gitlabFork/ISPConfig3.git - Solinfo Gitblit

Fixed: FS#3736 - Bind slave file directory has wrong permissions

Till Brehm

2014-11-16 fc7f1b1fdf8b7952da265973c0a474400e672b97

commit \| author \| age
532ae5	1	<?php
L	2
	3	/*
	4	Copyright (c) 2007-2010, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	class installer_base {
	32
	33	var $wb = array();
	34	var $language = 'en';
	35	var $db;
	36	public $conf;
	37	public $install_ispconfig_interface = true;
	38	public $is_update = false; // true if it is an update, falsi if it is a new install
	39
	40
	41	public function __construct() {
	42	global $conf; //TODO: maybe $conf should be passed to constructor
	43	//$this->conf = $conf;
	44	}
	45
	46	//: TODO Implement the translation function and language files for the installer.
	47	public function lng($text) {
	48	return $text;
	49	}
	50
	51	public function error($msg) {
	52	die('ERROR: '.$msg."\n");
	53	}
	54
	55	public function warning($msg) {
7fe908	56	echo 'WARNING: '.$msg."\n";
532ae5	57	}
a8ccf6	58
b04e82	59	public function simple_query($query, $answers, $default, $name = '') {
TB	60	global $autoinstall;
532ae5	61	$finished = false;
L	62	do {
b04e82	63	if($name != '' && $autoinstall[$name] != '') {
TB	64	if($autoinstall[$name] == 'default') {
	65	$input = $default;
	66	} else {
	67	$input = $autoinstall[$name];
	68	}
	69	} else {
	70	$answers_str = implode(',', $answers);
	71	swrite($this->lng($query).' ('.$answers_str.') ['.$default.']: ');
	72	$input = sread();
	73	}
532ae5	74
L	75	//* Stop the installation
	76	if($input == 'quit') {
	77	swriteln($this->lng("Installation terminated by user.\n"));
	78	die();
	79	}
	80
	81	//* Select the default
	82	if($input == '') {
	83	$answer = $default;
	84	$finished = true;
	85	}
	86
	87	//* Set answer id valid
	88	if(in_array($input, $answers)) {
	89	$answer = $input;
	90	$finished = true;
	91	}
	92
	93	} while ($finished == false);
	94	swriteln();
	95	return $answer;
	96	}
	97
b04e82	98	public function free_query($query, $default, $name = '') {
TB	99	global $autoinstall;
	100	if($name != '' && $autoinstall[$name] != '') {
	101	if($autoinstall[$name] == 'default') {
	102	$input = $default;
	103	} else {
	104	$input = $autoinstall[$name];
	105	}
	106	} else {
	107	swrite($this->lng($query).' ['.$default.']: ');
	108	$input = sread();
	109	}
532ae5	110
L	111	//* Stop the installation
	112	if($input == 'quit') {
	113	swriteln($this->lng("Installation terminated by user.\n"));
	114	die();
	115	}
	116
	117	$answer = ($input == '') ? $default : $input;
	118	swriteln();
	119	return $answer;
	120	}
	121
	122	/*
	123	// TODO: this function is not used atmo I think - pedro
	124	function request_language(){
a8ccf6	125
532ae5	126	swriteln(lng('Enter your language'));
L	127	swriteln(lng('de, en'));
a8ccf6	128
532ae5	129	}
L	130	*/
	131
	132	//** Detect installed applications
	133	public function find_installed_apps() {
	134	global $conf;
	135
	136	if(is_installed('mysql') \|\| is_installed('mysqld')) $conf['mysql']['installed'] = true;
	137	if(is_installed('postfix')) $conf['postfix']['installed'] = true;
	138	if(is_installed('mailman')) $conf['mailman']['installed'] = true;
e09a27	139	if(is_installed('apache') \|\| is_installed('apache2') \|\| is_installed('httpd') \|\| is_installed('httpd2')) $conf['apache']['installed'] = true;
532ae5	140	if(is_installed('getmail')) $conf['getmail']['installed'] = true;
1ca823	141	if(is_installed('courierlogger')) $conf['courier']['installed'] = true;
532ae5	142	if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
74d2dc	143	if(is_installed('saslauthd')) $conf['saslauthd']['installed'] = true;
ac28b5	144	if(is_installed('amavisd-new') \|\| is_installed('amavisd')) $conf['amavis']['installed'] = true;
532ae5	145	if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
L	146	if(is_installed('pure-ftpd') \|\| is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true;
	147	if(is_installed('mydns') \|\| is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
	148	if(is_installed('jk_chrootsh')) $conf['jailkit']['installed'] = true;
	149	if(is_installed('pdns_server') \|\| is_installed('pdns_control')) $conf['powerdns']['installed'] = true;
	150	if(is_installed('named') \|\| is_installed('bind') \|\| is_installed('bind9')) $conf['bind']['installed'] = true;
80e3c9	151	if(is_installed('squid')) $conf['squid']['installed'] = true;
T	152	if(is_installed('nginx')) $conf['nginx']['installed'] = true;
992797	153	// if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
5eb43f	154	if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
522ef8	155	if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
80e3c9	156	if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
a8ccf6	157
d7cfd7	158	if ($conf['services']['web'] && (($conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) \|\| ($conf['nginx']['installed'] && is_file($conf['nginx']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")))) $this->ispconfig_interface_installed = true;
532ae5	159	}
L	160
	161	/** Create the database for ISPConfig */
7fe908	162
MC	163
532ae5	164	public function configure_database() {
L	165	global $conf;
	166
	167	//** Create the database
	168	if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['mysql']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
	169	$this->error('Unable to create MySQL database: '.$conf['mysql']['database'].'.');
	170	}
	171
	172	//* Set the database name in the DB library
	173	$this->db->dbName = $conf['mysql']['database'];
	174
	175	//* Load the database dump into the database, if database contains no tables
	176	$db_tables = $this->db->getTables();
	177	if(count($db_tables) > 0) {
	178	$this->error('Stopped: Database already contains some tables.');
	179	} else {
	180	if($conf['mysql']['admin_password'] == '') {
02bf99	181	caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
7fe908	182	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
532ae5	183	} else {
02bf99	184	caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
7fe908	185	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
532ae5	186	}
L	187	$db_tables = $this->db->getTables();
	188	if(count($db_tables) == 0) {
	189	$this->error('Unable to load SQL-Dump into database table.');
	190	}
	191
	192	//* Load system.ini into the sys_ini table
	193	$system_ini = $this->db->quote(rf('tpl/system.ini.master'));
	194	$this->db->query("UPDATE sys_ini SET config = '$system_ini' WHERE sysini_id = 1");
	195
	196	}
	197	}
	198
	199	//** Create the server record in the database
	200	public function add_database_server_record() {
	201
	202	global $conf;
	203
	204	if($conf['mysql']['host'] == 'localhost') {
	205	$from_host = 'localhost';
	206	} else {
	207	$from_host = $conf['hostname'];
	208	}
	209
	210	// Delete ISPConfig user in the local database, in case that it exists
	211	$this->db->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['ispconfig_user']."' AND Host = '".$from_host."';");
	212	$this->db->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['database']."' AND Host = '".$from_host."';");
	213	$this->db->query('FLUSH PRIVILEGES;');
	214
	215	//* Create the ISPConfig database user in the local database
	216	$query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['database'].".* "
7fe908	217	."TO '".$conf['mysql']['ispconfig_user']."'@'".$from_host."' "
MC	218	."IDENTIFIED BY '".$conf['mysql']['ispconfig_password']."';";
532ae5	219	if(!$this->db->query($query)) {
L	220	$this->error('Unable to create database user: '.$conf['mysql']['ispconfig_user'].' Error: '.$this->db->errorMessage);
	221	}
	222
	223	//* Reload database privelages
	224	$this->db->query('FLUSH PRIVILEGES;');
	225
	226	//* Set the database name in the DB library
	227	$this->db->dbName = $conf['mysql']['database'];
	228
	229	$tpl_ini_array = ini_to_array(rf('tpl/server.ini.master'));
	230
	231	//* Update further distribution specific parameters for server config here
	232	//* HINT: Every line added here has to be added in update.lib.php too!!
	233	$tpl_ini_array['web']['vhost_conf_dir'] = $conf['apache']['vhost_conf_dir'];
	234	$tpl_ini_array['web']['vhost_conf_enabled_dir'] = $conf['apache']['vhost_conf_enabled_dir'];
	235	$tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs'];
	236	$tpl_ini_array['fastcgi']['fastcgi_phpini_path'] = $conf['fastcgi']['fastcgi_phpini_path'];
	237	$tpl_ini_array['fastcgi']['fastcgi_starter_path'] = $conf['fastcgi']['fastcgi_starter_path'];
526b99	238	$tpl_ini_array['fastcgi']['fastcgi_bin'] = $conf['fastcgi']['fastcgi_bin'];
532ae5	239	$tpl_ini_array['server']['hostname'] = $conf['hostname'];
L	240	$tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']);
	241	$tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir'];
	242	$tpl_ini_array['web']['website_path'] = $conf['web']['website_path'];
	243	$tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks'];
	244	$tpl_ini_array['cron']['crontab_dir'] = $conf['cron']['crontab_dir'];
	245	$tpl_ini_array['web']['security_level'] = 20;
	246	$tpl_ini_array['web']['user'] = $conf['apache']['user'];
	247	$tpl_ini_array['web']['group'] = $conf['apache']['group'];
	248	$tpl_ini_array['web']['php_ini_path_apache'] = $conf['apache']['php_ini_path_apache'];
	249	$tpl_ini_array['web']['php_ini_path_cgi'] = $conf['apache']['php_ini_path_cgi'];
	250	$tpl_ini_array['mail']['pop3_imap_daemon'] = ($conf['dovecot']['installed'] == true)?'dovecot':'courier';
	251	$tpl_ini_array['mail']['mail_filter_syntax'] = ($conf['dovecot']['installed'] == true)?'sieve':'maildrop';
	252	$tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user'];
	253	$tpl_ini_array['dns']['bind_group'] = $conf['bind']['bind_group'];
	254	$tpl_ini_array['dns']['bind_zonefiles_dir'] = $conf['bind']['bind_zonefiles_dir'];
	255	$tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path'];
	256	$tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path'];
a8ccf6	257
dba68f	258	$tpl_ini_array['web']['nginx_vhost_conf_dir'] = $conf['nginx']['vhost_conf_dir'];
T	259	$tpl_ini_array['web']['nginx_vhost_conf_enabled_dir'] = $conf['nginx']['vhost_conf_enabled_dir'];
	260	$tpl_ini_array['web']['nginx_user'] = $conf['nginx']['user'];
	261	$tpl_ini_array['web']['nginx_group'] = $conf['nginx']['group'];
	262	$tpl_ini_array['web']['nginx_cgi_socket'] = $conf['nginx']['cgi_socket'];
	263	$tpl_ini_array['web']['php_fpm_init_script'] = $conf['nginx']['php_fpm_init_script'];
	264	$tpl_ini_array['web']['php_fpm_ini_path'] = $conf['nginx']['php_fpm_ini_path'];
	265	$tpl_ini_array['web']['php_fpm_pool_dir'] = $conf['nginx']['php_fpm_pool_dir'];
	266	$tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port'];
	267	$tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir'];
a8ccf6	268
80e3c9	269	if ($conf['nginx']['installed'] == true) {
4ffb51	270	$tpl_ini_array['web']['server_type'] = 'nginx';
F	271	$tpl_ini_array['global']['webserver'] = 'nginx';
80e3c9	272	}
a8ccf6	273
532ae5	274	if (array_key_exists('awstats', $conf)) {
L	275	foreach ($conf['awstats'] as $aw_sett => $aw_value) {
	276	$tpl_ini_array['web']['awstats_'.$aw_sett] = $aw_value;
	277	}
	278	}
	279
	280	$server_ini_content = array_to_ini($tpl_ini_array);
	281	$server_ini_content = mysql_real_escape_string($server_ini_content);
	282
	283	$mail_server_enabled = ($conf['services']['mail'])?1:0;
	284	$web_server_enabled = ($conf['services']['web'])?1:0;
	285	$dns_server_enabled = ($conf['services']['dns'])?1:0;
	286	$file_server_enabled = ($conf['services']['file'])?1:0;
	287	$db_server_enabled = ($conf['services']['db'])?1:0;
522ef8	288	$vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
c91bdc	289	$proxy_server_enabled = (isset($conf['services']['proxy']) && $conf['services']['proxy'])?1:0;
T	290	$firewall_server_enabled = (isset($conf['services']['firewall']) && $conf['services']['firewall'])?1:0;
a8ccf6	291
532ae5	292	//** Get the database version number based on the patchfiles
L	293	$found = true;
	294	$current_db_version = 1;
	295	while($found == true) {
	296	$next_db_version = intval($current_db_version + 1);
	297	$patch_filename = realpath(dirname(__FILE__).'/../').'/sql/incremental/upd_'.str_pad($next_db_version, 4, '0', STR_PAD_LEFT).'.sql';
	298	if(is_file($patch_filename)) {
	299	$current_db_version = $next_db_version;
	300	} else {
	301	$found = false;
	302	}
	303	}
	304	$current_db_version = intval($current_db_version);
	305
	306
	307	if($conf['mysql']['master_slave_setup'] == 'y') {
	308
	309	//* Insert the server record in master DB
80e3c9	310	$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
532ae5	311	$this->dbmaster->query($sql);
L	312	$conf['server_id'] = $this->dbmaster->insertID();
	313	$conf['server_id'] = $conf['server_id'];
	314
	315	//* Insert the same record in the local DB
80e3c9	316	$sql = "INSERT INTO `server` (`server_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES ('".$conf['server_id']."',1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
532ae5	317	$this->db->query($sql);
L	318
	319	//* username for the ispconfig user
	320	$conf['mysql']['master_ispconfig_user'] = 'ispcsrv'.$conf['server_id'];
	321
	322	$this->grant_master_database_rights();
	323
	324	} else {
	325	//* Insert the server, if its not a mster / slave setup
80e3c9	326	$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
532ae5	327	$this->db->query($sql);
L	328	$conf['server_id'] = $this->db->insertID();
	329	$conf['server_id'] = $conf['server_id'];
	330	}
	331
	332
	333	}
	334
100d41	335	public function grant_master_database_rights($verbose = false) {
532ae5	336	global $conf;
L	337
	338	/*
	339	* The following code is a little bit tricky:
	340	* * If we HAVE a master-slave - Setup then the client has to grant the rights for himself
	341	* at the master.
	342	* * If we DO NOT have a master-slave - Setup then we have two possibilities
	343	* 1) it is a single server
	344	* 2) it is the MASTER of n clients
	345	*/
	346	$hosts = array();
a8ccf6	347
532ae5	348	if($conf['mysql']['master_slave_setup'] == 'y') {
L	349	/*
	350	* it is a master-slave - Setup so the slave has to grant its rights in the master
	351	* database
	352	*/
	353
	354	//* insert the ispconfig user in the remote server
	355	$from_host = $conf['hostname'];
	356	$from_ip = gethostbyname($conf['hostname']);
a8ccf6	357
532ae5	358	$hosts[$from_host]['user'] = $conf['mysql']['master_ispconfig_user'];
L	359	$hosts[$from_host]['db'] = $conf['mysql']['master_database'];
	360	$hosts[$from_host]['pwd'] = $conf['mysql']['master_ispconfig_password'];
	361
	362	$hosts[$from_ip]['user'] = $conf['mysql']['master_ispconfig_user'];
	363	$hosts[$from_ip]['db'] = $conf['mysql']['master_database'];
	364	$hosts[$from_ip]['pwd'] = $conf['mysql']['master_ispconfig_password'];
	365	} else{
	366	/*
	367	* it is NOT a master-slave - Setup so we have to find out all clients and their
	368	* host
	369	*/
	370	$query = "SELECT Host, User FROM mysql.user WHERE User like 'ispcsrv%' ORDER BY User, Host";
	371	$data = $this->dbmaster->queryAllRecords($query);
	372	if($data === false) {
	373	$this->error('Unable to get the user rights: '.$value['db'].' Error: '.$this->dbmaster->errorMessage);
	374	}
	375	foreach ($data as $item){
	376	$hosts[$item['Host']]['user'] = $item['User'];
	377	$hosts[$item['Host']]['db'] = $conf['mysql']['master_database'];
	378	$hosts[$item['Host']]['pwd'] = ''; // the user already exists, so we need no pwd!
	379	}
	380	}
a8ccf6	381
532ae5	382	if(count($hosts) > 0) {
7fe908	383	foreach($hosts as $host => $value) {
MC	384	/*
532ae5	385	* If a pwd exists, this means, we have to add the new user (and his pwd).
L	386	* if not, the user already exists and we do not need the pwd
	387	*/
7fe908	388	if ($value['pwd'] != ''){
MC	389	$query = "CREATE USER '".$value['user']."'@'".$host."' IDENTIFIED BY '" . $value['pwd'] . "'";
	390	if ($verbose){
	391	echo "\n\n" . $query ."\n";
	392	}
	393	$this->dbmaster->query($query); // ignore the error
	394	}
	395
	396	/*
	397	* Try to delete all rights of the user in case that it exists.
	398	* In Case that it will not exist, do nothing (ignore the error!)
	399	*/
	400	$query = "REVOKE ALL PRIVILEGES, GRANT OPTION FROM '".$value['user']."'@'".$host."' ";
100d41	401	if ($verbose){
V	402	echo "\n\n" . $query ."\n";
	403	}
532ae5	404	$this->dbmaster->query($query); // ignore the error
7fe908	405
MC	406	//* Create the ISPConfig database user in the remote database
	407	$query = "GRANT SELECT ON ".$value['db'].".`server` TO '".$value['user']."'@'".$host."' ";
	408	if ($verbose){
	409	echo $query ."\n";
	410	}
	411	if(!$this->dbmaster->query($query)) {
	412	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	413	}
	414
	415	$query = "GRANT SELECT, INSERT ON ".$value['db'].".`sys_log` TO '".$value['user']."'@'".$host."' ";
	416	if ($verbose){
	417	echo $query ."\n";
	418	}
	419	if(!$this->dbmaster->query($query)) {
	420	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	421	}
	422
	423	$query = "GRANT SELECT, UPDATE(`status`, `error`) ON ".$value['db'].".`sys_datalog` TO '".$value['user']."'@'".$host."' ";
	424	if ($verbose){
	425	echo $query ."\n";
	426	}
	427	if(!$this->dbmaster->query($query)) {
	428	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	429	}
	430
	431	$query = "GRANT SELECT, UPDATE(`status`) ON ".$value['db'].".`software_update_inst` TO '".$value['user']."'@'".$host."' ";
	432	if ($verbose){
	433	echo $query ."\n";
	434	}
	435	if(!$this->dbmaster->query($query)) {
	436	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	437	}
	438
	439	$query = "GRANT SELECT, UPDATE(`updated`) ON ".$value['db'].".`server` TO '".$value['user']."'@'".$host."' ";
	440	if ($verbose){
	441	echo $query ."\n";
	442	}
	443	if(!$this->dbmaster->query($query)) {
	444	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	445	}
	446
	447	$query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ".$value['db'].".`web_domain` TO '".$value['user']."'@'".$host."' ";
	448	if ($verbose){
	449	echo $query ."\n";
	450	}
	451	if(!$this->dbmaster->query($query)) {
	452	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	453	}
	454
	455	$query = "GRANT SELECT ON ".$value['db'].".`sys_group` TO '".$value['user']."'@'".$host."' ";
	456	if ($verbose){
	457	echo $query ."\n";
	458	}
	459	if(!$this->dbmaster->query($query)) {
	460	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	461	}
	462
	463	$query = "GRANT SELECT, UPDATE (`action_state`, `response`) ON ".$value['db'].".`sys_remoteaction` TO '".$value['user']."'@'".$host."' ";
	464	if ($verbose){
	465	echo $query ."\n";
	466	}
	467	if(!$this->dbmaster->query($query)) {
	468	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	469	}
	470
	471	$query = "GRANT SELECT, INSERT , DELETE ON ".$value['db'].".`monitor_data` TO '".$value['user']."'@'".$host."' ";
	472	if ($verbose){
	473	echo $query ."\n";
	474	}
	475	if(!$this->dbmaster->query($query)) {
	476	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	477	}
	478
	479	$query = "GRANT SELECT, INSERT, UPDATE ON ".$value['db'].".`mail_traffic` TO '".$value['user']."'@'".$host."' ";
	480	if ($verbose){
	481	echo $query ."\n";
	482	}
	483	if(!$this->dbmaster->query($query)) {
	484	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	485	}
	486
	487	$query = "GRANT SELECT, INSERT, UPDATE ON ".$value['db'].".`web_traffic` TO '".$value['user']."'@'".$host."' ";
	488	if ($verbose){
	489	echo $query ."\n";
	490	}
	491	if(!$this->dbmaster->query($query)) {
	492	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	493	}
	494
e92eda	495	$query = "GRANT SELECT, UPDATE, DELETE ON ".$value['db'].".`aps_instances` TO '".$value['user']."'@'".$host."' ";
TB	496	if ($verbose){
	497	echo $query ."\n";
	498	}
	499	if(!$this->dbmaster->query($query)) {
	500	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	501	}
	502
	503	$query = "GRANT SELECT, DELETE ON ".$value['db'].".`aps_instances_settings` TO '".$value['user']."'@'".$host."' ";
7fe908	504	if ($verbose){
MC	505	echo $query ."\n";
	506	}
	507	if(!$this->dbmaster->query($query)) {
	508	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	509	}
	510
	511	$query = "GRANT SELECT, INSERT, DELETE ON ".$value['db'].".`web_backup` TO '".$value['user']."'@'".$host."' ";
	512	if ($verbose){
	513	echo $query ."\n";
	514	}
	515	if(!$this->dbmaster->query($query)) {
	516	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	517	}
	518
532ae5	519	}
L	520
	521	/*
	522	* It is all done. Relod the rights...
	523	*/
7fe908	524	$this->dbmaster->query('FLUSH PRIVILEGES;');
532ae5	525	}
L	526
	527	}
	528
	529	//** writes postfix configuration files
	530	public function process_postfix_config($configfile) {
	531	global $conf;
	532
	533	$config_dir = $conf['postfix']['config_dir'].'/';
	534	$full_file_name = $config_dir.$configfile;
	535	//* Backup exiting file
	536	if(is_file($full_file_name)) {
	537	copy($full_file_name, $config_dir.$configfile.'~');
	538	}
615a0a	539	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	540	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	541	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	542	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	543	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	544	$content = str_replace('{server_id}', $conf['server_id'], $content);
	545	wf($full_file_name, $content);
	546	}
	547
	548	public function configure_jailkit() {
	549	global $conf;
	550
	551	$cf = $conf['jailkit'];
	552	$config_dir = $cf['config_dir'];
	553	$jk_init = $cf['jk_init'];
	554	$jk_chrootsh = $cf['jk_chrootsh'];
	555
	556	if (is_dir($config_dir)) {
	557	if(is_file($config_dir.'/'.$jk_init)) copy($config_dir.'/'.$jk_init, $config_dir.'/'.$jk_init.'~');
	558	if(is_file($config_dir.'/'.$jk_chrootsh.'.master')) copy($config_dir.'/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh.'~');
7fe908	559
MC	560	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_init.'.master')) {
	561	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_init.'.master', $config_dir.'/'.$jk_init);
	562	} else {
	563	copy('tpl/'.$jk_init.'.master', $config_dir.'/'.$jk_init);
	564	}
	565	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_chrootsh.'.master')) {
	566	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh);
	567	} else {
	568	copy('tpl/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh);
	569	}
532ae5	570	}
a8ccf6	571
edf806	572	//* help jailkit fo find its ini files
T	573	if(!is_link('/usr/jk_socketd.ini')) exec('ln -s /etc/jailkit/jk_socketd.ini /usr/jk_socketd.ini');
	574	if(!is_link('/usr/jk_init.ini')) exec('ln -s /etc/jailkit/jk_init.ini /usr/jk_init.ini');
532ae5	575
L	576	}
a8ccf6	577
532ae5	578	public function configure_mailman($status = 'insert') {
L	579	global $conf;
	580
	581	$config_dir = $conf['mailman']['config_dir'].'/';
	582	$full_file_name = $config_dir.'mm_cfg.py';
	583	//* Backup exiting file
	584	if(is_file($full_file_name)) {
	585	copy($full_file_name, $config_dir.'mm_cfg.py~');
	586	}
a8ccf6	587
532ae5	588	// load files
615a0a	589	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mm_cfg.py.master', 'tpl/mm_cfg.py.master');
532ae5	590	$old_file = rf($full_file_name);
a8ccf6	591
532ae5	592	$old_options = array();
a8ccf6	593	$lines = explode("\n", $old_file);
532ae5	594	foreach ($lines as $line)
L	595	{
8fe9ab	596	if (trim($line) != '' && substr($line, 0, 1) != '#')
532ae5	597	{
8fe9ab	598	@list($key, $value) = @explode("=", $line);
532ae5	599	if (!empty($value))
L	600	{
	601	$key = rtrim($key);
	602	$old_options[$key] = trim($value);
	603	}
	604	}
	605	}
a8ccf6	606
532ae5	607	$virtual_domains = '';
L	608	if($status == 'update')
	609	{
	610	// create virtual_domains list
	611	$domainAll = $this->db->queryAllRecords("SELECT domain FROM mail_mailinglist GROUP BY domain");
a8ccf6	612
8fe9ab	613	if(is_array($domainAll)) {
7fe908	614	foreach($domainAll as $domain)
MC	615	{
	616	if ($domainAll[0]['domain'] == $domain['domain'])
	617	$virtual_domains .= "'".$domain['domain']."'";
	618	else
	619	$virtual_domains .= ", '".$domain['domain']."'";
	620	}
8fe9ab	621	}
532ae5	622	}
L	623	else
	624	$virtual_domains = "' '";
a8ccf6	625
532ae5	626	$content = str_replace('{hostname}', $conf['hostname'], $content);
46c775	627	if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = '';
532ae5	628	$content = str_replace('{default_language}', $old_options['DEFAULT_SERVER_LANGUAGE'], $content);
L	629	$content = str_replace('{virtual_domains}', $virtual_domains, $content);
7fe908	630
532ae5	631	wf($full_file_name, $content);
7fe908	632
cc6568	633	//* Write virtual_to_transport.sh script
H	634	$config_dir = $conf['mailman']['config_dir'].'/';
	635	$full_file_name = $config_dir.'virtual_to_transport.sh';
7fe908	636
cc6568	637	//* Backup exiting virtual_to_transport.sh script
H	638	if(is_file($full_file_name)) {
	639	copy($full_file_name, $config_dir.'virtual_to_transport.sh~');
	640	}
7fe908	641
cc6568	642	if(is_dir('/etc/mailman')) {
615a0a	643	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh')) {
7fe908	644	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh', $full_file_name);
MC	645	} else {
	646	copy('tpl/mailman-virtual_to_transport.sh', $full_file_name);
	647	}
	648	chgrp($full_file_name, 'list');
d22542	649	chmod($full_file_name, 0755);
cc6568	650	}
7fe908	651
cc6568	652	//* Create aliasaes
H	653	exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');
5afa9d	654	if(is_file('/var/lib/mailman/data/virtual-mailman')) exec('postmap /var/lib/mailman/data/virtual-mailman');
7fe908	655
532ae5	656	}
L	657
	658	public function configure_postfix($options = '') {
b04e82	659	global $conf,$autoinstall;
532ae5	660	$cf = $conf['postfix'];
L	661	$config_dir = $cf['config_dir'];
	662
	663	if(!is_dir($config_dir)) {
	664	$this->error("The postfix configuration directory '$config_dir' does not exist.");
	665	}
	666
	667	//* mysql-virtual_domains.cf
	668	$this->process_postfix_config('mysql-virtual_domains.cf');
	669
	670	//* mysql-virtual_forwardings.cf
	671	$this->process_postfix_config('mysql-virtual_forwardings.cf');
	672
	673	//* mysql-virtual_mailboxes.cf
	674	$this->process_postfix_config('mysql-virtual_mailboxes.cf');
	675
	676	//* mysql-virtual_email2email.cf
	677	$this->process_postfix_config('mysql-virtual_email2email.cf');
	678
	679	//* mysql-virtual_transports.cf
	680	$this->process_postfix_config('mysql-virtual_transports.cf');
	681
	682	//* mysql-virtual_recipient.cf
	683	$this->process_postfix_config('mysql-virtual_recipient.cf');
	684
	685	//* mysql-virtual_sender.cf
	686	$this->process_postfix_config('mysql-virtual_sender.cf');
	687
	688	//* mysql-virtual_client.cf
	689	$this->process_postfix_config('mysql-virtual_client.cf');
	690
	691	//* mysql-virtual_relaydomains.cf
	692	$this->process_postfix_config('mysql-virtual_relaydomains.cf');
	693
	694	//* mysql-virtual_relayrecipientmaps.cf
	695	$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
	696
	697	//* Changing mode and group of the new created config files.
	698	caselog('chmod o= '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
7fe908	699	__FILE__, __LINE__, 'chmod on mysql-virtual_.cf', 'chmod on mysql-virtual_.cf failed');
532ae5	700	caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
7fe908	701	__FILE__, __LINE__, 'chgrp on mysql-virtual_.cf', 'chgrp on mysql-virtual_.cf failed');
532ae5	702
L	703	//* Creating virtual mail user and group
	704	$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
	705	if(!is_group($cf['vmail_groupname'])) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	706
	707	$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
	708	if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
a8ccf6	709
b67344	710	//* These postconf commands will be executed on installation and update
4ed035	711	$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM `" . $this->db->quote($conf["mysql"]["database"]) . "`.`server` WHERE server_id = ".$conf['server_id']);
a296ae	712	$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
M	713	unset($server_ini_rec);
	714
	715	//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
	716	$rbl_list = '';
6882ab	717	if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
7fe908	718	$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
a296ae	719	foreach ($rbl_hosts as $key => $value) {
M	720	$rbl_list .= ", reject_rbl_client ". $value;
	721	}
	722	}
	723	unset($rbl_hosts);
	724	unset($server_ini_array);
7fe908	725
MC	726	$postconf_placeholders = array('{config_dir}' => $config_dir,
	727	'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
	728	'{vmail_userid}' => $cf['vmail_userid'],
	729	'{vmail_groupid}' => $cf['vmail_groupid'],
	730	'{rbl_list}' => $rbl_list);
	731
	732	$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');
	733	$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
	734	$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
a8ccf6	735
b67344	736	//* These postconf commands will be executed on installation only
T	737	if($this->is_update == false) {
7fe908	738	$postconf_commands = array_merge($postconf_commands, array(
MC	739	'myhostname = '.$conf['hostname'],
	740	'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
	741	'mynetworks = 127.0.0.0/8 [::1]/128'
	742	));
b67344	743	}
532ae5	744
L	745	//* Create the header and body check files
	746	touch($config_dir.'/header_checks');
	747	touch($config_dir.'/mime_header_checks');
	748	touch($config_dir.'/nested_header_checks');
	749	touch($config_dir.'/body_checks');
a8ccf6	750
532ae5	751	//* Create the mailman files
cc6568	752	if(!is_dir('/var/lib/mailman/data')) exec('mkdir -p /var/lib/mailman/data');
5378e9	753	if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
T	754	exec('postalias /var/lib/mailman/data/aliases');
	755	if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
d4d965	756	exec('postmap /var/lib/mailman/data/virtual-mailman');
cc6568	757	if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
H	758	exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
532ae5	759
L	760	//* Make a backup copy of the main.cf file
	761	copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
	762
	763	//* Executing the postconf commands
	764	foreach($postconf_commands as $cmd) {
	765	$command = "postconf -e '$cmd'";
	766	caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	767	}
	768
7fe908	769	if(!stristr($options, 'dont-create-certs')) {
532ae5	770	//* Create the SSL certificate
b04e82	771	if(AUTOINSTALL){
bcd725	772	$command = 'cd '.$config_dir.'; '
b04e82	773	."openssl req -new -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509";
bcd725	774	} else {
FT	775	$command = 'cd '.$config_dir.'; '
	776	.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
	777	}
532ae5	778	exec($command);
L	779
	780	$command = 'chmod o= '.$config_dir.'/smtpd.key';
	781	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	782	}
	783
	784	//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
	785	$command = 'chmod 755 /var/run/courier/authdaemon/';
	786	if(is_file('/var/run/courier/authdaemon/')) caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	787
	788	//* Changing maildrop lines in posfix master.cf
	789	if(is_file($config_dir.'/master.cf')) {
	790	copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
	791	}
	792	if(is_file($config_dir.'/master.cf~')) {
	793	chmod($config_dir.'/master.cf~', 0400);
	794	}
	795	$configfile = $config_dir.'/master.cf';
	796	$content = rf($configfile);
	797	$content = str_replace('flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
7fe908	798	'flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d '.$cf['vmail_username'].' ${extension} ${recipient} ${user} ${nexthop} ${sender}',
MC	799	$content);
532ae5	800	wf($configfile, $content);
L	801
	802	//* Writing the Maildrop mailfilter file
	803	$configfile = 'mailfilter';
	804	if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)) {
	805	copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~');
	806	}
615a0a	807	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	808	$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
L	809	wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content);
	810
	811	//* Create the directory for the custom mailfilters
	812	if(!is_dir($cf['vmail_mailbox_base'].'/mailfilters')) {
	813	$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
	814	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	815	}
	816
	817	//* Chmod and chown the .mailfilter file
419eb7	818	$command = 'chown '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
532ae5	819	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
L	820
419eb7	821	$command = 'chmod 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
532ae5	822	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
L	823
	824	}
	825
	826	public function configure_saslauthd() {
	827	global $conf;
a8ccf6	828
26c0fc	829	//* Get saslsauthd version
7fe908	830	exec('saslauthd -v 2>&1', $out);
MC	831	$parts = explode(' ', $out[0]);
26c0fc	832	$saslversion = $parts[1];
T	833	unset($parts);
	834	unset($out);
532ae5	835
26c0fc	836	if(version_compare($saslversion , '2.1.23') > 0) {
T	837	//* Configfile for saslauthd versions 2.1.24 and newer
	838	$configfile = 'sasl_smtpd2.conf';
	839	} else {
	840	//* Configfile for saslauthd versions up to 2.1.23
	841	$configfile = 'sasl_smtpd.conf';
	842	}
a8ccf6	843
7fe908	844	if(is_file($conf['postfix']['config_dir'].'/sasl/smtpd.conf')) copy($conf['postfix']['config_dir'].'/sasl/smtpd.conf', $conf['postfix']['config_dir'].'/sasl/smtpd.conf~');
532ae5	845	if(is_file($conf['postfix']['config_dir'].'/sasl/smtpd.conf~')) chmod($conf['postfix']['config_dir'].'/sasl/smtpd.conf~', 0400);
615a0a	846	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
7fe908	847	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	848	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	849	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	850	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	851	wf($conf['postfix']['config_dir'].'/sasl/smtpd.conf', $content);
532ae5	852
L	853	// TODO: Chmod and chown on the config file
	854
	855
	856	// Recursively create the spool directory
	857	if(!@is_dir('/var/spool/postfix/var/run/saslauthd')) mkdir('/var/spool/postfix/var/run/saslauthd', 0755, true);
	858
	859	// Edit the file /etc/default/saslauthd
	860	$configfile = $conf['saslauthd']['config'];
7fe908	861	if(is_file($configfile)) copy($configfile, $configfile.'~');
532ae5	862	if(is_file($configfile.'~')) chmod($configfile.'~', 0400);
L	863	$content = rf($configfile);
7fe908	864	$content = str_replace('START=no', 'START=yes', $content);
532ae5	865	// Debian
7fe908	866	$content = str_replace('OPTIONS="-c"', 'OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"', $content);
532ae5	867	// Ubuntu
7fe908	868	$content = str_replace('OPTIONS="-c -m /var/run/saslauthd"', 'OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"', $content);
MC	869	wf($configfile, $content);
532ae5	870
L	871	// Edit the file /etc/init.d/saslauthd
	872	$configfile = $conf['init_scripts'].'/'.$conf['saslauthd']['init_script'];
	873	$content = rf($configfile);
7fe908	874	$content = str_replace('PIDFILE=$RUN_DIR/saslauthd.pid', 'PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"', $content);
MC	875	wf($configfile, $content);
532ae5	876
L	877	// add the postfix user to the sasl group (at least necessary for Ubuntu 8.04 and most likely Debian Lenny as well.
	878	exec('adduser postfix sasl');
	879
	880
	881	}
	882
	883	public function configure_pam() {
	884	global $conf;
	885	$pam = $conf['pam'];
	886	//* configure pam for SMTP authentication agains the ispconfig database
	887	$configfile = 'pamd_smtp';
	888	if(is_file($pam.'/smtp')) copy($pam.'/smtp', $pam.'/smtp~');
	889	if(is_file($pam.'/smtp~')) chmod($pam.'/smtp~', 0400);
	890
615a0a	891	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	892	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	893	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	894	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	895	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	896	wf($pam.'/smtp', $content);
	897	// On some OSes smtp is world readable which allows for reading database information. Removing world readable rights should have no effect.
	898	if(is_file($pam.'/smtp')) exec("chmod o= $pam/smtp");
	899	chmod($pam.'/smtp', 0660);
	900	chown($pam.'/smtp', 'daemon');
	901	chgrp($pam.'/smtp', 'daemon');
	902
	903	}
	904
	905	public function configure_courier() {
	906	global $conf;
	907	$config_dir = $conf['courier']['config_dir'];
	908	//* authmysqlrc
	909	$configfile = 'authmysqlrc';
	910	if(is_file($config_dir.'/'.$configfile)) {
	911	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	912	}
	913	chmod($config_dir.'/'.$configfile.'~', 0400);
615a0a	914	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
7fe908	915	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	916	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	917	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	918	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
532ae5	919	wf($config_dir.'/'.$configfile, $content);
L	920
	921	chmod($config_dir.'/'.$configfile, 0660);
	922	chown($config_dir.'/'.$configfile, 'daemon');
	923	chgrp($config_dir.'/'.$configfile, 'daemon');
	924
	925	//* authdaemonrc
	926	$configfile = $config_dir.'/authdaemonrc';
	927	if(is_file($configfile)) {
	928	copy($configfile, $configfile.'~');
	929	}
	930	if(is_file($configfile.'~')) {
	931	chmod($configfile.'~', 0400);
	932	}
	933	$content = rf($configfile);
	934	$content = str_replace('authmodulelist="authpam"', 'authmodulelist="authmysql"', $content);
	935	wf($configfile, $content);
	936	}
	937
	938	public function configure_dovecot() {
	939	global $conf;
	940
	941	$config_dir = $conf['dovecot']['config_dir'];
	942
	943	//* Configure master.cf and add a line for deliver
	944	if(is_file($conf['postfix']['config_dir'].'/master.cf')) {
	945	copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~2');
	946	}
	947	if(is_file($conf['postfix']['config_dir'].'/master.cf~')) {
	948	chmod($conf['postfix']['config_dir'].'/master.cf~2', 0400);
	949	}
	950	$content = rf($conf['postfix']['config_dir'].'/master.cf');
	951	// Only add the content if we had not addded it before
7fe908	952	if(!stristr($content, 'dovecot/deliver')) {
013ae4	953	$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
7fe908	954	af($conf['postfix']['config_dir'].'/master.cf', $deliver_content);
532ae5	955	}
L	956	unset($content);
	957	unset($deliver_content);
	958
	959
	960	//* Reconfigure postfix to use dovecot authentication
	961	// Adding the amavisd commands to the postfix configuration
	962	$postconf_commands = array (
7fe908	963	'dovecot_destination_recipient_limit = 1',
MC	964	'virtual_transport = dovecot',
	965	'smtpd_sasl_type = dovecot',
	966	'smtpd_sasl_path = private/auth'
532ae5	967	);
L	968
	969	// Make a backup copy of the main.cf file
7fe908	970	copy($conf['postfix']['config_dir'].'/main.cf', $conf['postfix']['config_dir'].'/main.cf~3');
532ae5	971
L	972	// Executing the postconf commands
	973	foreach($postconf_commands as $cmd) {
	974	$command = "postconf -e '$cmd'";
	975	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	976	}
	977
31e0d1	978	//* backup dovecot.conf
532ae5	979	$configfile = 'dovecot.conf';
L	980	if(is_file($config_dir.'/'.$configfile)) {
	981	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	982	}
a8ccf6	983
31e0d1	984	//* Get the dovecot version
7fe908	985	exec('dovecot --version', $tmp);
1fc360	986	$dovecot_version = $tmp[0];
31e0d1	987	unset($tmp);
a8ccf6	988
31e0d1	989	//* Copy dovecot configuration file
1fc360	990	if(version_compare($dovecot_version,2) >= 0) {
7fe908	991	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master')) {
MC	992	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
	993	} else {
	994	copy('tpl/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
	995	}
65576f	996	replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
1fc360	997	if(version_compare($dovecot_version,2.1) < 0) {
TB	998	removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
	999	}
31e0d1	1000	} else {
7fe908	1001	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master')) {
MC	1002	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master', $config_dir.'/'.$configfile);
	1003	} else {
	1004	copy('tpl/debian_dovecot.conf.master', $config_dir.'/'.$configfile);
	1005	}
31e0d1	1006	}
532ae5	1007
L	1008	//* dovecot-sql.conf
	1009	$configfile = 'dovecot-sql.conf';
	1010	if(is_file($config_dir.'/'.$configfile)) {
	1011	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	1012	}
edf806	1013	if(is_file($config_dir.'/'.$configfile.'~')) chmod($config_dir.'/'.$configfile.'~', 0400);
615a0a	1014	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot-sql.conf.master', 'tpl/debian_dovecot-sql.conf.master');
7fe908	1015	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1016	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1017	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1018	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
032b86	1019	$content = str_replace('{server_id}', $conf['server_id'], $content);
532ae5	1020	wf($config_dir.'/'.$configfile, $content);
L	1021
	1022	chmod($config_dir.'/'.$configfile, 0600);
	1023	chown($config_dir.'/'.$configfile, 'root');
	1024	chgrp($config_dir.'/'.$configfile, 'root');
5e7306	1025
TB	1026	// Dovecot shall ignore mounts in website directory
7db4cd	1027	if(is_installed('doveadm')) exec("doveadm mount add '/var/www/*' ignore > /dev/null 2> /dev/null");
532ae5	1028
L	1029	}
	1030
	1031	public function configure_amavis() {
	1032	global $conf;
	1033
	1034	// amavisd user config file
	1035	$configfile = 'amavisd_user_config';
7fe908	1036	if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) copy($conf['amavis']['config_dir'].'/conf.d/50-user', $conf['amavis']['config_dir'].'/50-user~');
532ae5	1037	if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user~')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user~', 0400);
615a0a	1038	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
7fe908	1039	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1040	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1041	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1042	$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
	1043	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	1044	wf($conf['amavis']['config_dir'].'/conf.d/50-user', $content);
532ae5	1045
L	1046	// TODO: chmod and chown on the config file
	1047
	1048
	1049	// Adding the amavisd commands to the postfix configuration
864ee2	1050	// Add array for no error in foreach and maybe future options
X	1051	$postconf_commands = array ();
a8ccf6	1052
864ee2	1053	// Check for amavisd -> pure webserver with postfix for mailing without antispam
ac28b5	1054	if ($conf['amavis']['installed']) {
864ee2	1055	$postconf_commands[] = 'content_filter = amavis:[127.0.0.1]:10024';
X	1056	$postconf_commands[] = 'receive_override_options = no_address_mappings';
	1057	}
532ae5	1058
L	1059	// Make a backup copy of the main.cf file
7fe908	1060	copy($conf['postfix']['config_dir'].'/main.cf', $conf['postfix']['config_dir'].'/main.cf~2');
532ae5	1061
L	1062	// Executing the postconf commands
	1063	foreach($postconf_commands as $cmd) {
	1064	$command = "postconf -e '$cmd'";
	1065	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1066	}
	1067
	1068	// Append the configuration for amavisd to the master.cf file
7fe908	1069	if(is_file($conf['postfix']['config_dir'].'/master.cf')) copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~');
532ae5	1070	$content = rf($conf['postfix']['config_dir'].'/master.cf');
L	1071	// Only add the content if we had not addded it before
7fe908	1072	if(!stristr($content, '127.0.0.1:10025')) {
532ae5	1073	unset($content);
615a0a	1074	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', 'tpl/master_cf_amavis.master');
7fe908	1075	af($conf['postfix']['config_dir'].'/master.cf', $content);
532ae5	1076	}
L	1077	unset($content);
	1078
	1079	// Add the clamav user to the amavis group
	1080	exec('adduser clamav amavis');
	1081
	1082
	1083	}
	1084
	1085	public function configure_spamassassin() {
	1086	global $conf;
	1087
	1088	//* Enable spamasasssin on debian and ubuntu
	1089	$configfile = '/etc/default/spamassassin';
	1090	if(is_file($configfile)) {
	1091	copy($configfile, $configfile.'~');
	1092	}
	1093	$content = rf($configfile);
	1094	$content = str_replace('ENABLED=0', 'ENABLED=1', $content);
	1095	wf($configfile, $content);
	1096	}
	1097
	1098	public function configure_getmail() {
	1099	global $conf;
	1100
	1101	$config_dir = $conf['getmail']['config_dir'];
	1102
	1103	if(!@is_dir($config_dir)) mkdir(escapeshellcmd($config_dir), 0700, true);
	1104
	1105	$command = 'useradd -d '.$config_dir.' getmail';
	1106	if(!is_user('getmail')) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1107
	1108	$command = "chown -R getmail $config_dir";
	1109	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1110
	1111	$command = "chmod -R 700 $config_dir";
	1112	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1113	}
	1114
	1115
	1116	public function configure_pureftpd() {
acdd7a	1117	global $conf;
532ae5	1118
L	1119	$config_dir = $conf['pureftpd']['config_dir'];
	1120
	1121	//* configure pure-ftpd for MySQL authentication against the ispconfig database
	1122	$configfile = 'db/mysql.conf';
	1123	if(is_file($config_dir.'/'.$configfile)) {
	1124	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	1125	}
	1126	if(is_file($config_dir.'/'.$configfile.'~')) {
	1127	chmod($config_dir.'/'.$configfile.'~', 0400);
	1128	}
615a0a	1129	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/pureftpd_mysql.conf.master', 'tpl/pureftpd_mysql.conf.master');
532ae5	1130	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	1131	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1132	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1133	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	1134	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1135	wf($config_dir.'/'.$configfile, $content);
	1136	chmod($config_dir.'/'.$configfile, 0600);
	1137	chown($config_dir.'/'.$configfile, 'root');
	1138	chgrp($config_dir.'/'.$configfile, 'root');
	1139	// **enable chrooting
	1140	//exec('mkdir -p '.$config_dir.'/conf/ChrootEveryone');
	1141	exec('echo "yes" > '.$config_dir.'/conf/ChrootEveryone');
	1142	exec('echo "yes" > '.$config_dir.'/conf/BrokenClientsCompatibility');
	1143	exec('echo "yes" > '.$config_dir.'/conf/DisplayDotFiles');
	1144
	1145	if(is_file('/etc/default/pure-ftpd-common')) {
7fe908	1146	replaceLine('/etc/default/pure-ftpd-common', 'STANDALONE_OR_INETD=inetd', 'STANDALONE_OR_INETD=standalone', 1, 0);
MC	1147	replaceLine('/etc/default/pure-ftpd-common', 'VIRTUALCHROOT=false', 'VIRTUALCHROOT=true', 1, 0);
532ae5	1148	}
L	1149
	1150	if(is_file('/etc/inetd.conf')) {
7fe908	1151	replaceLine('/etc/inetd.conf', '/usr/sbin/pure-ftpd-wrapper', '#ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper', 0, 0);
acdd7a	1152	exec($this->getinitcommand('openbsd-inetd', 'restart'));
33bcd0	1153	//if(is_file($conf['init_scripts'].'/'.'openbsd-inetd')) exec($conf['init_scripts'].'/'.'openbsd-inetd restart');
532ae5	1154	}
L	1155
	1156	if(!is_file('/etc/pure-ftpd/conf/DontResolve')) exec('echo "yes" > /etc/pure-ftpd/conf/DontResolve');
	1157	}
	1158
	1159	public function configure_mydns() {
	1160	global $conf;
	1161
	1162	// configure pam for SMTP authentication agains the ispconfig database
	1163	$configfile = 'mydns.conf';
7fe908	1164	if(is_file($conf['mydns']['config_dir'].'/'.$configfile)) copy($conf['mydns']['config_dir'].'/'.$configfile, $conf['mydns']['config_dir'].'/'.$configfile.'~');
532ae5	1165	if(is_file($conf['mydns']['config_dir'].'/'.$configfile.'~')) chmod($conf['mydns']['config_dir'].'/'.$configfile.'~', 0400);
615a0a	1166	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
7fe908	1167	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1168	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1169	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1170	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1171	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1172	wf($conf['mydns']['config_dir'].'/'.$configfile, $content);
532ae5	1173	chmod($conf['mydns']['config_dir'].'/'.$configfile, 0600);
L	1174	chown($conf['mydns']['config_dir'].'/'.$configfile, 'root');
	1175	chgrp($conf['mydns']['config_dir'].'/'.$configfile, 'root');
	1176
	1177	}
	1178
	1179	public function configure_powerdns() {
	1180	global $conf;
	1181
	1182	//* Create the database
	1183	if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['powerdns']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
	1184	$this->error('Unable to create MySQL database: '.$conf['powerdns']['database'].'.');
	1185	}
	1186
	1187	//* Create the ISPConfig database user in the local database
	1188	$query = "GRANT ALL ON `".$conf['powerdns']['database']."` . * TO '".$conf['mysql']['ispconfig_user']."'@'localhost';";
	1189	if(!$this->db->query($query)) {
	1190	$this->error('Unable to create user for powerdns database Error: '.$this->db->errorMessage);
	1191	}
	1192
	1193	//* Reload database privelages
	1194	$this->db->query('FLUSH PRIVILEGES;');
	1195
	1196	//* load the powerdns databse dump
	1197	if($conf['mysql']['admin_password'] == '') {
	1198	caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
7fe908	1199	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
532ae5	1200	} else {
L	1201	caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
7fe908	1202	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
532ae5	1203	}
L	1204
	1205	//* Create the powerdns config file
	1206	$configfile = 'pdns.local';
7fe908	1207	if(is_file($conf['powerdns']['config_dir'].'/'.$configfile)) copy($conf['powerdns']['config_dir'].'/'.$configfile, $conf['powerdns']['config_dir'].'/'.$configfile.'~');
532ae5	1208	if(is_file($conf['powerdns']['config_dir'].'/'.$configfile.'~')) chmod($conf['powerdns']['config_dir'].'/'.$configfile.'~', 0400);
615a0a	1209	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
7fe908	1210	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1211	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1212	$content = str_replace('{powerdns_database}', $conf['powerdns']['database'], $content);
	1213	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1214	wf($conf['powerdns']['config_dir'].'/'.$configfile, $content);
532ae5	1215	chmod($conf['powerdns']['config_dir'].'/'.$configfile, 0600);
L	1216	chown($conf['powerdns']['config_dir'].'/'.$configfile, 'root');
	1217	chgrp($conf['powerdns']['config_dir'].'/'.$configfile, 'root');
	1218
	1219
	1220	}
	1221
	1222	public function configure_bind() {
	1223	global $conf;
	1224
7fe908	1225	//* Check if the zonefile directory has a slash at the end
MC	1226	$content=$conf['bind']['bind_zonefiles_dir'];
	1227	if(substr($content, -1, 1) != '/') {
	1228	$content .= '/';
532ae5	1229	}
L	1230
	1231	//* Create the slave subdirectory
7fe908	1232	$content .= 'slave';
fc7f1b	1233	if(!@is_dir($content)) mkdir($content, 2770, true);
532ae5	1234
7fe908	1235	//* Chown the slave subdirectory to $conf['bind']['bind_user']
MC	1236	chown($content, $conf['bind']['bind_user']);
	1237	chgrp($content, $conf['bind']['bind_group']);
fc7f1b	1238	chmod($content, 2770);
532ae5	1239
L	1240	}
	1241
	1242
	1243
	1244	public function configure_apache() {
	1245	global $conf;
	1246
4ffb51	1247	if($conf['apache']['installed'] == false) return;
532ae5	1248	//* Create the logging directory for the vhost logfiles
L	1249	if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
	1250
	1251	if(is_file('/etc/suphp/suphp.conf')) {
7fe908	1252	replaceLine('/etc/suphp/suphp.conf', 'php=php:/usr/bin', 'x-httpd-suphp="php:/usr/bin/php-cgi"', 0);
532ae5	1253	//replaceLine('/etc/suphp/suphp.conf','docroot=','docroot=/var/clients',0);
7fe908	1254	replaceLine('/etc/suphp/suphp.conf', 'umask=0077', 'umask=0022', 0);
532ae5	1255	}
L	1256
	1257	if(is_file('/etc/apache2/sites-enabled/000-default')) {
7fe908	1258	replaceLine('/etc/apache2/sites-available/000-default', 'NameVirtualHost ', 'NameVirtualHost :80', 1, 0);
MC	1259	replaceLine('/etc/apache2/sites-available/000-default', '<VirtualHost >', '<VirtualHost :80>', 1, 0);
532ae5	1260	}
L	1261
	1262	if(is_file('/etc/apache2/ports.conf')) {
	1263	// add a line "Listen 443" to ports conf if line does not exist
7fe908	1264	replaceLine('/etc/apache2/ports.conf', 'Listen 443', 'Listen 443', 1);
14001d	1265
TB	1266	// Comment out the namevirtualhost lines, as they were added by ispconfig in ispconfig.conf file again
	1267	replaceLine('/etc/apache2/ports.conf', 'NameVirtualHost :80', '# NameVirtualHost :80', 1);
	1268	replaceLine('/etc/apache2/ports.conf', 'NameVirtualHost :443', '# NameVirtualHost :443', 1);
532ae5	1269	}
L	1270
8eca28	1271	if(is_file('/etc/apache2/apache.conf')) {
MC	1272	if(hasLine('/etc/apache2/apache.conf', 'Include sites-enabled/', 1) == false) {
39e5f0	1273	if(hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.conf', 1) == false && hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/', 1) == false) {
8eca28	1274	replaceLine('/etc/apache2/apache.conf', 'Include sites-enabled/', 'Include sites-enabled/', 1, 1);
MC	1275	} elseif(hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.vhost', 1) == false) {
39e5f0	1276	replaceLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.vhost', 'IncludeOptional sites-enabled/', 1, 1);
TB	1277	}
	1278	}
	1279	}
	1280
	1281	if(is_file('/etc/apache2/apache2.conf')) {
	1282	if(hasLine('/etc/apache2/apache2.conf', 'Include sites-enabled/', 1) == false && hasLine('/etc/apache2/apache2.conf', 'IncludeOptional sites-enabled/', 1) == false) {
d10d15	1283	if(hasLine('/etc/apache2/apache2.conf', 'Include sites-enabled/*.conf', 1) == true) {
TB	1284	replaceLine('/etc/apache2/apache2.conf', 'Include sites-enabled/*.conf', 'Include sites-enabled/', 1, 1);
39e5f0	1285	} elseif(hasLine('/etc/apache2/apache2.conf', 'IncludeOptional sites-enabled/*.conf', 1) == true) {
TB	1286	replaceLine('/etc/apache2/apache2.conf', 'IncludeOptional sites-enabled/*.conf', 'IncludeOptional sites-enabled/', 1, 1);
8eca28	1287	}
MC	1288	}
	1289	}
532ae5	1290
L	1291	//* Copy the ISPConfig configuration include
	1292	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	1293	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
	1294
ccbf14	1295	$tpl = new tpl('apache_ispconfig.conf.master');
TB	1296	$tpl->setVar('apache_version',getapacheversion());
	1297
532ae5	1298	$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
ccbf14	1299	$ip_addresses = array();
TB	1300
532ae5	1301	if(is_array($records) && count($records) > 0) {
L	1302	foreach($records as $rec) {
a2156e	1303	if($rec['ip_type'] == 'IPv6') {
T	1304	$ip_address = '['.$rec['ip_address'].']';
	1305	} else {
	1306	$ip_address = $rec['ip_address'];
	1307	}
7fe908	1308	$ports = explode(',', $rec['virtualhost_port']);
a2156e	1309	if(is_array($ports)) {
T	1310	foreach($ports as $port) {
	1311	$port = intval($port);
	1312	if($port > 0 && $port < 65536 && $ip_address != '') {
ccbf14	1313	$ip_addresses[] = array('ip_address' => $ip_address, 'port' => $port);
a2156e	1314	}
T	1315	}
	1316	}
532ae5	1317	}
L	1318	}
855547	1319
3de838	1320	if(count($ip_addresses) > 0) $tpl->setLoop('ip_adresses',$ip_addresses);
855547	1321
ccbf14	1322	wf($vhost_conf_dir.'/ispconfig.conf', $tpl->grab());
TB	1323	unset($tpl);
532ae5	1324
L	1325	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.conf')) {
7fe908	1326	symlink($vhost_conf_dir.'/ispconfig.conf', $vhost_conf_enabled_dir.'/000-ispconfig.conf');
532ae5	1327	}
L	1328
	1329	//* make sure that webalizer finds its config file when it is directly in /etc
	1330	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	1331	mkdir('/etc/webalizer');
7fe908	1332	symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
532ae5	1333	}
L	1334
	1335	if(is_file('/etc/webalizer/webalizer.conf')) {
	1336	// Change webalizer mode to incremental
7fe908	1337	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	1338	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	1339	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
532ae5	1340	}
a8ccf6	1341
532ae5	1342	// Check the awsatst script
L	1343	if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
7fe908	1344	if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl', '/usr/share/awstats/tools/awstats_buildstaticpages.pl');
MC	1345	if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local', 'LogFormat=4', 'LogFormat=1', 0, 1);
a8ccf6	1346
532ae5	1347	//* add a sshusers group
L	1348	$command = 'groupadd sshusers';
	1349	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1350
	1351	}
a8ccf6	1352
4ffb51	1353	public function configure_nginx(){
80e3c9	1354	global $conf;
a8ccf6	1355
4ffb51	1356	if($conf['nginx']['installed'] == false) return;
F	1357	//* Create the logging directory for the vhost logfiles
	1358	if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
	1359
	1360	//* make sure that webalizer finds its config file when it is directly in /etc
	1361	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	1362	mkdir('/etc/webalizer');
7fe908	1363	symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
4ffb51	1364	}
F	1365
	1366	if(is_file('/etc/webalizer/webalizer.conf')) {
	1367	// Change webalizer mode to incremental
7fe908	1368	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	1369	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	1370	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
4ffb51	1371	}
a8ccf6	1372
4ffb51	1373	// Check the awsatst script
F	1374	if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
7fe908	1375	if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl', '/usr/share/awstats/tools/awstats_buildstaticpages.pl');
MC	1376	if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local', 'LogFormat=4', 'LogFormat=1', 0, 1);
a8ccf6	1377
4ffb51	1378	//* add a sshusers group
F	1379	$command = 'groupadd sshusers';
	1380	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
a8ccf6	1381
4ffb51	1382	/*
80e3c9	1383	$row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$conf["server_id"]."");
T	1384	$ip_address = gethostbyname($row["server_name"]);
	1385	$server_name = $row["server_name"];
	1386
	1387	//setup proxy.conf
	1388	$configfile = 'proxy.conf';
	1389	if(is_file($conf["nginx"]["config_dir"].'/'.$configfile)) copy($conf["nginx"]["config_dir"].'/'.$configfile,$conf["nginx"]["config_dir"].'/'.$configfile.'~');
	1390	if(is_file($conf["nginx"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["nginx"]["config_dir"].'/'.$configfile.'~');
	1391	$content = rf("tpl/nginx_".$configfile.".master");
	1392	wf($conf["nginx"]["config_dir"].'/'.$configfile,$content);
	1393	exec('chmod 600 '.$conf["nginx"]["config_dir"].'/'.$configfile);
	1394	exec('chown root:root '.$conf["nginx"]["config_dir"].'/'.$configfile);
	1395
	1396	//setup conf.d/cache.conf
	1397	$configfile = 'cache.conf';
	1398	if(is_file($conf["nginx"]["config_dir"].'/conf.d/'.$configfile)) copy($conf["nginx"]["config_dir"].'/conf.d/'.$configfile,$conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~');
	1399	if(is_file($conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~')) exec('chmod 400 '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~');
	1400	$content = rf("tpl/nginx_".$configfile.".master");
	1401	wf($conf["nginx"]["config_dir"].'/conf.d/'.$configfile,$content);
	1402	exec('chmod 600 '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile);
	1403	exec('chown root:root '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile);
	1404
	1405	//setup cache directories
	1406	mkdir('/var/cache/nginx/cache');
	1407	exec('chown www-data:www-data /var/cache/nginx/cache');
	1408	mkdir('/var/cache/nginx/temp');
	1409	exec('chown www-data:www-data /var/cache/nginx/temp');
4ffb51	1410	*/
80e3c9	1411	}
a8ccf6	1412
d083f2	1413	public function configure_fail2ban() {
7fe908	1414	// To Do
MC	1415	}
a8ccf6	1416
80e3c9	1417	public function configure_squid()
T	1418	{
	1419	global $conf;
	1420	$row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$conf["server_id"]."");
	1421	$ip_address = gethostbyname($row["server_name"]);
	1422	$server_name = $row["server_name"];
a8ccf6	1423
80e3c9	1424	$configfile = 'squid.conf';
7fe908	1425	if(is_file($conf["squid"]["config_dir"].'/'.$configfile)) copy($conf["squid"]["config_dir"].'/'.$configfile, $conf["squid"]["config_dir"].'/'.$configfile.'~');
80e3c9	1426	if(is_file($conf["squid"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["squid"]["config_dir"].'/'.$configfile.'~');
615a0a	1427	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/".$configfile.".master");
7fe908	1428	$content = str_replace('{server_name}', $server_name, $content);
MC	1429	$content = str_replace('{ip_address}', $ip_address, $content);
	1430	$content = str_replace('{config_dir}', $conf['squid']['config_dir'], $content);
	1431	wf($conf["squid"]["config_dir"].'/'.$configfile, $content);
80e3c9	1432	exec('chmod 600 '.$conf["squid"]["config_dir"].'/'.$configfile);
T	1433	exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile);
	1434	}
a8ccf6	1435
992797	1436	/*
80e3c9	1437	public function configure_ufw_firewall()
T	1438	{
	1439	$configfile = 'ufw.conf';
	1440	if(is_file('/etc/ufw/ufw.conf')) copy('/etc/ufw/ufw.conf','/etc/ufw/ufw.conf~');
	1441	$content = rf("tpl/".$configfile.".master");
	1442	wf('/etc/ufw/ufw.conf',$content);
	1443	exec('chmod 600 /etc/ufw/ufw.conf');
a8ccf6	1444	exec('chown root:root /etc/ufw/ufw.conf');
80e3c9	1445	}
992797	1446	*/
532ae5	1447
992797	1448	public function configure_firewall() {
532ae5	1449	global $conf;
L	1450
	1451	$dist_init_scripts = $conf['init_scripts'];
	1452
	1453	if(is_dir('/etc/Bastille.backup')) caselog('rm -rf /etc/Bastille.backup', __FILE__, __LINE__);
	1454	if(is_dir('/etc/Bastille')) caselog('mv -f /etc/Bastille /etc/Bastille.backup', __FILE__, __LINE__);
	1455	@mkdir('/etc/Bastille', 0700);
	1456	if(is_dir('/etc/Bastille.backup/firewall.d')) caselog('cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/', __FILE__, __LINE__);
615a0a	1457	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/bastille-firewall.cfg.master')) {
7fe908	1458	caselog('cp -f ' . $conf['ispconfig_install_dir'].'/server/conf-custom/install/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg', __FILE__, __LINE__);
MC	1459	} else {
	1460	caselog('cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg', __FILE__, __LINE__);
	1461	}
532ae5	1462	caselog('chmod 644 /etc/Bastille/bastille-firewall.cfg', __FILE__, __LINE__);
L	1463	$content = rf('/etc/Bastille/bastille-firewall.cfg');
	1464	$content = str_replace('{DNS_SERVERS}', '', $content);
	1465
	1466	$tcp_public_services = '';
	1467	$udp_public_services = '';
	1468
	1469	$row = $this->db->queryOneRecord('SELECT * FROM '.$conf["mysql"]["database"].'.firewall WHERE server_id = '.intval($conf['server_id']));
	1470
	1471	if(trim($row['tcp_port']) != '' \|\| trim($row['udp_port']) != '') {
7fe908	1472	$tcp_public_services = trim(str_replace(',', ' ', $row['tcp_port']));
MC	1473	$udp_public_services = trim(str_replace(',', ' ', $row['udp_port']));
532ae5	1474	} else {
L	1475	$tcp_public_services = '21 22 25 53 80 110 143 443 3306 8080 10000';
	1476	$udp_public_services = '53';
	1477	}
	1478
	1479	if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) {
	1480	$tcp_public_services .= ' '.intval($conf['apache']['vhost_port']);
	1481	if($row['tcp_port'] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id']));
	1482	}
	1483
	1484	$content = str_replace('{TCP_PUBLIC_SERVICES}', $tcp_public_services, $content);
	1485	$content = str_replace('{UDP_PUBLIC_SERVICES}', $udp_public_services, $content);
	1486
	1487	wf('/etc/Bastille/bastille-firewall.cfg', $content);
	1488
	1489	if(is_file($dist_init_scripts.'/bastille-firewall')) caselog('mv -f '.$dist_init_scripts.'/bastille-firewall '.$dist_init_scripts.'/bastille-firewall.backup', __FILE__, __LINE__);
	1490	caselog('cp -f apps/bastille-firewall '.$dist_init_scripts, __FILE__, __LINE__);
	1491	caselog('chmod 700 '.$dist_init_scripts.'/bastille-firewall', __FILE__, __LINE__);
	1492
	1493	if(is_file('/sbin/bastille-ipchains')) caselog('mv -f /sbin/bastille-ipchains /sbin/bastille-ipchains.backup', __FILE__, __LINE__);
	1494	caselog('cp -f apps/bastille-ipchains /sbin', __FILE__, __LINE__);
	1495	caselog('chmod 700 /sbin/bastille-ipchains', __FILE__, __LINE__);
	1496
	1497	if(is_file('/sbin/bastille-netfilter')) caselog('mv -f /sbin/bastille-netfilter /sbin/bastille-netfilter.backup', __FILE__, __LINE__);
	1498	caselog('cp -f apps/bastille-netfilter /sbin', __FILE__, __LINE__);
	1499	caselog('chmod 700 /sbin/bastille-netfilter', __FILE__, __LINE__);
	1500
	1501	if(!@is_dir('/var/lock/subsys')) caselog('mkdir /var/lock/subsys', __FILE__, __LINE__);
	1502
	1503	exec('which ipchains &> /dev/null', $ipchains_location, $ret_val);
	1504	if(!is_file('/sbin/ipchains') && !is_link('/sbin/ipchains') && $ret_val == 0) phpcaselog(@symlink(shell_exec('which ipchains'), '/sbin/ipchains'), 'create symlink', __FILE__, __LINE__);
	1505	unset($ipchains_location);
	1506	exec('which iptables &> /dev/null', $iptables_location, $ret_val);
	1507	if(!is_file('/sbin/iptables') && !is_link('/sbin/iptables') && $ret_val == 0) phpcaselog(@symlink(trim(shell_exec('which iptables')), '/sbin/iptables'), 'create symlink', __FILE__, __LINE__);
	1508	unset($iptables_location);
	1509
	1510	}
	1511
	1512	public function configure_vlogger() {
	1513	global $conf;
	1514
	1515	//** Configure vlogger to use traffic logging to mysql (master) db
	1516	$configfile = 'vlogger-dbi.conf';
7fe908	1517	if(is_file($conf['vlogger']['config_dir'].'/'.$configfile)) copy($conf['vlogger']['config_dir'].'/'.$configfile, $conf['vlogger']['config_dir'].'/'.$configfile.'~');
532ae5	1518	if(is_file($conf['vlogger']['config_dir'].'/'.$configfile.'~')) chmod($conf['vlogger']['config_dir'].'/'.$configfile.'~', 0400);
615a0a	1519	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	1520	if($conf['mysql']['master_slave_setup'] == 'y') {
7fe908	1521	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
MC	1522	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	1523	$content = str_replace('{mysql_server_database}', $conf['mysql']['master_database'], $content);
	1524	$content = str_replace('{mysql_server_ip}', $conf['mysql']['master_host'], $content);
532ae5	1525	} else {
7fe908	1526	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1527	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1528	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1529	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
532ae5	1530	}
7fe908	1531	wf($conf['vlogger']['config_dir'].'/'.$configfile, $content);
532ae5	1532	chmod($conf['vlogger']['config_dir'].'/'.$configfile, 0600);
L	1533	chown($conf['vlogger']['config_dir'].'/'.$configfile, 'root');
	1534	chgrp($conf['vlogger']['config_dir'].'/'.$configfile, 'root');
	1535
	1536	}
	1537
	1538	public function configure_apps_vhost() {
	1539	global $conf;
	1540
	1541	//* Create the ispconfig apps vhost user and group
165152	1542	if($conf['apache']['installed'] == true){
4ffb51	1543	$apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
F	1544	$apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
	1545	$install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
532ae5	1546
4ffb51	1547	$command = 'groupadd '.$apps_vhost_user;
F	1548	if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
532ae5	1549
4ffb51	1550	$command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
F	1551	if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
532ae5	1552
L	1553
5edf40	1554	//$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
TB	1555	$command = 'usermod -a -G '.$apps_vhost_group.' '.$conf['apache']['user'];
4ffb51	1556	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
532ae5	1557
99b55b	1558	if(!@is_dir($install_dir)){
F	1559	mkdir($install_dir, 0755, true);
	1560	} else {
	1561	chmod($install_dir, 0755);
	1562	}
4ffb51	1563	chown($install_dir, $apps_vhost_user);
F	1564	chgrp($install_dir, $apps_vhost_group);
532ae5	1565
4ffb51	1566	//* Copy the apps vhost file
F	1567	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	1568	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
	1569	$apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'':'ServerName '.$conf['web']['apps_vhost_servername'];
d0356f	1570
TB	1571	//* Get the apps vhost port
	1572	if($this->is_update == true) {
	1573	$conf['web']['apps_vhost_port'] = get_apps_vhost_port_number();
	1574	}
532ae5	1575
4ffb51	1576	// Dont just copy over the virtualhost template but add some custom settings
ccbf14	1577	$tpl = new tpl('apache_apps.vhost.master');
TB	1578	$tpl->setVar('apps_vhost_ip',$conf['web']['apps_vhost_ip']);
	1579	$tpl->setVar('apps_vhost_port',$conf['web']['apps_vhost_port']);
	1580	$tpl->setVar('apps_vhost_dir',$conf['web']['website_basedir'].'/apps');
	1581	$tpl->setVar('apps_vhost_basedir',$conf['web']['website_basedir']);
	1582	$tpl->setVar('apps_vhost_servername',$apps_vhost_servername);
	1583	$tpl->setVar('apache_version',getapacheversion());
532ae5	1584
L	1585
4ffb51	1586	// comment out the listen directive if port is 80 or 443
F	1587	if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
ccbf14	1588	$tpl->setVar('vhost_port_listen','#');
4ffb51	1589	} else {
ccbf14	1590	$tpl->setVar('vhost_port_listen','');
4ffb51	1591	}
532ae5	1592
ccbf14	1593	wf($vhost_conf_dir.'/apps.vhost', $tpl->grab());
TB	1594	unset($tpl);
532ae5	1595
4ffb51	1596	//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
F	1597	//* and create the symlink
7e1cfb	1598	if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
F	1599	if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
7fe908	1600	symlink($vhost_conf_dir.'/apps.vhost', $vhost_conf_enabled_dir.'/000-apps.vhost');
4ffb51	1601	}
a8ccf6	1602
4ffb51	1603	if(!is_file($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter')) {
615a0a	1604	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_apps_fcgi_starter.master', 'tpl/apache_apps_fcgi_starter.master');
526b99	1605	$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
T	1606	$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
4ffb51	1607	mkdir($conf['web']['website_basedir'].'/php-fcgi-scripts/apps', 0755, true);
526b99	1608	//copy('tpl/apache_apps_fcgi_starter.master',$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
T	1609	wf($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter', $content);
4ffb51	1610	exec('chmod +x '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
F	1611	exec('chown -R ispapps:ispapps '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps');
	1612
7fe908	1613	}
532ae5	1614	}
165152	1615	if($conf['nginx']['installed'] == true){
4ffb51	1616	$apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
F	1617	$apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
	1618	$install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
532ae5	1619
4ffb51	1620	$command = 'groupadd '.$apps_vhost_user;
F	1621	if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1622
	1623	$command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
	1624	if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1625
	1626
11f2ad	1627	//$command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
TB	1628	$command = 'usermod -a -G '.$apps_vhost_group.' '.$conf['nginx']['user'];
4ffb51	1629	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
F	1630
6e2d48	1631	if(!@is_dir($install_dir)){
F	1632	mkdir($install_dir, 0755, true);
	1633	} else {
	1634	chmod($install_dir, 0755);
	1635	}
4ffb51	1636	chown($install_dir, $apps_vhost_user);
F	1637	chgrp($install_dir, $apps_vhost_group);
	1638
	1639	//* Copy the apps vhost file
	1640	$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
	1641	$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
	1642	$apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'_':$conf['web']['apps_vhost_servername'];
	1643
	1644	// Dont just copy over the virtualhost template but add some custom settings
615a0a	1645	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_apps.vhost.master', 'tpl/nginx_apps.vhost.master');
a8ccf6	1646
4ffb51	1647	if($conf['web']['apps_vhost_ip'] == '_default_'){
F	1648	$apps_vhost_ip = '';
	1649	} else {
	1650	$apps_vhost_ip = $conf['web']['apps_vhost_ip'].':';
	1651	}
a8ccf6	1652
ca0b77	1653	$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
7fe908	1654	if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77	1655	if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F	1656	$fpm_socket = $socket_dir.'apps.sock';
8ab3cd	1657	$cgi_socket = escapeshellcmd($conf['nginx']['cgi_socket']);
4ffb51	1658
F	1659	$content = str_replace('{apps_vhost_ip}', $apps_vhost_ip, $content);
	1660	$content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
	1661	$content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
	1662	$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
ca0b77	1663	//$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
F	1664	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
8ab3cd	1665	$content = str_replace('{cgi_socket}', $cgi_socket, $content);
7fe908	1666
183c47	1667	if(file_exists('/var/run/php5-fpm.sock')){
F	1668	$use_tcp = '#';
	1669	$use_socket = '';
	1670	} else {
	1671	$use_tcp = '';
	1672	$use_socket = '#';
	1673	}
	1674	$content = str_replace('{use_tcp}', $use_tcp, $content);
	1675	$content = str_replace('{use_socket}', $use_socket, $content);
4ffb51	1676
F	1677	wf($vhost_conf_dir.'/apps.vhost', $content);
a8ccf6	1678
fbb24a	1679	// PHP-FPM
F	1680	// Dont just copy over the php-fpm pool template but add some custom settings
615a0a	1681	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apps_php_fpm_pool.conf.master', 'tpl/apps_php_fpm_pool.conf.master');
fbb24a	1682	$content = str_replace('{fpm_pool}', 'apps', $content);
ca0b77	1683	//$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
F	1684	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
fbb24a	1685	$content = str_replace('{fpm_user}', $apps_vhost_user, $content);
F	1686	$content = str_replace('{fpm_group}', $apps_vhost_group, $content);
	1687	wf($conf['nginx']['php_fpm_pool_dir'].'/apps.conf', $content);
4ffb51	1688
F	1689	//copy('tpl/nginx_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
	1690	//* and create the symlink
7e1cfb	1691	if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
F	1692	if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
7fe908	1693	symlink($vhost_conf_dir.'/apps.vhost', $vhost_conf_enabled_dir.'/000-apps.vhost');
4ffb51	1694	}
a8ccf6	1695
532ae5	1696	}
L	1697	}
a8ccf6	1698
532ae5	1699	public function make_ispconfig_ssl_cert() {
b04e82	1700	global $conf,$autoinstall;
532ae5	1701
L	1702	$install_dir = $conf['ispconfig_install_dir'];
a8ccf6	1703
532ae5	1704	$ssl_crt_file = $install_dir.'/interface/ssl/ispserver.crt';
L	1705	$ssl_csr_file = $install_dir.'/interface/ssl/ispserver.csr';
	1706	$ssl_key_file = $install_dir.'/interface/ssl/ispserver.key';
a8ccf6	1707
532ae5	1708	if(!@is_dir($install_dir.'/interface/ssl')) mkdir($install_dir.'/interface/ssl', 0755, true);
a8ccf6	1709
7fe908	1710	$ssl_pw = substr(md5(mt_rand()), 0, 6);
532ae5	1711	exec("openssl genrsa -des3 -passout pass:$ssl_pw -out $ssl_key_file 4096");
b04e82	1712	if(AUTOINSTALL){
TB	1713	exec("openssl req -new -passin pass:$ssl_pw -passout pass:$ssl_pw -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -key $ssl_key_file -out $ssl_csr_file");
bcd725	1714	} else {
FT	1715	exec("openssl req -new -passin pass:$ssl_pw -passout pass:$ssl_pw -key $ssl_key_file -out $ssl_csr_file");
	1716	}
532ae5	1717	exec("openssl req -x509 -passin pass:$ssl_pw -passout pass:$ssl_pw -key $ssl_key_file -in $ssl_csr_file -out $ssl_crt_file -days 3650");
L	1718	exec("openssl rsa -passin pass:$ssl_pw -in $ssl_key_file -out $ssl_key_file.insecure");
7fe908	1719	rename($ssl_key_file, $ssl_key_file.'.secure');
MC	1720	rename($ssl_key_file.'.insecure', $ssl_key_file);
980485	1721
TB	1722	exec('chown -R root:root /usr/local/ispconfig/interface/ssl');
a8ccf6	1723
532ae5	1724	}
L	1725
	1726	public function install_ispconfig() {
	1727	global $conf;
	1728
	1729	$install_dir = $conf['ispconfig_install_dir'];
	1730
	1731	//* Create the ISPConfig installation directory
	1732	if(!@is_dir($install_dir)) {
	1733	$command = "mkdir $install_dir";
	1734	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1735	}
	1736
	1737	//* Create a ISPConfig user and group
	1738	$command = 'groupadd ispconfig';
	1739	if(!is_group('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1740
	1741	$command = 'useradd -g ispconfig -d '.$install_dir.' ispconfig';
	1742	if(!is_user('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1743
	1744	//* copy the ISPConfig interface part
	1745	$command = 'cp -rf ../interface '.$install_dir;
	1746	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1747
	1748	//* copy the ISPConfig server part
	1749	$command = 'cp -rf ../server '.$install_dir;
	1750	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
a13af2	1751
fb6c56	1752	//* Make a backup of the security settings
TB	1753	if(is_file('/usr/local/ispconfig/security/security_settings.ini')) copy('/usr/local/ispconfig/security/security_settings.ini','/usr/local/ispconfig/security/security_settings.ini~');
	1754
a13af2	1755	//* copy the ISPConfig security part
TB	1756	$command = 'cp -rf ../security '.$install_dir;
	1757	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
fb6c56	1758
TB	1759	//* Apply changed security_settings.ini values to new security_settings.ini file
	1760	if(is_file('/usr/local/ispconfig/security/security_settings.ini~')) {
	1761	$security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~'));
	1762	$security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini'));
	1763	if(is_array($security_settings_new) && is_array($security_settings_old)) {
	1764	foreach($security_settings_new as $section => $sval) {
	1765	if(is_array($sval)) {
	1766	foreach($sval as $key => $val) {
	1767	if(isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) {
	1768	$security_settings_new[$section][$key] = $security_settings_old[$section][$key];
	1769	}
	1770	}
	1771	}
	1772	}
	1773	file_put_contents('/usr/local/ispconfig/security/security_settings.ini',array_to_ini($security_settings_new));
	1774	}
	1775	}
532ae5	1776
L	1777	//* Create a symlink, so ISPConfig is accessible via web
	1778	// Replaced by a separate vhost definition for port 8080
	1779	// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
	1780	// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1781
	1782	//* Create the config file for ISPConfig interface
	1783	$configfile = 'config.inc.php';
	1784	if(is_file($install_dir.'/interface/lib/'.$configfile)) {
	1785	copy($install_dir.'/interface/lib/'.$configfile, $install_dir.'/interface/lib/'.$configfile.'~');
	1786	}
615a0a	1787	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	1788	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
7fe908	1789	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
532ae5	1790	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
L	1791	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1792
	1793	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
	1794	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	1795	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	1796	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
	1797
	1798	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1799	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
b63764	1800	$content = str_replace('{language}', $conf['language'], $content);
8cf78b	1801	$content = str_replace('{timezone}', $conf['timezone'], $content);
f598b0	1802	$content = str_replace('{theme}', $conf['theme'], $content);
992797	1803	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
b63764	1804
532ae5	1805	wf($install_dir.'/interface/lib/'.$configfile, $content);
L	1806
	1807	//* Create the config file for ISPConfig server
	1808	$configfile = 'config.inc.php';
	1809	if(is_file($install_dir.'/server/lib/'.$configfile)) {
	1810	copy($install_dir.'/server/lib/'.$configfile, $install_dir.'/interface/lib/'.$configfile.'~');
	1811	}
615a0a	1812	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	1813	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	1814	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1815	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1816	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1817
	1818	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
	1819	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	1820	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	1821	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
	1822
	1823	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1824	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
	1825	$content = str_replace('{language}', $conf['language'], $content);
8cf78b	1826	$content = str_replace('{timezone}', $conf['timezone'], $content);
f598b0	1827	$content = str_replace('{theme}', $conf['theme'], $content);
992797	1828	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
532ae5	1829
L	1830	wf($install_dir.'/server/lib/'.$configfile, $content);
	1831
	1832	//* Create the config file for remote-actions (but only, if it does not exist, because
	1833	// the value is a autoinc-value and so changed by the remoteaction_core_module
	1834	if (!file_exists($install_dir.'/server/lib/remote_action.inc.php')) {
	1835	$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
	1836	wf($install_dir.'/server/lib/remote_action.inc.php', $content);
	1837	}
	1838
	1839	//* Enable the server modules and plugins.
	1840	// TODO: Implement a selector which modules and plugins shall be enabled.
	1841	$dir = $install_dir.'/server/mods-available/';
	1842	if (is_dir($dir)) {
	1843	if ($dh = opendir($dir)) {
	1844	while (($file = readdir($dh)) !== false) {
7fe908	1845	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	1846	include_once $install_dir.'/server/mods-available/'.$file;
	1847	$module_name = substr($file, 0, -8);
532ae5	1848	$tmp = new $module_name;
L	1849	if($tmp->onInstall()) {
	1850	if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) {
	1851	@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
	1852	// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file);
	1853	}
	1854	if (strpos($file, '_core_module') !== false) {
	1855	if(!@is_link($install_dir.'/server/mods-core/'.$file)) {
	1856	@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
	1857	// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file);
	1858	}
	1859	}
	1860	}
	1861	unset($tmp);
	1862	}
	1863	}
	1864	closedir($dh);
	1865	}
	1866	}
	1867
	1868	$dir = $install_dir.'/server/plugins-available/';
	1869	if (is_dir($dir)) {
	1870	if ($dh = opendir($dir)) {
	1871	while (($file = readdir($dh)) !== false) {
4ffb51	1872	if($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') continue;
F	1873	if($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') continue;
7fe908	1874	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	1875	include_once $install_dir.'/server/plugins-available/'.$file;
	1876	$plugin_name = substr($file, 0, -8);
532ae5	1877	$tmp = new $plugin_name;
7fe908	1878	if(method_exists($tmp, 'onInstall') && $tmp->onInstall()) {
532ae5	1879	if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) {
L	1880	@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
	1881	//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-enabled/'.$file);
	1882	}
	1883	if (strpos($file, '_core_plugin') !== false) {
	1884	if(!@is_link($install_dir.'/server/plugins-core/'.$file)) {
	1885	@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
	1886	//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-core/'.$file);
	1887	}
	1888	}
	1889	}
	1890	unset($tmp);
	1891	}
	1892	}
	1893	closedir($dh);
	1894	}
	1895	}
	1896
	1897	// Update the server config
	1898	$mail_server_enabled = ($conf['services']['mail'])?1:0;
	1899	$web_server_enabled = ($conf['services']['web'])?1:0;
	1900	$dns_server_enabled = ($conf['services']['dns'])?1:0;
	1901	$file_server_enabled = ($conf['services']['file'])?1:0;
	1902	$db_server_enabled = ($conf['services']['db'])?1:0;
8cf955	1903	$vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
80e3c9	1904	$proxy_server_enabled = ($conf['services']['proxy'])?1:0;
T	1905	$firewall_server_enabled = ($conf['services']['firewall'])?1:0;
532ae5	1906
80e3c9	1907	$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled', proxy_server = '$proxy_server_enabled', firewall_server = '$firewall_server_enabled' WHERE server_id = ".intval($conf['server_id']);
532ae5	1908
L	1909	if($conf['mysql']['master_slave_setup'] == 'y') {
	1910	$this->dbmaster->query($sql);
	1911	$this->db->query($sql);
	1912	} else {
	1913	$this->db->query($sql);
	1914	}
	1915
	1916
3e0fc8	1917	// chown install dir to root and chmod 755
TB	1918	$command = 'chown root:root '.$install_dir;
	1919	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1920	$command = 'chmod 755 '.$install_dir;
532ae5	1921	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
L	1922
fa029b	1923	//* Chmod the files and directories in the install dir
3e0fc8	1924	$command = 'chmod -R 750 '.$install_dir.'/*';
TB	1925	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1926
	1927	//* chown the interface files to the ispconfig user and group
	1928	$command = 'chown -R ispconfig:ispconfig '.$install_dir.'/interface';
	1929	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1930
	1931	//* chown the server files to the root user and group
	1932	$command = 'chown -R root:root '.$install_dir.'/server';
532ae5	1933	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
fa029b	1934
TB	1935	//* chown the security files to the root user and group
	1936	$command = 'chown -R root:root '.$install_dir.'/security';
	1937	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1938
	1939	//* chown the security directory and security_settings.ini to root:ispconfig
	1940	$command = 'chown root:ispconfig '.$install_dir.'/security/security_settings.ini';
	1941	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1942	$command = 'chown root:ispconfig '.$install_dir.'/security';
	1943	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
cb1221	1944	$command = 'chown root:ispconfig '.$install_dir.'/security/ids.whitelist';
TB	1945	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1946	$command = 'chown root:ispconfig '.$install_dir.'/security/ids.htmlfield';
	1947	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1948	$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
	1949	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
532ae5	1950
L	1951	//* Make the global language file directory group writable
	1952	exec("chmod -R 770 $install_dir/interface/lib/lang");
	1953
	1954	//* Make the temp directory for language file exports writable
	1955	if(is_dir($install_dir.'/interface/web/temp')) exec("chmod -R 770 $install_dir/interface/web/temp");
	1956
	1957	//* Make all interface language file directories group writable
	1958	$handle = @opendir($install_dir.'/interface/web');
7fe908	1959	while ($file = @readdir($handle)) {
532ae5	1960	if ($file != '.' && $file != '..') {
L	1961	if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) {
	1962	$handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang');
7fe908	1963	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang', 0770);
MC	1964	while ($lang_file = @readdir($handle2)) {
532ae5	1965	if ($lang_file != '.' && $lang_file != '..') {
7fe908	1966	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file, 0770);
532ae5	1967	}
L	1968	}
	1969	}
	1970	}
	1971	}
a8ccf6	1972
477d4e	1973	//* Make the APS directories group writable
T	1974	exec("chmod -R 770 $install_dir/interface/web/sites/aps_meta_packages");
	1975	exec("chmod -R 770 $install_dir/server/aps_packages");
532ae5	1976
L	1977	//* make sure that the server config file (not the interface one) is only readable by the root user
bfcdef	1978	chmod($install_dir.'/server/lib/config.inc.php', 0600);
T	1979	chown($install_dir.'/server/lib/config.inc.php', 'root');
	1980	chgrp($install_dir.'/server/lib/config.inc.php', 'root');
7fe908	1981
bfcdef	1982	//* Make sure thet the interface config file is readable by user ispconfig only
T	1983	chmod($install_dir.'/interface/lib/config.inc.php', 0600);
	1984	chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
	1985	chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
532ae5	1986
L	1987	chmod($install_dir.'/server/lib/remote_action.inc.php', 0600);
	1988	chown($install_dir.'/server/lib/remote_action.inc.php', 'root');
	1989	chgrp($install_dir.'/server/lib/remote_action.inc.php', 'root');
	1990
	1991	if(@is_file($install_dir.'/server/lib/mysql_clientdb.conf')) {
	1992	chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
	1993	chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
	1994	chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
	1995	}
a8ccf6	1996
8cf78b	1997	if(is_dir($install_dir.'/interface/invoices')) {
e94a9f	1998	exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
T	1999	exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
edf806	2000	}
980485	2001
TB	2002	exec('chown -R root:root /usr/local/ispconfig/interface/ssl');
532ae5	2003
L	2004	// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
	2005	// and must be fixed as this will allow the apache user to read the ispconfig files.
	2006	// Later this must run as own apache server or via suexec!
63b369	2007	if($conf['apache']['installed'] == true){
F	2008	$command = 'adduser '.$conf['apache']['user'].' ispconfig';
	2009	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	2010	if(is_group('ispapps')){
F	2011	$command = 'adduser '.$conf['apache']['user'].' ispapps';
	2012	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	2013	}
63b369	2014	}
F	2015	if($conf['nginx']['installed'] == true){
	2016	$command = 'adduser '.$conf['nginx']['user'].' ispconfig';
	2017	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	2018	if(is_group('ispapps')){
F	2019	$command = 'adduser '.$conf['nginx']['user'].' ispapps';
	2020	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	2021	}
63b369	2022	}
532ae5	2023
L	2024	//* Make the shell scripts executable
	2025	$command = "chmod +x $install_dir/server/scripts/*.sh";
	2026	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	2027
7e1cfb	2028	if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
4ffb51	2029	//* Copy the ISPConfig vhost for the controlpanel
F	2030	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	2031	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
532ae5	2032
4ffb51	2033	// Dont just copy over the virtualhost template but add some custom settings
ccbf14	2034	$tpl = new tpl('apache_ispconfig.vhost.master');
TB	2035	$tpl->setVar('vhost_port',$conf['apache']['vhost_port']);
532ae5	2036
4ffb51	2037	// comment out the listen directive if port is 80 or 443
F	2038	if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
ccbf14	2039	$tpl->setVar('vhost_port_listen','#');
4ffb51	2040	} else {
ccbf14	2041	$tpl->setVar('vhost_port_listen','');
4ffb51	2042	}
a8ccf6	2043
4ffb51	2044	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
ccbf14	2045	$tpl->setVar('ssl_comment','');
4ffb51	2046	} else {
ccbf14	2047	$tpl->setVar('ssl_comment','#');
4ffb51	2048	}
10b4c8	2049	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) {
ccbf14	2050	$tpl->setVar('ssl_bundle_comment','');
10b4c8	2051	} else {
ccbf14	2052	$tpl->setVar('ssl_bundle_comment','#');
10b4c8	2053	}
ccbf14	2054
TB	2055	$tpl->setVar('apache_version',getapacheversion());
532ae5	2056
ccbf14	2057	wf($vhost_conf_dir.'/ispconfig.vhost', $tpl->grab());
532ae5	2058
4ffb51	2059	//* and create the symlink
7e1cfb	2060	if($this->is_update == false) {
4ffb51	2061	if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
F	2062	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
7fe908	2063	symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
4ffb51	2064	}
F	2065	}
cc6568	2066	//if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
7fe908	2067	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
MC	2068	$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
	2069	$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
	2070	@mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
	2071	wf('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
	2072	exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
	2073	@symlink($install_dir.'/interface/web', '/var/www/ispconfig');
	2074	exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
cc6568	2075	//}
532ae5	2076	}
a8ccf6	2077
7e1cfb	2078	if($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true){
4ffb51	2079	//* Copy the ISPConfig vhost for the controlpanel
F	2080	$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
	2081	$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
532ae5	2082
4ffb51	2083	// Dont just copy over the virtualhost template but add some custom settings
615a0a	2084	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
4ffb51	2085	$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
a8ccf6	2086
4ffb51	2087	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
f9b8d0	2088	$content = str_replace('{ssl_on}', 'on', $content);
4ffb51	2089	$content = str_replace('{ssl_comment}', '', $content);
F	2090	$content = str_replace('{fastcgi_ssl}', 'on', $content);
	2091	} else {
f9b8d0	2092	$content = str_replace('{ssl_on}', 'off', $content);
4ffb51	2093	$content = str_replace('{ssl_comment}', '#', $content);
F	2094	$content = str_replace('{fastcgi_ssl}', 'off', $content);
	2095	}
a8ccf6	2096
ca0b77	2097	$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
7fe908	2098	if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77	2099	if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F	2100	$fpm_socket = $socket_dir.'ispconfig.sock';
a8ccf6	2101
ca0b77	2102	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	2103	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
a8ccf6	2104
4ffb51	2105	wf($vhost_conf_dir.'/ispconfig.vhost', $content);
a8ccf6	2106
4ffb51	2107	unset($content);
a8ccf6	2108
4ffb51	2109	// PHP-FPM
F	2110	// Dont just copy over the php-fpm pool template but add some custom settings
615a0a	2111	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
4ffb51	2112	$content = str_replace('{fpm_pool}', 'ispconfig', $content);
ca0b77	2113	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	2114	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
4ffb51	2115	$content = str_replace('{fpm_user}', 'ispconfig', $content);
F	2116	$content = str_replace('{fpm_group}', 'ispconfig', $content);
	2117	wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);
	2118
	2119	//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
	2120	//* and create the symlink
7e1cfb	2121	if($this->is_update == false) {
4ffb51	2122	if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
F	2123	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
7fe908	2124	symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
4ffb51	2125	}
F	2126	}
532ae5	2127	}
L	2128
	2129	//* Install the update script
b34f99	2130	if(is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
MC	2131	chown($install_dir.'/server/scripts/update_from_dev.sh', 'root');
	2132	chmod($install_dir.'/server/scripts/update_from_dev.sh', 0700);
532ae5	2133	chown($install_dir.'/server/scripts/update_from_tgz.sh', 'root');
L	2134	chmod($install_dir.'/server/scripts/update_from_tgz.sh', 0700);
	2135	chown($install_dir.'/server/scripts/ispconfig_update.sh', 'root');
	2136	chmod($install_dir.'/server/scripts/ispconfig_update.sh', 0700);
b34f99	2137	if(!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_dev.sh');
7fe908	2138	if(!is_link('/usr/local/bin/ispconfig_update.sh')) symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
532ae5	2139
L	2140	//* Make the logs readable for the ispconfig user
	2141	if(@is_file('/var/log/mail.log')) exec('chmod +r /var/log/mail.log');
	2142	if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn');
	2143	if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err');
	2144	if(@is_file('/var/log/messages')) exec('chmod +r /var/log/messages');
	2145	if(@is_file('/var/log/clamav/clamav.log')) exec('chmod +r /var/log/clamav/clamav.log');
	2146	if(@is_file('/var/log/clamav/freshclam.log')) exec('chmod +r /var/log/clamav/freshclam.log');
	2147
	2148	//* Create the ispconfig log file and directory
	2149	if(!is_file($conf['ispconfig_log_dir'].'/ispconfig.log')) {
	2150	if(!is_dir($conf['ispconfig_log_dir'])) mkdir($conf['ispconfig_log_dir'], 0755);
	2151	touch($conf['ispconfig_log_dir'].'/ispconfig.log');
	2152	}
a8ccf6	2153
99c89b	2154	//* Create the ispconfig auth log file and set uid/gid
a8ccf6	2155	if(!is_file($conf['ispconfig_log_dir'].'/auth.log')) {
99c89b	2156	touch($conf['ispconfig_log_dir'].'/auth.log');
a8ccf6	2157	}
0799f8	2158	exec('chown ispconfig:ispconfig '. $conf['ispconfig_log_dir'].'/auth.log');
T	2159	exec('chmod 660 '. $conf['ispconfig_log_dir'].'/auth.log');
a8ccf6	2160
0c5b42	2161	if(is_user('getmail')) {
7fe908	2162	rename($install_dir.'/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh');
0c5b42	2163	if(is_user('getmail')) chown('/usr/local/bin/run-getmail.sh', 'getmail');
T	2164	chmod('/usr/local/bin/run-getmail.sh', 0744);
	2165	}
532ae5	2166
L	2167	//* Add Log-Rotation
	2168	if (is_dir('/etc/logrotate.d')) {
	2169	@unlink('/etc/logrotate.d/logispc3'); // ignore, if the file is not there
	2170	/* We rotate these logs in cron_daily.php
	2171	$fh = fopen('/etc/logrotate.d/logispc3', 'w');
	2172	fwrite($fh,
	2173	"$conf['ispconfig_log_dir']/ispconfig.log { \n" .
	2174	" weekly \n" .
	2175	" missingok \n" .
	2176	" rotate 4 \n" .
	2177	" compress \n" .
	2178	" delaycompress \n" .
	2179	"} \n" .
	2180	"$conf['ispconfig_log_dir']/cron.log { \n" .
	2181	" weekly \n" .
	2182	" missingok \n" .
	2183	" rotate 4 \n" .
	2184	" compress \n" .
	2185	" delaycompress \n" .
	2186	"}");
	2187	fclose($fh);
	2188	*/
	2189	}
7fe908	2190
d71bae	2191	//* Remove Domain module as its functions are available in the client module now
T	2192	if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
f30628	2193
TB	2194	//* Disable rkhunter run and update in debian cronjob as ispconfig is running and updating rkhunter
	2195	if(is_file('/etc/default/rkhunter')) {
	2196	replaceLine('/etc/default/rkhunter', 'CRON_DAILY_RUN="yes"', 'CRON_DAILY_RUN="no"', 1, 0);
	2197	replaceLine('/etc/default/rkhunter', 'CRON_DB_UPDATE="yes"', 'CRON_DB_UPDATE="no"', 1, 0);
	2198	}
	2199
021aec	2200	// Add symlink for patch tool
TB	2201	if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
5b3f25	2202
532ae5	2203	}
L	2204
	2205	public function configure_dbserver() {
	2206	global $conf;
	2207
	2208	//* If this server shall act as database server for client DB's, we configure this here
	2209	$install_dir = $conf['ispconfig_install_dir'];
	2210
	2211	// Create a file with the database login details which
	2212	// are used to create the client databases.
	2213
	2214	if(!is_dir($install_dir.'/server/lib')) {
	2215	$command = "mkdir $install_dir/server/lib";
	2216	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	2217	}
	2218
615a0a	2219	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mysql_clientdb.conf.master', 'tpl/mysql_clientdb.conf.master');
7fe908	2220	$content = str_replace('{hostname}', $conf['mysql']['host'], $content);
MC	2221	$content = str_replace('{username}', $conf['mysql']['admin_user'], $content);
67fede	2222	$content = str_replace('{password}', addslashes($conf['mysql']['admin_password']), $content);
7fe908	2223	wf($install_dir.'/server/lib/mysql_clientdb.conf', $content);
532ae5	2224	chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
L	2225	chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
a8ccf6	2226	chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
532ae5	2227
L	2228	}
	2229
	2230	public function install_crontab() {
	2231	global $conf;
	2232
	2233	$install_dir = $conf['ispconfig_install_dir'];
	2234
	2235	//* Root Crontab
	2236	exec('crontab -u root -l > crontab.txt');
	2237	$existing_root_cron_jobs = file('crontab.txt');
	2238
	2239	// remove existing ispconfig cronjobs, in case the syntax has changed
	2240	foreach($existing_root_cron_jobs as $key => $val) {
7fe908	2241	if(stristr($val, $install_dir)) unset($existing_root_cron_jobs[$key]);
532ae5	2242	}
L	2243
	2244	$root_cron_jobs = array(
7fe908	2245	"* * * * * ".$install_dir."/server/server.sh 2>&1 > /dev/null \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done",
MC	2246	"30 00 * * * ".$install_dir."/server/cron_daily.sh 2>&1 > /dev/null \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done"
532ae5	2247	);
a8ccf6	2248
b6a10a	2249	if ($conf['nginx']['installed'] == true) {
F	2250	$root_cron_jobs[] = "0 0 * * * ".$install_dir."/server/scripts/create_daily_nginx_access_logs.sh &> /dev/null";
	2251	}
a8ccf6	2252
532ae5	2253	foreach($root_cron_jobs as $cron_job) {
L	2254	if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
	2255	$existing_root_cron_jobs[] = $cron_job."\n";
	2256	}
	2257	}
	2258	file_put_contents('crontab.txt', $existing_root_cron_jobs);
	2259	exec('crontab -u root crontab.txt &> /dev/null');
	2260	unlink('crontab.txt');
	2261
	2262	//* Getmail crontab
	2263	if(is_user('getmail')) {
	2264	$cf = $conf['getmail'];
	2265	exec('crontab -u getmail -l > crontab.txt');
	2266	$existing_cron_jobs = file('crontab.txt');
	2267
	2268	$cron_jobs = array(
7fe908	2269	'/5 * * * /usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null'
532ae5	2270	);
L	2271
	2272	// remove existing ispconfig cronjobs, in case the syntax has changed
	2273	foreach($existing_cron_jobs as $key => $val) {
7fe908	2274	if(stristr($val, 'getmail')) unset($existing_cron_jobs[$key]);
532ae5	2275	}
L	2276
	2277	foreach($cron_jobs as $cron_job) {
	2278	if(!in_array($cron_job."\n", $existing_cron_jobs)) {
	2279	$existing_cron_jobs[] = $cron_job."\n";
	2280	}
	2281	}
	2282	file_put_contents('crontab.txt', $existing_cron_jobs);
	2283	exec('crontab -u getmail crontab.txt &> /dev/null');
	2284	unlink('crontab.txt');
	2285	}
	2286
	2287	touch($conf['ispconfig_log_dir'].'/cron.log');
cc6568	2288	chmod($conf['ispconfig_log_dir'].'/cron.log', 0660);
532ae5	2289
L	2290	}
5b3f25	2291
TB	2292	// This function is called at the end of the update process and contains code to clean up parts of old ISPCONfig releases
	2293	public function cleanup_ispconfig() {
	2294	global $app,$conf;
	2295
	2296	// Remove directories recursively
	2297	if(is_dir('/usr/local/ispconfig/interface/web/designer')) exec('rm -rf /usr/local/ispconfig/interface/web/designer');
4c3fcd	2298	if(is_dir('/usr/local/ispconfig/interface/web/themes/default-304')) exec('rm -rf /usr/local/ispconfig/interface/web/themes/default-304');
5b3f25	2299
TB	2300	// Remove files
	2301	if(is_file('/usr/local/ispconfig/interface/lib/classes/db_firebird.inc.php')) unlink('/usr/local/ispconfig/interface/lib/classes/db_firebird.inc.php');
	2302	if(is_file('/usr/local/ispconfig/interface/lib/classes/form.inc.php')) unlink('/usr/local/ispconfig/interface/lib/classes/form.inc.php');
	2303
	2304
	2305
	2306	}
7fe908	2307
33bcd0	2308	public function getinitcommand($servicename, $action, $init_script_directory = ''){
FT	2309	global $conf;
	2310	// upstart
	2311	if(is_executable('/sbin/initctl')){
	2312	exec('/sbin/initctl version 2>/dev/null \| /bin/grep -q upstart', $retval['output'], $retval['retval']);
	2313	if(intval($retval['retval']) == 0) return 'service '.$servicename.' '.$action;
	2314	}
bc04c3	2315	// systemd
TB	2316	if(is_executable('/bin/systemd') \|\| is_executable('/usr/bin/systemctl')){
	2317	return 'systemctl '.$action.' '.$servicename.'.service';
	2318	}
33bcd0	2319	// sysvinit
FT	2320	if($init_script_directory == '') $init_script_directory = $conf['init_scripts'];
	2321	if(substr($init_script_directory, -1) === '/') $init_script_directory = substr($init_script_directory, 0, -1);
	2322	return $init_script_directory.'/'.$servicename.' '.$action;
	2323	}
532ae5	2324
L	2325	/**
	2326	* Helper function - get the path to a template file based on
	2327	* the local part of the filename. Checks first for the existence
	2328	* of a distribution specific file and if not found looks in the
	2329	* base template folder. Optionally the behaviour can be changed
	2330	* by setting the 2nd parameter which will fetch the contents
	2331	* of the template file and return it instead of the path. The 3rd
	2332	* parameter further extends this behaviour by filtering the contents
	2333	* by inserting the ispconfig database credentials using the {} placeholders.
	2334	*
	2335	* @param string $tLocal local part of filename
	2336	* @param bool $tRf
	2337	* @param bool $tDBCred
	2338	* @return string Relative path to the chosen template file
	2339	*/
	2340	protected function get_template_file($tLocal, $tRf=false, $tDBCred=false) {
	2341	global $conf, $dist;
	2342
	2343	$final_path = '';
7fe908	2344	$dist_template = $conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $tLocal . '.master';
MC	2345	if (file_exists($dist_template)) {
532ae5	2346	$final_path = $dist_template;
L	2347	} else {
7fe908	2348	$dist_template = 'dist/tpl/'.strtolower($dist['name'])."/$tLocal.master";
MC	2349	if (file_exists($dist_template)) {
	2350	$final_path = $dist_template;
	2351	} else {
	2352	$final_path = "tpl/$tLocal.master";
	2353	}
	2354	}
532ae5	2355
L	2356	if (!$tRf) {
	2357	return $final_path;
	2358	} else {
	2359	return (!$tDBCred) ? rf($final_path) : $this->insert_db_credentials(rf($final_path));
	2360	}
	2361	}
	2362
	2363	/**
	2364	* Helper function - writes the contents to a config file
	2365	* and performs a backup if the file exist. Additionally
	2366	* if the file exists the new file will be given the
	2367	* same rights and ownership as the original. Optionally the
	2368	* rights and/or ownership can be overriden by appending umask,
	2369	* user and group to the parameters. Providing only uid and gid
	2370	* values will result in only a chown.
	2371	*
	2372	* @param $tConf
	2373	* @param $tContents
	2374	* @return bool
	2375	*/
	2376	protected function write_config_file($tConf, $tContents) {
	2377	// Backup config file before writing new contents and stat file
	2378	if ( is_file($tConf) ) {
	2379	$stat = exec('stat -c \'%a %U %G\' '.escapeshellarg($tConf), $output, $res);
	2380	if ($res == 0) { // stat successfull
8cddcd	2381	list($access, $user, $group) = explode(" ", $stat);
532ae5	2382	}
L	2383
	2384	if ( copy($tConf, $tConf.'~') ) {
	2385	chmod($tConf.'~', 0400);
	2386	}
	2387	}
	2388
	2389	wf($tConf, $tContents); // write file
	2390
	2391	if (func_num_args() >= 4) // override rights and/or ownership
7fe908	2392	{
532ae5	2393	$args = func_get_args();
L	2394	$output = array_slice($args, 2);
	2395
	2396	switch (sizeof($output)) {
7fe908	2397	case 3:
MC	2398	$umask = array_shift($output);
	2399	if (is_numeric($umask) && preg_match('/^0?[0-7]{3}$/', $umask)) {
	2400	$access = $umask;
	2401	}
	2402	case 2:
	2403	if (is_user($output[0]) && is_group($output[1])) {
	2404	list($user, $group) = $output;
	2405	}
	2406	break;
532ae5	2407	}
L	2408	}
	2409
	2410	if (!empty($user) && !empty($group)) {
	2411	chown($tConf, $user);
	2412	chgrp($tConf, $group);
	2413	}
	2414
	2415	if (!empty($access)) {
	2416	exec("chmod $access $tConf");
	2417	}
	2418	}
	2419
	2420	/**
	2421	* Helper function - filter the contents of a config
	2422	* file by inserting the common ispconfig database
	2423	* credentials.
	2424	*
	2425	* @param $tContents
	2426	* @return string
	2427	*/
	2428	protected function insert_db_credentials($tContents) {
	2429	global $conf;
	2430
	2431	$tContents = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $tContents);
	2432	$tContents = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $tContents);
	2433	$tContents = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $tContents);
	2434	$tContents = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $tContents);
7fe908	2435	$tContents = str_replace('{mysql_server_host}', $conf['mysql']['host'], $tContents);
MC	2436	$tContents = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $tContents);
532ae5	2437
L	2438	return $tContents;
	2439	}
7fe908	2440
532ae5	2441	}
L	2442
e514ae	2443	?>