From e1ceb050e19c7574bca146a8da7047ee4ff456b5 Mon Sep 17 00:00:00 2001 From: Marius Burkard <m.burkard@pixcept.de> Date: Sun, 10 Jul 2016 05:02:35 -0400 Subject: [PATCH] Merge branch 'stable-3.1' --- server/plugins-available/cron_plugin.inc.php | 359 +++++++++++++++++++++++++++++++++-------------------------- 1 files changed, 200 insertions(+), 159 deletions(-) diff --git a/server/plugins-available/cron_plugin.inc.php b/server/plugins-available/cron_plugin.inc.php index 23dbc28..c7109a5 100644 --- a/server/plugins-available/cron_plugin.inc.php +++ b/server/plugins-available/cron_plugin.inc.php @@ -30,228 +30,269 @@ */ class cron_plugin { - + var $plugin_name = 'cron_plugin'; var $class_name = 'cron_plugin'; - + // private variables var $action = ''; - + //* This function is called during ispconfig installation to determine // if a symlink shall be created for this plugin. function onInstall() { global $conf; - + if($conf['services']['web'] == true) { return true; } else { return false; } - + } - - + + /* This function is called when the plugin is loaded */ - + function onLoad() { global $app; - + /* Register for the events */ - - $app->plugins->registerEvent('cron_insert',$this->plugin_name,'insert'); - $app->plugins->registerEvent('cron_update',$this->plugin_name,'update'); - $app->plugins->registerEvent('cron_delete',$this->plugin_name,'delete'); - + + $app->plugins->registerEvent('cron_insert', $this->plugin_name, 'insert'); + $app->plugins->registerEvent('cron_update', $this->plugin_name, 'update'); + $app->plugins->registerEvent('cron_delete', $this->plugin_name, 'delete'); + } - - function insert($event_name,$data) { + + function insert($event_name, $data) { global $app, $conf; - + $this->action = 'insert'; // just run the update function - $this->update($event_name,$data); - + $this->update($event_name, $data); + } - - - function update($event_name,$data) { + + + function update($event_name, $data) { global $app, $conf; - + if($this->action != 'insert') $this->action = 'update'; - + // load the server configuration options $app->uses("getconf"); - + if($data["new"]["parent_domain_id"] == '') { - $app->log("Parent domain not set",LOGLEVEL_WARN); + $app->log("Parent domain not set", LOGLEVEL_WARN); return 0; } - - //* get data from web - $parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ".intval($data["new"]["parent_domain_id"])); - if(!$parent_domain["domain_id"]) { - $app->log("Parent domain not found",LOGLEVEL_WARN); - return 0; - } elseif($parent_domain["system_user"] == 'root' or $parent_domain["system_group"] == 'root') { - $app->log("Websites (and Crons) cannot be owned by the root user or group.",LOGLEVEL_WARN); + + //* get data from web + $parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ?", $data["new"]["parent_domain_id"]); + if(!$parent_domain["domain_id"]) { + $app->log("Parent domain not found", LOGLEVEL_WARN); return 0; + } + + if(!$app->system->is_allowed_user($parent_domain['system_user'], true, true) + || !$app->system->is_allowed_group($parent_domain['system_group'], true, true)) { + $app->log("Websites (and Crons) cannot be owned by the root user or group.", LOGLEVEL_WARN); + return false; } // Get the client ID - $client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["new"]["sys_groupid"])); + $client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ?", $data["new"]["sys_groupid"]); $client_id = intval($client["client_id"]); unset($client); - + // Create group and user, if not exist $app->uses("system"); - + $groupname = escapeshellcmd($parent_domain["system_group"]); if($parent_domain["system_group"] != '' && !$app->system->is_group($parent_domain["system_group"])) { exec("groupadd $groupname"); - $app->log("Adding the group: $groupname",LOGLEVEL_DEBUG); + $app->log("Adding the group: $groupname", LOGLEVEL_DEBUG); } - + $username = escapeshellcmd($parent_domain["system_user"]); if($parent_domain["system_user"] != '' && !$app->system->is_user($parent_domain["system_user"])) { exec("useradd -d ".escapeshellcmd($parent_domain["document_root"])." -g $groupname $username -s /bin/false"); - $app->log("Adding the user: $username",LOGLEVEL_DEBUG); + $app->log("Adding the user: $username", LOGLEVEL_DEBUG); } - - // Set the quota for the user - if($username != '' && $app->system->is_user($username)) { - if($parent_domain["hd_quota"] > 0){ - $blocks_soft = $parent_domain["hd_quota"] * 1024; - $blocks_hard = $blocks_soft + 1024; - } else { - $blocks_soft = $blocks_hard = 0; - } - exec("setquota -u $username $blocks_soft $blocks_hard 0 0 -a &> /dev/null"); - exec("setquota -T -u $username 604800 604800 -a &> /dev/null"); - } - + + // Set the quota for the user + if($username != '' && $app->system->is_user($username)) { + if($parent_domain['hd_quota'] > 0) { + $blocks_soft = $parent_domain['hd_quota'] * 1024; + $mb_soft = $parent_domain['hd_quota']; + $blocks_hard = $blocks_soft + 1024; + $mb_hard = $mb_soft + 1; + } else { + $mb_soft = $mb_hard = $blocks_soft = $blocks_hard = 0; + } + + // get the primitive folder for document_root and the filesystem, will need it later. + $df_output=explode(" ", exec("df -T " . escapeshellarg($parent_domain["document_root"]) . "|awk 'END{print \$2,\$NF}'")); + $file_system = $df_output[0]; + $primitive_root = $df_output[1]; + + if ( in_array($file_system , array('ext2','ext3','ext4'),true) ) { + exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null'); + exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null'); + } elseif ($file_system == 'xfs') { + + exec("xfs_quota -x -c 'limit -g bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " $username' $primitive_root"); + + // xfs only supports timers globally, not per user. + exec("xfs_quota -x -c 'timer -bir -i 604800'"); + + unset($project_uid, $username_position, $xfs_projects); + unset($primitive_root, $df_output, $mb_hard, $mb_soft); + } + } + //TODO : change this when distribution information has been integrated into server record - //* Gentoo requires a user to be part of the crontab group. - if (file_exists('/etc/gentoo-release')) { - if (strpos($app->system->get_user_groups($username), 'crontab') === false) { - $app->system->add_user_to_group('crontab', $username); - } - } - + //* Gentoo requires a user to be part of the crontab group. + if (file_exists('/etc/gentoo-release')) { + if (strpos($app->system->get_user_groups($username), 'crontab') === false) { + $app->system->add_user_to_group('crontab', $username); + } + } + // make temp directory writable for the apache and website users - chmod(escapeshellcmd($parent_domain["document_root"].'/tmp'), 0777); - - /** TODO READ CRON MASTER **/ - - $this->parent_domain = $parent_domain; + $app->system->chmod(escapeshellcmd($parent_domain["document_root"].'/tmp'), 0777); + + /** TODO READ CRON MASTER **/ + + + $this->parent_domain = $parent_domain; $this->_write_crontab(); - + $this->action = ''; - + } - - function delete($event_name,$data) { + + function delete($event_name, $data) { global $app, $conf; - - //* get data from web - $parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ".intval($data["old"]["parent_domain_id"])); - if(!$parent_domain["domain_id"]) { - $app->log("Parent domain not found",LOGLEVEL_WARN); - return 0; - } - - // Get the client ID - $client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["old"]["sys_groupid"])); - $client_id = intval($client["client_id"]); - unset($client); - - $this->parent_domain = $parent_domain; - $this->_write_crontab(); + + //* get data from web + $parent_domain = $app->db->queryOneRecord("SELECT `domain_id`, `system_user`, `system_group`, `document_root`, `hd_quota` FROM `web_domain` WHERE `domain_id` = ?", $data["old"]["parent_domain_id"]); + if(!$parent_domain["domain_id"]) { + $app->log("Parent domain not found", LOGLEVEL_WARN); + return 0; + } + + // Get the client ID + $client = $app->dbmaster->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ?", $data["old"]["sys_groupid"]); + $client_id = intval($client["client_id"]); + unset($client); + + $this->parent_domain = $parent_domain; + $this->_write_crontab(); } - - function _write_crontab() { - global $app, $conf; - - //* load the server configuration options - $app->uses("getconf"); - - $cron_config = $app->getconf->get_server_config($conf["server_id"], 'cron'); - - //* try to find customer's mail address - - /** TODO: add possibility for client to choose mail notification! **/ - $cron_content = "MAILTO=''\n"; + + function _write_crontab() { + global $app, $conf; + + //* load the server configuration options + $app->uses("getconf"); + + $cron_config = $app->getconf->get_server_config($conf["server_id"], 'cron'); + + //* try to find customer's mail address + + /** TODO: add possibility for client to choose mail notification! **/ + $cron_content = "MAILTO=''\n"; $cron_content .= "SHELL='/bin/sh'\n\n"; - $chr_cron_content = "MAILTO=''\n"; - $chr_cron_content .= "SHELL='/usr/sbin/jk_chrootsh'\n\n"; - - $cmd_count = 0; - $chr_cmd_count = 0; - - //* read all active cron jobs from database and write them to file - $cron_jobs = $app->db->queryAllRecords("SELECT c.`run_min`, c.`run_hour`, c.`run_mday`, c.`run_month`, c.`run_wday`, c.`command`, c.`type`, `web_domain`.`domain` as `domain` FROM `cron` as c INNER JOIN `web_domain` ON `web_domain`.`domain_id` = c.`parent_domain_id` WHERE c.`parent_domain_id` = ".intval($this->parent_domain["domain_id"]) . " AND c.`active` = 'y'"); - if($cron_jobs && count($cron_jobs) > 0) { - foreach($cron_jobs as $job) { + $chr_cron_content = "MAILTO=''\n"; + $chr_cron_content .= "SHELL='/usr/sbin/jk_chrootsh'\n\n"; + + $cmd_count = 0; + $chr_cmd_count = 0; + + //* read all active cron jobs from database and write them to file + $cron_jobs = $app->db->queryAllRecords("SELECT c.`run_min`, c.`run_hour`, c.`run_mday`, c.`run_month`, c.`run_wday`, c.`command`, c.`type`, c.`log`, `web_domain`.`domain` as `domain` FROM `cron` as c INNER JOIN `web_domain` ON `web_domain`.`domain_id` = c.`parent_domain_id` WHERE c.`parent_domain_id` = ? AND c.`active` = 'y'", $this->parent_domain["domain_id"]); + if($cron_jobs && count($cron_jobs) > 0) { + foreach($cron_jobs as $job) { if($job['run_month'] == '@reboot') { $command = "@reboot"; } else { $command = str_replace(" ", "", $job['run_min']) . "\t" . str_replace(" ", "", $job['run_hour']) . "\t" . str_replace(" ", "", $job['run_mday']) . "\t" . str_replace(" ", "", $job['run_month']) . "\t" . str_replace(" ", "", $job['run_wday']); - } + } + + $log_target = ">/dev/null 2>&1"; + $log_wget_target = '/dev/null'; + $log_root = ''; + if($job['log'] == 'y') { + if($job['type'] != 'chrooted') $log_root = $this->parent_domain['document_root']; + $log_root .= '/private'; + + $log_target = '>>' . $log_root . '/cron.log 2>>' . $log_root . '/cron_error.log'; + $log_wget_target = $log_root . '/cron_wget.log'; + } + $command .= "\t{$this->parent_domain['system_user']}"; //* running as user - if($job['type'] == 'url') { - $command .= "\t{$cron_config['wget']} -q -t 1 -T 7200 -O /dev/null " . escapeshellarg($job['command']) . " >/dev/null 2>&1"; - } else { - if($job['type'] == 'chrooted') { - if(substr($job['command'], 0, strlen($this->parent_domain['document_root'])) == $this->parent_domain['document_root']) { - //* delete the unneeded path part - $job['command'] = substr($job['command'], strlen($this->parent_domain['document_root'])); - } - } - - $command .= "\t"; - if(substr($job['command'], 0, 1) != "/") $command .= $this->parent_domain['document_root'].'/'; - $command .= $job['command']; - } - - if($job['type'] == 'chrooted') { - $chr_cron_content .= $command . "\t#{$job['domain']}\n"; - $chr_cmd_count++; - } else { - $cron_content .= $command . "\t#{$job['domain']}\n"; - $cmd_count++; - } - } - } - - $cron_file = escapeshellcmd($cron_config["crontab_dir"].'/ispc_'.$this->parent_domain["system_user"]); - //TODO : change this when distribution information has been integrated into server record - //* Gentoo vixie-cron requires files to end with .cron in the cron.d directory - if (file_exists('/etc/gentoo-release')) { - $cron_file .= '.cron'; - } - - if($cmd_count > 0) { - file_put_contents($cron_file, $cron_content); - $app->log("Wrote Cron file $cron_file with content:\n$cron_content",LOGLEVEL_DEBUG); - } else { - @unlink($cron_file); - $app->log("Deleted Cron file $cron_file",LOGLEVEL_DEBUG); - } - - $cron_file = escapeshellcmd($cron_config["crontab_dir"].'/ispc_chrooted_'.$this->parent_domain["system_user"]); - if($chr_cmd_count > 0) { - file_put_contents($cron_file, $chr_cron_content); - $app->log("Wrote Cron file $cron_file with content:\n$chr_cron_content",LOGLEVEL_DEBUG); - } else { - @unlink($cron_file); - $app->log("Deleted Cron file $cron_file",LOGLEVEL_DEBUG); - } - - return 0; - } + if($job['type'] == 'url') { + $command .= "\t{$cron_config['wget']} -q -t 1 -T 7200 -O " . $log_wget_target . " " . escapeshellarg($job['command']) . " " . $log_target; + } else { + $web_root = ''; + if($job['type'] == 'chrooted') { + if(substr($job['command'], 0, strlen($this->parent_domain['document_root'])) == $this->parent_domain['document_root']) { + //* delete the unneeded path part + $job['command'] = substr($job['command'], strlen($this->parent_domain['document_root'])); + } + } else { + $web_root = $this->parent_domain['document_root']; + } + + $web_root .= '/web'; + $job['command'] = str_replace('[web_root]', $web_root, $job['command']); + + $command .= "\t"; + //if($job['type'] != 'chrooted' && substr($job['command'], 0, 1) != "/") $command .= $this->parent_domain['document_root'].'/'; + $command .= $job['command'] . " " . $log_target; + } + + if($job['type'] == 'chrooted') { + $chr_cron_content .= $command . " #{$job['domain']}\n"; + $chr_cmd_count++; + } else { + $cron_content .= $command . " #{$job['domain']}\n"; + $cmd_count++; + } + } + } + + $cron_file = escapeshellcmd($cron_config["crontab_dir"].'/ispc_'.$this->parent_domain["system_user"]); + //TODO : change this when distribution information has been integrated into server record + //* Gentoo vixie-cron requires files to end with .cron in the cron.d directory + if (file_exists('/etc/gentoo-release')) { + $cron_file .= '.cron'; + } + + if($cmd_count > 0) { + $app->system->file_put_contents($cron_file, $cron_content); + $app->log("Wrote Cron file $cron_file with content:\n$cron_content", LOGLEVEL_DEBUG); + } else { + $app->system->unlink($cron_file); + $app->log("Deleted Cron file $cron_file", LOGLEVEL_DEBUG); + } + + $cron_file = escapeshellcmd($cron_config["crontab_dir"].'/ispc_chrooted_'.$this->parent_domain["system_user"]); + if($chr_cmd_count > 0) { + $app->system->file_put_contents($cron_file, $chr_cron_content); + $app->log("Wrote Cron file $cron_file with content:\n$chr_cron_content", LOGLEVEL_DEBUG); + } else { + $app->system->unlink($cron_file); + $app->log("Deleted Cron file $cron_file", LOGLEVEL_DEBUG); + } + + return 0; + } } // end class -- Gitblit v1.9.1