gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -36,6 +36,8 @@
			public $conf;
			public $install_ispconfig_interface = true;
			public $is_update = false; // true if it is an update, falsi if it is a new install
			public $min_php = '5.3.3'; // minimal php-version for update / install
			protected $mailman_group = 'list';


			public function __construct() {
			@@ -56,12 +58,27 @@
			echo 'WARNING: '.$msg."\n";
			}

			public function simple_query($query, $answers, $default) {
			public function simple_query($query, $answers, $default, $name = '') {
			global $autoinstall;
			$finished = false;
			do {
			$answers_str = implode(',', $answers);
			swrite($this->lng($query).' ('.$answers_str.') ['.$default.']: ');
			$input = sread();
			if($name != '' && $autoinstall[$name] != '') {
			if($autoinstall[$name] == 'default') {
			$input = $default;
			} else {
			$input = $autoinstall[$name];
			}
			} elseif($name != '' && $autoupdate[$name] != '') {
			if($autoupdate[$name] == 'default') {
			$input = $default;
			} else {
			$input = $autoupdate[$name];
			}
			} else {
			$answers_str = implode(',', $answers);
			swrite($this->lng($query).' ('.$answers_str.') ['.$default.']: ');
			$input = sread();
			}

			//* Stop the installation
			if($input == 'quit') {
			@@ -86,9 +103,24 @@
			return $answer;
			}

			public function free_query($query, $default) {
			swrite($this->lng($query).' ['.$default.']: ');
			$input = sread();
			public function free_query($query, $default, $name = '') {
			global $autoinstall;
			if($name != '' && $autoinstall[$name] != '') {
			if($autoinstall[$name] == 'default') {
			$input = $default;
			} else {
			$input = $autoinstall[$name];
			}
			} elseif($name != '' && $autoupdate[$name] != '') {
			if($autoupdate[$name] == 'default') {
			$input = $default;
			} else {
			$input = $autoupdate[$name];
			}
			} else {
			swrite($this->lng($query).' ['.$default.']: ');
			$input = sread();
			}

			//* Stop the installation
			if($input == 'quit') {
			@@ -111,13 +143,20 @@
			}
			*/

			//** Detect PHP-Version
			public function get_php_version() {
			if(version_compare(PHP_VERSION, $this->min_php, '<')) return false;
			else return true;
			}

			//** Detect installed applications
			public function find_installed_apps() {
			global $conf;

			if(is_installed('mysql') \|\| is_installed('mysqld')) $conf['mysql']['installed'] = true;
			if(is_installed('postfix')) $conf['postfix']['installed'] = true;
			if(is_installed('mailman')) $conf['mailman']['installed'] = true;
			if(is_installed('postgrey')) $conf['postgrey']['installed'] = true;
			if(is_installed('mailman') \|\| is_installed('mmsitepass')) $conf['mailman']['installed'] = true;
			if(is_installed('apache') \|\| is_installed('apache2') \|\| is_installed('httpd') \|\| is_installed('httpd2')) $conf['apache']['installed'] = true;
			if(is_installed('getmail')) $conf['getmail']['installed'] = true;
			if(is_installed('courierlogger')) $conf['courier']['installed'] = true;
			@@ -132,12 +171,50 @@
			if(is_installed('named') \|\| is_installed('bind') \|\| is_installed('bind9')) $conf['bind']['installed'] = true;
			if(is_installed('squid')) $conf['squid']['installed'] = true;
			if(is_installed('nginx')) $conf['nginx']['installed'] = true;
			if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
			if(is_installed('iptables') && is_installed('ufw')) {
			$conf['ufw']['installed'] = true;
			} elseif(is_installed('iptables')) {
			$conf['firewall']['installed'] = true;
			}
			if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
			if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
			if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
			if(is_installed('metronome') && is_installed('metronomectl')) $conf['xmpp']['installed'] = true;
			if(is_installed('spamassassin')) $conf['spamassassin']['installed'] = true;
			// if(is_installed('vlogger')) $conf['vlogger']['installed'] = true;
			// ISPConfig ships with vlogger, so it is always installed.
			$conf['vlogger']['installed'] = true;
			if(is_installed('cron') \|\| is_installed('anacron')) $conf['cron']['installed'] = true;

			if ($conf['services']['web'] && (($conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) \|\| ($conf['nginx']['installed'] && is_file($conf['nginx']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")))) $this->ispconfig_interface_installed = true;
			}

			public function force_configure_app($service, $enable_force=true) {
			$force = false;
			if($enable_force == true) {
			swriteln("[WARN] autodetect for $service failed");
			} else {
			swriteln("[INFO] service $service not detected");
			}
			if($enable_force) {
			if(strtolower($this->simple_query("Force configure $service", array('y', 'n'), 'n') ) == 'y') {
			$force = true;
			} else swriteln("Skipping $service\n");
			}
			return $force;
			}

			public function reconfigure_app($service, $reconfigure_services_answer) {
			$reconfigure = false;
			if ($reconfigure_services_answer != 'selected') {
			$reconfigure = true;
			} else {
			if(strtolower($this->simple_query("Reconfigure $service", array('y', 'n'), 'y') ) == 'y') {
			$reconfigure = true;
			} else {
			swriteln("Skip reconfigure $service\n");
			}
			}
			return $reconfigure;
			}

			/** Create the database for ISPConfig */
			@@ -146,13 +223,23 @@
			public function configure_database() {
			global $conf;

			//* check sql-mode
			$check_sql_mode = $this->db->queryOneRecord("SELECT @@sql_mode");

			if ($check_sql_mode['@@sql_mode'] != '' && $check_sql_mode['@@sql_mode'] != 'NO_ENGINE_SUBSTITUTION') {
			echo "Wrong SQL-mode. You should use NO_ENGINE_SUBSTITUTION. Add\n\n";
			echo " sql-mode=\"NO_ENGINE_SUBSTITUTION\"\n\n";
			echo"to the mysqld-section in your mysql-config and restart mysqld afterwards\n";
			die();
			}

			//** Create the database
			if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['mysql']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
			if(!$this->db->query('CREATE DATABASE IF NOT EXISTS ?? DEFAULT CHARACTER SET ?', $conf['mysql']['database'], $conf['mysql']['charset'])) {
			$this->error('Unable to create MySQL database: '.$conf['mysql']['database'].'.');
			}

			//* Set the database name in the DB library
			$this->db->dbName = $conf['mysql']['database'];
			$this->db->setDBName($conf['mysql']['database']);

			//* Load the database dump into the database, if database contains no tables
			$db_tables = $this->db->getTables();
			@@ -172,8 +259,8 @@
			}

			//* Load system.ini into the sys_ini table
			$system_ini = $this->db->quote(rf('tpl/system.ini.master'));
			$this->db->query("UPDATE sys_ini SET config = '$system_ini' WHERE sysini_id = 1");
			$system_ini = rf('tpl/system.ini.master');
			$this->db->query("UPDATE sys_ini SET config = ? WHERE sysini_id = 1", $system_ini);

			}
			}
			@@ -190,23 +277,17 @@
			}

			// Delete ISPConfig user in the local database, in case that it exists
			$this->db->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['ispconfig_user']."' AND Host = '".$from_host."';");
			$this->db->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['database']."' AND Host = '".$from_host."';");
			$this->db->query('FLUSH PRIVILEGES;');
			$this->db->query("DROP USER ?@?", $conf['mysql']['ispconfig_user'], $from_host);
			$this->db->query("DROP DATABASE IF EXISTS ?", $conf['mysql']['database']);

			//* Create the ISPConfig database user in the local database
			$query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['database'].".* "
			."TO '".$conf['mysql']['ispconfig_user']."'@'".$from_host."' "
			."IDENTIFIED BY '".$conf['mysql']['ispconfig_password']."';";
			if(!$this->db->query($query)) {
			$query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON ?? TO ?@? IDENTIFIED BY ?';
			if(!$this->db->query($query, $conf['mysql']['database'] . ".*", $conf['mysql']['ispconfig_user'], $from_host, $conf['mysql']['ispconfig_password'])) {
			$this->error('Unable to create database user: '.$conf['mysql']['ispconfig_user'].' Error: '.$this->db->errorMessage);
			}

			//* Reload database privelages
			$this->db->query('FLUSH PRIVILEGES;');

			//* Set the database name in the DB library
			$this->db->dbName = $conf['mysql']['database'];
			$this->db->setDBName($conf['mysql']['database']);

			$tpl_ini_array = ini_to_array(rf('tpl/server.ini.master'));

			@@ -220,6 +301,7 @@
			$tpl_ini_array['fastcgi']['fastcgi_bin'] = $conf['fastcgi']['fastcgi_bin'];
			$tpl_ini_array['server']['hostname'] = $conf['hostname'];
			$tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']);
			$tpl_ini_array['server']['firewall'] = ($conf['ufw']['installed'] == true)?'ufw':'bastille';
			$tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir'];
			$tpl_ini_array['web']['website_path'] = $conf['web']['website_path'];
			$tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks'];
			@@ -260,8 +342,7 @@
			}

			$server_ini_content = array_to_ini($tpl_ini_array);
			$server_ini_content = mysql_real_escape_string($server_ini_content);


			$mail_server_enabled = ($conf['services']['mail'])?1:0;
			$web_server_enabled = ($conf['services']['web'])?1:0;
			$dns_server_enabled = ($conf['services']['dns'])?1:0;
			@@ -289,14 +370,14 @@
			if($conf['mysql']['master_slave_setup'] == 'y') {

			//* Insert the server record in master DB
			$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
			$this->dbmaster->query($sql);
			$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', ?, ?, ?, ?, ?, ?, ?, ?, 0, 1, ?, ?, ?);";
			$this->dbmaster->query($sql, $conf['hostname'], $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $server_ini_content, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);
			$conf['server_id'] = $this->dbmaster->insertID();
			$conf['server_id'] = $conf['server_id'];

			//* Insert the same record in the local DB
			$sql = "INSERT INTO `server` (`server_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES ('".$conf['server_id']."',1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
			$this->db->query($sql);
			$sql = "INSERT INTO `server` (`server_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (?,1, 1, 'riud', 'riud', 'r', ?, ?, ?, ?, ?, ?, ?, ?, 0, 1, ?, ?, ?);";
			$this->db->query($sql, $conf['server_id'], $conf['hostname'], $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $server_ini_content, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);

			//* username for the ispconfig user
			$conf['mysql']['master_ispconfig_user'] = 'ispcsrv'.$conf['server_id'];
			@@ -305,13 +386,91 @@

			} else {
			//* Insert the server, if its not a mster / slave setup
			$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
			$this->db->query($sql);
			$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', ?, ?, ?, ?, ?, ?, ?, ?, 0, 1, ?, ?, ?);";
			$this->db->query($sql, $conf['hostname'], $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $server_ini_content, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);
			$conf['server_id'] = $this->db->insertID();
			$conf['server_id'] = $conf['server_id'];
			}


			}

			public function detect_ips(){
			global $conf;

			exec("ip addr show \| awk '/global/ { print $2 }' \| cut -d '/' -f 1", $output, $retval);

			if($retval == 0){
			if(is_array($output) && !empty($output)){
			foreach($output as $line){
			$line = trim($line);
			$ip_type = '';
			if (filter_var($line, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
			$ip_type = 'IPv4';
			}
			if (filter_var($line, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
			$ip_type = 'IPv6';
			}
			if($ip_type == '') continue;
			if($this->db->dbHost != $this->dbmaster->dbHost){
			$this->dbmaster->query('INSERT INTO server_ip (
			sys_userid, sys_groupid, sys_perm_user, sys_perm_group,
			sys_perm_other, server_id, client_id, ip_type, ip_address,
			virtualhost, virtualhost_port
			) VALUES (
			1,
			1,
			"riud",
			"riud",
			"",
			?,
			0,
			?,
			?,
			"y",
			"80,443"
			)', $conf['server_id'], $ip_type, $line);
			$server_ip_id = $this->dbmaster->insertID();
			$this->db->query('INSERT INTO server_ip (
			server_php_id, sys_userid, sys_groupid, sys_perm_user, sys_perm_group,
			sys_perm_other, server_id, client_id, ip_type, ip_address,
			virtualhost, virtualhost_port
			) VALUES (
			?,
			1,
			1,
			"riud",
			"riud",
			"",
			?,
			0,
			?,
			?,
			"y",
			"80,443"
			)', $server_ip_id, $conf['server_id'], $ip_type, $line);
			} else {
			$this->db->query('INSERT INTO server_ip (
			sys_userid, sys_groupid, sys_perm_user, sys_perm_group,
			sys_perm_other, server_id, client_id, ip_type, ip_address,
			virtualhost, virtualhost_port
			) VALUES (
			1,
			1,
			"riud",
			"riud",
			"",
			?,
			0,
			?,
			?,
			"y",
			"80,443"
			)', $conf['server_id'], $ip_type, $line);
			}
			}
			}
			}
			}

			public function grant_master_database_rights($verbose = false) {
			@@ -368,134 +527,154 @@
			* if not, the user already exists and we do not need the pwd
			*/
			if ($value['pwd'] != ''){
			$query = "CREATE USER '".$value['user']."'@'".$host."' IDENTIFIED BY '" . $value['pwd'] . "'";
			$query = "CREATE USER ?@? IDENTIFIED BY ?";
			if ($verbose){
			echo "\n\n" . $query ."\n";
			}
			$this->dbmaster->query($query); // ignore the error
			$this->dbmaster->query($query, $value['user'], $host, $value['pwd']); // ignore the error
			}

			/*
			* Try to delete all rights of the user in case that it exists.
			* In Case that it will not exist, do nothing (ignore the error!)
			*/
			$query = "REVOKE ALL PRIVILEGES, GRANT OPTION FROM '".$value['user']."'@'".$host."' ";
			$query = "REVOKE ALL PRIVILEGES, GRANT OPTION FROM ?@?";
			if ($verbose){
			echo "\n\n" . $query ."\n";
			}
			$this->dbmaster->query($query); // ignore the error
			$this->dbmaster->query($query, $value['user'], $host); // ignore the error

			//* Create the ISPConfig database user in the remote database
			$query = "GRANT SELECT ON ".$value['db'].".`server` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.server', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, INSERT ON ".$value['db'].".`sys_log` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT, INSERT ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.sys_log', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, UPDATE(`status`, `error`) ON ".$value['db'].".`sys_datalog` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT, UPDATE(`status`, `error`) ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.sys_datalog', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, UPDATE(`status`) ON ".$value['db'].".`software_update_inst` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT, UPDATE(`status`) ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.software_update_inst', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, UPDATE(`updated`) ON ".$value['db'].".`server` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT, UPDATE(`updated`) ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.server', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ".$value['db'].".`web_domain` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.web_domain', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT ON ".$value['db'].".`sys_group` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.sys_group', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, UPDATE (`action_state`, `response`) ON ".$value['db'].".`sys_remoteaction` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT, UPDATE (`action_state`, `response`) ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.sys_remoteaction', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, INSERT , DELETE ON ".$value['db'].".`monitor_data` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT, INSERT , DELETE ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.monitor_data', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, INSERT, UPDATE ON ".$value['db'].".`mail_traffic` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT, INSERT, UPDATE ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.mail_traffic', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, INSERT, UPDATE ON ".$value['db'].".`web_traffic` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT, INSERT, UPDATE ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.web_traffic', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, UPDATE ON ".$value['db'].".`aps_instances` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT, UPDATE, DELETE ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.aps_instances', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, DELETE ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query, $value['db'] . '.aps_instances_settings', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, INSERT, DELETE ON ".$value['db'].".`web_backup` TO '".$value['user']."'@'".$host."' ";
			$query = "GRANT SELECT, INSERT, DELETE ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query)) {
			if(!$this->dbmaster->query($query, $value['db'] . '.web_backup', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, INSERT, DELETE ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query, $value['db'] . '.mail_backup', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, UPDATE(`dnssec_initialized`, `dnssec_info`, `dnssec_last_signed`) ON ?? TO ?@?";
			if ($verbose){
			echo $query ."\n";
			}
			if(!$this->dbmaster->query($query, $value['db'] . '.dns_soa', $value['user'], $host)) {
			$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
			}

			}

			/*
			* It is all done. Relod the rights...
			*/
			$this->dbmaster->query('FLUSH PRIVILEGES;');
			}

			}
			@@ -570,7 +749,7 @@
			if (trim($line) != '' && substr($line, 0, 1) != '#')
			{
			@list($key, $value) = @explode("=", $line);
			if (!empty($value))
			if (isset($value) && $value !== '')
			{
			$key = rtrim($key);
			$old_options[$key] = trim($value);
			@@ -619,17 +798,40 @@
			} else {
			copy('tpl/mailman-virtual_to_transport.sh', $full_file_name);
			}
			chgrp($full_file_name, 'list');
			chmod($full_file_name, 0750);
			chgrp($full_file_name, $this->mailman_group);
			chmod($full_file_name, 0755);
			}

			//* Create aliasaes
			exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');

			if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
			exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
			}

			public function get_postfix_service($service, $type) {
			global $conf;

			exec("postconf -M", $out, $ret);

			if ($ret === 0) { //* with postfix >= 2.9 we can detect configured services with postconf
			unset($out);
			exec ("postconf -M $service/$type 2> /dev/null", $out, $ret); //* Postfix >= 2.11
			if (!isset($out[0])) { //* try Postfix 2.9
			exec ("postconf -M $service.$type 2> /dev/null", $out, $ret);
			}
			$postfix_service = @($out[0]=='')?false:true;
			} else { //* fallback - Postfix < 2.9
			rf($conf['postfix']['config_dir'].'/master.cf');
			$regex = '/[^#]'.$service.'..'.$type.'./';
			$postfix_service = @(!preg_match($regex, $content))?true:false;
			}

			return $postfix_service;
			}

			public function configure_postfix($options = '') {
			global $conf;
			global $conf,$autoinstall;
			$cf = $conf['postfix'];
			$config_dir = $cf['config_dir'];

			@@ -658,6 +860,9 @@
			//* mysql-virtual_sender.cf
			$this->process_postfix_config('mysql-virtual_sender.cf');

			//* mysql-virtual_sender_login_maps.cf
			$this->process_postfix_config('mysql-virtual_sender_login_maps.cf');

			//* mysql-virtual_client.cf
			$this->process_postfix_config('mysql-virtual_client.cf');

			@@ -666,6 +871,12 @@

			//* mysql-virtual_relayrecipientmaps.cf
			$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');

			//* mysql-virtual_outgoing_bcc.cf
			$this->process_postfix_config('mysql-virtual_outgoing_bcc.cf');

			//* mysql-virtual_policy_greylist.cf
			$this->process_postfix_config('mysql-virtual_policy_greylist.cf');

			//* postfix-dkim
			$full_file_name=$config_dir.'/tag_as_originating.re';
			@@ -690,7 +901,7 @@
			if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			//* These postconf commands will be executed on installation and update
			$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ".$conf['server_id']);
			$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . '.server', $conf['server_id']);
			$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
			unset($server_ini_rec);

			@@ -703,13 +914,30 @@
			}
			}
			unset($rbl_hosts);

			//* If Postgrey is installed, configure it
			$greylisting = '';
			if($conf['postgrey']['installed'] == true) {
			$greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
			}

			$reject_sender_login_mismatch = '';
			if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
			}
			unset($server_ini_array);

			$tmp = str_replace('.','\.',$conf['hostname']);

			$postconf_placeholders = array('{config_dir}' => $config_dir,
			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
			'{vmail_userid}' => $cf['vmail_userid'],
			'{vmail_groupid}' => $cf['vmail_groupid'],
			'{rbl_list}' => $rbl_list);
			'{rbl_list}' => $rbl_list,
			'{greylisting}' => $greylisting,
			'{reject_slm}' => $reject_sender_login_mismatch,
			'{myhostname}' => $tmp,
			);

			$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');
			$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
			@@ -739,6 +967,27 @@
			if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
			exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');

			//* Create auxillary postfix conf files
			$configfile = 'helo_access';
			if(is_file($config_dir.'/'.$configfile)) {
			copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
			chmod($config_dir.'/'.$configfile.'~', 0400);
			}
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
			$content = strtr($content, $postconf_placeholders);
			# todo: look up this server's ip addrs and loop through each
			# todo: look up domains hosted on this server and loop through each
			wf($config_dir.'/'.$configfile, $content);

			$configfile = 'blacklist_helo';
			if(is_file($config_dir.'/'.$configfile)) {
			copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
			chmod($config_dir.'/'.$configfile.'~', 0400);
			}
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
			$content = strtr($content, $postconf_placeholders);
			wf($config_dir.'/'.$configfile, $content);

			//* Make a backup copy of the main.cf file
			copy($config_dir.'/main.cf', $config_dir.'/main.cf~');

			@@ -750,8 +999,13 @@

			if(!stristr($options, 'dont-create-certs')) {
			//* Create the SSL certificate
			$command = 'cd '.$config_dir.'; '
			.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
			if(AUTOINSTALL){
			$command = 'cd '.$config_dir.'; '
			."openssl req -new -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509";
			} else {
			$command = 'cd '.$config_dir.'; '
			.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
			}
			exec($command);

			$command = 'chmod o= '.$config_dir.'/smtpd.key';
			@@ -762,19 +1016,30 @@
			$command = 'chmod 755 /var/run/courier/authdaemon/';
			if(is_file('/var/run/courier/authdaemon/')) caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);

			//* Changing maildrop lines in posfix master.cf
			if(is_file($config_dir.'/master.cf')) {
			copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
			}
			if(is_file($config_dir.'/master.cf~')) {
			chmod($config_dir.'/master.cf~', 0400);
			}
			//* Check maildrop service in posfix master.cf
			$regex = "/^maildrop unix.*pipe flags=DRhu user=vmail argv=\\/usr\\/bin\\/maildrop -d ".$cf['vmail_username']." \\$\{extension} \\$\{recipient} \\$\{user} \\$\{nexthop} \\$\{sender}/";
			$configfile = $config_dir.'/master.cf';
			$content = rf($configfile);
			$content = str_replace('flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
			'flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d '.$cf['vmail_username'].' ${extension} ${recipient} ${user} ${nexthop} ${sender}',
			$content);
			wf($configfile, $content);
			if($this->get_postfix_service('maildrop', 'unix')) {
			exec ("postconf -M maildrop.unix &> /dev/null", $out, $ret);
			$change_maildrop_flags = @(preg_match($regex, $out[0]) && $out[0] !='')?false:true;
			} else {
			$change_maildrop_flags = @(preg_match($regex, $configfile))?false:true;
			}
			if ($change_maildrop_flags) {
			//* Change maildrop service in posfix master.cf
			if(is_file($config_dir.'/master.cf')) {
			copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
			}
			if(is_file($config_dir.'/master.cf~')) {
			chmod($config_dir.'/master.cf~', 0400);
			}
			$configfile = $config_dir.'/master.cf';
			$content = rf($configfile);
			$content = str_replace('flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
			'flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d '.$cf['vmail_username'].' ${extension} ${recipient} ${user} ${nexthop} ${sender}',
			$content);
			wf($configfile, $content);
			}

			//* Writing the Maildrop mailfilter file
			$configfile = 'mailfilter';
			@@ -799,7 +1064,7 @@
			caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			}


			public function configure_saslauthd() {
			global $conf;

			@@ -810,12 +1075,12 @@
			unset($parts);
			unset($out);

			if(version_compare($saslversion , '2.1.23') > 0) {
			//* Configfile for saslauthd versions 2.1.24 and newer
			$configfile = 'sasl_smtpd2.conf';
			} else {
			if(version_compare($saslversion , '2.1.23', '<=')) {
			//* Configfile for saslauthd versions up to 2.1.23
			$configfile = 'sasl_smtpd.conf';
			} else {
			//* Configfile for saslauthd versions 2.1.24 and newer
			$configfile = 'sasl_smtpd2.conf';
			}

			if(is_file($conf['postfix']['config_dir'].'/sasl/smtpd.conf')) copy($conf['postfix']['config_dir'].'/sasl/smtpd.conf', $conf['postfix']['config_dir'].'/sasl/smtpd.conf~');
			@@ -893,6 +1158,7 @@
			$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
			$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
			$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
			$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
			wf($config_dir.'/'.$configfile, $content);

			chmod($config_dir.'/'.$configfile, 0660);
			@@ -914,31 +1180,47 @@

			public function configure_dovecot() {
			global $conf;

			$virtual_transport = 'dovecot';

			$config_dir = $conf['dovecot']['config_dir'];
			$configure_lmtp = false;

			// check if virtual_transport must be changed
			if ($this->is_update) {
			$tmp = $this->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . ".server", $conf['server_id']);
			$ini_array = ini_to_array(stripslashes($tmp['config']));
			// ini_array needs not to be checked, because already done in update.php -> updateDbAndIni()

			if(isset($ini_array['mail']['mailbox_virtual_uidgid_maps']) && $ini_array['mail']['mailbox_virtual_uidgid_maps'] == 'y') {
			$virtual_transport = 'lmtp:unix:private/dovecot-lmtp';
			$configure_lmtp = true;
			}
			}

			$config_dir = $conf['postfix']['config_dir'];

			//* Configure master.cf and add a line for deliver
			if(is_file($conf['postfix']['config_dir'].'/master.cf')) {
			copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~2');
			if(!$this->get_postfix_service('dovecot', 'unix')) {
			//* backup
			if(is_file($config_dir.'/master.cf')){
			copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
			}
			if(is_file($config_dir.'/master.cf~')){
			chmod($config_dir.'/master.cf~2', 0400);
			}
			//* Configure master.cf and add a line for deliver
			$content = rf($conf["postfix"]["config_dir"].'/master.cf');
			$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n";
			af($config_dir.'/master.cf', $deliver_content);
			unset($content);
			unset($deliver_content);
			}
			if(is_file($conf['postfix']['config_dir'].'/master.cf~')) {
			chmod($conf['postfix']['config_dir'].'/master.cf~2', 0400);
			}
			$content = rf($conf['postfix']['config_dir'].'/master.cf');
			// Only add the content if we had not addded it before
			if(!stristr($content, 'dovecot/deliver')) {
			$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
			af($conf['postfix']['config_dir'].'/master.cf', $deliver_content);
			}
			unset($content);
			unset($deliver_content);


			//* Reconfigure postfix to use dovecot authentication
			// Adding the amavisd commands to the postfix configuration
			$postconf_commands = array (
			'dovecot_destination_recipient_limit = 1',
			'virtual_transport = dovecot',
			'virtual_transport = '.$virtual_transport,
			'smtpd_sasl_type = dovecot',
			'smtpd_sasl_path = private/auth'
			);
			@@ -953,6 +1235,7 @@
			}

			//* backup dovecot.conf
			$config_dir = $conf['dovecot']['config_dir'];
			$configfile = 'dovecot.conf';
			if(is_file($config_dir.'/'.$configfile)) {
			copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
			@@ -960,24 +1243,31 @@

			//* Get the dovecot version
			exec('dovecot --version', $tmp);
			$parts = explode('.', trim($tmp[0]));
			$dovecot_version = $parts[0];
			$dovecot_version = $tmp[0];
			unset($tmp);
			unset($parts);

			//* Copy dovecot configuration file
			if($dovecot_version == 2) {
			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master')) {
			copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
			} else {
			copy('tpl/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
			}
			} else {
			if(version_compare($dovecot_version,1, '<=')) { //* Dovecot 1.x
			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master')) {
			copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master', $config_dir.'/'.$configfile);
			} else {
			copy('tpl/debian_dovecot.conf.master', $config_dir.'/'.$configfile);
			}
			} else { //* Dovecot 2.x
			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master')) {
			copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
			} else {
			copy('tpl/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
			}
			replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
			if(version_compare($dovecot_version, 2.1, '<')) {
			removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
			}
			}

			//* dovecot-lmtpd
			if($configure_lmtp) {
			replaceLine($config_dir.'/'.$configfile, 'protocols = imap pop3', 'protocols = imap pop3 lmtp', 1, 0);
			}

			//* dovecot-sql.conf
			@@ -991,11 +1281,20 @@
			$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
			$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
			$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
			$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
			$content = str_replace('{server_id}', $conf['server_id'], $content);
			# enable iterate_query for dovecot2
			if(version_compare($dovecot_version,2, '>=')) {
			$content = str_replace('# iterate_query', 'iterate_query', $content);
			}
			wf($config_dir.'/'.$configfile, $content);

			chmod($config_dir.'/'.$configfile, 0600);
			chown($config_dir.'/'.$configfile, 'root');
			chgrp($config_dir.'/'.$configfile, 'root');

			// Dovecot shall ignore mounts in website directory
			if(is_installed('doveadm')) exec("doveadm mount add '/var/www/*' ignore > /dev/null 2> /dev/null");

			}

			@@ -1005,7 +1304,7 @@
			// amavisd user config file
			$configfile = 'amavisd_user_config';
			if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) copy($conf['amavis']['config_dir'].'/conf.d/50-user', $conf['amavis']['config_dir'].'/50-user~');
			if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user~')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user~', 0400);
			if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
			$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
			$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
			@@ -1013,6 +1312,7 @@
			$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
			$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
			wf($conf['amavis']['config_dir'].'/conf.d/50-user', $content);
			chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);

			// TODO: chmod and chown on the config file

			@@ -1036,46 +1336,55 @@
			caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
			}

			// Append the configuration for amavisd to the master.cf file
			if(is_file($conf['postfix']['config_dir'].'/master.cf')) copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~');
			$content = rf($conf['postfix']['config_dir'].'/master.cf');
			// Only add the content if we had not addded it before
			if(!preg_match('/^amavis\s+unix\s+/m', $content)) {
			unset($content);
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', 'tpl/master_cf_amavis.master');
			af($conf['postfix']['config_dir'].'/master.cf', $content);
			$content = rf($conf['postfix']['config_dir'].'/master.cf');
			$config_dir = $conf['postfix']['config_dir'];

			// Adding amavis-services to the master.cf file if the service does not already exists
			$add_amavis = !$this->get_postfix_service('amavis','unix');
			$add_amavis_10025 = !$this->get_postfix_service('127.0.0.1:10025','inet');
			$add_amavis_10027 = !$this->get_postfix_service('127.0.0.1:10027','inet');

			if ($add_amavis \|\| $add_amavis_10025 \|\| $add_amavis_10027) {
			//* backup master.cf
			if(is_file($config_dir.'/master.cf')) copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
			// adjust amavis-config
			if($add_amavis) {
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', 'tpl/master_cf_amavis.master');
			af($config_dir.'/master.cf', $content);
			unset($content);
			}
			if ($add_amavis_10025) {
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10025.master', 'tpl/master_cf_amavis10025.master');
			af($config_dir.'/master.cf', $content);
			unset($content);
			}
			if ($add_amavis_10027) {
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10027.master', 'tpl/master_cf_amavis10027.master');
			af($config_dir.'/master.cf', $content);
			unset($content);
			}
			}
			if(!preg_match('/^127.0.0.1:10025\s+/m', $content)) {
			unset($content);
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10025.master', 'tpl/master_cf_amavis10025.master');
			af($conf['postfix']['config_dir'].'/master.cf', $content);
			$content = rf($conf['postfix']['config_dir'].'/master.cf');
			}
			if(!preg_match('/^127.0.0.1:10027\s+/m', $content)) {
			unset($content);
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10027.master', 'tpl/master_cf_amavis10027.master');
			af($conf['postfix']['config_dir'].'/master.cf', $content);
			}
			unset($content);

			// Add the clamav user to the amavis group
			exec('adduser clamav amavis');

			// Create the director for DKIM-Keys
			if(!is_dir('/var/lib/amavis/dkim')) mkdir('/var/lib/amavis/dkim', 0750, true);
			// get shell-user for amavis
			$amavis_user=exec('grep -o "^amavis:\\|^vscan:" /etc/passwd');
			if(!empty($amavis_user)) {
			$amavis_user=rtrim($amavis_user, ":");
			exec('chown '.$amavis_user.' /var/lib/amavis/dkim');
			}
			// get shell-group for amavis
			$amavis_group=exec('grep -o "^amavis:\\|^vscan:" /etc/group');
			if(!empty($amavis_group)) {
			$amavis_group=rtrim($amavis_group, ":");
			exec('chgrp '.$amavis_group.' /var/lib/amavis/dkim');
			}
			// get shell-user for amavis
			$amavis_user=exec('grep -o "^amavis:\\|^vscan:" /etc/passwd');
			if(!empty($amavis_user)) {
			$amavis_user=rtrim($amavis_user, ":");
			}

			// Create the director for DKIM-Keys
			if(!is_dir('/var/lib/amavis')) mkdir('/var/lib/amavis', 0750, true);
			if(!empty($amavis_user)) exec('chown '.$amavis_user.' /var/lib/amavis');
			if(!empty($amavis_group)) exec('chgrp '.$amavis_group.' /var/lib/amavis');
			if(!is_dir('/var/lib/amavis/dkim')) mkdir('/var/lib/amavis/dkim', 0750);
			if(!empty($amavis_user)) exec('chown -R '.$amavis_user.' /var/lib/amavis/dkim');
			if(!empty($amavis_group)) exec('chgrp -R '.$amavis_group.' /var/lib/amavis/dkim');

			}

			public function configure_spamassassin() {
			@@ -1164,6 +1473,7 @@
			$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
			$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
			$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
			$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
			$content = str_replace('{server_id}', $conf['server_id'], $content);
			wf($conf['mydns']['config_dir'].'/'.$configfile, $content);
			chmod($conf['mydns']['config_dir'].'/'.$configfile, 0600);
			@@ -1176,18 +1486,15 @@
			global $conf;

			//* Create the database
			if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['powerdns']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
			if(!$this->db->query('CREATE DATABASE IF NOT EXISTS ?? DEFAULT CHARACTER SET ?', $conf['powerdns']['database'], $conf['mysql']['charset'])) {
			$this->error('Unable to create MySQL database: '.$conf['powerdns']['database'].'.');
			}

			//* Create the ISPConfig database user in the local database
			$query = "GRANT ALL ON `".$conf['powerdns']['database']."` . * TO '".$conf['mysql']['ispconfig_user']."'@'localhost';";
			if(!$this->db->query($query)) {
			$query = "GRANT ALL ON ?? TO ?@'localhost'";
			if(!$this->db->query($query, $conf['powerdns']['database'] . '.*', $conf['mysql']['ispconfig_user'])) {
			$this->error('Unable to create user for powerdns database Error: '.$this->db->errorMessage);
			}

			//* Reload database privelages
			$this->db->query('FLUSH PRIVILEGES;');

			//* load the powerdns databse dump
			if($conf['mysql']['admin_password'] == '') {
			@@ -1207,12 +1514,34 @@
			$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
			$content = str_replace('{powerdns_database}', $conf['powerdns']['database'], $content);
			$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
			$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
			wf($conf['powerdns']['config_dir'].'/'.$configfile, $content);
			chmod($conf['powerdns']['config_dir'].'/'.$configfile, 0600);
			chown($conf['powerdns']['config_dir'].'/'.$configfile, 'root');
			chgrp($conf['powerdns']['config_dir'].'/'.$configfile, 'root');


			}

			//** writes bind configuration files
			public function process_bind_file($configfile, $target='/', $absolute=false) {
			global $conf;

			if ($absolute) $full_file_name = $target.$configfile;
			else $full_file_name = $conf['ispconfig_install_dir'].$target.$configfile;

			//* Backup exiting file
			if(is_file($full_file_name)) {
			copy($full_file_name, $config_dir.$configfile.'~');
			}
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
			$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
			$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
			$content = str_replace('{mysql_server_ispconfig_database}', $conf['mysql']['database'], $content);
			$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
			$content = str_replace('{ispconfig_install_dir}', $conf['ispconfig_install_dir'], $content);
			$content = str_replace('{dnssec_conffile}', $conf['ispconfig_install_dir'].'/server/scripts/dnssec-config.sh', $content);
			wf($full_file_name, $content);
			}

			public function configure_bind() {
			@@ -1226,14 +1555,136 @@

			//* Create the slave subdirectory
			$content .= 'slave';
			if(!@is_dir($content)) mkdir($content, 0770, true);
			if(!@is_dir($content)) mkdir($content, 02770, true);

			//* Chown the slave subdirectory to $conf['bind']['bind_user']
			chown($content, $conf['bind']['bind_user']);
			chgrp($content, $conf['bind']['bind_group']);

			chmod($content, 02770);

			//* Install scripts for dnssec implementation
			$this->process_bind_file('named.conf.options', '/etc/bind/', true); //TODO replace hardcoded path
			}


			public function configure_xmpp($options = '') {
			global $conf;

			if($conf['xmpp']['installed'] == false) return;
			//* Create the logging directory for xmpp server
			if(!@is_dir('/var/log/metronome')) mkdir('/var/log/metronome', 0755, true);
			chown('/var/log/metronome', 'metronome');
			if(!@is_dir('/var/run/metronome')) mkdir('/var/run/metronome', 0755, true);
			chown('/var/run/metronome', 'metronome');
			if(!@is_dir('/var/lib/metronome')) mkdir('/var/lib/metronome', 0755, true);
			chown('/var/lib/metronome', 'metronome');
			if(!@is_dir('/etc/metronome/hosts')) mkdir('/etc/metronome/hosts', 0755, true);
			if(!@is_dir('/etc/metronome/status')) mkdir('/etc/metronome/status', 0755, true);
			unlink('/etc/metronome/metronome.cfg.lua');

			$row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ?", $conf["server_id"]);
			$server_name = $row["server_name"];

			$tpl = new tpl('metronome_conf_main.master');
			wf('/etc/metronome/metronome.cfg.lua', $tpl->grab());
			unset($tpl);

			$tpl = new tpl('metronome_conf_global.master');
			$tpl->setVar('xmpp_admins','');
			wf('/etc/metronome/global.cfg.lua', $tpl->grab());
			unset($tpl);

			// Copy isp libs
			if(!@is_dir('/usr/lib/metronome/isp-modules')) mkdir('/usr/lib/metronome/isp-modules', 0755, true);
			caselog('cp -rf apps/metronome_libs/* /usr/lib/metronome/isp-modules/', __FILE__, __LINE__);
			// Process db config
			$full_file_name = '/usr/lib/metronome/isp-modules/mod_auth_external/db_conf.inc.php';
			$content = rf($full_file_name);
			$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
			$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
			$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
			$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
			$content = str_replace('{server_id}', $conf['server_id'], $content);
			wf($full_file_name, $content);

			if(!stristr($options, 'dont-create-certs')){
			// Create SSL Certificate for localhost
			echo "writing new private key to 'localhost.key'\n-----\n";
			$ssl_country = $this->free_query('Country Name (2 letter code)', 'AU');
			$ssl_locality = $this->free_query('Locality Name (eg, city)', '');
			$ssl_organisation = $this->free_query('Organization Name (eg, company)', 'Internet Widgits Pty Ltd');
			$ssl_organisation_unit = $this->free_query('Organizational Unit Name (eg, section)', '');
			$ssl_domain = $this->free_query('Common Name (e.g. server FQDN or YOUR name)', $conf['hostname']);
			$ssl_email = $this->free_query('Email Address', '');

			$tpl = new tpl('metronome_conf_ssl.master');
			$tpl->setVar('ssl_country',$ssl_country);
			$tpl->setVar('ssl_locality',$ssl_locality);
			$tpl->setVar('ssl_organisation',$ssl_organisation);
			$tpl->setVar('ssl_organisation_unit',$ssl_organisation_unit);
			$tpl->setVar('domain',$ssl_domain);
			$tpl->setVar('ssl_email',$ssl_email);
			wf('/etc/metronome/certs/localhost.cnf', $tpl->grab());
			unset($tpl);
			// Generate new key, csr and cert
			exec("(cd /etc/metronome/certs && make localhost.key)");
			exec("(cd /etc/metronome/certs && make localhost.csr)");
			exec("(cd /etc/metronome/certs && make localhost.cert)");
			exec('chmod 0400 /etc/metronome/certs/localhost.key');
			exec('chown metronome /etc/metronome/certs/localhost.key');
			}else{
			echo "-----\n";
			echo "Metronome XMPP SSL server certificate is not renewed. Run the following command manual as root to recreate it:\n";
			echo "# (cd /etc/metronome/certs && make localhost.key && make localhost.csr && make localhost.cert && chmod 0400 localhost.key && chown metronome localhost.key)\n";
			echo "-----\n";
			}

			// Copy init script
			caselog('cp -f apps/metronome-init /etc/init.d/metronome', __FILE__, __LINE__);
			caselog('chmod u+x /etc/init.d/metronome', __FILE__, __LINE__);
			caselog('update-rc.d metronome defaults', __FILE__, __LINE__);

			exec($this->getinitcommand($conf['xmpp']['init_script'], 'restart'));

			/*
			writing new private key to 'smtpd.key'
			-----
			You are about to be asked to enter information that will be incorporated
			into your certificate request.
			What you are about to enter is what is called a Distinguished Name or a DN.
			There are quite a few fields but you can leave some blank
			For some fields there will be a default value,
			If you enter '.', the field will be left blank.
			-----
			Country Name (2 letter code) [AU]:
			State or Province Name (full name) [Some-State]:
			Locality Name (eg, city) []:
			Organization Name (eg, company) [Internet Widgits Pty Ltd]:
			Organizational Unit Name (eg, section) []:
			Common Name (e.g. server FQDN or YOUR name) []:
			Email Address []:
			* */

			/*// Dont just copy over the virtualhost template but add some custom settings
			$tpl = new tpl('apache_apps.vhost.master');

			$tpl->setVar('apps_vhost_port',$conf['web']['apps_vhost_port']);
			$tpl->setVar('apps_vhost_dir',$conf['web']['website_basedir'].'/apps');
			$tpl->setVar('apps_vhost_basedir',$conf['web']['website_basedir']);
			$tpl->setVar('apps_vhost_servername',$apps_vhost_servername);
			$tpl->setVar('apache_version',getapacheversion());


			// comment out the listen directive if port is 80 or 443
			if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
			$tpl->setVar('vhost_port_listen','#');
			} else {
			$tpl->setVar('vhost_port_listen','');
			}

			wf($vhost_conf_dir.'/apps.vhost', $tpl->grab());
			unset($tpl);*/
			}


			public function configure_apache() {
			@@ -1244,7 +1695,7 @@
			if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);

			if(is_file('/etc/suphp/suphp.conf')) {
			replaceLine('/etc/suphp/suphp.conf', 'php=php:/usr/bin', 'x-httpd-suphp="php:/usr/bin/php-cgi"', 0);
			replaceLine('/etc/suphp/suphp.conf', 'php="php:/usr/bin', 'x-httpd-suphp="php:/usr/bin/php-cgi"', 0);
			//replaceLine('/etc/suphp/suphp.conf','docroot=','docroot=/var/clients',0);
			replaceLine('/etc/suphp/suphp.conf', 'umask=0077', 'umask=0022', 0);
			}
			@@ -1257,14 +1708,33 @@
			if(is_file('/etc/apache2/ports.conf')) {
			// add a line "Listen 443" to ports conf if line does not exist
			replaceLine('/etc/apache2/ports.conf', 'Listen 443', 'Listen 443', 1);

			// Comment out the namevirtualhost lines, as they were added by ispconfig in ispconfig.conf file again
			replaceLine('/etc/apache2/ports.conf', 'NameVirtualHost :80', '# NameVirtualHost :80', 1);
			replaceLine('/etc/apache2/ports.conf', 'NameVirtualHost :443', '# NameVirtualHost :443', 1);
			}

			if(is_file('/etc/apache2/mods-available/fcgid.conf')) {
			// add or modify the parameters for fcgid.conf
			replaceLine('/etc/apache2/mods-available/fcgid.conf','MaxRequestLen','MaxRequestLen 15728640',1);
			}

			if(is_file('/etc/apache2/apache.conf')) {
			if(hasLine('/etc/apache2/apache.conf', 'Include sites-enabled/', 1) == false) {
			if(hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.conf', 1) == false) {
			if(hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.conf', 1) == false && hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/', 1) == false) {
			replaceLine('/etc/apache2/apache.conf', 'Include sites-enabled/', 'Include sites-enabled/', 1, 1);
			} elseif(hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.vhost', 1) == false) {
			replaceLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/.vhost', 'IncludeOptional sites-enabled/.vhost', 1, 1);
			replaceLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.vhost', 'IncludeOptional sites-enabled/', 1, 1);
			}
			}
			}

			if(is_file('/etc/apache2/apache2.conf')) {
			if(hasLine('/etc/apache2/apache2.conf', 'Include sites-enabled/', 1) == false && hasLine('/etc/apache2/apache2.conf', 'IncludeOptional sites-enabled/', 1) == false) {
			if(hasLine('/etc/apache2/apache2.conf', 'Include sites-enabled/*.conf', 1) == true) {
			replaceLine('/etc/apache2/apache2.conf', 'Include sites-enabled/*.conf', 'Include sites-enabled/', 1, 1);
			} elseif(hasLine('/etc/apache2/apache2.conf', 'IncludeOptional sites-enabled/*.conf', 1) == true) {
			replaceLine('/etc/apache2/apache2.conf', 'IncludeOptional sites-enabled/*.conf', 'IncludeOptional sites-enabled/', 1, 1);
			}
			}
			}
			@@ -1273,11 +1743,12 @@
			$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
			$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];

			// copy('tpl/apache_ispconfig.conf.master',$vhost_conf_dir.'/ispconfig.conf');

			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig.conf.master', 'tpl/apache_ispconfig.conf.master');
			$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");

			$tpl = new tpl('apache_ispconfig.conf.master');
			$tpl->setVar('apache_version',getapacheversion());

			$records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
			$ip_addresses = array();

			if(is_array($records) && count($records) > 0) {
			foreach($records as $rec) {
			if($rec['ip_type'] == 'IPv6') {
			@@ -1290,15 +1761,17 @@
			foreach($ports as $port) {
			$port = intval($port);
			if($port > 0 && $port < 65536 && $ip_address != '') {
			$content .= 'NameVirtualHost '.$ip_address.":".$port."\n";
			$ip_addresses[] = array('ip_address' => $ip_address, 'port' => $port);
			}
			}
			}
			}
			}

			$content .= "\n";
			wf($vhost_conf_dir.'/ispconfig.conf', $content);

			if(count($ip_addresses) > 0) $tpl->setLoop('ip_adresses',$ip_addresses);

			wf($vhost_conf_dir.'/ispconfig.conf', $tpl->grab());
			unset($tpl);

			if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.conf')) {
			symlink($vhost_conf_dir.'/ispconfig.conf', $vhost_conf_enabled_dir.'/000-ispconfig.conf');
			@@ -1356,36 +1829,6 @@
			//* add a sshusers group
			$command = 'groupadd sshusers';
			if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			/*
			$row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$conf["server_id"]."");
			$ip_address = gethostbyname($row["server_name"]);
			$server_name = $row["server_name"];

			//setup proxy.conf
			$configfile = 'proxy.conf';
			if(is_file($conf["nginx"]["config_dir"].'/'.$configfile)) copy($conf["nginx"]["config_dir"].'/'.$configfile,$conf["nginx"]["config_dir"].'/'.$configfile.'~');
			if(is_file($conf["nginx"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["nginx"]["config_dir"].'/'.$configfile.'~');
			$content = rf("tpl/nginx_".$configfile.".master");
			wf($conf["nginx"]["config_dir"].'/'.$configfile,$content);
			exec('chmod 600 '.$conf["nginx"]["config_dir"].'/'.$configfile);
			exec('chown root:root '.$conf["nginx"]["config_dir"].'/'.$configfile);

			//setup conf.d/cache.conf
			$configfile = 'cache.conf';
			if(is_file($conf["nginx"]["config_dir"].'/conf.d/'.$configfile)) copy($conf["nginx"]["config_dir"].'/conf.d/'.$configfile,$conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~');
			if(is_file($conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~')) exec('chmod 400 '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~');
			$content = rf("tpl/nginx_".$configfile.".master");
			wf($conf["nginx"]["config_dir"].'/conf.d/'.$configfile,$content);
			exec('chmod 600 '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile);
			exec('chown root:root '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile);

			//setup cache directories
			mkdir('/var/cache/nginx/cache');
			exec('chown www-data:www-data /var/cache/nginx/cache');
			mkdir('/var/cache/nginx/temp');
			exec('chown www-data:www-data /var/cache/nginx/temp');
			*/
			}

			public function configure_fail2ban() {
			@@ -1395,7 +1838,7 @@
			public function configure_squid()
			{
			global $conf;
			$row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$conf["server_id"]."");
			$row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ?", $conf["server_id"]);
			$ip_address = gethostbyname($row["server_name"]);
			$server_name = $row["server_name"];

			@@ -1413,12 +1856,14 @@

			public function configure_ufw_firewall()
			{
			$configfile = 'ufw.conf';
			if(is_file('/etc/ufw/ufw.conf')) copy('/etc/ufw/ufw.conf', '/etc/ufw/ufw.conf~');
			$content = rf("tpl/".$configfile.".master");
			wf('/etc/ufw/ufw.conf', $content);
			exec('chmod 600 /etc/ufw/ufw.conf');
			exec('chown root:root /etc/ufw/ufw.conf');
			if($this->is_update == false) {
			$configfile = 'ufw.conf';
			if(is_file('/etc/ufw/ufw.conf')) copy('/etc/ufw/ufw.conf', '/etc/ufw/ufw.conf~');
			$content = rf("tpl/".$configfile.".master");
			wf('/etc/ufw/ufw.conf', $content);
			exec('chmod 600 /etc/ufw/ufw.conf');
			exec('chown root:root /etc/ufw/ufw.conf');
			}
			}

			public function configure_bastille_firewall() {
			@@ -1442,7 +1887,7 @@
			$tcp_public_services = '';
			$udp_public_services = '';

			$row = $this->db->queryOneRecord('SELECT * FROM '.$conf["mysql"]["database"].'.firewall WHERE server_id = '.intval($conf['server_id']));
			$row = $this->db->queryOneRecord('SELECT * FROM ?? WHERE server_id = ?', $conf["mysql"]["database"] . '.firewall', $conf['server_id']);

			if(trim($row['tcp_port']) != '' \|\| trim($row['udp_port']) != '') {
			$tcp_public_services = trim(str_replace(',', ' ', $row['tcp_port']));
			@@ -1454,7 +1899,7 @@

			if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) {
			$tcp_public_services .= ' '.intval($conf['apache']['vhost_port']);
			if($row['tcp_port'] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id']));
			if($row['tcp_port'] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ? WHERE server_id = ?", ',' . intval($conf['apache']['vhost_port']), $conf['server_id']);
			}

			$content = str_replace('{TCP_PUBLIC_SERVICES}', $tcp_public_services, $content);
			@@ -1527,7 +1972,8 @@
			if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


			$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
			//$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
			$command = 'usermod -a -G '.$apps_vhost_group.' '.$conf['apache']['user'];
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			if(!@is_dir($install_dir)){
			@@ -1542,25 +1988,31 @@
			$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
			$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
			$apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'':'ServerName '.$conf['web']['apps_vhost_servername'];

			//* Get the apps vhost port
			if($this->is_update == true) {
			$conf['web']['apps_vhost_port'] = get_apps_vhost_port_number();
			}

			// Dont just copy over the virtualhost template but add some custom settings
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_apps.vhost.master', 'tpl/apache_apps.vhost.master');

			$content = str_replace('{apps_vhost_ip}', $conf['web']['apps_vhost_ip'], $content);
			$content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
			$content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
			$content = str_replace('{website_basedir}', $conf['web']['website_basedir'], $content);
			$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
			$tpl = new tpl('apache_apps.vhost.master');
			$tpl->setVar('apps_vhost_ip',$conf['web']['apps_vhost_ip']);
			$tpl->setVar('apps_vhost_port',$conf['web']['apps_vhost_port']);
			$tpl->setVar('apps_vhost_dir',$conf['web']['website_basedir'].'/apps');
			$tpl->setVar('apps_vhost_basedir',$conf['web']['website_basedir']);
			$tpl->setVar('apps_vhost_servername',$apps_vhost_servername);
			$tpl->setVar('apache_version',getapacheversion());


			// comment out the listen directive if port is 80 or 443
			if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
			$content = str_replace('{vhost_port_listen}', '#', $content);
			$tpl->setVar('vhost_port_listen','#');
			} else {
			$content = str_replace('{vhost_port_listen}', '', $content);
			$tpl->setVar('vhost_port_listen','');
			}

			wf($vhost_conf_dir.'/apps.vhost', $content);
			wf($vhost_conf_dir.'/apps.vhost', $tpl->grab());
			unset($tpl);

			//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
			//* and create the symlink
			@@ -1593,7 +2045,8 @@
			if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


			$command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
			//$command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
			$command = 'usermod -a -G '.$apps_vhost_group.' '.$conf['nginx']['user'];
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			if(!@is_dir($install_dir)){
			@@ -1641,6 +2094,10 @@
			}
			$content = str_replace('{use_tcp}', $use_tcp, $content);
			$content = str_replace('{use_socket}', $use_socket, $content);

			// SSL in apps vhost is off by default. Might change later.
			$content = str_replace('{ssl_on}', 'off', $content);
			$content = str_replace('{ssl_comment}', '#', $content);

			wf($vhost_conf_dir.'/apps.vhost', $content);

			@@ -1665,7 +2122,7 @@
			}

			public function make_ispconfig_ssl_cert() {
			global $conf;
			global $conf,$autoinstall;

			$install_dir = $conf['ispconfig_install_dir'];

			@@ -1677,11 +2134,17 @@

			$ssl_pw = substr(md5(mt_rand()), 0, 6);
			exec("openssl genrsa -des3 -passout pass:$ssl_pw -out $ssl_key_file 4096");
			exec("openssl req -new -passin pass:$ssl_pw -passout pass:$ssl_pw -key $ssl_key_file -out $ssl_csr_file");
			if(AUTOINSTALL){
			exec("openssl req -new -passin pass:$ssl_pw -passout pass:$ssl_pw -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -key $ssl_key_file -out $ssl_csr_file");
			} else {
			exec("openssl req -new -passin pass:$ssl_pw -passout pass:$ssl_pw -key $ssl_key_file -out $ssl_csr_file");
			}
			exec("openssl req -x509 -passin pass:$ssl_pw -passout pass:$ssl_pw -key $ssl_key_file -in $ssl_csr_file -out $ssl_crt_file -days 3650");
			exec("openssl rsa -passin pass:$ssl_pw -in $ssl_key_file -out $ssl_key_file.insecure");
			rename($ssl_key_file, $ssl_key_file.'.secure');
			rename($ssl_key_file.'.insecure', $ssl_key_file);

			exec('chown -R root:root /usr/local/ispconfig/interface/ssl');

			}

			@@ -1710,6 +2173,31 @@
			//* copy the ISPConfig server part
			$command = 'cp -rf ../server '.$install_dir;
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			//* Make a backup of the security settings
			if(is_file('/usr/local/ispconfig/security/security_settings.ini')) copy('/usr/local/ispconfig/security/security_settings.ini','/usr/local/ispconfig/security/security_settings.ini~');

			//* copy the ISPConfig security part
			$command = 'cp -rf ../security '.$install_dir;
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			//* Apply changed security_settings.ini values to new security_settings.ini file
			if(is_file('/usr/local/ispconfig/security/security_settings.ini~')) {
			$security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~'));
			$security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini'));
			if(is_array($security_settings_new) && is_array($security_settings_old)) {
			foreach($security_settings_new as $section => $sval) {
			if(is_array($sval)) {
			foreach($sval as $key => $val) {
			if(isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) {
			$security_settings_new[$section][$key] = $security_settings_old[$section][$key];
			}
			}
			}
			}
			file_put_contents('/usr/local/ispconfig/security/security_settings.ini',array_to_ini($security_settings_new));
			}
			}

			//* Create a symlink, so ISPConfig is accessible via web
			// Replaced by a separate vhost definition for port 8080
			@@ -1726,11 +2214,13 @@
			$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
			$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
			$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
			$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);

			$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
			$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
			$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
			$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
			$content = str_replace('{mysql_master_server_port}', $conf['mysql']['master_port'], $content);

			$content = str_replace('{server_id}', $conf['server_id'], $content);
			$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
			@@ -1751,11 +2241,13 @@
			$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
			$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
			$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
			$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);

			$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
			$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
			$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
			$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
			$content = str_replace('{mysql_master_server_port}', $conf['mysql']['master_port'], $content);

			$content = str_replace('{server_id}', $conf['server_id'], $content);
			$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
			@@ -1840,23 +2332,48 @@
			$vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
			$proxy_server_enabled = ($conf['services']['proxy'])?1:0;
			$firewall_server_enabled = ($conf['services']['firewall'])?1:0;
			$xmpp_server_enabled = ($conf['services']['xmpp'])?1:0;

			$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled', proxy_server = '$proxy_server_enabled', firewall_server = '$firewall_server_enabled' WHERE server_id = ".intval($conf['server_id']);
			$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled', proxy_server = '$proxy_server_enabled', firewall_server = '$firewall_server_enabled', xmpp_server = '.$xmpp_server_enabled.' WHERE server_id = ?";

			$this->db->query($sql, $conf['server_id']);
			if($conf['mysql']['master_slave_setup'] == 'y') {
			$this->dbmaster->query($sql);
			$this->db->query($sql);
			} else {
			$this->db->query($sql);
			$this->dbmaster->query($sql, $conf['server_id']);
			}


			//* Chmod the files
			$command = 'chmod -R 750 '.$install_dir;
			// chown install dir to root and chmod 755
			$command = 'chown root:root '.$install_dir;
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
			$command = 'chmod 755 '.$install_dir;
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			//* chown the files to the ispconfig user and group
			$command = 'chown -R ispconfig:ispconfig '.$install_dir;
			//* Chmod the files and directories in the install dir
			$command = 'chmod -R 750 '.$install_dir.'/*';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			//* chown the interface files to the ispconfig user and group
			$command = 'chown -R ispconfig:ispconfig '.$install_dir.'/interface';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			//* chown the server files to the root user and group
			$command = 'chown -R root:root '.$install_dir.'/server';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			//* chown the security files to the root user and group
			$command = 'chown -R root:root '.$install_dir.'/security';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			//* chown the security directory and security_settings.ini to root:ispconfig
			$command = 'chown root:ispconfig '.$install_dir.'/security/security_settings.ini';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
			$command = 'chown root:ispconfig '.$install_dir.'/security';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
			$command = 'chown root:ispconfig '.$install_dir.'/security/ids.whitelist';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
			$command = 'chown root:ispconfig '.$install_dir.'/security/ids.htmlfield';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
			$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			//* Make the global language file directory group writable
			@@ -1909,6 +2426,8 @@
			exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
			exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
			}

			exec('chown -R root:root /usr/local/ispconfig/interface/ssl');

			// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
			// and must be fixed as this will allow the apache user to read the ispconfig files.
			@@ -1934,36 +2453,42 @@
			$command = "chmod +x $install_dir/server/scripts/*.sh";
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

			if ($this->install_ispconfig_interface == true && isset($conf['interface_password']) && $conf['interface_password']!='admin') {
			$sql = "UPDATE sys_user SET passwort = md5(?) WHERE username = 'admin';";
			$this->db->query($sql, $conf['interface_password']);
			}

			if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
			//* Copy the ISPConfig vhost for the controlpanel
			$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
			$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];

			// Dont just copy over the virtualhost template but add some custom settings
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig.vhost.master', 'tpl/apache_ispconfig.vhost.master');
			$content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);
			$tpl = new tpl('apache_ispconfig.vhost.master');
			$tpl->setVar('vhost_port',$conf['apache']['vhost_port']);

			// comment out the listen directive if port is 80 or 443
			if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
			$content = str_replace('{vhost_port_listen}', '#', $content);
			$tpl->setVar('vhost_port_listen','#');
			} else {
			$content = str_replace('{vhost_port_listen}', '', $content);
			$tpl->setVar('vhost_port_listen','');
			}

			if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
			$content = str_replace('{ssl_comment}', '', $content);
			$tpl->setVar('ssl_comment','');
			} else {
			$content = str_replace('{ssl_comment}', '#', $content);
			$tpl->setVar('ssl_comment','#');
			}
			if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) {
			$content = str_replace('{ssl_bundle_comment}', '', $content);
			$tpl->setVar('ssl_bundle_comment','');
			} else {
			$content = str_replace('{ssl_bundle_comment}', '#', $content);
			$tpl->setVar('ssl_bundle_comment','#');
			}

			$tpl->setVar('apache_version',getapacheversion());

			wf($vhost_conf_dir.'/ispconfig.vhost', $content);
			wf($vhost_conf_dir.'/ispconfig.vhost', $tpl->grab());

			//copy('tpl/apache_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
			//* and create the symlink
			if($this->is_update == false) {
			if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
			@@ -2098,8 +2623,21 @@

			//* Remove Domain module as its functions are available in the client module now
			if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');



			//* Disable rkhunter run and update in debian cronjob as ispconfig is running and updating rkhunter
			if(is_file('/etc/default/rkhunter')) {
			replaceLine('/etc/default/rkhunter', 'CRON_DAILY_RUN="yes"', 'CRON_DAILY_RUN="no"', 1, 0);
			replaceLine('/etc/default/rkhunter', 'CRON_DB_UPDATE="yes"', 'CRON_DB_UPDATE="no"', 1, 0);
			}

			// Add symlink for patch tool
			if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');

			// Change mode of a few files from amavisd
			if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);
			if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
			if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
			if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);
			}

			public function configure_dbserver() {
			@@ -2119,7 +2657,7 @@
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mysql_clientdb.conf.master', 'tpl/mysql_clientdb.conf.master');
			$content = str_replace('{hostname}', $conf['mysql']['host'], $content);
			$content = str_replace('{username}', $conf['mysql']['admin_user'], $content);
			$content = str_replace('{password}', $conf['mysql']['admin_password'], $content);
			$content = str_replace('{password}', addslashes($conf['mysql']['admin_password']), $content);
			wf($install_dir.'/server/lib/mysql_clientdb.conf', $content);
			chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
			chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
			@@ -2142,8 +2680,8 @@
			}

			$root_cron_jobs = array(
			"* * * * * ".$install_dir."/server/server.sh 2>&1 > /dev/null \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done",
			"30 00 * * * ".$install_dir."/server/cron_daily.sh 2>&1 > /dev/null \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done"
			"* * * * * ".$install_dir."/server/server.sh 2>&1 \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done",
			"* * * * * ".$install_dir."/server/cron.sh 2>&1 \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done"
			);

			if ($conf['nginx']['installed'] == true) {
			@@ -2188,17 +2726,63 @@
			chmod($conf['ispconfig_log_dir'].'/cron.log', 0660);

			}

			public function create_mount_script(){
			global $app, $conf;
			$mount_script = '/usr/local/ispconfig/server/scripts/backup_dir_mount.sh';
			$mount_command = '';

			if(is_file($mount_script)) return;
			if(is_file('/etc/rc.local')){
			$rc_local = file('/etc/rc.local');
			if(is_array($rc_local) && !empty($rc_local)){
			foreach($rc_local as $line){
			$line = trim($line);
			if(substr($line, 0, 1) == '#') continue;
			if(strpos($line, 'sshfs') !== false && strpos($line, '/var/backup') !== false){
			$mount_command = "#!/bin/sh\n\n";
			$mount_command .= $line."\n\n";
			file_put_contents($mount_script, $mount_command);
			chmod($mount_script, 0755);
			chown($mount_script, 'root');
			chgrp($mount_script, 'root');
			break;
			}
			}
			}
			}
			}

			// This function is called at the end of the update process and contains code to clean up parts of old ISPCONfig releases
			public function cleanup_ispconfig() {
			global $app,$conf;

			// Remove directories recursively
			if(is_dir('/usr/local/ispconfig/interface/web/designer')) exec('rm -rf /usr/local/ispconfig/interface/web/designer');
			if(is_dir('/usr/local/ispconfig/interface/web/themes/default-304')) exec('rm -rf /usr/local/ispconfig/interface/web/themes/default-304');

			// Remove files
			if(is_file('/usr/local/ispconfig/interface/lib/classes/db_firebird.inc.php')) unlink('/usr/local/ispconfig/interface/lib/classes/db_firebird.inc.php');
			if(is_file('/usr/local/ispconfig/interface/lib/classes/form.inc.php')) unlink('/usr/local/ispconfig/interface/lib/classes/form.inc.php');

			// Change mode of a few files from amavisd
			if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);
			if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
			if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
			if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);

			}

			public function getinitcommand($servicename, $action, $init_script_directory = ''){
			global $conf;
			// systemd
			if(is_executable('/bin/systemd')){
			return 'systemctl '.$action.' '.$servicename.'.service';
			}
			// upstart
			if(is_executable('/sbin/initctl')){
			exec('/sbin/initctl version 2>/dev/null \| /bin/grep -q upstart', $retval['output'], $retval['retval']);
			if(intval($retval['retval']) == 0) return 'service '.$servicename.' '.$action;
			}
			// systemd
			if(is_executable('/bin/systemd') \|\| is_executable('/usr/bin/systemctl')){
			return 'systemctl '.$action.' '.$servicename.'.service';
			}
			// sysvinit
			if($init_script_directory == '') $init_script_directory = $conf['init_scripts'];
			@@ -2317,6 +2901,7 @@
			$tContents = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $tContents);
			$tContents = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $tContents);
			$tContents = str_replace('{mysql_server_host}', $conf['mysql']['host'], $tContents);
			$tContents = str_replace('{mysql_server_port}', $conf['mysql']['port'], $tContents);
			$tContents = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $tContents);

			return $tContents;