From 8418cc3aedf8b49bc99bac084e018cca7fbc72fb Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Mon, 9 Aug 2021 17:37:59 -0600 Subject: [PATCH] force jails to update every 2 weeks --- .../cron.d/600-jailkit_maintenance.inc.php | 39 +++++++------------ 1 file changed, 15 insertions(+), 24 deletions(-) diff --git a/server/lib/classes/cron.d/600-jailkit_maintenance.inc.php b/server/lib/classes/cron.d/600-jailkit_maintenance.inc.php index 4ef5835e67..e38ee58210 100644 --- a/server/lib/classes/cron.d/600-jailkit_maintenance.inc.php +++ b/server/lib/classes/cron.d/600-jailkit_maintenance.inc.php @@ -34,22 +34,6 @@ class cronjob_jailkit_maintenance extends cronjob { protected $_schedule = '*/5 * * * *'; protected $_run_at_new = true; - //private $_tools = null; - - /* this function is optional if it contains no custom code */ - public function onPrepare() { - global $app; - - parent::onPrepare(); - } - - /* this function is optional if it contains no custom code */ - public function onBeforeRun() { - global $app; - - return parent::onBeforeRun(); - } - public function onRunJob() { global $app, $conf; @@ -66,6 +50,18 @@ class cronjob_jailkit_maintenance extends cronjob { $options = array('allow_hardlink'); } + // force all jails to update every 2 weeks + if (! is_file('/usr/local/ispconfig/server/temp/jailkit_force_update.ts')) { + if(!@is_dir('/usr/local/ispconfig/server/temp')) { + $app->system->mkdirpath('/usr/local/ispconfig/server/temp'); + } + $app->system->touch('/usr/local/ispconfig/server/temp/jailkit_force_update.ts'); + } elseif ( time() - filemtime('/usr/local/ispconfig/server/temp/jailkit_force_update.ts') > 60 * 60 * 24 * 14 ) { + $update_hash = 'force_update'.time(); + $app->db->query("UPDATE web_domain SET last_jailkit_hash = ? WHERE type = 'vhost' AND server_id = ?", $update_hash, $conf['server_id']); + $app->system->touch('/usr/local/ispconfig/server/temp/jailkit_force_update.ts'); + } + // limit the number of jails we update at one time according to time of day $num_jails_to_update = (date('H') < 6) ? 25 : 3; @@ -111,12 +107,12 @@ class cronjob_jailkit_maintenance extends cronjob { sort($last_updated, SORT_STRING); $update_hash = hash('md5', implode(' ', $last_updated)); - if (is_file( $rec['document_root']."/bin/bash" )) { + if (substr($rec['last_jailkit_hash'], 0, strlen('force_update')) === 'force_update') { + $options[] = 'force'; + } elseif (is_file( $rec['document_root']."/bin/bash" )) { # test that /bin/bash functions in the jail -print "chroot --userspec ".$rec['system_user'].":".$rec['system_group']." ".$rec['document_root']." /bin/bash -c true 2>/dev/null\n"; $app->system->exec_safe("chroot --userspec ?:? ? /bin/bash -c true 2>/dev/null", $rec['system_user'], $rec['system_group'], $rec['document_root']); if ($app->system->last_exec_retcode()) { # return 0 means success -print "/bin/bash test failed, forcing update\n"; $options[] = 'force'; # bogus hash will not match, triggering an update $update_hash = 'force_update'.time(); @@ -147,10 +143,5 @@ print "/bin/bash test failed, forcing update\n"; parent::onRunJob(); } - /* this function is optional if it contains no custom code */ - public function onAfterRun() { - parent::onAfterRun(); - } - } -- GitLab