Newer
Older
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
class installer_dist extends installer_base {
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
public function configure_mailman($status = 'insert') {
global $conf;
$config_dir = $conf['mailman']['config_dir'].'/';
$full_file_name = $config_dir.'mm_cfg.py';
//* Backup exiting file
if(is_file($full_file_name)) {
copy($full_file_name, $config_dir.'mm_cfg.py~');
}
// load files
$content = rf('tpl/mm_cfg.py.master');
$old_file = rf($full_file_name);
$old_options = array();
$lines = explode("\n", $old_file);
foreach ($lines as $line)
{
if (trim($line) != '' && substr($line, 0, 1) != '#')
{
@list($key, $value) = @explode("=", $line);
if (!empty($value))
{
$key = rtrim($key);
$old_options[$key] = trim($value);
}
}
}
if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
$virtual_domains = '';
if($status == 'update')
{
// create virtual_domains list
$domainAll = $this->db->queryAllRecords("SELECT domain FROM mail_mailinglist GROUP BY domain");
if(is_array($domainAll)) {
foreach($domainAll as $domain)
{
if ($domainAll[0]['domain'] == $domain['domain'])
$virtual_domains .= "'".$domain['domain']."'";
else
$virtual_domains .= ", '".$domain['domain']."'";
}
}
}
else
$virtual_domains = "' '";
$content = str_replace('{hostname}', $conf['hostname'], $content);
if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = '';
$content = str_replace('{default_language}', $old_options['DEFAULT_SERVER_LANGUAGE'], $content);
$content = str_replace('{virtual_domains}', $virtual_domains, $content);
wf($full_file_name, $content);
//* Write virtual_to_transport.sh script
$config_dir = $conf['mailman']['config_dir'].'/';
$full_file_name = $config_dir.'virtual_to_transport.sh';
//* Backup exiting virtual_to_transport.sh script
if(is_file($full_file_name)) {
copy($full_file_name, $config_dir.'virtual_to_transport.sh~');
}
if(is_dir('/etc/mailman')) {
copy('tpl/mailman-virtual_to_transport.sh',$full_file_name);
chgrp($full_file_name,'mailman');
chmod($full_file_name,0750);
}
//* Create aliasaes
exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
function configure_postfix($options = '')
{
global $conf;
$cf = $conf['postfix'];
$config_dir = $cf['config_dir'];
if(!is_dir($config_dir)){
$this->error("The postfix configuration directory '$config_dir' does not exist.");
}
//* mysql-virtual_domains.cf
$this->process_postfix_config('mysql-virtual_domains.cf');
//* mysql-virtual_forwardings.cf
$this->process_postfix_config('mysql-virtual_forwardings.cf');
//* mysql-virtual_mailboxes.cf
$this->process_postfix_config('mysql-virtual_mailboxes.cf');
//* mysql-virtual_email2email.cf
$this->process_postfix_config('mysql-virtual_email2email.cf');
//* mysql-virtual_transports.cf
$this->process_postfix_config('mysql-virtual_transports.cf');
//* mysql-virtual_recipient.cf
$this->process_postfix_config('mysql-virtual_recipient.cf');
//* mysql-virtual_sender.cf
$this->process_postfix_config('mysql-virtual_sender.cf');
//* mysql-virtual_client.cf
$this->process_postfix_config('mysql-virtual_client.cf');
//* mysql-virtual_relaydomains.cf
$this->process_postfix_config('mysql-virtual_relaydomains.cf');
tbrehm
committed
//* mysql-virtual_relayrecipientmaps.cf
$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
//* Changing mode and group of the new created config files.
caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
__FILE__, __LINE__, 'chmod on mysql-virtual_*.cf*', 'chmod on mysql-virtual_*.cf* failed');
caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
__FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed');
//* Creating virtual mail user and group
$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
if(!is_group($cf['vmail_groupname'])) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* These postconf commands will be executed on installation and update
$postconf_commands = array (
'virtual_alias_domains =',
'virtual_alias_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_forwardings.cf, mysql:'.$config_dir.'/mysql-virtual_email2email.cf',
'virtual_mailbox_domains = proxy:mysql:'.$config_dir.'/mysql-virtual_domains.cf',
'virtual_mailbox_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailboxes.cf',
'virtual_mailbox_base = '.$cf['vmail_mailbox_base'],
'virtual_uid_maps = static:'.$cf['vmail_userid'],
'virtual_gid_maps = static:'.$cf['vmail_groupid'],
'smtpd_sasl_auth_enable = yes',
'broken_sasl_auth_clients = yes',
Falko Timme
committed
'smtpd_sasl_authenticated_header = yes',
'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination',
'smtpd_use_tls = yes',
'smtpd_tls_cert_file = '.$config_dir.'/smtpd.cert',
'smtpd_tls_key_file = '.$config_dir.'/smtpd.key',
'transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:'.$config_dir.'/mysql-virtual_transports.cf',
'relay_domains = mysql:'.$config_dir.'/mysql-virtual_relaydomains.cf',
tbrehm
committed
'relay_recipient_maps = mysql:'.$config_dir.'/mysql-virtual_relayrecipientmaps.cf',
'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps',
'smtpd_sender_restrictions = check_sender_access mysql:'.$config_dir.'/mysql-virtual_sender.cf',
'smtpd_client_restrictions = check_client_access mysql:'.$config_dir.'/mysql-virtual_client.cf',
'maildrop_destination_concurrency_limit = 1',
'maildrop_destination_recipient_limit = 1',
'virtual_transport = maildrop',
'header_checks = regexp:'.$config_dir.'/header_checks',
'mime_header_checks = regexp:'.$config_dir.'/mime_header_checks',
'nested_header_checks = regexp:'.$config_dir.'/nested_header_checks',
'body_checks = regexp:'.$config_dir.'/body_checks',
'inet_interfaces = all'
);
//* These postconf commands will be executed on installation only
if($this->is_update == false) {
$postconf_commands = array_merge($postconf_commands,array(
'myhostname = '.$conf['hostname'],
'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
'mynetworks = 127.0.0.0/8 [::1]/128'
));
}
//* Create the header and body check files
touch($config_dir.'/header_checks');
touch($config_dir.'/mime_header_checks');
touch($config_dir.'/nested_header_checks');
touch($config_dir.'/body_checks');
//* Create the mailman files
if(!is_dir('/var/lib/mailman/data')) exec('mkdir -p /var/lib/mailman/data');
//if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
if(is_file('/var/lib/mailman/data/aliases')) unlink('/var/lib/mailman/data/aliases');
if(!is_link('/var/lib/mailman/data/aliases')) symlink('/etc/mailman/aliases','/var/lib/mailman/data/aliases');
exec('postalias /var/lib/mailman/data/aliases');
if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
exec('postmap /var/lib/mailman/data/virtual-mailman');
if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
//* Make a backup copy of the main.cf file
copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
//* Executing the postconf commands
foreach($postconf_commands as $cmd) {
$command = "postconf -e '$cmd'";
caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
}
if(!stristr($options,'dont-create-certs')) {
//* Create the SSL certificate
.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509';
caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
}
//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
$command = 'chmod 755 /var/spool/authdaemon';
caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
//* Changing maildrop lines in posfix master.cf
if(is_file($config_dir.'/master.cf')){
copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
}
if(is_file($config_dir.'/master.cf~')){
exec('chmod 400 '.$config_dir.'/master.cf~');
}
$configfile = $config_dir.'/master.cf';
$content = rf($configfile);
$content = str_replace('# flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}',
' flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
Falko Timme
committed
// If postfix package is from centos plus repo
$content = str_replace('# flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
' flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
Falko Timme
committed
$content = str_replace(' flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}',
' flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
Falko Timme
committed
$content);
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
$content = str_replace('#maildrop unix - n n - - pipe',
'maildrop unix - n n - - pipe',
$content);
wf($configfile, $content);
//* Writing the Maildrop mailfilter file
$configfile = 'mailfilter';
if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)){
copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~');
}
$content = rf("tpl/$configfile.master");
$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content);
//* Create the directory for the custom mailfilters
$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Chmod and chown the .mailfilter file
$command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
public function configure_saslauthd() {
global $conf;
$configfile = 'tpl/fedora_saslauthd_smtpd_conf.master';
$content = rf($configfile);
wf('/usr/lib/sasl2/smtpd.conf',$content);
if(is_dir('/usr/lib64')) wf('/usr/lib64/sasl/smtpd.conf',$content);
if(is_dir('/usr/lib64')) wf('/usr/lib64/sasl2/smtpd.conf',$content);
}
public function configure_pam()
{
global $conf;
$pam = $conf['pam'];
//* configure pam for SMTP authentication agains the ispconfig database
$configfile = 'pamd_smtp';
if(is_file("$pam/smtp")) copy("$pam/smtp", "$pam/smtp~");
if(is_file("$pam/smtp~")) exec("chmod 400 $pam/smtp~");
$content = rf("tpl/$configfile.master");
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
wf("$pam/smtp", $content);
// On some OSes smtp is world readable which allows for reading database information. Removing world readable rights should have no effect.
if(is_file("$pam/smtp")) exec("chmod o= $pam/smtp");
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
//exec("chmod 660 $pam/smtp");
//exec("chown root:root $pam/smtp");
}
public function configure_courier()
{
global $conf;
$config_dir = $conf['courier']['config_dir'];
//* authmysqlrc
$configfile = 'authmysqlrc';
if(is_file("$config_dir/$configfile")){
copy("$config_dir/$configfile", "$config_dir/$configfile~");
}
exec("chmod 400 $config_dir/$configfile~");
$content = rf("tpl/$configfile.master");
$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
$content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content);
wf("$config_dir/$configfile", $content);
exec("chmod 660 $config_dir/$configfile");
exec("chown root:root $config_dir/$configfile");
//* authdaemonrc
$configfile = $conf['courier']['config_dir'].'/authdaemonrc';
if(is_file($configfile)){
copy($configfile, $configfile.'~');
}
if(is_file($configfile.'~')){
exec('chmod 400 '.$configfile.'~');
}
$content = rf($configfile);
$content = str_replace('authmodulelist=', 'authmodulelist="authmysql"', $content);
wf($configfile, $content);
}
public function configure_dovecot()
{
global $conf;
$config_dir = $conf['dovecot']['config_dir'];
//* Use /etc/dovecot as config dir if exists
if(is_dir('/etc/dovecot')) $config_dir = '/etc/dovecot';
//* Configure master.cf and add a line for deliver
if(is_file($config_dir.'/master.cf')){
copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
}
if(is_file($config_dir.'/master.cf~')){
exec('chmod 400 '.$config_dir.'/master.cf~2');
}
$content = rf($conf["postfix"]["config_dir"].'/master.cf');
// Only add the content if we had not addded it before
if(!stristr($content,"dovecot/deliver")) {
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
af($conf["postfix"]["config_dir"].'/master.cf',$deliver_content);
}
unset($content);
unset($deliver_content);
//* Reconfigure postfix to use dovecot authentication
// Adding the amavisd commands to the postfix configuration
$postconf_commands = array (
'dovecot_destination_recipient_limit = 1',
'virtual_transport = dovecot',
'smtpd_sasl_type = dovecot',
'smtpd_sasl_path = private/auth',
'receive_override_options = no_address_mappings'
);
// Make a backup copy of the main.cf file
copy($conf["postfix"]["config_dir"].'/main.cf',$conf["postfix"]["config_dir"].'/main.cf~3');
// Executing the postconf commands
foreach($postconf_commands as $cmd) {
$command = "postconf -e '$cmd'";
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
$configfile = 'dovecot.conf';
if(is_file("$config_dir/$configfile")){
copy("$config_dir/$configfile", "$config_dir/$configfile~");
}
//* Get the dovecot version
exec('dovecot --version',$tmp);
$parts = explode('.',trim($tmp[0]));
$dovecot_version = $parts[0];
unset($tmp);
unset($parts);
//* Copy dovecot configuration file
if($dovecot_version == 2) {
copy('tpl/fedora_dovecot2.conf.master',$config_dir.'/'.$configfile);
} else {
copy('tpl/fedora_dovecot.conf.master',$config_dir.'/'.$configfile);
}
//* dovecot-sql.conf
$configfile = 'dovecot-sql.conf';
if(is_file("$config_dir/$configfile")){
copy("$config_dir/$configfile", "$config_dir/$configfile~");
exec("chmod 400 $config_dir/$configfile~");
}
$content = rf("tpl/fedora_dovecot-sql.conf.master");
$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
$content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content);
wf("$config_dir/$configfile", $content);
exec("chmod 600 $config_dir/$configfile");
exec("chown root:root $config_dir/$configfile");
}
public function configure_amavis() {
global $conf;
// amavisd user config file
$configfile = 'fedora_amavisd_conf';
tbrehm
committed
if(is_file($conf["amavis"]["config_dir"].'/amavisd.conf')) copy($conf["amavis"]["config_dir"].'/amavisd.conf',$conf["amavis"]["config_dir"].'/amavisd.conf~');
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
if(is_file($conf["amavis"]["config_dir"].'/amavisd.conf~')) exec('chmod 400 '.$conf["amavis"]["config_dir"].'/amavisd.conf~');
$content = rf("tpl/".$configfile.".master");
$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
$content = str_replace('{mysql_server_port}',$conf["mysql"]["port"],$content);
$content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content);
$content = str_replace('{hostname}',$conf['hostname'],$content);
wf($conf["amavis"]["config_dir"].'/amavisd.conf',$content);
// Adding the amavisd commands to the postfix configuration
$postconf_commands = array (
'content_filter = amavis:[127.0.0.1]:10024',
'receive_override_options = no_address_mappings'
);
// Make a backup copy of the main.cf file
copy($conf["postfix"]["config_dir"].'/main.cf',$conf["postfix"]["config_dir"].'/main.cf~2');
// Executing the postconf commands
foreach($postconf_commands as $cmd) {
$command = "postconf -e '$cmd'";
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
// Append the configuration for amavisd to the master.cf file
if(is_file($conf["postfix"]["config_dir"].'/master.cf')) copy($conf["postfix"]["config_dir"].'/master.cf',$conf["postfix"]["config_dir"].'/master.cf~');
$content = rf($conf["postfix"]["config_dir"].'/master.cf');
// Only add the content if we had not addded it before
if(!stristr($content,"127.0.0.1:10025")) {
unset($content);
$content = rf("tpl/master_cf_amavis.master");
af($conf["postfix"]["config_dir"].'/master.cf',$content);
}
unset($content);
removeLine('/etc/sysconfig/freshclam','FRESHCLAM_DELAY=disabled-warn # REMOVE ME',1);
replaceLine('/etc/freshclam.conf','Example','# Example',1);
// Add the clamav user to the vscan group
//exec('groupmod --add-user clamav vscan');
}
public function configure_spamassassin()
{
global $conf;
//* Enable spamasasssin on debian and ubuntu
/*
$configfile = '/etc/default/spamassassin';
if(is_file($configfile)){
copy($configfile, $configfile.'~');
}
$content = rf($configfile);
$content = str_replace('ENABLED=0', 'ENABLED=1', $content);
wf($configfile, $content);
*/
}
public function configure_getmail()
{
global $conf;
$config_dir = $conf['getmail']['config_dir'];
if(!is_dir($config_dir)) exec("mkdir -p ".escapeshellcmd($config_dir));
$command = "useradd -d $config_dir getmail";
if(!is_user('getmail')) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
$command = "chown -R getmail $config_dir";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = "chmod -R 700 $config_dir";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
public function configure_pureftpd()
{
global $conf;
$config_dir = $conf['pureftpd']['config_dir'];
//* configure pam for SMTP authentication agains the ispconfig database
$configfile = 'pureftpd-mysql.conf';
if(is_file("$config_dir/$configfile")){
copy("$config_dir/$configfile", "$config_dir/$configfile~");
}
if(is_file("$config_dir/$configfile~")){
exec("chmod 400 $config_dir/$configfile~");
}
$content = rf('tpl/pureftpd_mysql.conf.master');
$content = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $content);
$content = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $content);
$content = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $content);
$content = str_replace('{server_id}', $conf["server_id"], $content);
wf("$config_dir/$configfile", $content);
exec("chmod 600 $config_dir/$configfile");
exec("chown root:root $config_dir/$configfile");
// copy our customized copy of pureftpd.conf to the pure-ftpd config directory
exec("cp tpl/fedora_pureftpd_conf.master $config_dir/pure-ftpd.conf");
}
public function configure_mydns()
{
global $conf;
// configure mydns
$configfile = 'mydns.conf';
if(is_file($conf["mydns"]["config_dir"].'/'.$configfile)) copy($conf["mydns"]["config_dir"].'/'.$configfile,$conf["mydns"]["config_dir"].'/'.$configfile.'~');
if(is_file($conf["mydns"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["mydns"]["config_dir"].'/'.$configfile.'~');
$content = rf("tpl/".$configfile.".master");
$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
$content = str_replace('{mysql_server_host}',$conf["mysql"]["host"],$content);
$content = str_replace('{server_id}',$conf["server_id"],$content);
wf($conf["mydns"]["config_dir"].'/'.$configfile,$content);
exec('chmod 600 '.$conf["mydns"]["config_dir"].'/'.$configfile);
exec('chown root:root '.$conf["mydns"]["config_dir"].'/'.$configfile);
}
public function configure_bind() {
global $conf;
// add the include line at the end of named.conf.
replaceLine('/etc/named.conf','include "/etc/named.conf.local";','include "/etc/named.conf.local";',0,1);
//* Check if the zonefile directory has a slash at the end
$content=$conf['bind']['bind_zonefiles_dir'];
if(substr($content,-1,1) != '/') {
$content .= '/';
}
//* Create the slave subdirectory
$content .= 'slave';
$content_mkdir = 'mkdir -p '.$content;
exec($content_mkdir);
//* Chown the slave subdirectory to $conf['bind']['bind_user']
exec('chown '.$conf['bind']['bind_user'].':'.$conf['bind']['bind_group'].' '.$content);
exec('chmod 770 '.$content);
public function configure_apache()
{
global $conf;
if($conf['apache']['installed'] == false) return;
if(is_file('/etc/suphp.conf')) {
//replaceLine('/etc/suphp.conf','php=php:/usr/bin','x-httpd-suphp=php:/usr/bin/php-cgi',0);
replaceLine('/etc/suphp.conf','docroot=','docroot=/var/www',0);
replaceLine('/etc/suphp.conf','umask=0077','umask=0022',0);
//* Create the logging directory for the vhost logfiles
exec('mkdir -p /var/log/ispconfig/httpd');
// Sites enabled and avaulable dirs
exec('mkdir -p '.$conf['apache']['vhost_conf_enabled_dir']);
exec('mkdir -p '.$conf['apache']['vhost_conf_dir']);
$content = rf('/etc/httpd/conf/httpd.conf');
if(!stristr($content,'Include /etc/httpd/conf/sites-enabled/')) {
af('/etc/httpd/conf/httpd.conf',"\nNameVirtualHost *:80\nNameVirtualHost *:443\nInclude /etc/httpd/conf/sites-enabled/\n\n");
//* Copy the ISPConfig configuration include
$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
// copy('tpl/apache_ispconfig.conf.master',$vhost_conf_dir.'/ispconfig.conf');
$content = rf('tpl/apache_ispconfig.conf.master');
$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
tbrehm
committed
if(is_array($records) && count($records) > 0) {
foreach($records as $rec) {
if($rec['ip_type'] == 'IPv6') {
$ip_address = '['.$rec['ip_address'].']';
} else {
$ip_address = $rec['ip_address'];
}
$ports = explode(',',$rec['virtualhost_port']);
if(is_array($ports)) {
foreach($ports as $port) {
$port = intval($port);
if($port > 0 && $port < 65536 && $ip_address != '') {
$content .= 'NameVirtualHost '.$ip_address.":".$port."\n";
}
}
}
$content .= "\n";
wf($vhost_conf_dir.'/ispconfig.conf',$content);
if(!@is_link($vhost_conf_enabled_dir."/000-ispconfig.conf")) {
exec("ln -s ".$vhost_conf_dir."/ispconfig.conf ".$vhost_conf_enabled_dir."/000-ispconfig.conf");
}
//* make sure that webalizer finds its config file when it is directly in /etc
if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
exec('mkdir /etc/webalizer');
exec('ln -s /etc/webalizer.conf /etc/webalizer/webalizer.conf');
}
if(is_file('/etc/webalizer/webalizer.conf')) {
// Change webalizer mode to incremental
replaceLine('/etc/webalizer/webalizer.conf','#IncrementalName','IncrementalName webalizer.current',0,0);
replaceLine('/etc/webalizer/webalizer.conf','#Incremental','Incremental yes',0,0);
replaceLine('/etc/webalizer/webalizer.conf','#HistoryName','HistoryName webalizer.hist',0,0);
//* add a sshusers group
$command = 'groupadd sshusers';
if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
public function configure_nginx(){
global $conf;
if($conf['nginx']['installed'] == false) return;
//* Create the logging directory for the vhost logfiles
if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
// Sites enabled and avaulable dirs
exec('mkdir -p '.$conf['nginx']['vhost_conf_enabled_dir']);
exec('mkdir -p '.$conf['nginx']['vhost_conf_dir']);
Falko Timme
committed
wf('/etc/nginx/conf.d/ispconfig_vhosts.conf',"include /etc/nginx/sites-enabled/*.vhost;");
//* make sure that webalizer finds its config file when it is directly in /etc
if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
mkdir('/etc/webalizer');
symlink('/etc/webalizer.conf','/etc/webalizer/webalizer.conf');
}
if(is_file('/etc/webalizer/webalizer.conf')) {
// Change webalizer mode to incremental
replaceLine('/etc/webalizer/webalizer.conf','#IncrementalName','IncrementalName webalizer.current',0,0);
replaceLine('/etc/webalizer/webalizer.conf','#Incremental','Incremental yes',0,0);
replaceLine('/etc/webalizer/webalizer.conf','#HistoryName','HistoryName webalizer.hist',0,0);
}
// Check the awsatst script
if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl','/usr/share/awstats/tools/awstats_buildstaticpages.pl');
if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local','LogFormat=4','LogFormat=1',0,1);
//* add a sshusers group
$command = 'groupadd sshusers';
if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
public function configure_firewall()
{
global $conf;
$dist_init_scripts = $conf['init_scripts'];
if(is_dir("/etc/Bastille.backup")) caselog("rm -rf /etc/Bastille.backup", __FILE__, __LINE__);
if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__);
@mkdir("/etc/Bastille", octdec($directory_mode));
if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__);
caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
$content = rf("/etc/Bastille/bastille-firewall.cfg");
$content = str_replace("{DNS_SERVERS}", "", $content);
$tcp_public_services = '';
$udp_public_services = '';
tbrehm
committed
$row = $this->db->queryOneRecord('SELECT * FROM '.$conf["mysql"]["database"].'.firewall WHERE server_id = '.intval($conf['server_id']));
if(trim($row["tcp_port"]) != '' || trim($row["udp_port"]) != ''){
$tcp_public_services = trim(str_replace(',',' ',$row["tcp_port"]));
$udp_public_services = trim(str_replace(',',' ',$row["udp_port"]));
} else {
$tcp_public_services = '21 22 25 53 80 110 443 3306 8080 10000';
if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) {
$tcp_public_services .= ' '.intval($conf['apache']['vhost_port']);
if($row["tcp_port"] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id']));
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
$content = str_replace("{TCP_PUBLIC_SERVICES}", $tcp_public_services, $content);
$content = str_replace("{UDP_PUBLIC_SERVICES}", $udp_public_services, $content);
wf("/etc/Bastille/bastille-firewall.cfg", $content);
if(is_file($dist_init_scripts."/bastille-firewall")) caselog("mv -f $dist_init_scripts/bastille-firewall $dist_init_scripts/bastille-firewall.backup", __FILE__, __LINE__);
caselog("cp -f apps/bastille-firewall $dist_init_scripts", __FILE__, __LINE__);
caselog("chmod 700 $dist_init_scripts/bastille-firewall", __FILE__, __LINE__);
if(is_file("/sbin/bastille-ipchains")) caselog("mv -f /sbin/bastille-ipchains /sbin/bastille-ipchains.backup", __FILE__, __LINE__);
caselog("cp -f apps/bastille-ipchains /sbin", __FILE__, __LINE__);
caselog("chmod 700 /sbin/bastille-ipchains", __FILE__, __LINE__);
if(is_file("/sbin/bastille-netfilter")) caselog("mv -f /sbin/bastille-netfilter /sbin/bastille-netfilter.backup", __FILE__, __LINE__);
caselog("cp -f apps/bastille-netfilter /sbin", __FILE__, __LINE__);
caselog("chmod 700 /sbin/bastille-netfilter", __FILE__, __LINE__);
if(!@is_dir('/var/lock/subsys')) caselog("mkdir /var/lock/subsys", __FILE__, __LINE__);
exec("which ipchains &> /dev/null", $ipchains_location, $ret_val);
if(!is_file("/sbin/ipchains") && !is_link("/sbin/ipchains") && $ret_val == 0) phpcaselog(@symlink(shell_exec("which ipchains"), "/sbin/ipchains"), 'create symlink', __FILE__, __LINE__);
unset($ipchains_location);
exec("which iptables &> /dev/null", $iptables_location, $ret_val);
if(!is_file("/sbin/iptables") && !is_link("/sbin/iptables") && $ret_val == 0) phpcaselog(@symlink(trim(shell_exec("which iptables")), "/sbin/iptables"), 'create symlink', __FILE__, __LINE__);
unset($iptables_location);
}
public function install_ispconfig()
{
global $conf;
$install_dir = $conf['ispconfig_install_dir'];
//* Create the ISPConfig installation directory
if(!@is_dir("$install_dir")) {
$command = "mkdir $install_dir";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
//* Create a ISPConfig user and group
$command = 'groupadd ispconfig';
if(!is_group('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = "useradd -g ispconfig -d $install_dir ispconfig";
if(!is_user('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* copy the ISPConfig interface part
$command = "cp -rf ../interface $install_dir";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* copy the ISPConfig server part
$command = "cp -rf ../server $install_dir";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Create a symlink, so ISPConfig is accessible via web
// Replaced by a separate vhost definition for port 8080
// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Create the config file for ISPConfig interface
$configfile = 'config.inc.php';
if(is_file($install_dir.'/interface/lib/'.$configfile)){
copy("$install_dir/interface/lib/$configfile", "$install_dir/interface/lib/$configfile~");
}
$content = rf("tpl/$configfile.master");
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
tbrehm
committed
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
tbrehm
committed
wf("$install_dir/interface/lib/$configfile", $content);
//* Create the config file for ISPConfig server
$configfile = 'config.inc.php';
if(is_file($install_dir.'/server/lib/'.$configfile)){
copy("$install_dir/server/lib/$configfile", "$install_dir/interface/lib/$configfile~");
}
$content = rf("tpl/$configfile.master");
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
wf("$install_dir/server/lib/$configfile", $content);
tbrehm
committed
//* Create the config file for remote-actions (but only, if it does not exist, because
// the value is a autoinc-value and so changed by the remoteaction_core_module
if (!file_exists($install_dir.'/server/lib/remote_action.inc.php')) {
$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
wf($install_dir.'/server/lib/remote_action.inc.php', $content);
}
//* Enable the server modules and plugins.
// TODO: Implement a selector which modules and plugins shall be enabled.
$dir = $install_dir.'/server/mods-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if($file != '.' && $file != '..' && substr($file,-8,8) == '.inc.php') {
include_once($install_dir.'/server/mods-available/'.$file);
$module_name = substr($file,0,-8);
$tmp = new $module_name;
if($tmp->onInstall()) {
if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
if (strpos($file, '_core_module') !== false) {
if(!@is_link($install_dir.'/server/mods-core/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
}
unset($tmp);
}
}
closedir($dh);
}
}
$dir = $install_dir.'/server/plugins-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') continue;
if($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') continue;
if($file != '.' && $file != '..' && substr($file,-8,8) == '.inc.php') {
include_once($install_dir.'/server/plugins-available/'.$file);
$plugin_name = substr($file,0,-8);
$tmp = new $plugin_name;
if($tmp->onInstall()) {
if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
if (strpos($file, '_core_plugin') !== false) {
if(!@is_link($install_dir.'/server/plugins-core/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
}
unset($tmp);
// Update the server config
$mail_server_enabled = ($conf['services']['mail'])?1:0;
$web_server_enabled = ($conf['services']['web'])?1:0;
$dns_server_enabled = ($conf['services']['dns'])?1:0;
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled' WHERE server_id = ".intval($conf['server_id']);
if($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql);
$this->db->query($sql);
} else {
$this->db->query($sql);
}
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
//* Chmod the files
$command = "chmod -R 750 $install_dir";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* chown the files to the ispconfig user and group
$command = "chown -R ispconfig:ispconfig $install_dir";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Make the global language file directory group writable
exec("chmod -R 770 $install_dir/interface/lib/lang");
//* Make the temp directory for language file exports writable
exec("chmod -R 770 $install_dir/interface/web/temp");
//* Make all interface language file directories group writable
$handle = @opendir($install_dir.'/interface/web');
while ($file = @readdir ($handle)) {
if ($file != '.' && $file != '..') {
if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) {
$handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang');
chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang',0770);
while ($lang_file = @readdir ($handle2)) {
if ($lang_file != '.' && $lang_file != '..') {
chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file,0770);
}
}
}
}
}
//* Make the APS directories group writable
exec("chmod -R 770 $install_dir/interface/web/sites/aps_meta_packages");
exec("chmod -R 770 $install_dir/server/aps_packages");
//* make sure that the server config file (not the interface one) is only readable by the root user
chmod($install_dir.'/server/lib/config.inc.php', 0600);
chown($install_dir.'/server/lib/config.inc.php', 'root');
chgrp($install_dir.'/server/lib/config.inc.php', 'root');
//* Make sure thet the interface config file is readable by user ispconfig only
chmod($install_dir.'/interface/lib/config.inc.php', 0600);
chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) {
exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");
}
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
Falko Timme
committed
if($conf['apache']['installed'] == true){
$command = 'usermod -a -G ispconfig '.$conf['apache']['user'];
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
if(is_group('ispapps')){
$command = 'usermod -a -G ispapps '.$conf['apache']['user'];
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
Falko Timme
committed
}
if($conf['nginx']['installed'] == true){
$command = 'usermod -a -G ispconfig '.$conf['nginx']['user'];
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
// Allow the ispapps vhost access to /etc/squirrelmail
//$command = 'usermod -a -G '.$conf['apache']['group'].' ispapps';
//caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//}
if(is_group('ispapps')){
$command = 'usermod -a -G ispapps '.$conf['nginx']['user'];