Merge branch 'stable-3.0.5'

Marius Cramer

2015-05-13 72773a6744609fdbc3bf39f58f073b05bd074c70

Merge branch 'stable-3.0.5'

Conflicts:
	install/dist/lib/fedora.lib.php
	install/dist/lib/opensuse.lib.php
	install/lib/installer_base.lib.php
	install/sql/ispconfig3.sql
	install/tpl/config.inc.php.master
	interface/lib/classes/aps_crawler.inc.php
	interface/lib/classes/auth.inc.php
	interface/lib/classes/plugin_backuplist.inc.php
	interface/lib/config.inc.php
	interface/lib/plugins/mail_user_filter_plugin.inc.php
	interface/web/login/password_reset.php
	interface/web/sites/templates/web_backup_list.htm
	interface/web/sites/webdav_user_edit.php
	interface/web/themes/blue/ispconfig_version
	server/plugins-available/backup_plugin.inc.php
	server/plugins-available/shelluser_base_plugin.inc.php

 install/dist/conf/centos70.conf.php

@@ -171,9 +171,9 @@
$conf['bind']['installed'] = false; // will be detected automatically during installation
$conf['bind']['bind_user'] = 'named';
$conf['bind']['bind_group'] = 'named';
$conf['bind']['bind_zonefiles_dir'] = '/var/named/chroot/var/named/';
$conf['bind']['named_conf_path'] = '/var/named/chroot/etc/named.conf';
$conf['bind']['named_conf_local_path'] = '/var/named/chroot/var/named/named.local';
$conf['bind']['bind_zonefiles_dir'] = '/var/named';
$conf['bind']['named_conf_path'] = '/etc/named.conf';
$conf['bind']['named_conf_local_path'] = '/etc/named.conf.local';
$conf['bind']['init_script'] = 'named';

//* Jailkit

 install/dist/lib/fedora.lib.php

@@ -679,7 +679,7 @@

        //* Chown the slave subdirectory to $conf['bind']['bind_user']
        exec('chown '.$conf['bind']['bind_user'].':'.$conf['bind']['bind_group'].' '.$content);
        exec('chmod 770 '.$content);
        exec('chmod 2770 '.$content);

    }


 install/dist/lib/opensuse.lib.php

@@ -1406,7 +1406,6 @@
        if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
        if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
        if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);

    }

}

 install/lib/install.lib.php

@@ -181,6 +181,12 @@
            $distid = 'debian60';
            $distbaseid = 'debian';
            swriteln("Operating System: Debian 7.0 (Wheezy/Sid) or compatible\n");
        } elseif(strstr(trim(file_get_contents('/etc/debian_version')), '8') || substr(trim(file_get_contents('/etc/debian_version')),0,1) == '8') {
            $distname = 'Debian';
            $distver = 'Jessie';
            $distid = 'debian60';
            $distbaseid = 'debian';
            swriteln("Operating System: Debian 8.0 (Jessie) or compatible\n");
        } else {
            $distname = 'Debian';
            $distver = 'Unknown';

 install/lib/installer_base.lib.php

@@ -1321,11 +1321,12 @@

        //* Create the slave subdirectory
        $content .= 'slave';
        if(!@is_dir($content)) mkdir($content, 0770, true);
        if(!@is_dir($content)) mkdir($content, 2770, true);

        //* Chown the slave subdirectory to $conf['bind']['bind_user']
        chown($content, $conf['bind']['bind_user']);
        chgrp($content, $conf['bind']['bind_group']);
        chmod($content, 2770);

    }

@@ -2386,8 +2387,6 @@
        if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
        if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
        if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);
		
		
    }

    public function configure_dbserver() {

 interface/lib/classes/aps_crawler.inc.php

@@ -460,6 +460,7 @@
                    }
                }
                //var_dump($apps);
                //echo print_r($apps_to_dl).'<br>-------------------<br>';

                // For memory reasons, unset the current vendor and his apps
                unset($apps);

 interface/lib/classes/plugin_backuplist.inc.php

@@ -100,7 +100,7 @@
        }

        //* Get the data
        $server_ids = array_unique($server_ids);
        $server_ids = array();
        $web = $app->db->queryOneRecord("SELECT server_id FROM web_domain WHERE domain_id = ?", $this->form->id);
        $databases = $app->db->queryAllRecords("SELECT server_id FROM web_database WHERE parent_domain_id = ?", $this->form->id);
        if($app->functions->intval($web['server_id']) > 0) $server_ids[] = $app->functions->intval($web['server_id']);

 interface/lib/plugins/mail_user_filter_plugin.inc.php

@@ -135,41 +135,69 @@
            $content .= '### BEGIN FILTER_ID:'.$page_form->id."\n";

            //$content .= 'require ["fileinto", "regex", "vacation"];'."\n";
			
            if($page_form->dataRecord["op"] == 'domain') {
                $content .= 'if address :domain :is "'.strtolower($page_form->dataRecord["source"]).'" "'.$page_form->dataRecord["searchterm"].'" {'."\n";
            } elseif ($page_form->dataRecord["op"] == 'localpart') {
                $content .= 'if address :localpart :is "'.strtolower($page_form->dataRecord["source"]).'" "'.$page_form->dataRecord["searchterm"].'" {'."\n";
            } elseif ($page_form->dataRecord["source"] == 'Size') {
                if(substr(trim($page_form->dataRecord["searchterm"]),-1) == 'k' || substr(trim($page_form->dataRecord["searchterm"]),-1) == 'K') {
                    $unit = 'k';
                } else {
                    $unit = 'm';
                }
                $content .= 'if size :over '.intval($page_form->dataRecord["searchterm"]).$unit.' {'."\n";
            } else {
			
                if($page_form->dataRecord["source"] == 'Header') {
                    $parts = explode(':',trim($page_form->dataRecord["searchterm"]));
                    $page_form->dataRecord["source"] = trim($parts[0]);
                    unset($parts[0]);
                    $page_form->dataRecord["searchterm"] = trim(implode(':',$parts));
                    unset($parts);
                }

            $content .= 'if header :regex    ["'.strtolower($page_form->dataRecord["source"]).'"] ["';
                $content .= 'if header :regex    ["'.strtolower($page_form->dataRecord["source"]).'"] ["';

            $searchterm = preg_quote($page_form->dataRecord["searchterm"]);
            $searchterm = str_replace(
                array(
                    '"',
                    '\\[',
                    '\\]'
                ),
                array(
                    '\\"',
                    '\\\\[',
                    '\\\\]'
                ), $searchterm);
                $searchterm = preg_quote($page_form->dataRecord["searchterm"]);
                $searchterm = str_replace(
                    array(
                        '"',
                        '\\[',
                        '\\]'
                    ),
                    array(
                        '\\"',
                        '\\\\[',
                        '\\\\]'
                    ), $searchterm);

            if($page_form->dataRecord["op"] == 'contains') {
                $content .= ".*".$searchterm;
            } elseif ($page_form->dataRecord["op"] == 'is') {
                $content .= "^".$searchterm."$";
            } elseif ($page_form->dataRecord["op"] == 'begins') {
                $content .= "^".$searchterm.".*";
            } elseif ($page_form->dataRecord["op"] == 'ends') {
                $content .= ".*".$searchterm."$";
                if($page_form->dataRecord["op"] == 'contains') {
                    $content .= ".*".$searchterm;
                } elseif ($page_form->dataRecord["op"] == 'is') {
                    $content .= "^".$searchterm."$";
                } elseif ($page_form->dataRecord["op"] == 'begins') {
                    $content .= " ".$searchterm."";
                } elseif ($page_form->dataRecord["op"] == 'ends') {
                    $content .= ".*".$searchterm."$";
                }

                $content .= '"] {'."\n";
            }

            $content .= '"] {'."\n";

            if($page_form->dataRecord["action"] == 'move') {
                $content .= '    fileinto "'.$page_form->dataRecord["target"].'";' . "\n";
                $content .= '    fileinto "'.$page_form->dataRecord["target"].'";' . "\n    stop;\n";
            } elseif ($page_form->dataRecord["action"] == 'keep') {
                $content .= "    keep;\n";
            } elseif ($page_form->dataRecord["action"] == 'stop') {
                $content .= "    stop;\n";
            } elseif ($page_form->dataRecord["action"] == 'reject') {
                $content .= '    reject "'.$page_form->dataRecord["target"].'";    stop;\n\n';
            } else {
                $content .= "    discard;\n";
                $content .= "    discard;\n    stop;\n";
            }

            $content .= "    stop;\n}\n";
            $content .= "}\n";

            $content .= '### END FILTER_ID:'.$page_form->id."\n";


 interface/web/sites/webdav_user_edit.php

@@ -137,6 +137,15 @@

            /* restrict the names */
            $this->dataRecord['username'] = $webdavuser_prefix . $this->dataRecord['username'];

            /*
            *  Get the data of the domain, owning the webdav user
            */
            $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($this->dataRecord["parent_domain_id"]));
            /* The server is the server of the domain */
            $this->dataRecord["server_id"] = $web["server_id"];
            /* The Webdav user shall be owned by the same group then the website */
            $this->dataRecord["sys_groupid"] = $web['sys_groupid'];
        }

        parent::onBeforeInsert();
@@ -159,7 +168,6 @@
        
        $sql = "UPDATE webdav_user SET server_id = ?, sys_groupid = ?, password = ? WHERE webdav_user_id = ?";
        $app->db->query($sql, $server_id, $sys_groupid, $this->dataRecord["password"], $this->id);
		
    }

    function onBeforeUpdate() {

 server/lib/classes/monitor_tools.inc.php

@@ -152,6 +152,11 @@
                $distver = 'Wheezy/Sid';
                $distid = 'debian60';
                $distbaseid = 'debian';
            } elseif(strstr(trim(file_get_contents('/etc/debian_version')), '8') || substr(trim(file_get_contents('/etc/debian_version')),0,1) == '8') {
                $distname = 'Debian';
                $distver = 'Jessie';
                $distid = 'debian60';
                $distbaseid = 'debian';
            } else {
                $distname = 'Debian';
                $distver = 'Unknown';

 server/plugins-available/bind_plugin.inc.php

@@ -117,7 +117,7 @@

            //TODO : change this when distribution information has been integrated into server record
            if (file_exists('/etc/gentoo-release')) {
                $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($zone['origin'], 0, -1)));
                $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($zone['origin'], 0, -1)));
            }
            else {
                $filename = escapeshellcmd($dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($zone['origin'], 0, -1)));
@@ -151,7 +151,7 @@
        if($data['old']['origin'] != $data['new']['origin']) {
            //TODO : change this when distribution information has been integrated into server record
            if (file_exists('/etc/gentoo-release')) {
                $filename = $dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
                $filename = $dns_config['bind_zonefiles_dir'].'/pri/'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));
            }
            else {
                $filename = $dns_config['bind_zonefiles_dir'].'/pri.'.str_replace("/", "_", substr($data['old']['origin'], 0, -1));

 server/plugins-available/shelluser_base_plugin.inc.php

@@ -103,14 +103,27 @@
            if($uid > $this->min_uid) {
                //* Remove webfolder protection
                $app->system->web_folder_protection($web['document_root'], false);

                if(!is_dir($data['new']['dir'])){
                    $app->file->mkdirs(escapeshellcmd($data['new']['dir']), '0700');
                    $app->system->chown(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['username']));
                    $app->system->chgrp(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['pgroup']));
				
                //* Home directory of the new shell user
                if($data['new']['chroot'] == 'jailkit') {
                    $homedir = $data['new']['dir'];
                } else {
                    $homedir = $data['new']['dir'].'/home/'.$data['new']['username'];
                }
				
                if(!is_dir($data['new']['dir'].'/home')){
                    $app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0750');
                    $app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['puser']));
                    $app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['pgroup']));
                }
				
                if(!is_dir($homedir)){
                    $app->file->mkdirs(escapeshellcmd($homedir), '0750');
                    $app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser']));
                    $app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup']));
                }
                $command = 'useradd';
                $command .= ' -d '.escapeshellcmd($data['new']['dir']);
                $command .= ' -d '.escapeshellcmd($homedir);
                $command .= ' -g '.escapeshellcmd($data['new']['pgroup']);
                $command .= ' -o '; // non unique
                if($data['new']['password'] != '') $command .= ' -p '.escapeshellcmd($data['new']['password']);
@@ -129,10 +142,10 @@
                $this->_setup_ssh_rsa();

                //* Create .bash_history file
                $app->system->touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
                $app->system->chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
                $app->system->chown(escapeshellcmd($data['new']['dir']).'/.bash_history', $data['new']['username']);
                $app->system->chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history', $data['new']['pgroup']);
                $app->system->touch(escapeshellcmd($homedir).'/.bash_history');
                $app->system->chmod(escapeshellcmd($homedir).'/.bash_history', 0755);
                $app->system->chown(escapeshellcmd($homedir).'/.bash_history', $data['new']['username']);
                $app->system->chgrp(escapeshellcmd($homedir).'/.bash_history', $data['new']['pgroup']);

                //* Disable shell user temporarily if we use jailkit
                if($data['new']['chroot'] == 'jailkit') {
@@ -185,6 +198,16 @@
            // Get the UID of the parent user
            $uid = intval($app->system->getuid($data['new']['puser']));
            if($uid > $this->min_uid) {
				
                //* Home directory of the shell user
                if($data['new']['chroot'] == 'jailkit') {
                    $homedir = $data['new']['dir'];
                    $homedir_old = $data['old']['dir'];
                } else {
                    $homedir = $data['new']['dir'].'/home/'.$data['new']['username'];
                    $homedir_old = $data['old']['dir'].'/home/'.$data['old']['username'];
                }
				
                // Check if the user that we want to update exists, if not, we insert it
                if($app->system->is_user($data['old']['username'])) {
                    /*
@@ -202,12 +225,32 @@
                    $app->log("Executed command: $command ",LOGLEVEL_DEBUG);
                    */
                    //$groupinfo = $app->system->posix_getgrnam($data['new']['pgroup']);
                    if($data['new']['dir'] != $data['old']['dir'] && !is_dir($data['new']['dir'])){
                        $app->file->mkdirs(escapeshellcmd($data['new']['dir']), '0700');
                        $app->system->chown(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['username']));
                        $app->system->chgrp(escapeshellcmd($data['new']['dir']),escapeshellcmd($data['new']['pgroup']));
                    if($homedir != $homedir_old && !is_dir($homedir)){
                        $app->system->web_folder_protection($web['document_root'], false);
                        if(!is_dir($data['new']['dir'].'/home')){
                            $app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0750');
                            $app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['puser']));
                            $app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['pgroup']));
                        }
                        $app->file->mkdirs(escapeshellcmd($homedir), '0750');
                        $app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['username']));
                        $app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup']));
                        $app->system->web_folder_protection($web['document_root'], true);
                    } else {
                        if(!is_dir($homedir)){
                            $app->system->web_folder_protection($web['document_root'], false);
                            if(!is_dir($data['new']['dir'].'/home')){
                                $app->file->mkdirs(escapeshellcmd($data['new']['dir'].'/home'), '0750');
                                $app->system->chown(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['puser']));
                                $app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['pgroup']));
                            }
                            $app->file->mkdirs(escapeshellcmd($homedir), '0750');
                            $app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser']));
                            $app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup']));
                            $app->system->web_folder_protection($web['document_root'], true);
                        }
                    }
                    $app->system->usermod($data['old']['username'], 0, $app->system->getgid($data['new']['pgroup']), $data['new']['dir'], $data['new']['shell'], $data['new']['password'], $data['new']['username']);
                    $app->system->usermod($data['old']['username'], 0, $app->system->getgid($data['new']['pgroup']), $homedir, $data['new']['shell'], $data['new']['password'], $data['new']['username']);
                    $app->log("Updated shelluser: ".$data['old']['username'], LOGLEVEL_DEBUG);

                    // call the ssh-rsa update function
@@ -218,10 +261,10 @@

                    //* Create .bash_history file
                    if(!is_file($data['new']['dir']).'/.bash_history') {
                        $app->system->touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
                        $app->system->chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
                        $app->system->chown(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['username']));
                        $app->system->chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['pgroup']));
                        $app->system->touch(escapeshellcmd($homedir).'/.bash_history');
                        $app->system->chmod(escapeshellcmd($homedir).'/.bash_history', 0755);
                        $app->system->chown(escapeshellcmd($homedir).'/.bash_history', escapeshellcmd($data['new']['username']));
                        $app->system->chgrp(escapeshellcmd($homedir).'/.bash_history', escapeshellcmd($data['new']['pgroup']));
                    }

                } else {
@@ -239,7 +282,7 @@
    function delete($event_name, $data) {
        global $app, $conf;

        $app->uses('system,getconf');
        $app->uses('system,getconf,services');
        
        $security_config = $app->getconf->get_security_config('permissions');
        if($security_config['allow_shell_user'] != 'yes') {
@@ -251,16 +294,22 @@
            // Get the UID of the user
            $userid = intval($app->system->getuid($data['old']['username']));
            if($userid > $this->min_uid) {
                $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($data['old']['parent_domain_id']));
					
                // check if we have to delete the dir
                $check = $app->db->queryOneRecord('SELECT shell_user_id FROM `shell_user` WHERE `dir` = ?', $data['old']['dir']);
                if(!$check && is_dir($data['old']['dir'])) {
                    
                    $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $data['old']['parent_domain_id']);
					
                    $app->system->web_folder_protection($web['document_root'], false);
                    
                    // delete dir
                    $homedir = $data['old']['dir'];
                    if($data['new']['chroot'] == 'jailkit') {
                        $homedir = $data['old']['dir'];
                    } else {
                        $homedir = $data['old']['dir'].'/home/'.$data['old']['username'];
                    }
				
                    if(substr($homedir, -1) !== '/') $homedir .= '/';
                    $files = array('.bash_logout', '.bash_history', '.bashrc', '.profile');
                    $dirs = array('.ssh', '.cache');
@@ -292,10 +341,33 @@
                
                // We delete only non jailkit users, jailkit users will be deleted by the jailkit plugin.
                if ($data['old']['chroot'] != "jailkit") {
                    // if this web uses PHP-FPM, that PPH-FPM service must be stopped before we can delete this user
                    if($web['php'] == 'php-fpm'){
                        if(trim($web['fastcgi_php_version']) != ''){
                            $default_php_fpm = false;
                            list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($web['fastcgi_php_version']));
                        } else {
                            $default_php_fpm = true;
                        }
                        $web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
                        if(!$default_php_fpm){
                            $app->services->restartService('php-fpm', 'stop:'.$custom_php_fpm_init_script);
                        } else {
                            $app->services->restartService('php-fpm', 'stop:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
                        }
                    }
                    $command = 'killall -u '.escapeshellcmd($data['old']['username']).' ; userdel -f';
                    $command .= ' '.escapeshellcmd($data['old']['username']).' &> /dev/null';
                    exec($command);
                    $app->log("Deleted shelluser: ".$data['old']['username'], LOGLEVEL_DEBUG);
                    // start PHP-FPM again
                    if($web['php'] == 'php-fpm'){
                        if(!$default_php_fpm){
                            $app->services->restartService('php-fpm', 'start:'.$custom_php_fpm_init_script);
                        } else {
                            $app->services->restartService('php-fpm', 'start:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
                        }
                    }
                }

            } else {