gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -150,7 +150,7 @@
			if(is_installed('named') \|\| is_installed('bind') \|\| is_installed('bind9')) $conf['bind']['installed'] = true;
			if(is_installed('squid')) $conf['squid']['installed'] = true;
			if(is_installed('nginx')) $conf['nginx']['installed'] = true;
			// if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
			if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
			if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
			if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
			if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
			@@ -516,6 +516,13 @@
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, INSERT, DELETE ON ".$value['db'].".`mail_backup` TO '".$value['user']."'@'".$host."' ";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}
			}

			/*
			@@ -693,6 +700,18 @@

			//* mysql-virtual_relayrecipientmaps.cf
			$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');

			//* mysql-virtual_outgoing_bcc.cf
			$this->process_postfix_config('mysql-virtual_outgoing_bcc.cf');

			//* postfix-dkim
			$full_file_name=$config_dir.'/tag_as_originating.re';
			if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
			wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026');

			$full_file_name=$config_dir.'/tag_as_foreign.re';
			if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
			wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024');

			//* Changing mode and group of the new created config files.
			caselog('chmod o= '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
			@@ -937,6 +956,19 @@

			public function configure_dovecot() {
			global $conf;

			$virtual_transport = 'dovecot';

			// check if virtual_transport must be changed
			if ($this->is_update) {
			$tmp = $this->db->queryOneRecord("SELECT * FROM ".$conf["mysql"]["database"].".server WHERE server_id = ".$conf['server_id']);
			$ini_array = ini_to_array(stripslashes($tmp['config']));
			// ini_array needs not to be checked, because already done in update.php -> updateDbAndIni()

			if(isset($ini_array['mail']['mailbox_virtual_uidgid_maps']) && $ini_array['mail']['mailbox_virtual_uidgid_maps'] == 'y') {
			$virtual_transport = 'lmtp:unix:private/dovecot-lmtp';
			}
			}

			$config_dir = $conf['dovecot']['config_dir'];

			@@ -961,7 +993,7 @@
			// Adding the amavisd commands to the postfix configuration
			$postconf_commands = array (
			'dovecot_destination_recipient_limit = 1',
			'virtual_transport = dovecot',
			'virtual_transport = '.$virtual_transport,
			'smtpd_sasl_type = dovecot',
			'smtpd_sasl_path = private/auth'
			);
			@@ -983,19 +1015,20 @@

			//* Get the dovecot version
			exec('dovecot --version', $tmp);
			$parts = explode('.', trim($tmp[0]));
			$dovecot_version = $parts[0];
			$dovecot_version = $tmp[0];
			unset($tmp);
			unset($parts);

			//* Copy dovecot configuration file
			if($dovecot_version == 2) {
			if(version_compare($dovecot_version,2) >= 0) {
			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master')) {
			copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
			} else {
			copy('tpl/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
			}
			replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
			if(version_compare($dovecot_version,2.1) < 0) {
			removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
			}
			} else {
			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master')) {
			copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master', $config_dir.'/'.$configfile);
			@@ -1068,9 +1101,21 @@
			if(is_file($conf['postfix']['config_dir'].'/master.cf')) copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~');
			$content = rf($conf['postfix']['config_dir'].'/master.cf');
			// Only add the content if we had not addded it before
			if(!stristr($content, '127.0.0.1:10025')) {
			if(!preg_match('/^amavis\s+unix\s+/m', $content)) {
			unset($content);
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', 'tpl/master_cf_amavis.master');
			af($conf['postfix']['config_dir'].'/master.cf', $content);
			$content = rf($conf['postfix']['config_dir'].'/master.cf');
			}
			if(!preg_match('/^127.0.0.1:10025\s+/m', $content)) {
			unset($content);
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10025.master', 'tpl/master_cf_amavis10025.master');
			af($conf['postfix']['config_dir'].'/master.cf', $content);
			$content = rf($conf['postfix']['config_dir'].'/master.cf');
			}
			if(!preg_match('/^127.0.0.1:10027\s+/m', $content)) {
			unset($content);
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10027.master', 'tpl/master_cf_amavis10027.master');
			af($conf['postfix']['config_dir'].'/master.cf', $content);
			}
			unset($content);
			@@ -1078,7 +1123,20 @@
			// Add the clamav user to the amavis group
			exec('adduser clamav amavis');


			// Create the director for DKIM-Keys
			if(!is_dir('/var/lib/amavis/dkim')) mkdir('/var/lib/amavis/dkim', 0750, true);
			// get shell-user for amavis
			$amavis_user=exec('grep -o "^amavis:\\|^vscan:" /etc/passwd');
			if(!empty($amavis_user)) {
			$amavis_user=rtrim($amavis_user, ":");
			exec('chown '.$amavis_user.' /var/lib/amavis/dkim');
			}
			// get shell-group for amavis
			$amavis_group=exec('grep -o "^amavis:\\|^vscan:" /etc/group');
			if(!empty($amavis_group)) {
			$amavis_group=rtrim($amavis_group, ":");
			exec('chgrp '.$amavis_group.' /var/lib/amavis/dkim');
			}
			}

			public function configure_spamassassin() {
			@@ -1431,19 +1489,17 @@
			exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile);
			}

			/*
			public function configure_ufw_firewall()
			{
			$configfile = 'ufw.conf';
			if(is_file('/etc/ufw/ufw.conf')) copy('/etc/ufw/ufw.conf','/etc/ufw/ufw.conf~');
			if(is_file('/etc/ufw/ufw.conf')) copy('/etc/ufw/ufw.conf', '/etc/ufw/ufw.conf~');
			$content = rf("tpl/".$configfile.".master");
			wf('/etc/ufw/ufw.conf',$content);
			wf('/etc/ufw/ufw.conf', $content);
			exec('chmod 600 /etc/ufw/ufw.conf');
			exec('chown root:root /etc/ufw/ufw.conf');
			}
			*/

			public function configure_firewall() {
			public function configure_bastille_firewall() {
			global $conf;

			$dist_init_scripts = $conf['init_scripts'];
			@@ -1716,6 +1772,8 @@
			exec("openssl rsa -passin pass:$ssl_pw -in $ssl_key_file -out $ssl_key_file.insecure");
			rename($ssl_key_file, $ssl_key_file.'.secure');
			rename($ssl_key_file.'.insecure', $ssl_key_file);

			exec('chown -R root:root /usr/local/ispconfig/interface/ssl');

			}

			@@ -1994,6 +2052,8 @@
			exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
			exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
			}

			exec('chown -R root:root /usr/local/ispconfig/interface/ssl');

			// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
			// and must be fixed as this will allow the apache user to read the ispconfig files.
			@@ -2213,7 +2273,7 @@
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mysql_clientdb.conf.master', 'tpl/mysql_clientdb.conf.master');
			$content = str_replace('{hostname}', $conf['mysql']['host'], $content);
			$content = str_replace('{username}', $conf['mysql']['admin_user'], $content);
			$content = str_replace('{password}', $conf['mysql']['admin_password'], $content);
			$content = str_replace('{password}', addslashes($conf['mysql']['admin_password']), $content);
			wf($install_dir.'/server/lib/mysql_clientdb.conf', $content);
			chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
			chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
			@@ -2236,8 +2296,8 @@
			}

			$root_cron_jobs = array(
			"* * * * * ".$install_dir."/server/server.sh 2>&1 > /dev/null \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done",
			"30 00 * * * ".$install_dir."/server/cron_daily.sh 2>&1 > /dev/null \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done"
			"* * * * * ".$install_dir."/server/server.sh 2>&1 \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done",
			"* * * * * ".$install_dir."/server/cron.sh 2>&1 \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done"
			);

			if ($conf['nginx']['installed'] == true) {
			@@ -2301,15 +2361,15 @@

			public function getinitcommand($servicename, $action, $init_script_directory = ''){
			global $conf;
			// systemd
			if(is_executable('/bin/systemd') \|\| is_executable('/usr/bin/systemctl')){
			return 'systemctl '.$action.' '.$servicename.'.service';
			}
			// upstart
			if(is_executable('/sbin/initctl')){
			exec('/sbin/initctl version 2>/dev/null \| /bin/grep -q upstart', $retval['output'], $retval['retval']);
			if(intval($retval['retval']) == 0) return 'service '.$servicename.' '.$action;
			}
			// systemd
			if(is_executable('/bin/systemd') \|\| is_executable('/usr/bin/systemctl')){
			return 'systemctl '.$action.' '.$servicename.'.service';
			}
			// sysvinit
			if($init_script_directory == '') $init_script_directory = $conf['init_scripts'];
			if(substr($init_script_directory, -1) === '/') $init_script_directory = substr($init_script_directory, 0, -1);