Commit c83951c5 authored by Till Brehm's avatar Till Brehm

Set stronger permission settings on amavis configuration files.

parent ed46b479
......@@ -123,6 +123,7 @@ class installer extends installer_dist {
$content = str_replace('{hostname}', $conf['hostname'], $content);
$content = str_replace('/var/spool/amavisd/clamd.sock', '/tmp/clamd.socket', $content);
wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
// Adding the amavisd commands to the postfix configuration
......
......@@ -124,6 +124,7 @@ class installer extends installer_dist {
$content = str_replace('{hostname}', $conf['hostname'], $content);
$content = str_replace('/var/spool/amavisd/clamd.sock', '/var/run/clamav/clamd.sock', $content);
wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
// Adding the amavisd commands to the postfix configuration
......
......@@ -124,6 +124,7 @@ class installer extends installer_dist {
$content = str_replace('{hostname}', $conf['hostname'], $content);
$content = str_replace('/var/spool/amavisd/clamd.sock', '/var/run/clamav/clamd.sock', $content);
wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
// Adding the amavisd commands to the postfix configuration
......
......@@ -522,6 +522,7 @@ class installer_dist extends installer_base {
$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
$content = str_replace('{hostname}', $conf['hostname'], $content);
wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
// Adding the amavisd commands to the postfix configuration
......@@ -1326,7 +1327,12 @@ class installer_dist extends installer_base {
// Add symlink for patch tool
if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
// Change mode of a few files from amavisd
if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);
if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);
}
}
......
......@@ -1189,7 +1189,13 @@ class installer extends installer_base
// Add symlink for patch tool
if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
// Change mode of a few files from amavisd
if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);
if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);
}
}
......
......@@ -570,6 +570,7 @@ class installer_dist extends installer_base {
$content = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $content);
$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
// Adding the amavisd commands to the postfix configuration
......@@ -1399,7 +1400,12 @@ class installer_dist extends installer_base {
// Add symlink for patch tool
if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
// Change mode of a few files from amavisd
if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);
if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);
}
......
......@@ -1099,7 +1099,7 @@ class installer_base {
// amavisd user config file
$configfile = 'amavisd_user_config';
if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) copy($conf['amavis']['config_dir'].'/conf.d/50-user', $conf['amavis']['config_dir'].'/50-user~');
if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user~')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user~', 0400);
if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
......@@ -1107,6 +1107,7 @@ class installer_base {
$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
wf($conf['amavis']['config_dir'].'/conf.d/50-user', $content);
chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);
// TODO: chmod and chown on the config file
......@@ -2375,6 +2376,13 @@ Email Address []:
// Add symlink for patch tool
if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
// Change mode of a few files from amavisd
if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);
if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);
}
public function configure_dbserver() {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment