ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
Till Brehm
2016-04-22 ebd0e986ed11f2a34fb58cdd33efbfab192083ad 
 install/dist/lib/gentoo.lib.php


@@ -49,7 +49,7 @@




   public function configure_postfix($options = '')


   {


      global $conf;


      global $conf,$autoinstall;




      $cf = $conf['postfix'];


      $config_dir = $cf['config_dir'];


@@ -119,8 +119,13 @@


      //* Create the SSL certificate


      if (!stristr($options, 'dont-create-certs'))


      {


         $command = 'cd '.$config_dir.'; '


            .'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509';


         if(AUTOINSTALL){


            $command = 'cd '.$config_dir.'; '


               ."openssl req -new -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509";


         } else {


            $command = 'cd '.$config_dir.'; '


               .'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';


         }


         exec($command);




         $command = 'chmod o= '.$config_dir.'/smtpd.key';


@@ -495,6 +500,7 @@






      //* Copy the ISPConfig configuration include


      /*


      $content = $this->get_template_file('apache_ispconfig.conf', true);




      $records = $this->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ".$conf["server_id"]." AND virtualhost = 'y'");


@@ -507,6 +513,37 @@


      }




      $this->write_config_file($conf['apache']['vhost_conf_dir'].'/000-ispconfig.conf', $content);


      */


		


      $tpl = new tpl('apache_ispconfig.conf.master');


      $tpl->setVar('apache_version',getapacheversion());


		


      $records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");


      $ip_addresses = array();


		


      if(is_array($records) && count($records) > 0) {


         foreach($records as $rec) {


            if($rec['ip_type'] == 'IPv6') {


               $ip_address = '['.$rec['ip_address'].']';


            } else {


               $ip_address = $rec['ip_address'];


            }


            $ports = explode(',', $rec['virtualhost_port']);


            if(is_array($ports)) {


               foreach($ports as $port) {


                  $port = intval($port);


                  if($port > 0 && $port < 65536 && $ip_address != '') {


                     $ip_addresses[] = array('ip_address' => $ip_address, 'port' => $port);


                  }


               }


            }


         }


      }


		


      if(count($ip_addresses) > 0) $tpl->setLoop('ip_adresses',$ip_addresses);




      wf($conf['apache']['vhost_conf_dir'].'/000-ispconfig.conf', $tpl->grab());


      unset($tpl);




      //* Gentoo by default does not include .vhost files. Add include line to config file.


      $content = rf($conf['apache']['config_file']);


@@ -711,6 +748,31 @@


      //* copy the ISPConfig server part


      $command = "cp -rf ../server $install_dir";


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


		


      //* Make a backup of the security settings


      if(is_file('/usr/local/ispconfig/security/security_settings.ini')) copy('/usr/local/ispconfig/security/security_settings.ini','/usr/local/ispconfig/security/security_settings.ini~');


		


      //* copy the ISPConfig security part


      $command = 'cp -rf ../security '.$install_dir;


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


		


      //* Apply changed security_settings.ini values to new security_settings.ini file


      if(is_file('/usr/local/ispconfig/security/security_settings.ini~')) {


         $security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~'));


         $security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini'));


         if(is_array($security_settings_new) && is_array($security_settings_old)) {


            foreach($security_settings_new as $section => $sval) {


               if(is_array($sval)) {


                  foreach($sval as $key => $val) {


                     if(isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) {


                        $security_settings_new[$section][$key] = $security_settings_old[$section][$key];


                     }


                  }


               }


            }


            file_put_contents('/usr/local/ispconfig/security/security_settings.ini',array_to_ini($security_settings_new));


         }


      }






      //* Create the config file for ISPConfig interface


@@ -814,12 +876,38 @@


         $this->db->query($sql);


      }




      //* Chmod the files


      $command = "chmod -R 750 $install_dir";


      // chown install dir to root and chmod 755


      $command = 'chown root:root '.$install_dir;


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


      $command = 'chmod 755 '.$install_dir;


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");




      //* chown the files to the ispconfig user and group


      $command = "chown -R ispconfig:ispconfig $install_dir";


      //* Chmod the files and directories in the install dir


      $command = 'chmod -R 750 '.$install_dir.'/*';


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");




      //* chown the interface files to the ispconfig user and group


      $command = 'chown -R ispconfig:ispconfig '.$install_dir.'/interface';


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


		


      //* chown the server files to the root user and group


      $command = 'chown -R root:root '.$install_dir.'/server';


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


		


      //* chown the security files to the root user and group


      $command = 'chown -R root:root '.$install_dir.'/security';


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


		


      //* chown the security directory and security_settings.ini to root:ispconfig


      $command = 'chown root:ispconfig '.$install_dir.'/security/security_settings.ini';


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


      $command = 'chown root:ispconfig '.$install_dir.'/security';


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


      $command = 'chown root:ispconfig '.$install_dir.'/security/ids.whitelist';


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


      $command = 'chown root:ispconfig '.$install_dir.'/security/ids.htmlfield';


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


      $command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';


      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");




      //* Make the global language file directory group writable


@@ -874,6 +962,8 @@


         exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));


         exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));


      }


		


      exec('chown -R root:root /usr/local/ispconfig/interface/ssl');




      // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing


      // and must be fixed as this will allow the apache user to read the ispconfig files.


@@ -1047,7 +1137,16 @@




      //* Remove Domain module as its functions are available in the client module now


      if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');




		


      // Add symlink for patch tool


      if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');


		


      // Change mode of a few files from amavisd


      if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);


      if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);


      if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);


      if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);


		


   }




}