From cb8c86a5eb7b70feb29a2ef7503aae497d40bf57 Mon Sep 17 00:00:00 2001
From: wyrie <wyrie@ispconfig3>
Date: Wed, 02 Dec 2009 06:57:59 -0500
Subject: [PATCH] Implemented: FS#973 - Gentoo support for installer. Fixed FS#974 - Directory mode for firewall configuration
---
install/install.php | 4
install/lib/installer_base.lib.php | 117 +++++
install/lib/install.lib.php | 14
install/dist/lib/gentoo.lib.php | 728 +++++++++++++++++++++++++++++++++
install/dist/tpl/gentoo/amavisd-ispconfig.conf.master | 98 ++++
install/dist/conf/gentoo.conf.php | 169 +++++--
install/dist/tpl/gentoo/jk_init.ini.master | 154 +++++++
install/dist/tpl/gentoo/apache_ispconfig.conf.master | 16
8 files changed, 1,249 insertions(+), 51 deletions(-)
diff --git a/install/dist/conf/gentoo.conf.php b/install/dist/conf/gentoo.conf.php
index 95cf32a..71a1413 100644
--- a/install/dist/conf/gentoo.conf.php
+++ b/install/dist/conf/gentoo.conf.php
@@ -31,85 +31,162 @@
//*** Gentoo default settings
//* Main
-$dist['init_scripts'] = '/etc/init.d';
-$dist['runlevel'] = '/etc';
-$dist['shells'] = '/etc/shells';
-$dist['cron_tab'] = '/var/spool/cron/crontabs/root';
-$dist['pam'] = '/etc/pam.d';
+$conf['language'] = 'en';
+$conf['distname'] = 'gentoo-1.12.11.1';
+$conf['hostname'] = 'server1.domain.tld'; // Full hostname
+$conf['ispconfig_install_dir'] = '/usr/local/ispconfig';
+$conf['ispconfig_config_dir'] = '/usr/local/ispconfig';
+$conf['ispconfig_log_priority'] = 2; // 0 = Debug, 1 = Warning, 2 = Error
+$conf['server_id'] = 1;
+$conf['init_scripts'] = '/etc/init.d';
+$conf['runlevel'] = '/etc';
+$conf['shells'] = '/etc/shells';
+$conf['cron_tab'] = '/var/spool/cron/crontabs/root';
+$conf['pam'] = '/etc/pam.d';
+
+//* Services provided by this server, this selection will be overridden by the expert mode
+$conf['services']['mail'] = true;
+$conf['services']['web'] = true;
+$conf['services']['dns'] = true;
+$conf['services']['file'] = true;
+$conf['services']['db'] = true;
+$conf['services']['vserver'] = true;
//* MySQL
-$dist['mysql']['init_script'] = 'mysql';
+$conf['mysql']['installed'] = false; // will be detected automatically during installation
+$conf['mysql']['init_script'] = 'mysql';
+$conf['mysql']['host'] = 'localhost';
+$conf['mysql']['ip'] = '127.0.0.1';
+$conf['mysql']['port'] = '3306';
+$conf['mysql']['database'] = 'dbispconfig';
+$conf['mysql']['admin_user'] = 'root';
+$conf['mysql']['admin_password'] = '';
+$conf['mysql']['charset'] = 'utf8';
+$conf['mysql']['ispconfig_user'] = 'ispconfig';
+$conf['mysql']['ispconfig_password'] = md5 (uniqid (rand()));
+$conf['mysql']['master_slave_setup'] = 'n';
+$conf['mysql']['master_host'] = '';
+$conf['mysql']['master_database'] = 'dbispconfig';
+$conf['mysql']['master_admin_user'] = 'root';
+$conf['mysql']['master_admin_password'] = '';
+$conf['mysql']['master_ispconfig_user'] = '';
+$conf['mysql']['master_ispconfig_password'] = md5 (uniqid (rand()));
+
+//* SuPHP
+$conf['suphp']['config_file'] = '/etc/suphp.conf';
//* Apache
-$dist['apache']['user'] = 'apache';
-$dist['apache']['group'] = 'apache';
-$dist['apache']['init_script'] = 'apache2';
-$dist['apache']['version'] = '2.2';
-$dist['apache']['vhost_dist_dir'] = '/etc/apache2/vhosts.d';
-$dist['apache']['vhost_dist_enabled_dir'] = '/etc/apache2/vhosts.d';
+$conf['apache']['installed'] = false; // will be detected automatically during installation
+$conf['apache']['user'] = 'apache';
+$conf['apache']['group'] = 'apache';
+$conf['apache']['init_script'] = 'apache2';
+$conf['apache']['version'] = '2.2';
+$conf['apache']['config_dir'] = '/etc/apache2';
+$conf['apache']['config_file'] = $conf['apache']['config_dir'] .'/httpd.conf';
+$conf['apache']['ssl_dir'] = $conf['apache']['config_dir'] .'/ssl';
+$conf['apache']['vhost_conf_dir'] = $conf['apache']['config_dir'] . '/vhosts.d';
+$conf['apache']['vhost_conf_enabled_dir'] = $conf['apache']['vhost_conf_dir'];
+$conf['apache']['vhost_default'] = '00_default_vhost.conf';
$conf['apache']['vhost_port'] = '8080';
+//* Website base settings
+$conf['web']['website_basedir'] = '/var/www';
+$conf['web']['website_path'] = '/var/www/clients/client[client_id]/web[website_id]';
+$conf['web']['website_symlinks'] = '/var/www/[website_domain]/:/var/www/clients/client[client_id]/[website_domain]/';
+
+//* Apps base settings
+$conf['web']['apps_vhost_ip'] = '_default_';
+$conf['web']['apps_vhost_port'] = '8081';
+$conf['web']['apps_vhost_servername'] = '';
+$conf['web']['apps_vhost_user'] = 'ispapps';
+$conf['web']['apps_vhost_group'] = 'ispapps';
+
+//* Fastcgi
+$conf['fastcgi']['fastcgi_phpini_path'] = '/etc/php5/cgi/';
+$conf['fastcgi']['fastcgi_starter_path'] = '/var/www/php-fcgi-scripts/[system_user]/';
+
//* Postfix
-$dist['postfix']['config_dir'] = '/etc/postfix';
-$dist['postfix']['init_script'] = 'postfix';
-$dist['postfix']['user'] = 'postfix';
-$dist['postfix']['group'] = 'postfix';
-$dist['postfix']['vmail_userid'] = '5000';
-$dist['postfix']['vmail_username'] = 'vmail';
-$dist['postfix']['vmail_groupid'] = '5000';
-$dist['postfix']['vmail_groupname'] = 'vmail';
-$dist['postfix']['vmail_mailbox_base'] = '/var/vmail';
+$conf['postfix']['installed'] = false; // will be detected automatically during installation
+$conf['postfix']['config_dir'] = '/etc/postfix';
+$conf['postfix']['init_script'] = 'postfix';
+$conf['postfix']['user'] = 'postfix';
+$conf['postfix']['group'] = 'postfix';
+$conf['postfix']['vmail_userid'] = '5000';
+$conf['postfix']['vmail_username'] = 'vmail';
+$conf['postfix']['vmail_groupid'] = '5000';
+$conf['postfix']['vmail_groupname'] = 'vmail';
+$conf['postfix']['vmail_mailbox_base'] = '/var/vmail';
//* Getmail
-$dist['getmail']['config_dir'] = '/etc/getmail';
-$dist['getmail']['program'] = '/usr/bin/getmail';
+$conf['getmail']['installed'] = false; // will be detected automatically during installation
+$conf['getmail']['user'] = 'getmail';
+$conf['getmail']['config_dir'] = '/etc/getmail';
+$conf['getmail']['program'] = '/usr/bin/getmail';
//* Courier
-$dist['courier']['config_dir'] = '/etc/courier';
-$dist['courier']['courier-authdaemon'] = 'courier-authlib';
-$dist['courier']['courier-imap'] = 'courier-imapd';
-$dist['courier']['courier-imap-ssl'] = 'courier-imapd-ssl';
-$dist['courier']['courier-pop'] = 'courier-pop3d';
-$dist['courier']['courier-pop-ssl'] = 'courier-pop3d-ssl';
+$conf['courier']['installed'] = false; // will be detected automatically during installation
+$conf['courier']['config_dir'] = '/etc/courier/authlib';
+$conf['courier']['courier-authdaemon'] = 'courier-authlib';
+$conf['courier']['courier-imap'] = 'courier-imapd';
+$conf['courier']['courier-imap-ssl'] = 'courier-imapd-ssl';
+$conf['courier']['courier-pop'] = 'courier-pop3d';
+$conf['courier']['courier-pop-ssl'] = 'courier-pop3d-ssl';
//* SASL
-$dist['saslauthd']['config'] = '/etc/default/saslauthd';
-$dist['saslauthd']['init_script'] = 'saslauthd';
+$conf['saslauthd']['installed'] = false; // will be detected automatically during installation
+$conf['saslauthd']['config_file'] = '/etc/conf.d/saslauthd';
+$conf['saslauthd']['config_dir'] = '/etc/sasl2';
+$conf['saslauthd']['init_script'] = 'saslauthd';
//* Amavisd
-$dist['amavis']['config_dir'] = '/etc/amavis';
-$dist['amavis']['init_script'] = 'amavisd';
+$conf['amavis']['installed'] = false; // will be detected automatically during installation
+$conf['amavis']['config_file'] = '/etc/amavisd.conf';
+$conf['amavis']['init_script'] = 'amavisd';
//* ClamAV
-$dist['clamav']['init_script'] = 'clamd';
+$conf['clamav']['installed'] = false; // will be detected automatically during installation
+$conf['clamav']['init_script'] = 'clamd';
//* Pureftpd
-$dist['pureftpd']['config_dir'] = '/etc/pure-ftpd';
-$dist['pureftpd']['init_script'] = 'pure-ftpd';
+$conf['pureftpd']['installed'] = false; // will be detected automatically during installation
+$conf['pureftpd']['config_file'] = '/etc/conf.d/pure-ftpd';
+$conf['pureftpd']['mysql_config_file'] = '/etc/pureftpd-mysql.conf';
+$conf['pureftpd']['init_script'] = 'pure-ftpd';
//* MyDNS
-$dist['mydns']['config_dir'] = '/etc';
-$dist['mydns']['init_script'] = 'mydns';
+$conf['mydns']['installed'] = false; // will be detected automatically during installation
+$conf['mydns']['config_dir'] = '/etc';
+$conf['mydns']['init_script'] = 'mydns';
//* PowerDNS
$conf['powerdns']['installed'] = false; // will be detected automatically during installation
$conf['powerdns']['database'] = 'powerdns';
-$conf["powerdns"]["config_dir"] = '/etc/powerdns/pdns.d';
-$conf['powerdns']['init_script'] = 'pdns';
+$conf["powerdns"]["config_dir"] = '/etc/powerdns';
+$conf["powerdns"]["config_file"] = 'pdns-local.conf';
+$conf['powerdns']['init_script'] = 'pdns.local';
+
+//* BIND DNS Server
+$conf['bind']['installed'] = false; // will be detected automatically during installation
+$conf['bind']['bind_user'] = 'root';
+$conf['bind']['bind_group'] = 'bind';
+$conf['bind']['bind_zonefiles_dir'] = '/etc/bind';
+$conf['bind']['named_conf_path'] = '/etc/bind/named.conf';
+$conf['bind']['named_conf_local_path'] = '/etc/bind/named.conf.local';
+$conf['bind']['init_script'] = 'named';
//* Jailkit
+$conf['jailkit']['installed'] = false; // will be detected automatically during installation
$conf['jailkit']['config_dir'] = '/etc/jailkit';
$conf['jailkit']['jk_init'] = 'jk_init.ini';
$conf['jailkit']['jk_chrootsh'] = 'jk_chrootsh.ini';
-$conf['jailkit']['jailkit_chroot_app_programs'] = '/usr/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/lesspipe /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/pico';
-$conf['jailkit']['jailkit_chroot_cron_programs'] = '/usr/bin/php /usr/bin/perl /usr/share/perl /usr/share/php';
+$conf['jailkit']['jailkit_chroot_app_programs'] = '/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/less /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/vim';
//* vlogger
-$conf['vlogger']['config_dir'] = '/etc';
+$conf['vlogger']['config_dir'] = '/etc/vlogger';
//* cron
-$conf['cron']['init_script'] = 'cron';
+$conf['cron']['init_script'] = 'vixie-cron';
$conf['cron']['crontab_dir'] = '/etc/cron.d';
+$conf['cron']['group'] = 'cron';
$conf['cron']['wget'] = '/usr/bin/wget';
-
-?>
\ No newline at end of file
+?>
diff --git a/install/dist/lib/gentoo.lib.php b/install/dist/lib/gentoo.lib.php
index cf8e864..08d3494 100644
--- a/install/dist/lib/gentoo.lib.php
+++ b/install/dist/lib/gentoo.lib.php
@@ -28,9 +28,735 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-class installer extends installer_base {
+class installer extends installer_base
+{
+ public function configure_jailkit()
+ {
+ global $conf;
+
+ if (is_dir($conf['jailkit']['config_dir']))
+ {
+ $jkinit_content = $this->get_template_file($conf['jailkit']['jk_init'], true); // get contents
+ $this->write_config_file($conf['jailkit']['config_dir'] . '/' . $conf['jailkit']['jk_init'], $jkinit_content);
+
+ $jkchroot_content = $this->get_template_file($conf['jailkit']['jk_chrootsh'], true); // get contents
+ $this->write_config_file($conf['jailkit']['config_dir'] . '/' . $conf['jailkit']['jk_chrootsh'], $jkchroot_content);
+ }
+
+ $command = "chown root:root /var/www";
+ caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ public function configure_postfix($options = '')
+ {
+ global $conf;
+
+ $cf = $conf['postfix'];
+ $config_dir = $cf['config_dir'];
+
+ if(!is_dir($config_dir)){
+ $this->error("The postfix configuration directory '$config_dir' does not exist.");
+ }
+
+ // Install virtual mappings
+ foreach (glob("tpl/mysql-virtual_*.master") as $filename) {
+ $this->process_postfix_config( basename($filename, ".master") );
+ }
+
+ // Changing mode and group of the new created config files.
+ caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
+ __FILE__, __LINE__, 'chmod on mysql-virtual_*.cf*', 'chmod on mysql-virtual_*.cf* failed');
+ caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
+ __FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed');
+
+ // Creating virtual mail user and group
+ $command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
+ if (!is_group($cf['vmail_groupname'])) {
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+ $command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
+ if (!is_user($cf['vmail_username'])) {
+ caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+ $postconf_commands = array (
+ 'myhostname = '.$conf['hostname'],
+ 'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
+ 'mynetworks = 127.0.0.0/8 [::1]/128',
+ 'virtual_alias_domains =',
+ 'virtual_alias_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_forwardings.cf, mysql:'.$config_dir.'/mysql-virtual_email2email.cf',
+ 'virtual_mailbox_domains = proxy:mysql:'.$config_dir.'/mysql-virtual_domains.cf',
+ 'virtual_mailbox_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailboxes.cf',
+ 'virtual_mailbox_base = '.$cf['vmail_mailbox_base'],
+ 'virtual_uid_maps = static:'.$cf['vmail_userid'],
+ 'virtual_gid_maps = static:'.$cf['vmail_groupid'],
+ 'smtpd_sasl_auth_enable = yes',
+ 'broken_sasl_auth_clients = yes',
+ 'smtpd_sasl_authenticated_header = yes',
+ 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination',
+ 'smtpd_use_tls = yes',
+ 'smtpd_tls_security_level = may',
+ 'smtpd_tls_cert_file = '.$config_dir.'/smtpd.cert',
+ 'smtpd_tls_key_file = '.$config_dir.'/smtpd.key',
+ 'transport_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_transports.cf',
+ 'relay_domains = mysql:'.$config_dir.'/mysql-virtual_relaydomains.cf',
+ 'virtual_create_maildirsize = yes',
+ 'virtual_maildir_extended = yes',
+ 'virtual_mailbox_limit_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailbox_limit_maps.cf',
+ 'virtual_mailbox_limit_override = yes',
+ 'virtual_maildir_limit_message = "The user you are trying to reach is over quota."',
+ 'virtual_overquota_bounce = yes',
+ 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps',
+ 'smtpd_sender_restrictions = check_sender_access mysql:'.$config_dir.'/mysql-virtual_sender.cf',
+ 'smtpd_client_restrictions = check_client_access mysql:'.$config_dir.'/mysql-virtual_client.cf',
+ 'maildrop_destination_concurrency_limit = 1',
+ 'maildrop_destination_recipient_limit = 1',
+ 'virtual_transport = maildrop',
+ 'header_checks = regexp:'.$config_dir.'/header_checks',
+ 'mime_header_checks = regexp:'.$config_dir.'/mime_header_checks',
+ 'nested_header_checks = regexp:'.$config_dir.'/nested_header_checks',
+ 'body_checks = regexp:'.$config_dir.'/body_checks'
+ );
+
+ // Create the header and body check files
+ touch($config_dir.'/header_checks');
+ touch($config_dir.'/mime_header_checks');
+ touch($config_dir.'/nested_header_checks');
+ touch($config_dir.'/body_checks');
+
+
+ // Make a backup copy of the main.cf file
+ copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
+
+ // Executing the postconf commands
+ foreach($postconf_commands as $cmd) {
+ $command = "postconf -e '$cmd'";
+ caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
+ }
+
+ // Create the SSL certificate
+ if (!stristr($options,'dont-create-certs'))
+ {
+ $command = 'cd '.$config_dir.'; '
+ .'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509';
+ exec($command);
+
+ $command = 'chmod o= '.$config_dir.'/smtpd.key';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
+ }
+
+ // We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
+ $command = 'chmod 755 /var/run/courier/authdaemon/';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
+
+ // Changing maildrop lines in posfix master.cf
+ $configfile = $config_dir.'/master.cf';
+ $content = rf($configfile);
+
+ $content = preg_replace('/^#?maildrop/m', 'maildrop', $content);
+ $content = preg_replace('/^#?(\s+)flags=DRhu user=vmail argv=\/usr\/bin\/maildrop -d/m',
+ '$1flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail \${extension} \${recipient} \${user} \${nexthop} \${sender}',
+ $content);
+
+ $this->write_config_file($configfile, $content);
+
+ // Writing the Maildrop mailfilter file
+ $content = rf("tpl/mailfilter.master");
+ $content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
+
+ $this->write_config_file($cf['vmail_mailbox_base'].'/.mailfilter', $content);
+
+ // Create the directory for the custom mailfilters
+ if (!is_dir($cf['vmail_mailbox_base'].'/mailfilters'))
+ {
+ $command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
+ caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ // Chmod and chown the .mailfilter file
+ $command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
+ caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ $command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
+ caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ }
+
+ public function configure_saslauthd()
+ {
+ global $conf;
+
+ $content = $this->get_template_file('sasl_smtpd.conf', true, true); // get contents & insert db cred
+ $this->write_config_file($conf['saslauthd']['config_dir'].'/smtpd.conf', $content);
+
+ // Edit the file saslauthd config file
+ $content = rf($conf["saslauthd"]["config_file"]);
+ $content = preg_replace('/(?<=\n)SASLAUTHD_OPTS="\$\{SASLAUTHD_OPTS\}[^"]+"/', 'SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam -r -c -s 128 -t 30 -n 5"', $content);
+
+ $this->write_config_file($conf["saslauthd"]["config_file"], $content);
+ }
+
+ public function configure_courier()
+ {
+ global $conf;
+
+ // authmysqlrc
+ $content = $this->get_template_file('authmysqlrc', true, true); // get contents & insert db cred
+ $this->write_config_file($conf['courier']['config_dir'].'/authmysqlrc', $content);
+
+ // authdaemonrc
+ $configfile = $conf['courier']['config_dir'].'/authdaemonrc';
+
+ $content = rf($configfile);
+ $content = preg_replace('/(?<=\n)authmodulelist="[^"]+"/', "authmodulelist=\"authmysql\"", $content);
+ $this->write_config_file($configfile, $content);
+
+ // create certificates
+ $command = "mkimapdcert";
+ caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ $command = "mkpop3dcert";
+ caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ public function configure_spamassassin()
+ {
+ return true;
+ }
+
+ public function configure_getmail()
+ {
+ global $conf;
+
+ $config_dir = $conf['getmail']['config_dir'];
+
+ if (!is_dir($config_dir)) {
+ exec("mkdir -p ".escapeshellcmd($config_dir));
+ }
+
+ $command = "useradd -d $config_dir ".$conf['getmail']['user'];
+ if (!is_user('getmail')) {
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ $command = "chown -R getmail $config_dir";
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ $command = "chmod -R 700 $config_dir";
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ // Getmail will be run from cron. In order to have access to cron the getmail user needs to be part of the cron group.
+ $command = "gpasswd -a getmail " . $conf['cron']['group'];
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ public function configure_amavis()
+ {
+ global $conf;
+
+ // Amavisd-new user config file
+ $conf_file = 'amavisd-ispconfig.conf';
+ $conf_path = dirname($conf['amavis']['config_file']) . '/' . $conf_file;
+
+ $content = $this->get_template_file($conf_file, true, true); // get contents & insert db cred
+ $this->write_config_file($conf_path, $content);
+
+ // Activate config directory in default file
+ $amavis_conf = rf($conf['amavis']['config_file']);
+ if (strpos($amavis_conf, $conf_path) === false)
+ {
+ $amavis_conf = preg_replace('/(#-------------\n1;)/',
+ "include_config_files('$conf_path');\n$1",
+ $amavis_conf);
+
+ $this->write_config_file($conf['amavis']['config_file'], $amavis_conf);
+ }
+
+ // Adding the amavisd commands to the postfix configuration
+ $postconf_commands = array (
+ 'content_filter = amavis:[127.0.0.1]:10024',
+ 'receive_override_options = no_address_mappings'
+ );
+
+ foreach($postconf_commands as $cmd) {
+ $command = "postconf -e '$cmd'";
+ caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ // Append the configuration for amavisd to the master.cf file
+ $content = rf($conf["postfix"]["config_dir"].'/master.cf');
+
+ if(!stristr($content,"127.0.0.1:10025")) // Only add the content if we had not addded it before
+ {
+ unset($content);
+ $content = $this->get_template_file("master_cf_amavis", true);
+ af($conf["postfix"]["config_dir"].'/master.cf', $content);
+ }
+ unset($content);
+
+ // Add the clamav user to the amavis group
+ exec('usermod -a -G amavis clamav');
+ }
+
+ public function configure_pureftpd()
+ {
+ global $conf;
+
+ //* configure pure-ftpd for MySQL authentication against the ispconfig database
+ $content = $this->get_template_file('pureftpd_mysql.conf', true, true); // get contents & insert db cred
+ $content = str_replace('{server_id}', $conf["server_id"], $content);
+
+ $this->write_config_file($conf['pureftpd']['mysql_config_file'], $content, 600, 'root', 'root');
+
+ // **enable pure-ftpd and server settings
+ $content = rf($conf["pureftpd"]["config_file"]);
+
+ $content = preg_replace('/#?IS_CONFIGURED="(?:yes|no)"/', 'IS_CONFIGURED="yes"', $content);
+ $content = str_replace('AUTH="-l unix"', 'AUTH="-l mysql:'.$conf['pureftpd']['mysql_config_file'].'"', $content);
+
+ // Logging defaults to syslog's ftp facility. Override this behaviour for better compatibility with debian/ubuntu
+ // and specify the format.
+ $logdir = '/var/log/pure-ftpd';
+ if (!is_dir($logdir)) {
+ mkdir($logdir, 0755, true);
+ }
+
+ /*
+ * @link http://download.pureftpd.org/pub/pure-ftpd/doc/README
+ * -b brokenclientscompatibility
+ * -A chrooteveryone
+ * -E noanonymous
+ * -O altlog <format>:<log file>
+ * -Z customerproof (Add safe guards against common customer mistakes ie. like chmod 0 on their own files)
+ */
+ $content = preg_replace('/MISC_OTHER="[^"]+"/', 'MISC_OTHER="-b -A -E -Z -O clf:'.$logdir.'/transfer.log"', $content);
+
+ $this->write_config_file($conf["pureftpd"]["config_file"], $content);
+ }
+
+ public function configure_powerdns()
+ {
+ global $conf;
+
+ //* Create the database
+ if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['powerdns']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
+ $this->error('Unable to create MySQL database: '.$conf['powerdns']['database'].'.');
+ }
+
+ //* Create the ISPConfig database user in the local database
+ $query = "GRANT ALL ON `".$conf['powerdns']['database']."` . * TO '".$conf['mysql']['ispconfig_user']."'@'localhost';";
+ if(!$this->db->query($query)) {
+ $this->error('Unable to create user for powerdns database Error: '.$this->db->errorMessage);
+ }
+
+ //* Reload database privelages
+ $this->db->query('FLUSH PRIVILEGES;');
+
+ //* load the powerdns databse dump
+ if($conf['mysql']['admin_password'] == '') {
+ caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
+ __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
+ } else {
+ caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
+ __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
+ }
+
+ //* Create the powerdns config file
+ $content = $this->get_template_file('pdns.local', true, true); // get contents & insert db cred
+ $content = str_replace('{powerdns_database}', $conf['powerdns']['database'], $content);
+
+ $this->write_config_file($conf["powerdns"]["config_dir"].'/'.$conf["powerdns"]["config_file"], $content, 600, 'root', 'root');
+
+ // Create symlink to init script to start the correct config file
+ if( !is_link($conf['init_scripts'].'/'.$conf['powerdns']['init_script']) ) {
+ symlink($conf['init_scripts'].'/pdns', $conf['init_scripts'].'/'.$conf['powerdns']['init_script']);
+ }
+ }
+
+ public function configure_apache()
+ {
+ global $conf;
+
+ // Create the logging directory for the vhost logfiles
+ if (!is_dir('/var/log/ispconfig/httpd')) {
+ mkdir('/var/log/ispconfig/httpd', 0755, true);
+ }
+
+ if (is_file($conf['suphp']['config_file']))
+ {
+ $content = rf($conf['suphp']['config_file']);
+
+ $content = preg_replace('/;Handler for php-scripts/',";Handler for php-scripts\nx-httpd-suphp=php:/usr/bin/php-cgi", $content);
+ $content = preg_replace('/;?umask=\d+/','umask=0022', $content);
+
+ $this->write_config_file($conf['suphp']['config_file'], $content);
+ }
+
+ // Enable ISPConfig default vhost settings
+ $default_vhost_path = $conf['apache']['vhost_conf_dir'].'/'.$conf['apache']['vhost_default'];
+ if (is_file($default_vhost_path))
+ {
+ $content = rf($default_vhost_path);
+
+ $content = preg_replace('/^#?\s*NameVirtualHost.*$/m', 'NameVirtualHost *:80', $content);
+ $content = preg_replace('/<VirtualHost[^>]+>/', '<VirtualHost *:80>', $content);
+
+ $this->write_config_file($default_vhost_path, $content);
+ }
+
+ // Generate default ssl certificates
+ if (!is_dir($conf['apache']['ssl_dir'])) {
+ mkdir($conf['apache']['ssl_dir']);
+ }
+
+ if ($conf['services']['mail'] == true)
+ {
+ copy($conf['postfix']['config_dir']."/smtpd.key", $conf['apache']['ssl_dir']."/server.key");
+ copy($conf['postfix']['config_dir']."/smtpd.cert", $conf['apache']['ssl_dir']."/server.crt");
+ }
+ else
+ {
+ if (!is_file($conf['apache']['ssl_dir'] . '/server.crt')) {
+ exec("openssl req -new -outform PEM -out {$conf['apache']['ssl_dir']}/server.crt -newkey rsa:2048 -nodes -keyout {$conf['apache']['ssl_dir']}/server.key -keyform PEM -days 365 -x509");
+ }
+ }
+
+
+
+ // Copy the ISPConfig configuration include
+ $content = $this->get_template_file('apache_ispconfig.conf', true);
+
+ $records = $this->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ".$conf["server_id"]." AND virtualhost = 'y'");
+ if(is_array($records) && count($records) > 0)
+ {
+ foreach($records as $rec) {
+ $content .= "NameVirtualHost ".$rec["ip_address"].":80\n";
+ $content .= "NameVirtualHost ".$rec["ip_address"].":443\n";
+ }
+ }
+
+ $this->write_config_file($conf['apache']['vhost_conf_dir'].'/000-ispconfig.conf', $content);
+
+ // Gentoo by default does not include .vhost files. Add include line to config file.
+ $content = rf($conf['apache']['config_file']);
+ if ( strpos($content, 'Include /etc/apache2/vhosts.d/*.vhost') === false ) {
+ $content = preg_replace('|(Include /etc/apache2/vhosts.d/\*.conf)|',"$1\nInclude /etc/apache2/vhosts.d/*.vhost", $content);
+ }
+
+ $this->write_config_file($conf['apache']['config_file'], $content);
+
+ // make sure that webalizer finds its config file when it is directly in /etc
+ if(is_file('/etc/webalizer.conf') && !is_dir('/etc/webalizer'))
+ {
+ mkdir('/etc/webalizer', 0755);
+ symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
+ }
+
+ if(is_file('/etc/webalizer/webalizer.conf')) // Change webalizer mode to incremental
+ {
+ replaceLine('/etc/webalizer/webalizer.conf','#IncrementalName','IncrementalName webalizer.current',0,0);
+ replaceLine('/etc/webalizer/webalizer.conf','#Incremental','Incremental yes',0,0);
+ replaceLine('/etc/webalizer/webalizer.conf','#HistoryName','HistoryName webalizer.hist',0,0);
+ }
+
+ // add a sshusers group
+ if (!is_group('sshusers'))
+ {
+ $command = 'groupadd sshusers';
+ caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+ }
+
+ public function configure_apps_vhost()
+ {
+ global $conf;
+
+ //* Create the ispconfig apps vhost user and group
+
+ $apps_vhost_user = $conf['web']['apps_vhost_user'];
+ $apps_vhost_group = $conf['web']['apps_vhost_group'];
+ $install_dir = $conf['web']['website_basedir'].'/apps';
+
+ $command = 'groupadd '.$apps_vhost_user;
+ if ( !is_group($apps_vhost_group) ) {
+ caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ $command = "useradd -g '$apps_vhost_group' -d $install_dir $apps_vhost_group";
+ if ( !is_user($apps_vhost_user) ) {
+ caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ $command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ exec('mkdir -p '.escapeshellcmd($conf['web']['website_basedir'].'/apps'));
+
+ //* Copy the apps vhost file
+ $vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
+ $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
+ $apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '') ? '' : 'ServerName '.$conf['web']['apps_vhost_servername'];
+
+ // Dont just copy over the virtualhost template but add some custom settings
+ $content = $this->get_template_file('apache_apps.vhost', true);
+
+ $content = str_replace('{apps_vhost_ip}', $conf['web']['apps_vhost_ip'], $content);
+ $content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
+ $content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
+ $content = str_replace('{website_basedir}', $conf['web']['website_basedir'], $content);
+ $content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
+
+ // comment out the listen directive if port is 80 or 443
+ if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
+ $content = str_replace('{vhost_port_listen}', '#', $content);
+ } else {
+ $content = str_replace('{vhost_port_listen}', '', $content);
+ }
+
+ $this->write_config_file("$vhost_conf_dir/apps.vhost", $content);
+
+ if ( !is_file($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter') )
+ {
+ exec('mkdir -p '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps');
+ exec('cp tpl/apache_apps_fcgi_starter.master '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
+ exec('chmod +x '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
+ exec('chown -R ispapps:ispapps '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps');
+
+ }
+ }
+
+ public function install_ispconfig()
+ {
+ global $conf;
+
+ $install_dir = $conf['ispconfig_install_dir'];
+
+ // Create the ISPConfig installation directory
+ if(!is_dir($install_dir))
+ {
+ $command = "mkdir $install_dir";
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ // Create a ISPConfig user and group
+ if (!is_group('ispconfig'))
+ {
+ $command = 'groupadd ispconfig';
+ caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ if (!is_user('ispconfig'))
+ {
+ $command = "useradd -g ispconfig -d $install_dir ispconfig";
+ caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+
+ // copy the ISPConfig interface part
+ $command = "cp -rf ../interface $install_dir";
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ // copy the ISPConfig server part
+ $command = "cp -rf ../server $install_dir";
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+
+ // Create the config file for ISPConfig interface
+ $configfile = 'config.inc.php';
+ $content = $this->get_template_file($configfile, true, true); // get contents & insert db cred
+
+ $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
+ $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
+ $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
+ $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
+
+ $content = str_replace('{server_id}', $conf['server_id'], $content);
+ $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
+ $content = str_replace('{language}', $conf['language'], $content);
+
+ $this->write_config_file("$install_dir/interface/lib/$configfile", $content);
+
+ // Create the config file for ISPConfig server
+ $this->write_config_file("$install_dir/server/lib/$configfile", $content);
+
+ // Enable the server modules and plugins.
+ // TODO: Implement a selector which modules and plugins shall be enabled.
+ $dir = $install_dir.'/server/mods-available/';
+ if (is_dir($dir)) {
+ if ($dh = opendir($dir)) {
+ while (($file = readdir($dh)) !== false) {
+ if($file != '.' && $file != '..' && substr($file,-8,8) == '.inc.php') {
+ include_once($install_dir.'/server/mods-available/'.$file);
+ $module_name = substr($file,0,-8);
+ $tmp = new $module_name;
+ if($tmp->onInstall()) {
+ if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
+ if (strpos($file, '_core_module') !== false) {
+ if(!@is_link($install_dir.'/server/mods-core/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
+ }
+ }
+ unset($tmp);
+ }
+ }
+ closedir($dh);
+ }
+ }
+
+ $dir = $install_dir.'/server/plugins-available/';
+ if (is_dir($dir)) {
+ if ($dh = opendir($dir)) {
+ while (($file = readdir($dh)) !== false) {
+ if($file != '.' && $file != '..' && substr($file,-8,8) == '.inc.php') {
+ include_once($install_dir.'/server/plugins-available/'.$file);
+ $plugin_name = substr($file,0,-8);
+ $tmp = new $plugin_name;
+ if(method_exists($tmp,'onInstall') && $tmp->onInstall()) {
+ if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
+ if (strpos($file, '_core_plugin') !== false) {
+ if(!@is_link($install_dir.'/server/plugins-core/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
+ }
+ }
+ unset($tmp);
+ }
+ }
+ closedir($dh);
+ }
+ }
+
+ // Update the server config
+ $mail_server_enabled = ($conf['services']['mail'])?1:0;
+ $web_server_enabled = ($conf['services']['web'])?1:0;
+ $dns_server_enabled = ($conf['services']['dns'])?1:0;
+ $file_server_enabled = ($conf['services']['file'])?1:0;
+ $db_server_enabled = ($conf['services']['db'])?1:0;
+ $vserver_server_enabled = ($conf['services']['vserver'])?1:0;
+
+ $sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled' WHERE server_id = ".intval($conf['server_id']);
+
+ if($conf['mysql']['master_slave_setup'] == 'y') {
+ $this->dbmaster->query($sql);
+ $this->db->query($sql);
+ } else {
+ $this->db->query($sql);
+ }
+
+ // Chmod the files
+ $command = "chmod -R 750 $install_dir";
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ // chown the files to the ispconfig user and group
+ $command = "chown -R ispconfig:ispconfig $install_dir";
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ // Make the global language file directory group writable
+ exec("chmod -R 770 $install_dir/interface/lib/lang");
+
+ // Make the temp directory for language file exports writable
+ exec("chmod -R 770 $install_dir/interface/web/temp");
+
+ // Make all interface language file directories group writable
+ $handle = @opendir($install_dir.'/interface/web');
+ while ($file = @readdir ($handle)) {
+ if ($file != '.' && $file != '..') {
+ if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) {
+ $handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang');
+ chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang',0770);
+ while ($lang_file = @readdir ($handle2)) {
+ if ($lang_file != '.' && $lang_file != '..') {
+ chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file,0770);
+ }
+ }
+ }
+ }
+ }
+
+ // make sure that the server config file (not the interface one) is only readable by the root user
+ exec("chmod 600 $install_dir/server/lib/$configfile");
+ exec("chown root:root $install_dir/server/lib/$configfile");
+ if (is_file("$install_dir/server/lib/mysql_clientdb.conf")) {
+ exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
+ exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");
+ }
+
+ // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
+ // and must be fixed as this will allow the apache user to read the ispconfig files.
+ // Later this must run as own apache server or via suexec!
+ $command = 'usermod -a -G ispconfig '.$conf['apache']['user'];
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ // Make the shell scripts executable
+ $command = "chmod +x $install_dir/server/scripts/*.sh";
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+
+ // Copy the ISPConfig vhost for the controlpanel
+ $content = $this->get_template_file("apache_ispconfig.vhost", true);
+ $content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);
+
+ // comment out the listen directive if port is 80 or 443
+ if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
+ $content = str_replace('{vhost_port_listen}', '#', $content);
+ } else {
+ $content = str_replace('{vhost_port_listen}', '', $content);
+ }
+
+ $vhost_path = $conf['apache']['vhost_conf_dir'].'/ispconfig.vhost';
+ $this->write_config_file($vhost_path, $content);
+
+ if (!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'))
+ {
+ mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
+ copy('tpl/apache_ispconfig_fcgi_starter.master', '/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
+ chmod('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', 0755);
+ symlink('/usr/local/ispconfig/interface/web', '/var/www/ispconfig');
+ exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
+ }
+
+ // Install the update script
+ if (is_file('/usr/local/bin/ispconfig_update_from_svn.sh')) {
+ unlink('/usr/local/bin/ispconfig_update_from_svn.sh');
+ }
+
+ chown('/usr/local/ispconfig/server/scripts/update_from_svn.sh', 'root');
+ chmod('/usr/local/ispconfig/server/scripts/update_from_svn.sh', 0700);
+ chown('/usr/local/ispconfig/server/scripts/update_from_tgz.sh', 'root');
+ chmod('/usr/local/ispconfig/server/scripts/update_from_tgz.sh', 0700);
+ chown('/usr/local/ispconfig/server/scripts/ispconfig_update.sh', 'root');
+ chmod('/usr/local/ispconfig/server/scripts/ispconfig_update.sh', 0700);
+
+ if (!is_link('/usr/local/bin/ispconfig_update_from_svn.sh')) {
+ symlink('/usr/local/ispconfig/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_svn.sh');
+ }
+
+ if (!is_link('/usr/local/bin/ispconfig_update.sh')) {
+ symlink('/usr/local/ispconfig/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
+ }
+
+ // Make the logs readable for the ispconfig user
+ if (is_file('/var/log/maillog')) {
+ exec('chmod +r /var/log/maillog');
+ }
+ if (is_file('/var/log/messages')) {
+ exec('chmod +r /var/log/messages');
+ }
+ if (is_file('/var/log/clamav/clamav.log')) {
+ exec('chmod +r /var/log/clamav/clamav.log');
+ }
+ if (is_file('/var/log/clamav/freshclam.log')) {
+ exec('chmod +r /var/log/clamav/freshclam.log');
+ }
+
+ // Create the ispconfig log directory
+ if (!is_dir('/var/log/ispconfig')) {
+ mkdir('/var/log/ispconfig');
+ }
+ if (!is_file('/var/log/ispconfig/ispconfig.log')) {
+ exec('touch /var/log/ispconfig/ispconfig.log');
+ }
+
+ exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh');
+ exec('chown getmail /usr/local/bin/run-getmail.sh');
+ exec('chmod 744 /usr/local/bin/run-getmail.sh');
+ }
}
?>
\ No newline at end of file
diff --git a/install/dist/tpl/gentoo/amavisd-ispconfig.conf.master b/install/dist/tpl/gentoo/amavisd-ispconfig.conf.master
new file mode 100644
index 0000000..d67c60a
--- /dev/null
+++ b/install/dist/tpl/gentoo/amavisd-ispconfig.conf.master
@@ -0,0 +1,98 @@
+use strict;
+
+#
+# Place your configuration directives here. They will override those in
+# earlier files.
+#
+# See /usr/share/doc/amavisd-new/ for documentation and examples of
+# the directives you can use in this file
+#
+
+@av_scanners = (
+
+### http://www.clamav.net/
+ ['ClamAV-clamd',
+ \&ask_daemon, ["SCAN {}\n", "/var/run/clamav/clamd.sock"],
+ qr/\bOK$/, qr/\bFOUND$/,
+ qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
+);
+
+@av_scanners_backup = (
+
+### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
+['ClamAV-clamscan', 'clamscan',
+ "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
+ qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
+
+);
+
+@bypass_virus_checks_maps = (
+ \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
+
+@bypass_spam_checks_maps = (
+ \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
+
+#
+# Database connection settings
+#
+
+@lookup_sql_dsn =
+ ( ['DBI:mysql:database={mysql_server_database};host={mysql_server_ip};port={mysql_server_port}', '{mysql_server_ispconfig_user}', '{mysql_server_ispconfig_password}'] );
+
+# @storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate database
+#$sql_select_policy = 'SELECT "Y" as local FROM mail_domain WHERE CONCAT("@",domain) IN (%k)';
+# $banned_files_quarantine_method = 'sql';
+# $spam_quarantine_method = 'sql';
+
+#
+# SQL Select statements
+#
+
+$sql_select_policy =
+ 'SELECT *,spamfilter_users.id'.
+ ' FROM spamfilter_users LEFT JOIN spamfilter_policy ON spamfilter_users.policy_id=spamfilter_policy.id'.
+ ' WHERE spamfilter_users.email IN (%k) ORDER BY spamfilter_users.priority DESC';
+
+
+$sql_select_white_black_list = 'SELECT wb FROM spamfilter_wblist'.
+ ' WHERE (spamfilter_wblist.rid=?) AND (spamfilter_wblist.email IN (%k))' .
+ ' ORDER BY spamfilter_wblist.priority DESC';
+
+#
+# Quarantine settings
+#
+
+$final_virus_destiny = D_BOUNCE;
+$final_spam_destiny = D_DISCARD;
+$final_banned_destiny = D_BOUNCE;
+$final_bad_header_destiny = D_PASS;
+
+# Default settings, we st this very high to not filter aut emails accidently
+$sa_spam_subject_tag = '***SPAM*** ';
+$sa_tag_level_deflt = 20.0; # add spam info headers if at, or above that level
+$sa_tag2_level_deflt = 60.0; # add 'spam detected' headers at that level
+$sa_kill_level_deflt = 60.0; # triggers spam evasive actions
+$sa_dsn_cutoff_level = 100; # spam level beyond which a DSN is not sent
+
+#
+# Disable spam and virus notifications for the admin user.
+# Can be overridden by the policies in mysql
+#
+
+$virus_admin = undef;
+$spam_admin = undef;
+
+
+#
+# Enable Logging
+#
+
+$DO_SYSLOG = 1;
+$LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log)
+
+# Set the log_level to 5 for debugging
+$log_level = 0; # (defaults to 0)
+
+
+#------------ Do not modify anything below this line -------------
+1; # insure a defined return
diff --git a/install/dist/tpl/gentoo/apache_ispconfig.conf.master b/install/dist/tpl/gentoo/apache_ispconfig.conf.master
new file mode 100644
index 0000000..78dc555
--- /dev/null
+++ b/install/dist/tpl/gentoo/apache_ispconfig.conf.master
@@ -0,0 +1,16 @@
+
+
+################################################
+# ISPConfig Logfile configuration for vlogger
+################################################
+
+LogFormat "%v %h %l %u %t \"%r\" %>s %B \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig
+CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" -d \"/etc/vlogger/vlogger-dbi.conf\" /var/log/ispconfig/httpd" combined_ispconfig
+
+<Directory /var/www/clients>
+ AllowOverride None
+ Order Deny,Allow
+ Deny from all
+</Directory>
+
+
diff --git a/install/dist/tpl/gentoo/jk_init.ini.master b/install/dist/tpl/gentoo/jk_init.ini.master
new file mode 100644
index 0000000..a2ff3a1
--- /dev/null
+++ b/install/dist/tpl/gentoo/jk_init.ini.master
@@ -0,0 +1,154 @@
+[ldconfig]
+executables = /sbin/ldconfig
+regularfiles = /etc/ld.so.conf
+
+[uidbasics]
+comment = common files for all jails that need user/group information
+libraries = /lib/libnsl.so.1, /lib64/libnsl.so.1, /lib/libnss*.so.2, /lib64/libnss*.so.2
+regularfiles = /etc/nsswitch.conf
+includesections = ldconfig
+
+[netbasics]
+comment = common files for all jails that need any internet connectivity
+libraries = /lib/libnss_dns.so.2, /lib64/libnss_dns.so.2
+regularfiles = /etc/resolv.conf, /etc/host.conf, /etc/hosts, /etc/protocols
+
+[logbasics]
+comment = timezone information
+regularfiles = /etc/localtime
+need_logsocket = 1
+
+[jk_lsh]
+comment = Jailkit limited shell
+executables = /usr/sbin/jk_lsh
+regularfiles = /etc/jailkit/jk_lsh.ini
+users = root
+groups = root
+need_logsocket = 1
+includesections = uidbasics
+
+[limitedshell]
+comment = alias for jk_lsh
+includesections = jk_lsh
+
+[cvs]
+comment = Concurrent Versions System
+executables = /usr/bin/cvs
+devices = /dev/null
+
+[git]
+comment = Fast Version Control System
+executables = /usr/bin/git*
+directories = /usr/share/git-core
+includesections = editors
+
+[scp]
+comment = ssh secure copy
+executables = /usr/bin/scp
+includesections = netbasics, uidbasics
+devices = /dev/urandom
+
+[sftp]
+comment = ssh secure ftp
+executables = /usr/lib/sftp-server, /usr/libexec/openssh/sftp-server, /usr/lib/misc/sftp-server, /usr/libexec/sftp-server
+includesections = netbasics, uidbasics
+devices = /dev/urandom, /dev/null
+
+[ssh]
+comment = ssh secure shell
+executables = /usr/bin/ssh
+includesections = netbasics, uidbasics
+devices = /dev/urandom, /dev/tty
+
+[rsync]
+executables = /usr/bin/rsync
+includesections = netbasics, uidbasics
+
+[procmail]
+comment = procmail mail delivery
+executables = /usr/bin/procmail, /bin/sh
+devices = /dev/null
+
+[basicshell]
+comment = bash based shell with several basic utilities
+executables = /bin/sh, /bin/bash, /bin/ls, /bin/cat, /bin/chmod, /bin/mkdir, /bin/cp, /bin/cpio, /bin/date, /bin/dd, /bin/echo, /bin/egrep, /bin/false, /bin/fgrep, /bin/grep, /bin/gunzip, /bin/gzip, /bin/ln, /bin/ls, /bin/mkdir, /bin/mktemp, /bin/more, /bin/mv, /bin/pwd, /bin/rm, /bin/rmdir, /bin/sed, /bin/sh, /bin/sleep, /bin/sync, /bin/tar, /bin/touch, /bin/true, /bin/uncompress, /bin/zcat
+regularfiles = /etc/motd, /etc/issue, /etc/bash.bashrc, /etc/bashrc, /etc/profile
+#directories =
+users = root
+groups = root
+includesections = uidbasics
+
+[midnightcommander]
+comment = Midnight Commander
+executables = /usr/bin/mc, /usr/bin/mcedit, /usr/bin/mcview
+directories = /etc/terminfo, /usr/share/terminfo, /usr/share/mc
+includesections = basicshell
+
+[extendedshell]
+comment = bash shell including things like awk, bzip, tail, less
+executables = /usr/bin/awk, /bin/bzip2, /bin/bunzip2, /usr/bin/ldd, /usr/bin/less, /usr/bin/clear, /usr/bin/cut, /usr/bin/du, /usr/bin/find, /usr/bin/head, /usr/bin/md5sum, /usr/bin/nice, /usr/bin/sort, /usr/bin/tac, /usr/bin/tail, /usr/bin/tr, /usr/bin/wc, /usr/bin/watch, /usb/bin/whoami
+includesections = basicshell, midnightcommander, editors
+
+[editors]
+comment = joe and nano
+executables = /usr/bin/joe, /usr/bin/nano, /usr/bin/vi, /usr/bin/vim
+regularfiles = /etc/vimrc
+directories = /etc/joe, /etc/terminfo, /usr/share/vim, /usr/share/terminfo, /usr/lib/terminfo
+
+[netutils]
+comment = several internet utilities like wget, ftp, rsync, scp, ssh
+executables = /usr/bin/wget, /usr/bin/lynx, /usr/bin/ftp, /usr/bin/host, /usr/bin/rsync, /usr/bin/smbclient
+includesections = netbasics, ssh, sftp, scp
+
+[apacheutils]
+comment = htpasswd utility
+executables = /usr/bin/htpasswd
+
+[extshellplusnet]
+comment = alias for extendedshell + netutils + apacheutils
+includesections = extendedshell, netutils, apacheutils
+
+[openvpn]
+comment = jail for the openvpn daemon
+executables = /usr/sbin/openvpn
+users = root,nobody
+groups = root,nogroup
+includesections = netbasics
+devices = /dev/urandom, /dev/random, /dev/net/tun
+includesections = netbasics, uidbasics
+need_logsocket = 1
+
+[apache]
+comment = the apache webserver, very basic setup, probably too limited for you
+executables = /usr/sbin/apache2
+users = root, apache
+groups = root, apache
+includesections = netbasics, uidbasics
+
+[perl]
+comment = the perl interpreter and libraries
+executables = /usr/bin/perl
+directories = /usr/lib/perl, /usr/lib/perl5, /usr/share/perl, /usr/share/perl5
+
+[xauth]
+comment = getting X authentication to work
+executables = /usr/bin/X11/xauth
+regularfiles = /usr/X11R6/lib/X11/rgb.txt, /etc/ld.so.conf
+
+[xclients]
+comment = minimal files for X clients
+regularfiles = /usr/X11R6/lib/X11/rgb.txt
+includesections = xauth
+
+[vncserver]
+comment = the VNC server program
+executables = /usr/bin/Xvnc, /usr/bin/Xrealvnc
+directories = /usr/X11R6/lib/X11/fonts/
+includesections = xclients
+
+
+#[xterm]
+#comment = xterm
+#executables = /usr/bin/X11/xterm
+#directories = /usr/share/terminfo, /etc/terminfo
+#devices = /dev/pts/0, /dev/pts/1, /dev/pts/2, /dev/pts/3, /dev/pts/4, /dev/ptyb4, /dev/ptya4, /dev/tty, /dev/tty0, /dev/tty4
diff --git a/install/install.php b/install/install.php
index 5c19b54..2e8606b 100644
--- a/install/install.php
+++ b/install/install.php
@@ -55,7 +55,9 @@
//** Ensure that current working directory is install directory
$cur_dir = getcwd();
-if(realpath(dirname(__FILE__)) != $cur_dir) die("Please run installation/update from _inside_ the install directory!\n");
+if(realpath(dirname(__FILE__)) != $cur_dir) {
+ chdir( realpath(dirname(__FILE__)) );
+}
//** Install logfile
define('ISPC_LOG_FILE', '/var/log/ispconfig_install.log');
diff --git a/install/lib/install.lib.php b/install/lib/install.lib.php
index d27ff11..889821c 100644
--- a/install/lib/install.lib.php
+++ b/install/lib/install.lib.php
@@ -159,7 +159,19 @@
$distbaseid = 'fedora';
swriteln("Operating System: Redhat or compatible, unknown version.\n");
}
-
+ }
+
+ //** Gentoo
+ elseif(file_exists("/etc/gentoo-release")) {
+
+ $content = file_get_contents('/etc/gentoo-release');
+
+ preg_match_all('/([0-9]{1,2})/', $content, $version);
+ $distname = 'Gentoo';
+ $distver = $version[0][0].$version[0][1];
+ $distid = 'gentoo';
+ $distbaseid = 'gentoo';
+ swriteln("Operating System: Gentoo $distver or compatible\n");
} else {
die('unrecognized linux distribution');
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index f671db1..7f5046b 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -737,7 +737,7 @@
$config_dir = $conf['pureftpd']['config_dir'];
- //* configure pam for SMTP authentication agains the ispconfig database
+ //* configure pure-ftpd for MySQL authentication against the ispconfig database
$configfile = 'db/mysql.conf';
if(is_file("$config_dir/$configfile")){
copy("$config_dir/$configfile", "$config_dir/$configfile~");
@@ -903,7 +903,7 @@
if(is_dir("/etc/Bastille.backup")) caselog("rm -rf /etc/Bastille.backup", __FILE__, __LINE__);
if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__);
- @mkdir("/etc/Bastille", octdec($directory_mode));
+ @mkdir("/etc/Bastille", 0700);
if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__);
caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
@@ -1383,6 +1383,119 @@
}
+ /**
+ * Helper function - get the path to a template file based on
+ * the local part of the filename. Checks first for the existence
+ * of a distribution specific file and if not found looks in the
+ * base template folder. Optionally the behaviour can be changed
+ * by setting the 2nd parameter which will fetch the contents
+ * of the template file and return it instead of the path. The 3rd
+ * parameter further extends this behaviour by filtering the contents
+ * by inserting the ispconfig database credentials using the {} placeholders.
+ *
+ * @param string $tLocal local part of filename
+ * @param bool $tRf
+ * @param bool $tDBCred
+ * @return string Relative path to the chosen template file
+ */
+ protected function get_template_file($tLocal, $tRf=false, $tDBCred=false)
+ {
+ global $conf, $dist;
+
+ $final_path = '';
+ $dist_template = 'dist/tpl/'.strtolower($dist['name'])."/$tLocal.master";
+ if (file_exists($dist_template)) {
+ $final_path = $dist_template;
+ } else {
+ $final_path = "tpl/$tLocal.master";
+ }
+
+ if (!$tRf) {
+ return $final_path;
+ } else {
+ return (!$tDBCred) ? rf($final_path) : $this->insert_db_credentials(rf($final_path));
+ }
+ }
+
+ /**
+ * Helper function - writes the contents to a config file
+ * and performs a backup if the file exist. Additionally
+ * if the file exists the new file will be given the
+ * same rights and ownership as the original. Optionally the
+ * rights and/or ownership can be overriden by appending umask,
+ * user and group to the parameters. Providing only uid and gid
+ * values will result in only a chown.
+ *
+ * @param $tConf
+ * @param $tContents
+ * @return bool
+ */
+ protected function write_config_file($tConf, $tContents)
+ {
+ // Backup config file before writing new contents and stat file
+ if ( is_file($tConf) )
+ {
+ $stat = exec('stat -c \'%a %U %G\' '.escapeshellarg($tConf), $output, $res);
+ if ($res == 0) { // stat successfull
+ list($access, $user, $group) = split(" ", $stat);
+ }
+
+ if ( copy($tConf, $tConf.'~') ) {
+ exec('chmod 400 '.$tConf.'~');
+ }
+ }
+
+ wf($tConf, $tContents); // write file
+
+ if (func_num_args() >= 4) // override rights and/or ownership
+ {
+ $args = func_get_args();
+ $output = array_slice($args, 2);
+
+ switch (sizeof($output)) {
+ case 3:
+ $umask = array_shift($output);
+ if (is_numeric($umask) && preg_match('/^0?[0-7]{3}$/', $umask)) {
+ $access = $umask;
+ }
+ case 2:
+ if (is_user($output[0]) && is_group($output[1])) {
+ list($user,$group) = $output;
+ }
+ break;
+ }
+ }
+
+ if (!empty($user) && !empty($group)) {
+ exec("chown $user:$group $tConf");
+ }
+
+ if (!empty($access)) {
+ exec("chmod $access $tConf");
+ }
+ }
+
+ /**
+ * Helper function - filter the contents of a config
+ * file by inserting the common ispconfig database
+ * credentials.
+ *
+ * @param $tContents
+ * @return string
+ */
+ protected function insert_db_credentials($tContents)
+ {
+ global $conf;
+
+ $tContents = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $tContents);
+ $tContents = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $tContents);
+ $tContents = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $tContents);
+ $tContents = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $tContents);
+ $tContents = str_replace('{mysql_server_host}',$conf['mysql']['host'], $tContents);
+ $tContents = str_replace('{mysql_server_port}',$conf["mysql"]["port"], $tContents);
+
+ return $tContents;
+ }
}
?>
\ No newline at end of file
--
Gitblit v1.9.1