcsrv%' ORDER BY User, Host";
	353	$data = $this->dbmaster->queryAllRecords($query);
	354	if($data === false) {
	355	$this->error('Unable to get the user rights: '.$value['db'].' Error: '.$this->dbmaster->errorMessage);
	356	}
	357	foreach ($data as $item){
	358	$hosts[$item['Host']]['user'] = $item['User'];
	359	$hosts[$item['Host']]['db'] = $conf['mysql']['master_database'];
	360	$hosts[$item['Host']]['pwd'] = ''; // the user already exists, so we need no pwd!
	361	}
	362	}
a8ccf6	363
532ae5	364	if(count($hosts) > 0) {
b1a6a5	365	foreach($hosts as $host => $value) {
MC	366	/*
532ae5	367	* If a pwd exists, this means, we have to add the new user (and his pwd).
L	368	* if not, the user already exists and we do not need the pwd
	369	*/
b1a6a5	370	if ($value['pwd'] != ''){
MC	371	$query = "CREATE USER '".$value['user']."'@'".$host."' IDENTIFIED BY '" . $value['pwd'] . "'";
	372	if ($verbose){
	373	echo "\n\n" . $query ."\n";
	374	}
	375	$this->dbmaster->query($query); // ignore the error
	376	}
	377
	378	/*
	379	* Try to delete all rights of the user in case that it exists.
	380	* In Case that it will not exist, do nothing (ignore the error!)
	381	*/
	382	$query = "REVOKE ALL PRIVILEGES, GRANT OPTION FROM '".$value['user']."'@'".$host."' ";
100d41	383	if ($verbose){
V	384	echo "\n\n" . $query ."\n";
	385	}
532ae5	386	$this->dbmaster->query($query); // ignore the error
b1a6a5	387
MC	388	//* Create the ISPConfig database user in the remote database
	389	$query = "GRANT SELECT ON ".$value['db'].".`server` TO '".$value['user']."'@'".$host."' ";
	390	if ($verbose){
	391	echo $query ."\n";
	392	}
	393	if(!$this->dbmaster->query($query)) {
	394	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	395	}
	396
	397	$query = "GRANT SELECT, INSERT ON ".$value['db'].".`sys_log` TO '".$value['user']."'@'".$host."' ";
	398	if ($verbose){
	399	echo $query ."\n";
	400	}
	401	if(!$this->dbmaster->query($query)) {
	402	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	403	}
	404
	405	$query = "GRANT SELECT, UPDATE(`status`, `error`) ON ".$value['db'].".`sys_datalog` TO '".$value['user']."'@'".$host."' ";
	406	if ($verbose){
	407	echo $query ."\n";
	408	}
	409	if(!$this->dbmaster->query($query)) {
	410	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	411	}
	412
	413	$query = "GRANT SELECT, UPDATE(`status`) ON ".$value['db'].".`software_update_inst` TO '".$value['user']."'@'".$host."' ";
	414	if ($verbose){
	415	echo $query ."\n";
	416	}
	417	if(!$this->dbmaster->query($query)) {
	418	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	419	}
	420
	421	$query = "GRANT SELECT, UPDATE(`updated`) ON ".$value['db'].".`server` TO '".$value['user']."'@'".$host."' ";
	422	if ($verbose){
	423	echo $query ."\n";
	424	}
	425	if(!$this->dbmaster->query($query)) {
	426	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	427	}
	428
	429	$query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ".$value['db'].".`web_domain` TO '".$value['user']."'@'".$host."' ";
	430	if ($verbose){
	431	echo $query ."\n";
	432	}
	433	if(!$this->dbmaster->query($query)) {
	434	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	435	}
	436
	437	$query = "GRANT SELECT ON ".$value['db'].".`sys_group` TO '".$value['user']."'@'".$host."' ";
	438	if ($verbose){
	439	echo $query ."\n";
	440	}
	441	if(!$this->dbmaster->query($query)) {
	442	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	443	}
	444
	445	$query = "GRANT SELECT, UPDATE (`action_state`, `response`) ON ".$value['db'].".`sys_remoteaction` TO '".$value['user']."'@'".$host."' ";
	446	if ($verbose){
	447	echo $query ."\n";
	448	}
	449	if(!$this->dbmaster->query($query)) {
	450	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	451	}
	452
	453	$query = "GRANT SELECT, INSERT , DELETE ON ".$value['db'].".`monitor_data` TO '".$value['user']."'@'".$host."' ";
	454	if ($verbose){
	455	echo $query ."\n";
	456	}
	457	if(!$this->dbmaster->query($query)) {
	458	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	459	}
	460
	461	$query = "GRANT SELECT, INSERT, UPDATE ON ".$value['db'].".`mail_traffic` TO '".$value['user']."'@'".$host."' ";
	462	if ($verbose){
	463	echo $query ."\n";
	464	}
	465	if(!$this->dbmaster->query($query)) {
	466	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	467	}
	468
	469	$query = "GRANT SELECT, INSERT, UPDATE ON ".$value['db'].".`web_traffic` TO '".$value['user']."'@'".$host."' ";
	470	if ($verbose){
	471	echo $query ."\n";
	472	}
	473	if(!$this->dbmaster->query($query)) {
	474	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	475	}
	476
e92eda	477	$query = "GRANT SELECT, UPDATE, DELETE ON ".$value['db'].".`aps_instances` TO '".$value['user']."'@'".$host."' ";
TB	478	if ($verbose){
	479	echo $query ."\n";
	480	}
	481	if(!$this->dbmaster->query($query)) {
	482	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	483	}
	484
	485	$query = "GRANT SELECT, DELETE ON ".$value['db'].".`aps_instances_settings` TO '".$value['user']."'@'".$host."' ";
b1a6a5	486	if ($verbose){
MC	487	echo $query ."\n";
	488	}
	489	if(!$this->dbmaster->query($query)) {
	490	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	491	}
	492
	493	$query = "GRANT SELECT, INSERT, DELETE ON ".$value['db'].".`web_backup` TO '".$value['user']."'@'".$host."' ";
	494	if ($verbose){
	495	echo $query ."\n";
	496	}
	497	if(!$this->dbmaster->query($query)) {
	498	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	499	}
	500
532ae5	501	}
L	502
	503	/*
	504	* It is all done. Relod the rights...
	505	*/
b1a6a5	506	$this->dbmaster->query('FLUSH PRIVILEGES;');
532ae5	507	}
L	508
	509	}
	510
	511	//** writes postfix configuration files
	512	public function process_postfix_config($configfile) {
	513	global $conf;
	514
	515	$config_dir = $conf['postfix']['config_dir'].'/';
	516	$full_file_name = $config_dir.$configfile;
	517	//* Backup exiting file
	518	if(is_file($full_file_name)) {
	519	copy($full_file_name, $config_dir.$configfile.'~');
	520	}
615a0a	521	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	522	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	523	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	524	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	525	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	526	$content = str_replace('{server_id}', $conf['server_id'], $content);
	527	wf($full_file_name, $content);
	528	}
	529
	530	public function configure_jailkit() {
	531	global $conf;
	532
	533	$cf = $conf['jailkit'];
	534	$config_dir = $cf['config_dir'];
	535	$jk_init = $cf['jk_init'];
	536	$jk_chrootsh = $cf['jk_chrootsh'];
	537
	538	if (is_dir($config_dir)) {
	539	if(is_file($config_dir.'/'.$jk_init)) copy($config_dir.'/'.$jk_init, $config_dir.'/'.$jk_init.'~');
	540	if(is_file($config_dir.'/'.$jk_chrootsh.'.master')) copy($config_dir.'/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh.'~');
b1a6a5	541
MC	542	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_init.'.master')) {
	543	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_init.'.master', $config_dir.'/'.$jk_init);
	544	} else {
	545	copy('tpl/'.$jk_init.'.master', $config_dir.'/'.$jk_init);
	546	}
	547	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_chrootsh.'.master')) {
	548	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh);
	549	} else {
	550	copy('tpl/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh);
	551	}
532ae5	552	}
a8ccf6	553
edf806	554	//* help jailkit fo find its ini files
T	555	if(!is_link('/usr/jk_socketd.ini')) exec('ln -s /etc/jailkit/jk_socketd.ini /usr/jk_socketd.ini');
	556	if(!is_link('/usr/jk_init.ini')) exec('ln -s /etc/jailkit/jk_init.ini /usr/jk_init.ini');
532ae5	557
L	558	}
a8ccf6	559
532ae5	560	public function configure_mailman($status = 'insert') {
L	561	global $conf;
	562
	563	$config_dir = $conf['mailman']['config_dir'].'/';
	564	$full_file_name = $config_dir.'mm_cfg.py';
	565	//* Backup exiting file
	566	if(is_file($full_file_name)) {
	567	copy($full_file_name, $config_dir.'mm_cfg.py~');
	568	}
a8ccf6	569
532ae5	570	// load files
615a0a	571	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mm_cfg.py.master', 'tpl/mm_cfg.py.master');
532ae5	572	$old_file = rf($full_file_name);
a8ccf6	573
532ae5	574	$old_options = array();
a8ccf6	575	$lines = explode("\n", $old_file);
532ae5	576	foreach ($lines as $line)
L	577	{
8fe9ab	578	if (trim($line) != '' && substr($line, 0, 1) != '#')
532ae5	579	{
8fe9ab	580	@list($key, $value) = @explode("=", $line);
532ae5	581	if (!empty($value))
L	582	{
	583	$key = rtrim($key);
	584	$old_options[$key] = trim($value);
	585	}
	586	}
	587	}
a8ccf6	588
532ae5	589	$virtual_domains = '';
L	590	if($status == 'update')
	591	{
	592	// create virtual_domains list
	593	$domainAll = $this->db->queryAllRecords("SELECT domain FROM mail_mailinglist GROUP BY domain");
a8ccf6	594
8fe9ab	595	if(is_array($domainAll)) {
b1a6a5	596	foreach($domainAll as $domain)
MC	597	{
	598	if ($domainAll[0]['domain'] == $domain['domain'])
	599	$virtual_domains .= "'".$domain['domain']."'";
	600	else
	601	$virtual_domains .= ", '".$domain['domain']."'";
	602	}
8fe9ab	603	}
532ae5	604	}
L	605	else
	606	$virtual_domains = "' '";
a8ccf6	607
532ae5	608	$content = str_replace('{hostname}', $conf['hostname'], $content);
46c775	609	if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = '';
532ae5	610	$content = str_replace('{default_language}', $old_options['DEFAULT_SERVER_LANGUAGE'], $content);
L	611	$content = str_replace('{virtual_domains}', $virtual_domains, $content);
b1a6a5	612
532ae5	613	wf($full_file_name, $content);
b1a6a5	614
cc6568	615	//* Write virtual_to_transport.sh script
H	616	$config_dir = $conf['mailman']['config_dir'].'/';
	617	$full_file_name = $config_dir.'virtual_to_transport.sh';
b1a6a5	618
cc6568	619	//* Backup exiting virtual_to_transport.sh script
H	620	if(is_file($full_file_name)) {
	621	copy($full_file_name, $config_dir.'virtual_to_transport.sh~');
	622	}
b1a6a5	623
cc6568	624	if(is_dir('/etc/mailman')) {
615a0a	625	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh')) {
b1a6a5	626	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh', $full_file_name);
MC	627	} else {
	628	copy('tpl/mailman-virtual_to_transport.sh', $full_file_name);
	629	}
	630	chgrp($full_file_name, 'list');
	631	chmod($full_file_name, 0750);
cc6568	632	}
b1a6a5	633
cc6568	634	//* Create aliasaes
H	635	exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');
b1a6a5	636
532ae5	637	}
L	638
	639	public function configure_postfix($options = '') {
	640	global $conf;
	641	$cf = $conf['postfix'];
	642	$config_dir = $cf['config_dir'];
	643
	644	if(!is_dir($config_dir)) {
	645	$this->error("The postfix configuration directory '$config_dir' does not exist.");
	646	}
	647
	648	//* mysql-virtual_domains.cf
	649	$this->process_postfix_config('mysql-virtual_domains.cf');
	650
	651	//* mysql-virtual_forwardings.cf
	652	$this->process_postfix_config('mysql-virtual_forwardings.cf');
	653
	654	//* mysql-virtual_mailboxes.cf
	655	$this->process_postfix_config('mysql-virtual_mailboxes.cf');
	656
	657	//* mysql-virtual_email2email.cf
	658	$this->process_postfix_config('mysql-virtual_email2email.cf');
	659
	660	//* mysql-virtual_transports.cf
	661	$this->process_postfix_config('mysql-virtual_transports.cf');
	662
	663	//* mysql-virtual_recipient.cf
	664	$this->process_postfix_config('mysql-virtual_recipient.cf');
	665
	666	//* mysql-virtual_sender.cf
	667	$this->process_postfix_config('mysql-virtual_sender.cf');
	668
	669	//* mysql-virtual_client.cf
	670	$this->process_postfix_config('mysql-virtual_client.cf');
	671
	672	//* mysql-virtual_relaydomains.cf
	673	$this->process_postfix_config('mysql-virtual_relaydomains.cf');
	674
	675	//* mysql-virtual_relayrecipientmaps.cf
	676	$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
	677
ec5716	678	//* postfix-dkim
T	679	$full_file_name=$config_dir.'/tag_as_originating.re';
ae3cf8	680	if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
b1a6a5	681	wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026');
ec5716	682
T	683	$full_file_name=$config_dir.'/tag_as_foreign.re';
ae3cf8	684	if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
b1a6a5	685	wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024');
ec5716	686
532ae5	687	//* Changing mode and group of the new created config files.
L	688	caselog('chmod o= '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
b1a6a5	689	__FILE__, __LINE__, 'chmod on mysql-virtual_.cf', 'chmod on mysql-virtual_.cf failed');
532ae5	690	caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
b1a6a5	691	__FILE__, __LINE__, 'chgrp on mysql-virtual_.cf', 'chgrp on mysql-virtual_.cf failed');
532ae5	692
L	693	//* Creating virtual mail user and group
	694	$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
	695	if(!is_group($cf['vmail_groupname'])) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	696
	697	$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
	698	if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
a8ccf6	699
b67344	700	//* These postconf commands will be executed on installation and update
a296ae	701	$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ".$conf['server_id']);
M	702	$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
	703	unset($server_ini_rec);
	704
	705	//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
	706	$rbl_list = '';
6882ab	707	if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
b1a6a5	708	$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
a296ae	709	foreach ($rbl_hosts as $key => $value) {
M	710	$rbl_list .= ", reject_rbl_client ". $value;
	711	}
	712	}
	713	unset($rbl_hosts);
	714	unset($server_ini_array);
b1a6a5	715
MC	716	$postconf_placeholders = array('{config_dir}' => $config_dir,
	717	'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
	718	'{vmail_userid}' => $cf['vmail_userid'],
	719	'{vmail_groupid}' => $cf['vmail_groupid'],
	720	'{rbl_list}' => $rbl_list);
	721
	722	$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');
	723	$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
	724	$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
a8ccf6	725
b67344	726	//* These postconf commands will be executed on installation only
T	727	if($this->is_update == false) {
b1a6a5	728	$postconf_commands = array_merge($postconf_commands, array(
MC	729	'myhostname = '.$conf['hostname'],
	730	'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
	731	'mynetworks = 127.0.0.0/8 [::1]/128'
	732	));
b67344	733	}
532ae5	734
L	735	//* Create the header and body check files
	736	touch($config_dir.'/header_checks');
	737	touch($config_dir.'/mime_header_checks');
	738	touch($config_dir.'/nested_header_checks');
	739	touch($config_dir.'/body_checks');
a8ccf6	740
532ae5	741	//* Create the mailman files
cc6568	742	if(!is_dir('/var/lib/mailman/data')) exec('mkdir -p /var/lib/mailman/data');
5378e9	743	if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
T	744	exec('postalias /var/lib/mailman/data/aliases');
	745	if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
d4d965	746	exec('postmap /var/lib/mailman/data/virtual-mailman');
cc6568	747	if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
H	748	exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
532ae5	749
L	750	//* Make a backup copy of the main.cf file
	751	copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
	752
	753	//* Executing the postconf commands
	754	foreach($postconf_commands as $cmd) {
	755	$command = "postconf -e '$cmd'";
	756	caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	757	}
	758
b1a6a5	759	if(!stristr($options, 'dont-create-certs')) {
532ae5	760	//* Create the SSL certificate
L	761	$command = 'cd '.$config_dir.'; '
b1a6a5	762	.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
532ae5	763	exec($command);
L	764
	765	$command = 'chmod o= '.$config_dir.'/smtpd.key';
	766	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	767	}
	768
	769	//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
	770	$command = 'chmod 755 /var/run/courier/authdaemon/';
	771	if(is_file('/var/run/courier/authdaemon/')) caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	772
	773	//* Changing maildrop lines in posfix master.cf
	774	if(is_file($config_dir.'/master.cf')) {
	775	copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
	776	}
	777	if(is_file($config_dir.'/master.cf~')) {
	778	chmod($config_dir.'/master.cf~', 0400);
	779	}
	780	$configfile = $config_dir.'/master.cf';
	781	$content = rf($configfile);
	782	$content = str_replace('flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
b1a6a5	783	'flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d '.$cf['vmail_username'].' ${extension} ${recipient} ${user} ${nexthop} ${sender}',
MC	784	$content);
532ae5	785	wf($configfile, $content);
L	786
	787	//* Writing the Maildrop mailfilter file
	788	$configfile = 'mailfilter';
	789	if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)) {
	790	copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~');
	791	}
615a0a	792	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	793	$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
L	794	wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content);
	795
	796	//* Create the directory for the custom mailfilters
	797	if(!is_dir($cf['vmail_mailbox_base'].'/mailfilters')) {
	798	$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
	799	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	800	}
	801
	802	//* Chmod and chown the .mailfilter file
419eb7	803	$command = 'chown '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
532ae5	804	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
L	805
419eb7	806	$command = 'chmod 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
532ae5	807	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
L	808
	809	}
	810
	811	public function configure_saslauthd() {
	812	global $conf;
a8ccf6	813
26c0fc	814	//* Get saslsauthd version
b1a6a5	815	exec('saslauthd -v 2>&1', $out);
MC	816	$parts = explode(' ', $out[0]);
26c0fc	817	$saslversion = $parts[1];
T	818	unset($parts);
	819	unset($out);
532ae5	820
26c0fc	821	if(version_compare($saslversion , '2.1.23') > 0) {
T	822	//* Configfile for saslauthd versions 2.1.24 and newer
	823	$configfile = 'sasl_smtpd2.conf';
	824	} else {
	825	//* Configfile for saslauthd versions up to 2.1.23
	826	$configfile = 'sasl_smtpd.conf';
	827	}
a8ccf6	828
b1a6a5	829	if(is_file($conf['postfix']['config_dir'].'/sasl/smtpd.conf')) copy($conf['postfix']['config_dir'].'/sasl/smtpd.conf', $conf['postfix']['config_dir'].'/sasl/smtpd.conf~');
532ae5	830	if(is_file($conf['postfix']['config_dir'].'/sasl/smtpd.conf~')) chmod($conf['postfix']['config_dir'].'/sasl/smtpd.conf~', 0400);
615a0a	831	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
b1a6a5	832	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	833	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	834	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	835	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	836	wf($conf['postfix']['config_dir'].'/sasl/smtpd.conf', $content);
532ae5	837
L	838	// TODO: Chmod and chown on the config file
	839
	840
	841	// Recursively create the spool directory
	842	if(!@is_dir('/var/spool/postfix/var/run/saslauthd')) mkdir('/var/spool/postfix/var/run/saslauthd', 0755, true);
	843
	844	// Edit the file /etc/default/saslauthd
	845	$configfile = $conf['saslauthd']['config'];
b1a6a5	846	if(is_file($configfile)) copy($configfile, $configfile.'~');
532ae5	847	if(is_file($configfile.'~')) chmod($configfile.'~', 0400);
L	848	$content = rf($configfile);
b1a6a5	849	$content = str_replace('START=no', 'START=yes', $content);
532ae5	850	// Debian
b1a6a5	851	$content = str_replace('OPTIONS="-c"', 'OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"', $content);
532ae5	852	// Ubuntu
b1a6a5	853	$content = str_replace('OPTIONS="-c -m /var/run/saslauthd"', 'OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"', $content);
MC	854	wf($configfile, $content);
532ae5	855
L	856	// Edit the file /etc/init.d/saslauthd
	857	$configfile = $conf['init_scripts'].'/'.$conf['saslauthd']['init_script'];
	858	$content = rf($configfile);
b1a6a5	859	$content = str_replace('PIDFILE=$RUN_DIR/saslauthd.pid', 'PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"', $content);
MC	860	wf($configfile, $content);
532ae5	861
L	862	// add the postfix user to the sasl group (at least necessary for Ubuntu 8.04 and most likely Debian Lenny as well.
	863	exec('adduser postfix sasl');
	864
	865
	866	}
	867
	868	public function configure_pam() {
	869	global $conf;
	870	$pam = $conf['pam'];
	871	//* configure pam for SMTP authentication agains the ispconfig database
	872	$configfile = 'pamd_smtp';
	873	if(is_file($pam.'/smtp')) copy($pam.'/smtp', $pam.'/smtp~');
	874	if(is_file($pam.'/smtp~')) chmod($pam.'/smtp~', 0400);
	875
615a0a	876	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	877	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	878	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	879	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	880	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	881	wf($pam.'/smtp', $content);
	882	// On some OSes smtp is world readable which allows for reading database information. Removing world readable rights should have no effect.
	883	if(is_file($pam.'/smtp')) exec("chmod o= $pam/smtp");
	884	chmod($pam.'/smtp', 0660);
	885	chown($pam.'/smtp', 'daemon');
	886	chgrp($pam.'/smtp', 'daemon');
	887
	888	}
	889
	890	public function configure_courier() {
	891	global $conf;
	892	$config_dir = $conf['courier']['config_dir'];
	893	//* authmysqlrc
	894	$configfile = 'authmysqlrc';
	895	if(is_file($config_dir.'/'.$configfile)) {
	896	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	897	}
	898	chmod($config_dir.'/'.$configfile.'~', 0400);
615a0a	899	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
b1a6a5	900	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	901	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	902	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	903	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
532ae5	904	wf($config_dir.'/'.$configfile, $content);
L	905
	906	chmod($config_dir.'/'.$configfile, 0660);
	907	chown($config_dir.'/'.$configfile, 'daemon');
	908	chgrp($config_dir.'/'.$configfile, 'daemon');
	909
	910	//* authdaemonrc
	911	$configfile = $config_dir.'/authdaemonrc';
	912	if(is_file($configfile)) {
	913	copy($configfile, $configfile.'~');
	914	}
	915	if(is_file($configfile.'~')) {
	916	chmod($configfile.'~', 0400);
	917	}
	918	$content = rf($configfile);
	919	$content = str_replace('authmodulelist="authpam"', 'authmodulelist="authmysql"', $content);
	920	wf($configfile, $content);
	921	}
	922
	923	public function configure_dovecot() {
	924	global $conf;
	925
	926	$config_dir = $conf['dovecot']['config_dir'];
	927
	928	//* Configure master.cf and add a line for deliver
	929	if(is_file($conf['postfix']['config_dir'].'/master.cf')) {
	930	copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~2');
	931	}
	932	if(is_file($conf['postfix']['config_dir'].'/master.cf~')) {
	933	chmod($conf['postfix']['config_dir'].'/master.cf~2', 0400);
	934	}
	935	$content = rf($conf['postfix']['config_dir'].'/master.cf');
	936	// Only add the content if we had not addded it before
b1a6a5	937	if(!stristr($content, 'dovecot/deliver')) {
013ae4	938	$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
b1a6a5	939	af($conf['postfix']['config_dir'].'/master.cf', $deliver_content);
532ae5	940	}
L	941	unset($content);
	942	unset($deliver_content);
	943
	944
	945	//* Reconfigure postfix to use dovecot authentication
	946	// Adding the amavisd commands to the postfix configuration
	947	$postconf_commands = array (
b1a6a5	948	'dovecot_destination_recipient_limit = 1',
MC	949	'virtual_transport = dovecot',
	950	'smtpd_sasl_type = dovecot',
	951	'smtpd_sasl_path = private/auth'
532ae5	952	);
L	953
	954	// Make a backup copy of the main.cf file
b1a6a5	955	copy($conf['postfix']['config_dir'].'/main.cf', $conf['postfix']['config_dir'].'/main.cf~3');
532ae5	956
L	957	// Executing the postconf commands
	958	foreach($postconf_commands as $cmd) {
	959	$command = "postconf -e '$cmd'";
	960	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	961	}
	962
31e0d1	963	//* backup dovecot.conf
532ae5	964	$configfile = 'dovecot.conf';
L	965	if(is_file($config_dir.'/'.$configfile)) {
	966	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	967	}
a8ccf6	968
31e0d1	969	//* Get the dovecot version
b1a6a5	970	exec('dovecot --version', $tmp);
MC	971	$parts = explode('.', trim($tmp[0]));
31e0d1	972	$dovecot_version = $parts[0];
T	973	unset($tmp);
	974	unset($parts);
a8ccf6	975
31e0d1	976	//* Copy dovecot configuration file
T	977	if($dovecot_version == 2) {
b1a6a5	978	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master')) {
MC	979	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
	980	} else {
	981	copy('tpl/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
	982	}
65576f	983	replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
31e0d1	984	} else {
b1a6a5	985	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master')) {
MC	986	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master', $config_dir.'/'.$configfile);
	987	} else {
	988	copy('tpl/debian_dovecot.conf.master', $config_dir.'/'.$configfile);
	989	}
31e0d1	990	}
532ae5	991
L	992	//* dovecot-sql.conf
	993	$configfile = 'dovecot-sql.conf';
	994	if(is_file($config_dir.'/'.$configfile)) {
	995	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	996	}
edf806	997	if(is_file($config_dir.'/'.$configfile.'~')) chmod($config_dir.'/'.$configfile.'~', 0400);
615a0a	998	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot-sql.conf.master', 'tpl/debian_dovecot-sql.conf.master');
b1a6a5	999	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1000	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1001	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1002	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
532ae5	1003	wf($config_dir.'/'.$configfile, $content);
L	1004
	1005	chmod($config_dir.'/'.$configfile, 0600);
	1006	chown($config_dir.'/'.$configfile, 'root');
	1007	chgrp($config_dir.'/'.$configfile, 'root');
5e7306	1008
TB	1009	// Dovecot shall ignore mounts in website directory
	1010	exec("doveadm mount add '/var/www/*' ignore");
532ae5	1011
L	1012	}
	1013
	1014	public function configure_amavis() {
	1015	global $conf;
	1016
	1017	// amavisd user config file
	1018	$configfile = 'amavisd_user_config';
b1a6a5	1019	if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) copy($conf['amavis']['config_dir'].'/conf.d/50-user', $conf['amavis']['config_dir'].'/50-user~');
532ae5	1020	if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user~')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user~', 0400);
615a0a	1021	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
b1a6a5	1022	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1023	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1024	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1025	$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
	1026	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	1027	wf($conf['amavis']['config_dir'].'/conf.d/50-user', $content);
532ae5	1028
L	1029	// TODO: chmod and chown on the config file
	1030
	1031
	1032	// Adding the amavisd commands to the postfix configuration
864ee2	1033	// Add array for no error in foreach and maybe future options
X	1034	$postconf_commands = array ();
a8ccf6	1035
864ee2	1036	// Check for amavisd -> pure webserver with postfix for mailing without antispam
ac28b5	1037	if ($conf['amavis']['installed']) {
864ee2	1038	$postconf_commands[] = 'content_filter = amavis:[127.0.0.1]:10024';
X	1039	$postconf_commands[] = 'receive_override_options = no_address_mappings';
	1040	}
532ae5	1041
L	1042	// Make a backup copy of the main.cf file
b1a6a5	1043	copy($conf['postfix']['config_dir'].'/main.cf', $conf['postfix']['config_dir'].'/main.cf~2');
532ae5	1044
L	1045	// Executing the postconf commands
	1046	foreach($postconf_commands as $cmd) {
	1047	$command = "postconf -e '$cmd'";
	1048	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1049	}
	1050
	1051	// Append the configuration for amavisd to the master.cf file
b1a6a5	1052	if(is_file($conf['postfix']['config_dir'].'/master.cf')) copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~');
532ae5	1053	$content = rf($conf['postfix']['config_dir'].'/master.cf');
L	1054	// Only add the content if we had not addded it before
be6237	1055	if(!preg_match('/^amavis\s+unix\s+/m', $content)) {
532ae5	1056	unset($content);
615a0a	1057	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', 'tpl/master_cf_amavis.master');
44ae08	1058	af($conf['postfix']['config_dir'].'/master.cf', $content);
F	1059	$content = rf($conf['postfix']['config_dir'].'/master.cf');
	1060	}
be6237	1061	if(!preg_match('/^127.0.0.1:10025\s+/m', $content)) {
44ae08	1062	unset($content);
ae3cf8	1063	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10025.master', 'tpl/master_cf_amavis10025.master');
44ae08	1064	af($conf['postfix']['config_dir'].'/master.cf', $content);
ae3cf8	1065	$content = rf($conf['postfix']['config_dir'].'/master.cf');
44ae08	1066	}
be6237	1067	if(!preg_match('/^127.0.0.1:10027\s+/m', $content)) {
44ae08	1068	unset($content);
ae3cf8	1069	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10027.master', 'tpl/master_cf_amavis10027.master');
b1a6a5	1070	af($conf['postfix']['config_dir'].'/master.cf', $content);
532ae5	1071	}
L	1072	unset($content);
	1073
	1074	// Add the clamav user to the amavis group
	1075	exec('adduser clamav amavis');
	1076
535a69	1077	// Create the director for DKIM-Keys
be6237	1078	if(!is_dir('/var/lib/amavis/dkim')) mkdir('/var/lib/amavis/dkim', 0750, true);
535a69	1079	// get shell-user for amavis
T	1080	$amavis_user=exec('grep -o "^amavis:\\|^vscan:" /etc/passwd');
	1081	if(!empty($amavis_user)) {
b1a6a5	1082	$amavis_user=rtrim($amavis_user, ":");
44ae08	1083	exec('chown '.$amavis_user.' /var/lib/amavis/dkim');
535a69	1084	}
T	1085	// get shell-group for amavis
	1086	$amavis_group=exec('grep -o "^amavis:\\|^vscan:" /etc/group');
	1087	if(!empty($amavis_group)) {
b1a6a5	1088	$amavis_group=rtrim($amavis_group, ":");
44ae08	1089	exec('chgrp '.$amavis_group.' /var/lib/amavis/dkim');
535a69	1090	}
532ae5	1091	}
L	1092
	1093	public function configure_spamassassin() {
	1094	global $conf;
	1095
	1096	//* Enable spamasasssin on debian and ubuntu
	1097	$configfile = '/etc/default/spamassassin';
	1098	if(is_file($configfile)) {
	1099	copy($configfile, $configfile.'~');
	1100	}
	1101	$content = rf($configfile);
	1102	$content = str_replace('ENABLED=0', 'ENABLED=1', $content);
	1103	wf($configfile, $content);
	1104	}
	1105
	1106	public function configure_getmail() {
	1107	global $conf;
	1108
	1109	$config_dir = $conf['getmail']['config_dir'];
	1110
	1111	if(!@is_dir($config_dir)) mkdir(escapeshellcmd($config_dir), 0700, true);
	1112
	1113	$command = 'useradd -d '.$config_dir.' getmail';
	1114	if(!is_user('getmail')) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1115
	1116	$command = "chown -R getmail $config_dir";
	1117	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1118
	1119	$command = "chmod -R 700 $config_dir";
	1120	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1121	}
	1122
	1123
	1124	public function configure_pureftpd() {
	1125	global $conf;
	1126
	1127	$config_dir = $conf['pureftpd']['config_dir'];
	1128
	1129	//* configure pure-ftpd for MySQL authentication against the ispconfig database
	1130	$configfile = 'db/mysql.conf';
	1131	if(is_file($config_dir.'/'.$configfile)) {
	1132	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	1133	}
	1134	if(is_file($config_dir.'/'.$configfile.'~')) {
	1135	chmod($config_dir.'/'.$configfile.'~', 0400);
	1136	}
615a0a	1137	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/pureftpd_mysql.conf.master', 'tpl/pureftpd_mysql.conf.master');
532ae5	1138	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	1139	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1140	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1141	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	1142	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1143	wf($config_dir.'/'.$configfile, $content);
	1144	chmod($config_dir.'/'.$configfile, 0600);
	1145	chown($config_dir.'/'.$configfile, 'root');
	1146	chgrp($config_dir.'/'.$configfile, 'root');
	1147	// **enable chrooting
	1148	//exec('mkdir -p '.$config_dir.'/conf/ChrootEveryone');
	1149	exec('echo "yes" > '.$config_dir.'/conf/ChrootEveryone');
	1150	exec('echo "yes" > '.$config_dir.'/conf/BrokenClientsCompatibility');
	1151	exec('echo "yes" > '.$config_dir.'/conf/DisplayDotFiles');
	1152
	1153	if(is_file('/etc/default/pure-ftpd-common')) {
b1a6a5	1154	replaceLine('/etc/default/pure-ftpd-common', 'STANDALONE_OR_INETD=inetd', 'STANDALONE_OR_INETD=standalone', 1, 0);
MC	1155	replaceLine('/etc/default/pure-ftpd-common', 'VIRTUALCHROOT=false', 'VIRTUALCHROOT=true', 1, 0);
532ae5	1156	}
L	1157
	1158	if(is_file('/etc/inetd.conf')) {
b1a6a5	1159	replaceLine('/etc/inetd.conf', '/usr/sbin/pure-ftpd-wrapper', '#ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper', 0, 0);
acdd7a	1160	exec($this->getinitcommand('openbsd-inetd', 'restart'));
33bcd0	1161	//if(is_file($conf['init_scripts'].'/'.'openbsd-inetd')) exec($conf['init_scripts'].'/'.'openbsd-inetd restart');
532ae5	1162	}
L	1163
	1164	if(!is_file('/etc/pure-ftpd/conf/DontResolve')) exec('echo "yes" > /etc/pure-ftpd/conf/DontResolve');
	1165	}
	1166
	1167	public function configure_mydns() {
	1168	global $conf;
	1169
	1170	// configure pam for SMTP authentication agains the ispconfig database
	1171	$configfile = 'mydns.conf';
b1a6a5	1172	if(is_file($conf['mydns']['config_dir'].'/'.$configfile)) copy($conf['mydns']['config_dir'].'/'.$configfile, $conf['mydns']['config_dir'].'/'.$configfile.'~');
532ae5	1173	if(is_file($conf['mydns']['config_dir'].'/'.$configfile.'~')) chmod($conf['mydns']['config_dir'].'/'.$configfile.'~', 0400);
615a0a	1174	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
b1a6a5	1175	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1176	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1177	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1178	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1179	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1180	wf($conf['mydns']['config_dir'].'/'.$configfile, $content);
532ae5	1181	chmod($conf['mydns']['config_dir'].'/'.$configfile, 0600);
L	1182	chown($conf['mydns']['config_dir'].'/'.$configfile, 'root');
	1183	chgrp($conf['mydns']['config_dir'].'/'.$configfile, 'root');
	1184
	1185	}
	1186
	1187	public function configure_powerdns() {
	1188	global $conf;
	1189
	1190	//* Create the database
	1191	if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['powerdns']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
	1192	$this->error('Unable to create MySQL database: '.$conf['powerdns']['database'].'.');
	1193	}
	1194
	1195	//* Create the ISPConfig database user in the local database
	1196	$query = "GRANT ALL ON `".$conf['powerdns']['database']."` . * TO '".$conf['mysql']['ispconfig_user']."'@'localhost';";
	1197	if(!$this->db->query($query)) {
	1198	$this->error('Unable to create user for powerdns database Error: '.$this->db->errorMessage);
	1199	}
	1200
	1201	//* Reload database privelages
	1202	$this->db->query('FLUSH PRIVILEGES;');
	1203
	1204	//* load the powerdns databse dump
	1205	if($conf['mysql']['admin_password'] == '') {
	1206	caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
b1a6a5	1207	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
532ae5	1208	} else {
L	1209	caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
b1a6a5	1210	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
532ae5	1211	}
L	1212
	1213	//* Create the powerdns config file
	1214	$configfile = 'pdns.local';
b1a6a5	1215	if(is_file($conf['powerdns']['config_dir'].'/'.$configfile)) copy($conf['powerdns']['config_dir'].'/'.$configfile, $conf['powerdns']['config_dir'].'/'.$configfile.'~');
532ae5	1216	if(is_file($conf['powerdns']['config_dir'].'/'.$configfile.'~')) chmod($conf['powerdns']['config_dir'].'/'.$configfile.'~', 0400);
615a0a	1217	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
b1a6a5	1218	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1219	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1220	$content = str_replace('{powerdns_database}', $conf['powerdns']['database'], $content);
	1221	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1222	wf($conf['powerdns']['config_dir'].'/'.$configfile, $content);
532ae5	1223	chmod($conf['powerdns']['config_dir'].'/'.$configfile, 0600);
L	1224	chown($conf['powerdns']['config_dir'].'/'.$configfile, 'root');
	1225	chgrp($conf['powerdns']['config_dir'].'/'.$configfile, 'root');
	1226
	1227
	1228	}
	1229
	1230	public function configure_bind() {
	1231	global $conf;
	1232
b1a6a5	1233	//* Check if the zonefile directory has a slash at the end
MC	1234	$content=$conf['bind']['bind_zonefiles_dir'];
	1235	if(substr($content, -1, 1) != '/') {
	1236	$content .= '/';
532ae5	1237	}
L	1238
	1239	//* Create the slave subdirectory
b1a6a5	1240	$content .= 'slave';
MC	1241	if(!@is_dir($content)) mkdir($content, 0770, true);
532ae5	1242
b1a6a5	1243	//* Chown the slave subdirectory to $conf['bind']['bind_user']
MC	1244	chown($content, $conf['bind']['bind_user']);
	1245	chgrp($content, $conf['bind']['bind_group']);
532ae5	1246
L	1247	}
	1248
	1249
	1250
	1251	public function configure_apache() {
	1252	global $conf;
	1253
4ffb51	1254	if($conf['apache']['installed'] == false) return;
532ae5	1255	//* Create the logging directory for the vhost logfiles
L	1256	if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
	1257
	1258	if(is_file('/etc/suphp/suphp.conf')) {
b1a6a5	1259	replaceLine('/etc/suphp/suphp.conf', 'php=php:/usr/bin', 'x-httpd-suphp="php:/usr/bin/php-cgi"', 0);
532ae5	1260	//replaceLine('/etc/suphp/suphp.conf','docroot=','docroot=/var/clients',0);
b1a6a5	1261	replaceLine('/etc/suphp/suphp.conf', 'umask=0077', 'umask=0022', 0);
532ae5	1262	}
L	1263
	1264	if(is_file('/etc/apache2/sites-enabled/000-default')) {
b1a6a5	1265	replaceLine('/etc/apache2/sites-available/000-default', 'NameVirtualHost ', 'NameVirtualHost :80', 1, 0);
MC	1266	replaceLine('/etc/apache2/sites-available/000-default', '<VirtualHost >', '<VirtualHost :80>', 1, 0);
532ae5	1267	}
L	1268
	1269	if(is_file('/etc/apache2/ports.conf')) {
	1270	// add a line "Listen 443" to ports conf if line does not exist
b1a6a5	1271	replaceLine('/etc/apache2/ports.conf', 'Listen 443', 'Listen 443', 1);
532ae5	1272	}
L	1273
8eca28	1274	if(is_file('/etc/apache2/apache.conf')) {
MC	1275	if(hasLine('/etc/apache2/apache.conf', 'Include sites-enabled/', 1) == false) {
	1276	if(hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.conf', 1) == false) {
	1277	replaceLine('/etc/apache2/apache.conf', 'Include sites-enabled/', 'Include sites-enabled/', 1, 1);
	1278	} elseif(hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.vhost', 1) == false) {
	1279	replaceLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/.vhost', 'IncludeOptional sites-enabled/.vhost', 1, 1);
	1280	}
	1281	}
	1282	}
532ae5	1283
L	1284	//* Copy the ISPConfig configuration include
	1285	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	1286	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
	1287
	1288	// copy('tpl/apache_ispconfig.conf.master',$vhost_conf_dir.'/ispconfig.conf');
a8ccf6	1289
615a0a	1290	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig.conf.master', 'tpl/apache_ispconfig.conf.master');
532ae5	1291	$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
a2156e	1292
532ae5	1293	if(is_array($records) && count($records) > 0) {
L	1294	foreach($records as $rec) {
a2156e	1295	if($rec['ip_type'] == 'IPv6') {
T	1296	$ip_address = '['.$rec['ip_address'].']';
	1297	} else {
	1298	$ip_address = $rec['ip_address'];
	1299	}
b1a6a5	1300	$ports = explode(',', $rec['virtualhost_port']);
a2156e	1301	if(is_array($ports)) {
T	1302	foreach($ports as $port) {
	1303	$port = intval($port);
	1304	if($port > 0 && $port < 65536 && $ip_address != '') {
	1305	$content .= 'NameVirtualHost '.$ip_address.":".$port."\n";
	1306	}
	1307	}
	1308	}
532ae5	1309	}
L	1310	}
a8ccf6	1311
532ae5	1312	$content .= "\n";
b1a6a5	1313	wf($vhost_conf_dir.'/ispconfig.conf', $content);
532ae5	1314
L	1315	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.conf')) {
b1a6a5	1316	symlink($vhost_conf_dir.'/ispconfig.conf', $vhost_conf_enabled_dir.'/000-ispconfig.conf');
532ae5	1317	}
L	1318
	1319	//* make sure that webalizer finds its config file when it is directly in /etc
	1320	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	1321	mkdir('/etc/webalizer');
b1a6a5	1322	symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
532ae5	1323	}
L	1324
	1325	if(is_file('/etc/webalizer/webalizer.conf')) {
	1326	// Change webalizer mode to incremental
b1a6a5	1327	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	1328	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	1329	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
532ae5	1330	}
a8ccf6	1331
532ae5	1332	// Check the awsatst script
L	1333	if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
b1a6a5	1334	if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl', '/usr/share/awstats/tools/awstats_buildstaticpages.pl');
MC	1335	if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local', 'LogFormat=4', 'LogFormat=1', 0, 1);
a8ccf6	1336
532ae5	1337	//* add a sshusers group
L	1338	$command = 'groupadd sshusers';
	1339	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1340
	1341	}
a8ccf6	1342
4ffb51	1343	public function configure_nginx(){
80e3c9	1344	global $conf;
a8ccf6	1345
4ffb51	1346	if($conf['nginx']['installed'] == false) return;
F	1347	//* Create the logging directory for the vhost logfiles
	1348	if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
	1349
	1350	//* make sure that webalizer finds its config file when it is directly in /etc
	1351	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	1352	mkdir('/etc/webalizer');
b1a6a5	1353	symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
4ffb51	1354	}
F	1355
	1356	if(is_file('/etc/webalizer/webalizer.conf')) {
	1357	// Change webalizer mode to incremental
b1a6a5	1358	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	1359	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	1360	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
4ffb51	1361	}
a8ccf6	1362
4ffb51	1363	// Check the awsatst script
F	1364	if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
b1a6a5	1365	if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl', '/usr/share/awstats/tools/awstats_buildstaticpages.pl');
MC	1366	if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local', 'LogFormat=4', 'LogFormat=1', 0, 1);
a8ccf6	1367
4ffb51	1368	//* add a sshusers group
F	1369	$command = 'groupadd sshusers';
	1370	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
a8ccf6	1371
4ffb51	1372	/*
80e3c9	1373	$row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$conf["server_id"]."");
T	1374	$ip_address = gethostbyname($row["server_name"]);
	1375	$server_name = $row["server_name"];
	1376
	1377	//setup proxy.conf
	1378	$configfile = 'proxy.conf';
	1379	if(is_file($conf["nginx"]["config_dir"].'/'.$configfile)) copy($conf["nginx"]["config_dir"].'/'.$configfile,$conf["nginx"]["config_dir"].'/'.$configfile.'~');
	1380	if(is_file($conf["nginx"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["nginx"]["config_dir"].'/'.$configfile.'~');
	1381	$content = rf("tpl/nginx_".$configfile.".master");
	1382	wf($conf["nginx"]["config_dir"].'/'.$configfile,$content);
	1383	exec('chmod 600 '.$conf["nginx"]["config_dir"].'/'.$configfile);
	1384	exec('chown root:root '.$conf["nginx"]["config_dir"].'/'.$configfile);
	1385
	1386	//setup conf.d/cache.conf
	1387	$configfile = 'cache.conf';
	1388	if(is_file($conf["nginx"]["config_dir"].'/conf.d/'.$configfile)) copy($conf["nginx"]["config_dir"].'/conf.d/'.$configfile,$conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~');
	1389	if(is_file($conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~')) exec('chmod 400 '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~');
	1390	$content = rf("tpl/nginx_".$configfile.".master");
	1391	wf($conf["nginx"]["config_dir"].'/conf.d/'.$configfile,$content);
	1392	exec('chmod 600 '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile);
	1393	exec('chown root:root '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile);
	1394
	1395	//setup cache directories
	1396	mkdir('/var/cache/nginx/cache');
	1397	exec('chown www-data:www-data /var/cache/nginx/cache');
	1398	mkdir('/var/cache/nginx/temp');
	1399	exec('chown www-data:www-data /var/cache/nginx/temp');
4ffb51	1400	*/
80e3c9	1401	}
a8ccf6	1402
d083f2	1403	public function configure_fail2ban() {
b1a6a5	1404	// To Do
MC	1405	}
a8ccf6	1406
80e3c9	1407	public function configure_squid()
T	1408	{
	1409	global $conf;
	1410	$row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$conf["server_id"]."");
	1411	$ip_address = gethostbyname($row["server_name"]);
	1412	$server_name = $row["server_name"];
a8ccf6	1413
80e3c9	1414	$configfile = 'squid.conf';
b1a6a5	1415	if(is_file($conf["squid"]["config_dir"].'/'.$configfile)) copy($conf["squid"]["config_dir"].'/'.$configfile, $conf["squid"]["config_dir"].'/'.$configfile.'~');
80e3c9	1416	if(is_file($conf["squid"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["squid"]["config_dir"].'/'.$configfile.'~');
615a0a	1417	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/".$configfile.".master");
b1a6a5	1418	$content = str_replace('{server_name}', $server_name, $content);
MC	1419	$content = str_replace('{ip_address}', $ip_address, $content);
	1420	$content = str_replace('{config_dir}', $conf['squid']['config_dir'], $content);
	1421	wf($conf["squid"]["config_dir"].'/'.$configfile, $content);
80e3c9	1422	exec('chmod 600 '.$conf["squid"]["config_dir"].'/'.$configfile);
T	1423	exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile);
	1424	}
a8ccf6	1425
80e3c9	1426	public function configure_ufw_firewall()
T	1427	{
	1428	$configfile = 'ufw.conf';
b1a6a5	1429	if(is_file('/etc/ufw/ufw.conf')) copy('/etc/ufw/ufw.conf', '/etc/ufw/ufw.conf~');
80e3c9	1430	$content = rf("tpl/".$configfile.".master");
b1a6a5	1431	wf('/etc/ufw/ufw.conf', $content);
80e3c9	1432	exec('chmod 600 /etc/ufw/ufw.conf');
a8ccf6	1433	exec('chown root:root /etc/ufw/ufw.conf');
80e3c9	1434	}
532ae5	1435
bd68aa	1436	public function configure_bastille_firewall() {
532ae5	1437	global $conf;
L	1438
	1439	$dist_init_scripts = $conf['init_scripts'];
	1440
	1441	if(is_dir('/etc/Bastille.backup')) caselog('rm -rf /etc/Bastille.backup', __FILE__, __LINE__);
	1442	if(is_dir('/etc/Bastille')) caselog('mv -f /etc/Bastille /etc/Bastille.backup', __FILE__, __LINE__);
	1443	@mkdir('/etc/Bastille', 0700);
	1444	if(is_dir('/etc/Bastille.backup/firewall.d')) caselog('cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/', __FILE__, __LINE__);
615a0a	1445	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/bastille-firewall.cfg.master')) {
b1a6a5	1446	caselog('cp -f ' . $conf['ispconfig_install_dir'].'/server/conf-custom/install/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg', __FILE__, __LINE__);
MC	1447	} else {
	1448	caselog('cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg', __FILE__, __LINE__);
	1449	}
532ae5	1450	caselog('chmod 644 /etc/Bastille/bastille-firewall.cfg', __FILE__, __LINE__);
L	1451	$content = rf('/etc/Bastille/bastille-firewall.cfg');
	1452	$content = str_replace('{DNS_SERVERS}', '', $content);
	1453
	1454	$tcp_public_services = '';
	1455	$udp_public_services = '';
	1456
	1457	$row = $this->db->queryOneRecord('SELECT * FROM '.$conf["mysql"]["database"].'.firewall WHERE server_id = '.intval($conf['server_id']));
	1458
	1459	if(trim($row['tcp_port']) != '' \|\| trim($row['udp_port']) != '') {
b1a6a5	1460	$tcp_public_services = trim(str_replace(',', ' ', $row['tcp_port']));
MC	1461	$udp_public_services = trim(str_replace(',', ' ', $row['udp_port']));
532ae5	1462	} else {
L	1463	$tcp_public_services = '21 22 25 53 80 110 143 443 3306 8080 10000';
	1464	$udp_public_services = '53';
	1465	}
	1466
	1467	if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) {
	1468	$tcp_public_services .= ' '.intval($conf['apache']['vhost_port']);
	1469	if($row['tcp_port'] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id']));
	1470	}
	1471
	1472	$content = str_replace('{TCP_PUBLIC_SERVICES}', $tcp_public_services, $content);
	1473	$content = str_replace('{UDP_PUBLIC_SERVICES}', $udp_public_services, $content);
	1474
	1475	wf('/etc/Bastille/bastille-firewall.cfg', $content);
	1476
	1477	if(is_file($dist_init_scripts.'/bastille-firewall')) caselog('mv -f '.$dist_init_scripts.'/bastille-firewall '.$dist_init_scripts.'/bastille-firewall.backup', __FILE__, __LINE__);
	1478	caselog('cp -f apps/bastille-firewall '.$dist_init_scripts, __FILE__, __LINE__);
	1479	caselog('chmod 700 '.$dist_init_scripts.'/bastille-firewall', __FILE__, __LINE__);
	1480
	1481	if(is_file('/sbin/bastille-ipchains')) caselog('mv -f /sbin/bastille-ipchains /sbin/bastille-ipchains.backup', __FILE__, __LINE__);
	1482	caselog('cp -f apps/bastille-ipchains /sbin', __FILE__, __LINE__);
	1483	caselog('chmod 700 /sbin/bastille-ipchains', __FILE__, __LINE__);
	1484
	1485	if(is_file('/sbin/bastille-netfilter')) caselog('mv -f /sbin/bastille-netfilter /sbin/bastille-netfilter.backup', __FILE__, __LINE__);
	1486	caselog('cp -f apps/bastille-netfilter /sbin', __FILE__, __LINE__);
	1487	caselog('chmod 700 /sbin/bastille-netfilter', __FILE__, __LINE__);
	1488
	1489	if(!@is_dir('/var/lock/subsys')) caselog('mkdir /var/lock/subsys', __FILE__, __LINE__);
	1490
	1491	exec('which ipchains &> /dev/null', $ipchains_location, $ret_val);
	1492	if(!is_file('/sbin/ipchains') && !is_link('/sbin/ipchains') && $ret_val == 0) phpcaselog(@symlink(shell_exec('which ipchains'), '/sbin/ipchains'), 'create symlink', __FILE__, __LINE__);
	1493	unset($ipchains_location);
	1494	exec('which iptables &> /dev/null', $iptables_location, $ret_val);
	1495	if(!is_file('/sbin/iptables') && !is_link('/sbin/iptables') && $ret_val == 0) phpcaselog(@symlink(trim(shell_exec('which iptables')), '/sbin/iptables'), 'create symlink', __FILE__, __LINE__);
	1496	unset($iptables_location);
	1497
	1498	}
	1499
	1500	public function configure_vlogger() {
	1501	global $conf;
	1502
	1503	//** Configure vlogger to use traffic logging to mysql (master) db
	1504	$configfile = 'vlogger-dbi.conf';
b1a6a5	1505	if(is_file($conf['vlogger']['config_dir'].'/'.$configfile)) copy($conf['vlogger']['config_dir'].'/'.$configfile, $conf['vlogger']['config_dir'].'/'.$configfile.'~');
532ae5	1506	if(is_file($conf['vlogger']['config_dir'].'/'.$configfile.'~')) chmod($conf['vlogger']['config_dir'].'/'.$configfile.'~', 0400);
615a0a	1507	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	1508	if($conf['mysql']['master_slave_setup'] == 'y') {
b1a6a5	1509	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
MC	1510	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	1511	$content = str_replace('{mysql_server_database}', $conf['mysql']['master_database'], $content);
	1512	$content = str_replace('{mysql_server_ip}', $conf['mysql']['master_host'], $content);
532ae5	1513	} else {
b1a6a5	1514	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1515	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1516	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1517	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
532ae5	1518	}
b1a6a5	1519	wf($conf['vlogger']['config_dir'].'/'.$configfile, $content);
532ae5	1520	chmod($conf['vlogger']['config_dir'].'/'.$configfile, 0600);
L	1521	chown($conf['vlogger']['config_dir'].'/'.$configfile, 'root');
	1522	chgrp($conf['vlogger']['config_dir'].'/'.$configfile, 'root');
	1523
	1524	}
	1525
	1526	public function configure_apps_vhost() {
	1527	global $conf;
	1528
	1529	//* Create the ispconfig apps vhost user and group
165152	1530	if($conf['apache']['installed'] == true){
4ffb51	1531	$apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
F	1532	$apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
	1533	$install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
532ae5	1534
4ffb51	1535	$command = 'groupadd '.$apps_vhost_user;
F	1536	if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
532ae5	1537
4ffb51	1538	$command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
F	1539	if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
532ae5	1540
L	1541
5edf40	1542	//$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
TB	1543	$command = 'usermod -a -G '.$apps_vhost_group.' '.$conf['apache']['user'];
4ffb51	1544	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
532ae5	1545
99b55b	1546	if(!@is_dir($install_dir)){
F	1547	mkdir($install_dir, 0755, true);
	1548	} else {
	1549	chmod($install_dir, 0755);
	1550	}
4ffb51	1551	chown($install_dir, $apps_vhost_user);
F	1552	chgrp($install_dir, $apps_vhost_group);
532ae5	1553
4ffb51	1554	//* Copy the apps vhost file
F	1555	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	1556	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
	1557	$apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'':'ServerName '.$conf['web']['apps_vhost_servername'];
d0356f	1558
TB	1559	//* Get the apps vhost port
	1560	if($this->is_update == true) {
	1561	$conf['web']['apps_vhost_port'] = get_apps_vhost_port_number();
	1562	}
532ae5	1563
4ffb51	1564	// Dont just copy over the virtualhost template but add some custom settings
615a0a	1565	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_apps.vhost.master', 'tpl/apache_apps.vhost.master');
532ae5	1566
4ffb51	1567	$content = str_replace('{apps_vhost_ip}', $conf['web']['apps_vhost_ip'], $content);
F	1568	$content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
	1569	$content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
	1570	$content = str_replace('{website_basedir}', $conf['web']['website_basedir'], $content);
	1571	$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
532ae5	1572
L	1573
4ffb51	1574	// comment out the listen directive if port is 80 or 443
F	1575	if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
	1576	$content = str_replace('{vhost_port_listen}', '#', $content);
	1577	} else {
	1578	$content = str_replace('{vhost_port_listen}', '', $content);
	1579	}
532ae5	1580
4ffb51	1581	wf($vhost_conf_dir.'/apps.vhost', $content);
532ae5	1582
4ffb51	1583	//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
F	1584	//* and create the symlink
7e1cfb	1585	if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
F	1586	if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
b1a6a5	1587	symlink($vhost_conf_dir.'/apps.vhost', $vhost_conf_enabled_dir.'/000-apps.vhost');
4ffb51	1588	}
a8ccf6	1589
4ffb51	1590	if(!is_file($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter')) {
615a0a	1591	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_apps_fcgi_starter.master', 'tpl/apache_apps_fcgi_starter.master');
526b99	1592	$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
T	1593	$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
4ffb51	1594	mkdir($conf['web']['website_basedir'].'/php-fcgi-scripts/apps', 0755, true);
526b99	1595	//copy('tpl/apache_apps_fcgi_starter.master',$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
T	1596	wf($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter', $content);
4ffb51	1597	exec('chmod +x '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
F	1598	exec('chown -R ispapps:ispapps '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps');
	1599
b1a6a5	1600	}
532ae5	1601	}
165152	1602	if($conf['nginx']['installed'] == true){
4ffb51	1603	$apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
F	1604	$apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
	1605	$install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
532ae5	1606
4ffb51	1607	$command = 'groupadd '.$apps_vhost_user;
F	1608	if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1609
	1610	$command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
	1611	if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1612
	1613
	1614	$command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
	1615	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1616
6e2d48	1617	if(!@is_dir($install_dir)){
F	1618	mkdir($install_dir, 0755, true);
	1619	} else {
	1620	chmod($install_dir, 0755);
	1621	}
4ffb51	1622	chown($install_dir, $apps_vhost_user);
F	1623	chgrp($install_dir, $apps_vhost_group);
	1624
	1625	//* Copy the apps vhost file
	1626	$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
	1627	$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
	1628	$apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'_':$conf['web']['apps_vhost_servername'];
	1629
	1630	// Dont just copy over the virtualhost template but add some custom settings
615a0a	1631	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_apps.vhost.master', 'tpl/nginx_apps.vhost.master');
a8ccf6	1632
4ffb51	1633	if($conf['web']['apps_vhost_ip'] == '_default_'){
F	1634	$apps_vhost_ip = '';
	1635	} else {
	1636	$apps_vhost_ip = $conf['web']['apps_vhost_ip'].':';
	1637	}
a8ccf6	1638
ca0b77	1639	$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
b1a6a5	1640	if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77	1641	if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F	1642	$fpm_socket = $socket_dir.'apps.sock';
8ab3cd	1643	$cgi_socket = escapeshellcmd($conf['nginx']['cgi_socket']);
4ffb51	1644
F	1645	$content = str_replace('{apps_vhost_ip}', $apps_vhost_ip, $content);
	1646	$content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
	1647	$content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
	1648	$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
ca0b77	1649	//$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
F	1650	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
8ab3cd	1651	$content = str_replace('{cgi_socket}', $cgi_socket, $content);
b1a6a5	1652
183c47	1653	if(file_exists('/var/run/php5-fpm.sock')){
F	1654	$use_tcp = '#';
	1655	$use_socket = '';
	1656	} else {
	1657	$use_tcp = '';
	1658	$use_socket = '#';
	1659	}
	1660	$content = str_replace('{use_tcp}', $use_tcp, $content);
	1661	$content = str_replace('{use_socket}', $use_socket, $content);
4ffb51	1662
F	1663	wf($vhost_conf_dir.'/apps.vhost', $content);
a8ccf6	1664
fbb24a	1665	// PHP-FPM
F	1666	// Dont just copy over the php-fpm pool template but add some custom settings
615a0a	1667	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apps_php_fpm_pool.conf.master', 'tpl/apps_php_fpm_pool.conf.master');
fbb24a	1668	$content = str_replace('{fpm_pool}', 'apps', $content);
ca0b77	1669	//$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
F	1670	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
fbb24a	1671	$content = str_replace('{fpm_user}', $apps_vhost_user, $content);
F	1672	$content = str_replace('{fpm_group}', $apps_vhost_group, $content);
	1673	wf($conf['nginx']['php_fpm_pool_dir'].'/apps.conf', $content);
4ffb51	1674
F	1675	//copy('tpl/nginx_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
	1676	//* and create the symlink
7e1cfb	1677	if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
F	1678	if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
b1a6a5	1679	symlink($vhost_conf_dir.'/apps.vhost', $vhost_conf_enabled_dir.'/000-apps.vhost');
4ffb51	1680	}
a8ccf6	1681
532ae5	1682	}
L	1683	}
a8ccf6	1684
532ae5	1685	public function make_ispconfig_ssl_cert() {
L	1686	global $conf;
	1687
	1688	$install_dir = $conf['ispconfig_install_dir'];
a8ccf6	1689
532ae5	1690	$ssl_crt_file = $install_dir.'/interface/ssl/ispserver.crt';
L	1691	$ssl_csr_file = $install_dir.'/interface/ssl/ispserver.csr';
	1692	$ssl_key_file = $install_dir.'/interface/ssl/ispserver.key';
a8ccf6	1693
532ae5	1694	if(!@is_dir($install_dir.'/interface/ssl')) mkdir($install_dir.'/interface/ssl', 0755, true);
a8ccf6	1695
b1a6a5	1696	$ssl_pw = substr(md5(mt_rand()), 0, 6);
532ae5	1697	exec("openssl genrsa -des3 -passout pass:$ssl_pw -out $ssl_key_file 4096");
L	1698	exec("openssl req -new -passin pass:$ssl_pw -passout pass:$ssl_pw -key $ssl_key_file -out $ssl_csr_file");
	1699	exec("openssl req -x509 -passin pass:$ssl_pw -passout pass:$ssl_pw -key $ssl_key_file -in $ssl_csr_file -out $ssl_crt_file -days 3650");
	1700	exec("openssl rsa -passin pass:$ssl_pw -in $ssl_key_file -out $ssl_key_file.insecure");
b1a6a5	1701	rename($ssl_key_file, $ssl_key_file.'.secure');
MC	1702	rename($ssl_key_file.'.insecure', $ssl_key_file);
a8ccf6	1703
532ae5	1704	}
L	1705
	1706	public function install_ispconfig() {
	1707	global $conf;
	1708
	1709	$install_dir = $conf['ispconfig_install_dir'];
	1710
	1711	//* Create the ISPConfig installation directory
	1712	if(!@is_dir($install_dir)) {
	1713	$command = "mkdir $install_dir";
	1714	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1715	}
	1716
	1717	//* Create a ISPConfig user and group
	1718	$command = 'groupadd ispconfig';
	1719	if(!is_group('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1720
	1721	$command = 'useradd -g ispconfig -d '.$install_dir.' ispconfig';
	1722	if(!is_user('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1723
	1724	//* copy the ISPConfig interface part
	1725	$command = 'cp -rf ../interface '.$install_dir;
	1726	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1727
	1728	//* copy the ISPConfig server part
	1729	$command = 'cp -rf ../server '.$install_dir;
	1730	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1731
	1732	//* Create a symlink, so ISPConfig is accessible via web
	1733	// Replaced by a separate vhost definition for port 8080
	1734	// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
	1735	// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1736
	1737	//* Create the config file for ISPConfig interface
	1738	$configfile = 'config.inc.php';
	1739	if(is_file($install_dir.'/interface/lib/'.$configfile)) {
	1740	copy($install_dir.'/interface/lib/'.$configfile, $install_dir.'/interface/lib/'.$configfile.'~');
	1741	}
615a0a	1742	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	1743	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
b1a6a5	1744	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
532ae5	1745	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
L	1746	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1747
	1748	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
	1749	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	1750	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	1751	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
	1752
	1753	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1754	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
b63764	1755	$content = str_replace('{language}', $conf['language'], $content);
8cf78b	1756	$content = str_replace('{timezone}', $conf['timezone'], $content);
f598b0	1757	$content = str_replace('{theme}', $conf['theme'], $content);
992797	1758	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
b63764	1759
532ae5	1760	wf($install_dir.'/interface/lib/'.$configfile, $content);
L	1761
	1762	//* Create the config file for ISPConfig server
	1763	$configfile = 'config.inc.php';
	1764	if(is_file($install_dir.'/server/lib/'.$configfile)) {
	1765	copy($install_dir.'/server/lib/'.$configfile, $install_dir.'/interface/lib/'.$configfile.'~');
	1766	}
615a0a	1767	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	1768	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	1769	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1770	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1771	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1772
	1773	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
	1774	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	1775	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	1776	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
	1777
	1778	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1779	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
	1780	$content = str_replace('{language}', $conf['language'], $content);
8cf78b	1781	$content = str_replace('{timezone}', $conf['timezone'], $content);
f598b0	1782	$content = str_replace('{theme}', $conf['theme'], $content);
992797	1783	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
532ae5	1784
L	1785	wf($install_dir.'/server/lib/'.$configfile, $content);
	1786
	1787	//* Create the config file for remote-actions (but only, if it does not exist, because
	1788	// the value is a autoinc-value and so changed by the remoteaction_core_module
	1789	if (!file_exists($install_dir.'/server/lib/remote_action.inc.php')) {
	1790	$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
	1791	wf($install_dir.'/server/lib/remote_action.inc.php', $content);
	1792	}
	1793
	1794	//* Enable the server modules and plugins.
	1795	// TODO: Implement a selector which modules and plugins shall be enabled.
	1796	$dir = $install_dir.'/server/mods-available/';
	1797	if (is_dir($dir)) {
	1798	if ($dh = opendir($dir)) {
	1799	while (($file = readdir($dh)) !== false) {
b1a6a5	1800	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	1801	include_once $install_dir.'/server/mods-available/'.$file;
	1802	$module_name = substr($file, 0, -8);
532ae5	1803	$tmp = new $module_name;
L	1804	if($tmp->onInstall()) {
	1805	if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) {
	1806	@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
	1807	// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file);
	1808	}
	1809	if (strpos($file, '_core_module') !== false) {
	1810	if(!@is_link($install_dir.'/server/mods-core/'.$file)) {
	1811	@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
	1812	// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file);
	1813	}
	1814	}
	1815	}
	1816	unset($tmp);
	1817	}
	1818	}
	1819	closedir($dh);
	1820	}
	1821	}
	1822
	1823	$dir = $install_dir.'/server/plugins-available/';
	1824	if (is_dir($dir)) {
	1825	if ($dh = opendir($dir)) {
	1826	while (($file = readdir($dh)) !== false) {
4ffb51	1827	if($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') continue;
F	1828	if($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') continue;
b1a6a5	1829	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	1830	include_once $install_dir.'/server/plugins-available/'.$file;
	1831	$plugin_name = substr($file, 0, -8);
532ae5	1832	$tmp = new $plugin_name;
b1a6a5	1833	if(method_exists($tmp, 'onInstall') && $tmp->onInstall()) {
532ae5	1834	if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) {
L	1835	@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
	1836	//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-enabled/'.$file);
	1837	}
	1838	if (strpos($file, '_core_plugin') !== false) {
	1839	if(!@is_link($install_dir.'/server/plugins-core/'.$file)) {
	1840	@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
	1841	//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-core/'.$file);
	1842	}
	1843	}
	1844	}
	1845	unset($tmp);
	1846	}
	1847	}
	1848	closedir($dh);
	1849	}
	1850	}
	1851
	1852	// Update the server config
	1853	$mail_server_enabled = ($conf['services']['mail'])?1:0;
	1854	$web_server_enabled = ($conf['services']['web'])?1:0;
	1855	$dns_server_enabled = ($conf['services']['dns'])?1:0;
	1856	$file_server_enabled = ($conf['services']['file'])?1:0;
	1857	$db_server_enabled = ($conf['services']['db'])?1:0;
8cf955	1858	$vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
80e3c9	1859	$proxy_server_enabled = ($conf['services']['proxy'])?1:0;
T	1860	$firewall_server_enabled = ($conf['services']['firewall'])?1:0;
532ae5	1861
80e3c9	1862	$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled', proxy_server = '$proxy_server_enabled', firewall_server = '$firewall_server_enabled' WHERE server_id = ".intval($conf['server_id']);
532ae5	1863
L	1864	if($conf['mysql']['master_slave_setup'] == 'y') {
	1865	$this->dbmaster->query($sql);
	1866	$this->db->query($sql);
	1867	} else {
	1868	$this->db->query($sql);
	1869	}
	1870
	1871
	1872	//* Chmod the files
	1873	$command = 'chmod -R 750 '.$install_dir;
	1874	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1875
	1876	//* chown the files to the ispconfig user and group
	1877	$command = 'chown -R ispconfig:ispconfig '.$install_dir;
	1878	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1879
	1880	//* Make the global language file directory group writable
	1881	exec("chmod -R 770 $install_dir/interface/lib/lang");
	1882
	1883	//* Make the temp directory for language file exports writable
	1884	if(is_dir($install_dir.'/interface/web/temp')) exec("chmod -R 770 $install_dir/interface/web/temp");
	1885
	1886	//* Make all interface language file directories group writable
	1887	$handle = @opendir($install_dir.'/interface/web');
b1a6a5	1888	while ($file = @readdir($handle)) {
532ae5	1889	if ($file != '.' && $file != '..') {
L	1890	if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) {
	1891	$handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang');
b1a6a5	1892	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang', 0770);
MC	1893	while ($lang_file = @readdir($handle2)) {
532ae5	1894	if ($lang_file != '.' && $lang_file != '..') {
b1a6a5	1895	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file, 0770);
532ae5	1896	}
L	1897	}
	1898	}
	1899	}
	1900	}
a8ccf6	1901
477d4e	1902	//* Make the APS directories group writable
T	1903	exec("chmod -R 770 $install_dir/interface/web/sites/aps_meta_packages");
	1904	exec("chmod -R 770 $install_dir/server/aps_packages");
532ae5	1905
L	1906	//* make sure that the server config file (not the interface one) is only readable by the root user
bfcdef	1907	chmod($install_dir.'/server/lib/config.inc.php', 0600);
T	1908	chown($install_dir.'/server/lib/config.inc.php', 'root');
	1909	chgrp($install_dir.'/server/lib/config.inc.php', 'root');
b1a6a5	1910
bfcdef	1911	//* Make sure thet the interface config file is readable by user ispconfig only
T	1912	chmod($install_dir.'/interface/lib/config.inc.php', 0600);
	1913	chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
	1914	chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
532ae5	1915
L	1916	chmod($install_dir.'/server/lib/remote_action.inc.php', 0600);
	1917	chown($install_dir.'/server/lib/remote_action.inc.php', 'root');
	1918	chgrp($install_dir.'/server/lib/remote_action.inc.php', 'root');
	1919
	1920	if(@is_file($install_dir.'/server/lib/mysql_clientdb.conf')) {
	1921	chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
	1922	chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
	1923	chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
	1924	}
a8ccf6	1925
8cf78b	1926	if(is_dir($install_dir.'/interface/invoices')) {
e94a9f	1927	exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
T	1928	exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
edf806	1929	}
532ae5	1930
L	1931	// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
	1932	// and must be fixed as this will allow the apache user to read the ispconfig files.
	1933	// Later this must run as own apache server or via suexec!
63b369	1934	if($conf['apache']['installed'] == true){
F	1935	$command = 'adduser '.$conf['apache']['user'].' ispconfig';
	1936	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	1937	if(is_group('ispapps')){
F	1938	$command = 'adduser '.$conf['apache']['user'].' ispapps';
	1939	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1940	}
63b369	1941	}
F	1942	if($conf['nginx']['installed'] == true){
	1943	$command = 'adduser '.$conf['nginx']['user'].' ispconfig';
	1944	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	1945	if(is_group('ispapps')){
F	1946	$command = 'adduser '.$conf['nginx']['user'].' ispapps';
	1947	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1948	}
63b369	1949	}
532ae5	1950
L	1951	//* Make the shell scripts executable
	1952	$command = "chmod +x $install_dir/server/scripts/*.sh";
	1953	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1954
7e1cfb	1955	if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
4ffb51	1956	//* Copy the ISPConfig vhost for the controlpanel
F	1957	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	1958	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
532ae5	1959
4ffb51	1960	// Dont just copy over the virtualhost template but add some custom settings
615a0a	1961	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig.vhost.master', 'tpl/apache_ispconfig.vhost.master');
4ffb51	1962	$content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);
532ae5	1963
4ffb51	1964	// comment out the listen directive if port is 80 or 443
F	1965	if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
	1966	$content = str_replace('{vhost_port_listen}', '#', $content);
	1967	} else {
	1968	$content = str_replace('{vhost_port_listen}', '', $content);
	1969	}
a8ccf6	1970
4ffb51	1971	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
F	1972	$content = str_replace('{ssl_comment}', '', $content);
	1973	} else {
	1974	$content = str_replace('{ssl_comment}', '#', $content);
	1975	}
10b4c8	1976	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) {
T	1977	$content = str_replace('{ssl_bundle_comment}', '', $content);
	1978	} else {
	1979	$content = str_replace('{ssl_bundle_comment}', '#', $content);
	1980	}
532ae5	1981
4ffb51	1982	wf($vhost_conf_dir.'/ispconfig.vhost', $content);
532ae5	1983
4ffb51	1984	//copy('tpl/apache_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
F	1985	//* and create the symlink
7e1cfb	1986	if($this->is_update == false) {
4ffb51	1987	if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
F	1988	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
b1a6a5	1989	symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
4ffb51	1990	}
F	1991	}
cc6568	1992	//if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
b1a6a5	1993	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
MC	1994	$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
	1995	$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
	1996	@mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
	1997	wf('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
	1998	exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
	1999	@symlink($install_dir.'/interface/web', '/var/www/ispconfig');
	2000	exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
cc6568	2001	//}
532ae5	2002	}
a8ccf6	2003
7e1cfb	2004	if($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true){
4ffb51	2005	//* Copy the ISPConfig vhost for the controlpanel
F	2006	$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
	2007	$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
532ae5	2008
4ffb51	2009	// Dont just copy over the virtualhost template but add some custom settings
615a0a	2010	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
4ffb51	2011	$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
a8ccf6	2012
4ffb51	2013	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
f9b8d0	2014	$content = str_replace('{ssl_on}', 'on', $content);
4ffb51	2015	$content = str_replace('{ssl_comment}', '', $content);
F	2016	$content = str_replace('{fastcgi_ssl}', 'on', $content);
	2017	} else {
f9b8d0	2018	$content = str_replace('{ssl_on}', 'off', $content);
4ffb51	2019	$content = str_replace('{ssl_comment}', '#', $content);
F	2020	$content = str_replace('{fastcgi_ssl}', 'off', $content);
	2021	}
a8ccf6	2022
ca0b77	2023	$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
b1a6a5	2024	if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77	2025	if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F	2026	$fpm_socket = $socket_dir.'ispconfig.sock';
a8ccf6	2027
ca0b77	2028	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	2029	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
a8ccf6	2030
4ffb51	2031	wf($vhost_conf_dir.'/ispconfig.vhost', $content);
a8ccf6	2032
4ffb51	2033	unset($content);
a8ccf6	2034
4ffb51	2035	// PHP-FPM
F	2036	// Dont just copy over the php-fpm pool template but add some custom settings
615a0a	2037	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
4ffb51	2038	$content = str_replace('{fpm_pool}', 'ispconfig', $content);
ca0b77	2039	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	2040	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
4ffb51	2041	$content = str_replace('{fpm_user}', 'ispconfig', $content);
F	2042	$content = str_replace('{fpm_group}', 'ispconfig', $content);
	2043	wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);
	2044
	2045	//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
	2046	//* and create the symlink
7e1cfb	2047	if($this->is_update == false) {
4ffb51	2048	if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
F	2049	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
b1a6a5	2050	symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
4ffb51	2051	}
F	2052	}
532ae5	2053	}
L	2054
	2055	//* Install the update script
b34f99	2056	if(is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
MC	2057	chown($install_dir.'/server/scripts/update_from_dev.sh', 'root');
	2058	chmod($install_dir.'/server/scripts/update_from_dev.sh', 0700);
532ae5	2059	chown($install_dir.'/server/scripts/update_from_tgz.sh', 'root');
L	2060	chmod($install_dir.'/server/scripts/update_from_tgz.sh', 0700);
	2061	chown($install_dir.'/server/scripts/ispconfig_update.sh', 'root');
	2062	chmod($install_dir.'/server/scripts/ispconfig_update.sh', 0700);
b34f99	2063	if(!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_dev.sh');
b1a6a5	2064	if(!is_link('/usr/local/bin/ispconfig_update.sh')) symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
532ae5	2065
L	2066	//* Make the logs readable for the ispconfig user
	2067	if(@is_file('/var/log/mail.log')) exec('chmod +r /var/log/mail.log');
	2068	if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn');
	2069	if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err');
	2070	if(@is_file('/var/log/messages')) exec('chmod +r /var/log/messages');
	2071	if(@is_file('/var/log/clamav/clamav.log')) exec('chmod +r /var/log/clamav/clamav.log');
	2072	if(@is_file('/var/log/clamav/freshclam.log')) exec('chmod +r /var/log/clamav/freshclam.log');
	2073
	2074	//* Create the ispconfig log file and directory
	2075	if(!is_file($conf['ispconfig_log_dir'].'/ispconfig.log')) {
	2076	if(!is_dir($conf['ispconfig_log_dir'])) mkdir($conf['ispconfig_log_dir'], 0755);
	2077	touch($conf['ispconfig_log_dir'].'/ispconfig.log');
	2078	}
a8ccf6	2079
99c89b	2080	//* Create the ispconfig auth log file and set uid/gid
a8ccf6	2081	if(!is_file($conf['ispconfig_log_dir'].'/auth.log')) {
99c89b	2082	touch($conf['ispconfig_log_dir'].'/auth.log');
a8ccf6	2083	}
0799f8	2084	exec('chown ispconfig:ispconfig '. $conf['ispconfig_log_dir'].'/auth.log');
T	2085	exec('chmod 660 '. $conf['ispconfig_log_dir'].'/auth.log');
a8ccf6	2086
0c5b42	2087	if(is_user('getmail')) {
b1a6a5	2088	rename($install_dir.'/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh');
0c5b42	2089	if(is_user('getmail')) chown('/usr/local/bin/run-getmail.sh', 'getmail');
T	2090	chmod('/usr/local/bin/run-getmail.sh', 0744);
	2091	}
532ae5	2092
L	2093	//* Add Log-Rotation
	2094	if (is_dir('/etc/logrotate.d')) {
	2095	@unlink('/etc/logrotate.d/logispc3'); // ignore, if the file is not there
	2096	/* We rotate these logs in cron_daily.php
	2097	$fh = fopen('/etc/logrotate.d/logispc3', 'w');
	2098	fwrite($fh,
	2099	"$conf['ispconfig_log_dir']/ispconfig.log { \n" .
	2100	" weekly \n" .
	2101	" missingok \n" .
	2102	" rotate 4 \n" .
	2103	" compress \n" .
	2104	" delaycompress \n" .
	2105	"} \n" .
	2106	"$conf['ispconfig_log_dir']/cron.log { \n" .
	2107	" weekly \n" .
	2108	" missingok \n" .
	2109	" rotate 4 \n" .
	2110	" compress \n" .
	2111	" delaycompress \n" .
	2112	"}");
	2113	fclose($fh);
	2114	*/
	2115	}
b1a6a5	2116
d71bae	2117	//* Remove Domain module as its functions are available in the client module now
T	2118	if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
b1a6a5	2119
MC	2120
532ae5	2121	}
L	2122
	2123	public function configure_dbserver() {
	2124	global $conf;
	2125
	2126	//* If this server shall act as database server for client DB's, we configure this here
	2127	$install_dir = $conf['ispconfig_install_dir'];
	2128
	2129	// Create a file with the database login details which
	2130	// are used to create the client databases.
	2131
	2132	if(!is_dir($install_dir.'/server/lib')) {
	2133	$command = "mkdir $install_dir/server/lib";
	2134	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	2135	}
	2136
615a0a	2137	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mysql_clientdb.conf.master', 'tpl/mysql_clientdb.conf.master');
b1a6a5	2138	$content = str_replace('{hostname}', $conf['mysql']['host'], $content);
MC	2139	$content = str_replace('{username}', $conf['mysql']['admin_user'], $content);
	2140	$content = str_replace('{password}', $conf['mysql']['admin_password'], $content);
	2141	wf($install_dir.'/server/lib/mysql_clientdb.conf', $content);
532ae5	2142	chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
L	2143	chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
a8ccf6	2144	chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
532ae5	2145
L	2146	}
	2147
	2148	public function install_crontab() {
	2149	global $conf;
	2150
	2151	$install_dir = $conf['ispconfig_install_dir'];
	2152
	2153	//* Root Crontab
	2154	exec('crontab -u root -l > crontab.txt');
	2155	$existing_root_cron_jobs = file('crontab.txt');
	2156
	2157	// remove existing ispconfig cronjobs, in case the syntax has changed
	2158	foreach($existing_root_cron_jobs as $key => $val) {
b1a6a5	2159	if(stristr($val, $install_dir)) unset($existing_root_cron_jobs[$key]);
532ae5	2160	}
L	2161
	2162	$root_cron_jobs = array(
b1a6a5	2163	"* * * * * ".$install_dir."/server/server.sh 2>&1 > /dev/null \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done",
0e963f	2164	"30 00 * * * ".$install_dir."/server/cron.sh 2>&1 > /dev/null \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done"
532ae5	2165	);
a8ccf6	2166
b6a10a	2167	if ($conf['nginx']['installed'] == true) {
F	2168	$root_cron_jobs[] = "0 0 * * * ".$install_dir."/server/scripts/create_daily_nginx_access_logs.sh &> /dev/null";
	2169	}
a8ccf6	2170
532ae5	2171	foreach($root_cron_jobs as $cron_job) {
L	2172	if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
	2173	$existing_root_cron_jobs[] = $cron_job."\n";
	2174	}
	2175	}
	2176	file_put_contents('crontab.txt', $existing_root_cron_jobs);
	2177	exec('crontab -u root crontab.txt &> /dev/null');
	2178	unlink('crontab.txt');
	2179
	2180	//* Getmail crontab
	2181	if(is_user('getmail')) {
	2182	$cf = $conf['getmail'];
	2183	exec('crontab -u getmail -l > crontab.txt');
	2184	$existing_cron_jobs = file('crontab.txt');
	2185
	2186	$cron_jobs = array(
b1a6a5	2187	'/5 * * * /usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null'
532ae5	2188	);
L	2189
	2190	// remove existing ispconfig cronjobs, in case the syntax has changed
	2191	foreach($existing_cron_jobs as $key => $val) {
b1a6a5	2192	if(stristr($val, 'getmail')) unset($existing_cron_jobs[$key]);
532ae5	2193	}
L	2194
	2195	foreach($cron_jobs as $cron_job) {
	2196	if(!in_array($cron_job."\n", $existing_cron_jobs)) {
	2197	$existing_cron_jobs[] = $cron_job."\n";
	2198	}
	2199	}
	2200	file_put_contents('crontab.txt', $existing_cron_jobs);
	2201	exec('crontab -u getmail crontab.txt &> /dev/null');
	2202	unlink('crontab.txt');
	2203	}
	2204
	2205	touch($conf['ispconfig_log_dir'].'/cron.log');
cc6568	2206	chmod($conf['ispconfig_log_dir'].'/cron.log', 0660);
532ae5	2207
L	2208	}
b1a6a5	2209
33bcd0	2210	public function getinitcommand($servicename, $action, $init_script_directory = ''){
FT	2211	global $conf;
	2212	// systemd
	2213	if(is_executable('/bin/systemd')){
	2214	return 'systemctl '.$action.' '.$servicename.'.service';
	2215	}
	2216	// upstart
	2217	if(is_executable('/sbin/initctl')){
	2218	exec('/sbin/initctl version 2>/dev/null \| /bin/grep -q upstart', $retval['output'], $retval['retval']);
	2219	if(intval($retval['retval']) == 0) return 'service '.$servicename.' '.$action;
	2220	}
	2221	// sysvinit
	2222	if($init_script_directory == '') $init_script_directory = $conf['init_scripts'];
	2223	if(substr($init_script_directory, -1) === '/') $init_script_directory = substr($init_script_directory, 0, -1);
	2224	return $init_script_directory.'/'.$servicename.' '.$action;
	2225	}
532ae5	2226
L	2227	/**
	2228	* Helper function - get the path to a template file based on
	2229	* the local part of the filename. Checks first for the existence
	2230	* of a distribution specific file and if not found looks in the
	2231	* base template folder. Optionally the behaviour can be changed
	2232	* by setting the 2nd parameter which will fetch the contents
	2233	* of the template file and return it instead of the path. The 3rd
	2234	* parameter further extends this behaviour by filtering the contents
	2235	* by inserting the ispconfig database credentials using the {} placeholders.
	2236	*
	2237	* @param string $tLocal local part of filename
	2238	* @param bool $tRf
	2239	* @param bool $tDBCred
	2240	* @return string Relative path to the chosen template file
	2241	*/
	2242	protected function get_template_file($tLocal, $tRf=false, $tDBCred=false) {
	2243	global $conf, $dist;
	2244
	2245	$final_path = '';
b1a6a5	2246	$dist_template = $conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $tLocal . '.master';
MC	2247	if (file_exists($dist_template)) {
532ae5	2248	$final_path = $dist_template;
L	2249	} else {
b1a6a5	2250	$dist_template = 'dist/tpl/'.strtolower($dist['name'])."/$tLocal.master";
MC	2251	if (file_exists($dist_template)) {
	2252	$final_path = $dist_template;
	2253	} else {
	2254	$final_path = "tpl/$tLocal.master";
	2255	}
	2256	}
532ae5	2257
L	2258	if (!$tRf) {
	2259	return $final_path;
	2260	} else {
	2261	return (!$tDBCred) ? rf($final_path) : $this->insert_db_credentials(rf($final_path));
	2262	}
	2263	}
	2264
	2265	/**
	2266	* Helper function - writes the contents to a config file
	2267	* and performs a backup if the file exist. Additionally
	2268	* if the file exists the new file will be given the
	2269	* same rights and ownership as the original. Optionally the
	2270	* rights and/or ownership can be overriden by appending umask,
	2271	* user and group to the parameters. Providing only uid and gid
	2272	* values will result in only a chown.
	2273	*
	2274	* @param $tConf
	2275	* @param $tContents
	2276	* @return bool
	2277	*/
	2278	protected function write_config_file($tConf, $tContents) {
	2279	// Backup config file before writing new contents and stat file
	2280	if ( is_file($tConf) ) {
	2281	$stat = exec('stat -c \'%a %U %G\' '.escapeshellarg($tConf), $output, $res);
	2282	if ($res == 0) { // stat successfull
8cddcd	2283	list($access, $user, $group) = explode(" ", $stat);
532ae5	2284	}
L	2285
	2286	if ( copy($tConf, $tConf.'~') ) {
	2287	chmod($tConf.'~', 0400);
	2288	}
	2289	}
	2290
	2291	wf($tConf, $tContents); // write file
	2292
	2293	if (func_num_args() >= 4) // override rights and/or ownership
b1a6a5	2294	{
532ae5	2295	$args = func_get_args();
L	2296	$output = array_slice($args, 2);
	2297
	2298	switch (sizeof($output)) {
b1a6a5	2299	case 3:
MC	2300	$umask = array_shift($output);
	2301	if (is_numeric($umask) && preg_match('/^0?[0-7]{3}$/', $umask)) {
	2302	$access = $umask;
	2303	}
	2304	case 2:
	2305	if (is_user($output[0]) && is_group($output[1])) {
	2306	list($user, $group) = $output;
	2307	}
	2308	break;
532ae5	2309	}
L	2310	}
	2311
	2312	if (!empty($user) && !empty($group)) {
	2313	chown($tConf, $user);
	2314	chgrp($tConf, $group);
	2315	}
	2316
	2317	if (!empty($access)) {
	2318	exec("chmod $access $tConf");
	2319	}
	2320	}
	2321
	2322	/**
	2323	* Helper function - filter the contents of a config
	2324	* file by inserting the common ispconfig database
	2325	* credentials.
	2326	*
	2327	* @param $tContents
	2328	* @return string
	2329	*/
	2330	protected function insert_db_credentials($tContents) {
	2331	global $conf;
	2332
	2333	$tContents = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $tContents);
	2334	$tContents = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $tContents);
	2335	$tContents = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $tContents);
	2336	$tContents = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $tContents);
b1a6a5	2337	$tContents = str_replace('{mysql_server_host}', $conf['mysql']['host'], $tContents);
MC	2338	$tContents = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $tContents);
532ae5	2339
L	2340	return $tContents;
	2341	}
b1a6a5	2342
532ae5	2343	}
L	2344
e514ae	2345	?>