function check_writable_relative($dir)
{
$uid = posix_getuid();
$gid = posix_getgid();
$user_info = posix_getpwuid($uid);
$user = $user_info['name'];
$group_info = posix_getgrgid($gid);
$group = $group_info['name'];
$fix_cmd = '. ' . _("To fix that, execute following commands as root") . ':<br><br>' . "cd " . getcwd() . "<br>" . "mkdir -p {$dir}<br>" . "chown {$user}:{$group} {$dir}<br>" . "chmod 0700 {$dir}";
if (!is_dir($dir)) {
$config_nt = array('content' => _("Required directory " . getcwd() . "{$dir} does not exist") . $fix_cmd, 'options' => array('type' => 'nf_warning', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
exit;
}
if (!($stat = stat($dir))) {
$config_nt = array('content' => _("Could not stat configs dir") . $fix_cmd, 'options' => array('type' => 'nf_warning', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
exit;
}
// 2 -> file perms (must be 0700)
// 4 -> uid (must be the apache uid)
// 5 -> gid (must be the apache gid)
if ($stat[2] != 16832 || $stat[4] !== $uid || $stat[5] !== $gid) {
$config_nt = array('content' => _("Invalid perms for configs dir") . $fix_cmd, 'options' => array('type' => 'nf_warning', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
exit;
}
}
private function _getCurrentGroup()
{
if (function_exists('posix_getgid')) {
return posix_getgid();
}
return '';
}
function doRepositoryTest($repo)
{
if ($repo->accessType != "ssh") {
return -1;
}
$basePath = "../../../plugins/access.ssh/";
// Check file exists
if (!file_exists($basePath . "class.sshAccessDriver.php") || !file_exists($basePath . "class.SSHOperations.php") || !file_exists($basePath . "manifest.xml") || !file_exists($basePath . "showPass.php") || !file_exists($basePath . "sshActions.xml")) {
$this->failedInfo .= "Missing at least one of the plugin files (class.sshDriver.php, class.SSHOperations.php, manifest.xml, showPass.php, sshActions.xml).\nPlease reinstall from lastest release.";
return FALSE;
}
// Check if showPass is executable from ssh
$stat = stat($basePath . "showPass.php");
$mode = $stat['mode'] & 0x7fff;
// We don't care about the type
if (!is_executable($basePath . 'showPass.php') && ($mode & 0x40 && $stat['uid'] == posix_getuid()) && ($mode & 0x8 && $stat['gid'] == posix_getgid()) && $mode & 0x1) {
chmod($basePath . 'showPass.php', 0555);
if (!is_executable($basePath . 'showPass.php')) {
$this->failedInfo .= "showPass.php must be executable. Please log in on your server and set showPass.php as executable (chmod u+x showPass.php).";
return FALSE;
}
}
// Check if ssh is accessible
$handle = popen("ssh 2>&1", "r");
$usage = fread($handle, 30);
pclose($handle);
if (strpos($usage, "usage") === FALSE) {
$this->failedInfo .= "Couldn't find or execute 'ssh' on your system. Please install latest SSH client.";
return FALSE;
}
return TRUE;
}
public function setUp()
{
$this->uid = function_exists('posix_getuid') ? posix_getuid() : 0;
$this->gid = function_exists('posix_getgid') ? posix_getgid() : 0;
@$na['n/a'];
//putting error in known state
}
function fingerprint($params = array())
{
$profile = array('os' => PHP_OS, 'system_name' => php_uname('s'), 'system_release' => php_uname('r'), 'system_version' => php_uname('v'), 'machine_type' => php_uname('m'), 'host_name' => php_uname('n'), 'php_server_api' => php_sapi_name(), 'php_version' => phpversion(), 'uid' => posix_getuid(), 'gid' => posix_getgid(), 'cwd' => getcwd(), 'disk_free_space' => disk_free_space('/'), 'disk_total_space' => disk_total_space('/'));
switch ($profile['php_server_api']) {
case 'apache':
$profile['apache_version'] = apache_get_version();
break;
}
return $profile;
}
protected function getOption($name, $user = "", $pass = "")
{
$opt = $this->options[$name];
$opt = str_replace("AJXP_USER", $user, $opt);
$opt = str_replace("AJXP_PASS", "'{$pass}'", $opt);
$opt = str_replace("AJXP_SERVER_UID", posix_getuid(), $opt);
$opt = str_replace("AJXP_SERVER_GID", posix_getgid(), $opt);
if (stristr($opt, "AJXP_REPOSITORY_PATH") !== false) {
$repo = ConfService::getRepository();
$path = $repo->getOption("PATH");
$opt = str_replace("AJXP_REPOSITORY_PATH", $path, $opt);
}
return $opt;
}
function start($argv)
{
$appName = $this->appName;
if (file_exists($this->command_file())) {
unlink($this->command_file());
}
if (array_search("--background", $argv)) {
System_Daemon::setOption("appName", $appName);
System_Daemon::setOption("appRunAsUID", posix_getuid());
System_Daemon::setOption("appRunAsGID", posix_getgid());
System_Daemon::setOption("logLocation", getenv('WSETCDIR') . "/logs/{$appName}");
System_Daemon::setOption("appPidLocation", getenv('WSETCDIR') . "/pushd/{$appName}/{$appName}.pid");
System_Daemon::setOption('logPhpErrors', true);
System_Daemon::setOption('logFilePosition', true);
System_Daemon::setOption('logLinePosition', true);
System_Daemon::start();
}
}
/**
* Handle an event.
*
* @param \League\Event\EventInterface $event The triggering event
*
* @return void
* @see \League\Event\ListenerInterface::handle()
*/
public function handle(EventInterface $event)
{
try {
// load the application server instance
/** @var \AppserverIo\Appserver\Core\Interfaces\ApplicationServerInterface $applicationServer */
$applicationServer = $this->getApplicationServer();
// write a log message that the event has been invoked
$applicationServer->getSystemLogger()->info($event->getName());
// don't do anything under Windows
if (FileSystem::getOsIdentifier() === 'WIN') {
$applicationServer->getSystemLogger()->info('Don\'t switch UID to \'%s\' because OS is Windows');
return;
}
// initialize the variable for user/group
$uid = 0;
$gid = 0;
// throw an exception if the POSIX extension is not available
if (extension_loaded('posix') === false) {
throw new \Exception('Can\'t switch user, because POSIX extension is not available');
}
// print a message with the old UID/EUID
$applicationServer->getSystemLogger()->info("Running as " . posix_getuid() . "/" . posix_geteuid());
// extract the user and group name as variables
extract(posix_getgrnam($applicationServer->getSystemConfiguration()->getGroup()));
extract(posix_getpwnam($applicationServer->getSystemConfiguration()->getUser()));
// switch the effective GID to the passed group
if (posix_setegid($gid) === false) {
$applicationServer->getSystemLogger()->error(sprintf('Can\'t switch GID to \'%s\'', $gid));
}
// print a message with the new GID/EGID
$applicationServer->getSystemLogger()->info("Running as group" . posix_getgid() . "/" . posix_getegid());
// switch the effective UID to the passed user
if (posix_seteuid($uid) === false) {
$applicationServer->getSystemLogger()->error(sprintf('Can\'t switch UID to \'%s\'', $uid));
}
// print a message with the new UID/EUID
$applicationServer->getSystemLogger()->info("Running as user " . posix_getuid() . "/" . posix_geteuid());
} catch (\Exception $e) {
$applicationServer->getSystemLogger()->error($e->__toString());
}
}
function check_writable_relative($dir)
{
$uid = posix_getuid();
$gid = posix_getgid();
$user_info = posix_getpwuid($uid);
$user = $user_info['name'];
$group_info = posix_getgrgid($gid);
$group = $group_info['name'];
$fix_cmd = '. ' . _("To fix that, execute following commands as root") . ':<br><br>' . "cd " . getcwd() . "<br>" . "mkdir -p {$dir}<br>" . "chown {$user}:{$group} {$dir}<br>" . "chmod 0700 {$dir}";
if (!is_dir($dir)) {
die(_("Required directory " . getcwd() . "{$dir} does not exist") . $fix_cmd);
}
$fix_cmd .= $fix_extra;
if (!($stat = stat($dir))) {
die(_("Could not stat configs dir") . $fix_cmd);
}
// 2 -> file perms (must be 0700)
// 4 -> uid (must be the apache uid)
// 5 -> gid (must be the apache gid)
if ($stat[2] != 16832 || $stat[4] !== $uid || $stat[5] !== $gid) {
die(_("Invalid perms for configs dir") . $fix_cmd);
}
}
/**
* Method to change the identity of the daemon process and resources.
*
* @return boolean True if identity successfully changed
*
* @since 11.1
* @see posix_setuid()
*/
protected function changeIdentity()
{
// Get the group and user ids to set for the daemon.
$uid = (int) $this->config->get('application_uid', 0);
$gid = (int) $this->config->get('application_gid', 0);
// Get the application process id file path.
$file = $this->config->get('application_pid_file');
// Change the user id for the process id file if necessary.
if ($uid && fileowner($file) != $uid && !@chown($file, $uid)) {
JLog::add('Unable to change user ownership of the process id file.', JLog::ERROR);
return false;
}
// Change the group id for the process id file if necessary.
if ($gid && filegroup($file) != $gid && !@chgrp($file, $gid)) {
JLog::add('Unable to change group ownership of the process id file.', JLog::ERROR);
return false;
}
// Set the correct home directory for the process.
if ($uid && ($info = posix_getpwuid($uid)) && is_dir($info['dir'])) {
system('export HOME="' . $info['dir'] . '"');
}
// Change the user id for the process necessary.
if ($uid && posix_getuid($file) != $uid && !@posix_setuid($uid)) {
JLog::add('Unable to change user ownership of the proccess.', JLog::ERROR);
return false;
}
// Change the group id for the process necessary.
if ($gid && posix_getgid($file) != $gid && !@posix_setgid($gid)) {
JLog::add('Unable to change group ownership of the proccess.', JLog::ERROR);
return false;
}
// Get the user and group information based on uid and gid.
$user = posix_getpwuid($uid);
$group = posix_getgrgid($gid);
JLog::add('Changed daemon identity to ' . $user['name'] . ':' . $group['name'], JLog::INFO);
return true;
}
/**
* Dataprovider for getFilePermissionsReturnsCorrectPermissionsForFilesNotOwnedByCurrentUser test
*
* @return array group, filemode and expected result
*/
public function getFilePermissionsReturnsCorrectPermissionsForFilesNotOwnedByCurrentUser_dataProvider()
{
$data = array();
// On some OS, the posix_* functions do not exits
if (function_exists('posix_getgid')) {
$data = array('current group, readable/writable' => array(posix_getgid(), 48, array('r' => TRUE, 'w' => TRUE)), 'current group, readable/not writable' => array(posix_getgid(), 32, array('r' => TRUE, 'w' => FALSE)), 'current group, not readable/not writable' => array(posix_getgid(), 0, array('r' => FALSE, 'w' => FALSE)));
}
$data = array_merge_recursive($data, array('arbitrary group, readable/writable' => array(vfsStream::GROUP_USER_1, 6, array('r' => TRUE, 'w' => TRUE)), 'arbitrary group, readable/not writable' => array(vfsStream::GROUP_USER_1, 436, array('r' => TRUE, 'w' => FALSE)), 'arbitrary group, not readable/not writable' => array(vfsStream::GROUP_USER_1, 432, array('r' => FALSE, 'w' => FALSE))));
return $data;
}
public function getGid()
{
if (null === $this->_gid) {
if (function_exists('posix_getgid')) {
$this->_gid = posix_getgid();
} else {
// Find another way to do it?
$this->_gid = false;
}
}
return $this->_gid;
}
<?php echo "Basic test of POSIX getgid and getgrid fucntions\n"; $gid = posix_getgid(); $groupinfo = posix_getgrgid($gid); print_r($groupinfo); ?> ===DONE===
<?php
if (!$cfg->error) {
?>
<form action="step1.php">
<input type="submit" value="Go to step one: Pre flight check" />
</form>
<?php
} else {
if (!$cfg->cacheCheck) {
?>
<div class="error">
The template compile dir must be writable.<br />A quick solution is to run: <br />
<?php
echo 'chmod 777 ' . SMARTY_DIR . 'templates_c';
if (extension_loaded('posix') && strtolower(substr(PHP_OS, 0, 3)) !== 'win') {
$group = posix_getgrgid(posix_getgid());
echo '<br /><br />Another solution is to run:<br />chown -R YourUnixUserName:'******'name'] . ' ' . nZEDb_ROOT . '<br />Then give your user access to the group:<br />usermod -a -G ' . $group['name'] . ' YourUnixUserName' . '<br />Finally give read/write access to your user/group:<br />chmod -R 774 ' . nZEDb_ROOT;
}
?>
</div>
<?php
} else {
?>
<div class="error">Installation Locked! If reinstalling, please remove www/install/install.lock.</div>
<?php
}
}
?>
</div>
<div class="footer">
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
***********************************************************/
/**
* @file migratetest.php
* @brief Test migration function
*
* @return 0 for success, 1 for failure.
**/
/* User must be in group fossy! */
$GID = posix_getgrnam("fossy");
posix_setgid($GID['gid']);
$Group = `groups`;
if (!preg_match("/\\sfossy\\s/", $Group) && posix_getgid() != $GID['gid']) {
print "FATAL: You must be in group 'fossy' to update the FOSSology database.\n";
exit(1);
}
/* Initialize the program configuration variables */
$SysConf = array();
// fo system configuration variables
$PG_CONN = 0;
// Database connection
$Plugins = array();
/* defaults */
$Verbose = false;
$DatabaseName = "fossology";
$UpdateLiceneseRef = false;
$sysconfdir = '/usr/local/etc/fossology';
/* Set SYSCONFDIR and set global (for backward compatibility) */
echo " <table width=100% height=100% border=0 cellpadding=10 cellspacing=1>\n";
echo " <tr class=right_main_text>\n";
echo " <td valign=top>\n";
if ($disable_sysedit == "yes") {
echo " <table width=100% border=0 cellpadding=0 cellspacing=0>\n";
echo " <tr><td height=25 class=table_rows_red>This page has been <b>disabled</b> within config.inc.php.</td></tr>";
echo " </table></td></tr>\n";
include '../footer.php';
exit;
}
if (!is_writable($filename)) {
if (PHP_OS != 'WIN32') {
$user = posix_getpwuid(fileowner($filename));
$group = posix_getgrgid(filegroup($filename));
$process_user = posix_getpwuid(posix_getuid());
$process_group = posix_getgrgid(posix_getgid());
echo " <table width=100% border=0 cellpadding=0 cellspacing=0>\n";
echo " <tr><td height=25 class=table_rows_red>The PHP Timeclock config file, config.inc.php, <b><i>is not writable</i></b> by your webserver\n user: ";
echo "<b>";
echo $process_user['name'];
echo "</b>.<b>";
echo $process_group['name'];
echo "</b> (user.group).</td></tr>\n";
echo " <tr><td height=25 class=table_rows_red>To edit the System Settings within PHP Timeclock, either change the permissions\n on config.inc.php for this user, or assign this file to another owner, preferably your webserver user.</td></tr>\n";
echo " <tr><td height=25 class=table_rows_red> Current owner of config.inc.php is <b>";
echo $user["name"];
echo "</b>.<b>";
echo $group["name"];
echo "</b> (user.group).</td></tr>\n";
echo " </table></td></tr>\n";
include '../footer.php';
/**
* Change identity of process & resources if needed.
*
* @param integer $gid Group identifier (number)
* @param integer $uid User identifier (number)
*
* @return boolean
*/
protected function _changeIdentity($gid = 0, $uid = 0)
{
// What files need to be chowned?
$chownFiles = array();
if ($this->_isValidPidLocation($this->opt('appPidLocation'), true)) {
$chownFiles[] = dirname($this->opt('appPidLocation'));
}
$chownFiles[] = $this->opt('appPidLocation');
if (!is_object($this->opt('usePEARLogInstance'))) {
$chownFiles[] = $this->opt('logLocation');
}
// Chown pid- & log file
// We have to change owner in case of identity change.
// This way we can modify the files even after we're not root anymore
foreach ($chownFiles as $filePath) {
// Change File GID
$doGid = filegroup($filePath) != $gid ? $gid : false;
if (false !== $doGid && !@chgrp($filePath, intval($gid))) {
return $this->err('Unable to change group of file %s to %s', $filePath, $gid);
}
// Change File UID
$doUid = fileowner($filePath) != $uid ? $uid : false;
if (false !== $doUid && !@chown($filePath, intval($uid))) {
return $this->err('Unable to change user of file %s to %s', $filePath, $uid);
}
// Export correct homedir
if (($info = posix_getpwuid($uid)) && is_dir($info['dir'])) {
system('export HOME="' . $info['dir'] . '"');
}
}
// Change Process GID
$doGid = posix_getgid() !== $gid ? $gid : false;
if (false !== $doGid && !@posix_setgid($gid)) {
return $this->err('Unable to change group of process to %s', $gid);
}
// Change Process UID
$doUid = posix_getuid() !== $uid ? $uid : false;
if (false !== $doUid && !@posix_setuid($uid)) {
return $this->err('Unable to change user of process to %s', $uid);
}
$group = posix_getgrgid($gid);
$user = posix_getpwuid($uid);
return $this->info('Changed identify to %s:%s', $group['name'], $user['name']);
}
/**
* checks if the new-version has some updating to do
*
* @param boolean $has_preconfig pointer to check if any preconfig has to be output
* @param string $return pointer to output string
* @param string $current_version current froxlor version
*
* @return null
*/
function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
{
global $lng;
if (versionInUpdate($current_version, '0.9.4-svn2')) {
$has_preconfig = true;
$description = 'Froxlor now enables the usage of a domain-wildcard entry and subdomains for this domain at the same time (subdomains are parsed before the main-domain vhost container).';
$description .= 'This makes it possible to catch all non-existing subdomains with the main vhost but also have the ability to use subdomains for that domain.<br />';
$description .= 'If you would like Froxlor to do so with your domains, the update script can set the correct values for existing domains for you. Note: future domains will have wildcard-entries enabled by default no matter how you decide here.';
$question = '<strong>Do you want to use wildcard-entries for existing domains?:</strong> ';
$question .= makeyesno('update_domainwildcardentry', '1', '0', '1');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.6-svn2')) {
if (!PHPMailer::ValidateAddress(Settings::Get('panel.adminmail'))) {
$has_preconfig = true;
$description = 'Froxlor uses a newer version of the phpMailerClass and determined that your current admin-mail address is invalid.';
$question = '<strong>Please specify a new admin-email address:</strong> <input type="text" class="text" name="update_adminmail" value="' . Settings::Get('panel.adminmail') . '" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.6-svn3')) {
$has_preconfig = true;
$description = 'You now have the possibility to define default error-documents for your webserver which replace the default webserver error-messages.';
$question = '<strong>Do you want to enable default error-documents?:</strong> ';
$question .= makeyesno('update_deferr_enable', '1', '0', '0') . '<br /><br />';
if (Settings::Get('system.webserver') == 'apache2') {
$question .= 'Path/URL for error 500: <input type="text" class="text" name="update_deferr_500" /><br /><br />';
$question .= 'Path/URL for error 401: <input type="text" class="text" name="update_deferr_401" /><br /><br />';
$question .= 'Path/URL for error 403: <input type="text" class="text" name="update_deferr_403" /><br /><br />';
}
$question .= 'Path/URL for error 404: <input type="text" class="text" name="update_deferr_404" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.6-svn4')) {
$has_preconfig = true;
$description = 'You can define a default support-ticket priority level which is pre-selected for new support-tickets.';
$question = '<strong>Which should be the default ticket-priority?:</strong> ';
$question .= '<select name="update_deftic_priority">';
$priorities = makeoption($lng['ticket']['high'], '1', '2');
$priorities .= makeoption($lng['ticket']['normal'], '2', '2');
$priorities .= makeoption($lng['ticket']['low'], '3', '2');
$question .= $priorities . '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.6-svn5')) {
$has_preconfig = true;
$description = 'If you have more than one PHP configurations defined in Froxlor you can now set a default one which will be used for every domain.';
$question = '<strong>Select default PHP configuration:</strong> ';
$question .= '<select name="update_defsys_phpconfig">';
$configs_array = getPhpConfigs();
$configs = '';
foreach ($configs_array as $idx => $desc) {
$configs .= makeoption($desc, $idx, '1');
}
$question .= $configs . '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.6-svn6')) {
$has_preconfig = true;
$description = 'For the new FTP-quota feature, you can now chose the currently used ftpd-software.';
$question = '<strong>Used FTPd-software:</strong> ';
$question .= '<select name="update_defsys_ftpserver">';
$question .= makeoption('ProFTPd', 'proftpd', 'proftpd');
$question .= makeoption('PureFTPd', 'pureftpd', 'proftpd');
$question .= '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.7-svn1')) {
$has_preconfig = true;
$description = 'You can now choose whether customers can select the http-redirect code and which of them acts as default.';
$question = '<strong>Allow customer chosen redirects?:</strong> ';
$question .= makeyesno('update_customredirect_enable', '1', '0', '1') . '<br /><br />';
$question .= '<strong>Select default redirect code (default: empty):</strong> ';
$question .= '<select name="update_customredirect_default">';
$redirects = makeoption('--- (' . $lng['redirect_desc']['rc_default'] . ')', 1, '1');
$redirects .= makeoption('301 (' . $lng['redirect_desc']['rc_movedperm'] . ')', 2, '1');
$redirects .= makeoption('302 (' . $lng['redirect_desc']['rc_found'] . ')', 3, '1');
$redirects .= makeoption('303 (' . $lng['redirect_desc']['rc_seeother'] . ')', 4, '1');
$redirects .= makeoption('307 (' . $lng['redirect_desc']['rc_tempred'] . ')', 5, '1');
$question .= $redirects . '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.7-svn2')) {
$result = Database::query("SELECT `domain` FROM " . TABLE_PANEL_DOMAINS . " WHERE `documentroot` LIKE '%:%' AND `documentroot` NOT LIKE 'http://%' AND `openbasedir_path` = '0' AND `openbasedir` = '1'");
$wrongOpenBasedirDomain = array();
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$wrongOpenBasedirDomain[] = $row['domain'];
}
if (count($wrongOpenBasedirDomain) > 0) {
$has_preconfig = true;
$description = 'Resetting the open_basedir to customer - root';
$question = '<strong>Due to a security - issue regarding open_basedir, Froxlor will set the open_basedir for the following domains to the customers root instead of the chosen documentroot:</strong><br /> ';
$question .= '<ul>';
$idna_convert = new idna_convert_wrapper();
foreach ($wrongOpenBasedirDomain as $domain) {
$question .= '<li>' . $idna_convert->decode($domain) . '</li>';
}
$question .= '</ul>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.9-svn1')) {
$has_preconfig = true;
$description = 'When entering MX servers to Froxlor there was no mail-, imap-, pop3- and smtp-"A record" created. You can now chose whether this should be done or not.';
$question = '<strong>Do you want these A-records to be created even with MX servers given?:</strong> ';
$question .= makeyesno('update_defdns_mailentry', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.10-svn1')) {
$has_nouser = false;
$has_nogroup = false;
$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'httpuser'");
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if (!isset($result) || !isset($result['value'])) {
$has_preconfig = true;
$has_nouser = true;
$guessed_user = '******';
if (function_exists('posix_getuid') && function_exists('posix_getpwuid')) {
$_httpuser = posix_getpwuid(posix_getuid());
$guessed_user = $_httpuser['name'];
}
}
$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'httpgroup'");
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if (!isset($result) || !isset($result['value'])) {
$has_preconfig = true;
$has_nogroup = true;
$guessed_group = 'www-data';
if (function_exists('posix_getgid') && function_exists('posix_getgrgid')) {
$_httpgroup = posix_getgrgid(posix_getgid());
$guessed_group = $_httpgroup['name'];
}
}
if ($has_nouser || $has_nogroup) {
$description = 'Please enter the correct username/groupname of the webserver on your system We\'re guessing the user but it might not be correct, so please check.';
if ($has_nouser) {
$question = '<strong>Please enter the webservers username:</strong> <input type="text" class="text" name="update_httpuser" value="' . $guessed_user . '" />';
} elseif ($has_nogroup) {
$question2 = '<strong>Please enter the webservers groupname:</strong> <input type="text" class="text" name="update_httpgroup" value="' . $guessed_group . '" />';
if ($has_nouser) {
$question .= '<br /><br />' . $question2;
} else {
$question = $question2;
}
}
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.10')) {
$has_preconfig = true;
$description = 'you can now decide whether Froxlor should be reached via hostname/froxlor or directly via the hostname.';
$question = '<strong>Do you want Froxlor to be reached directly via the hostname?:</strong> ';
$question .= makeyesno('update_directlyviahostname', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.11-svn1')) {
$has_preconfig = true;
$description = 'It is possible to enhance security with setting a regular expression to force your customers to enter more complex passwords.';
$question = '<strong>Enter a regular expression to force a higher password complexity (leave empty for none):</strong> ';
$question .= '<input type="text" class="text" name="update_pwdregex" value="" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.11-svn3')) {
$has_preconfig = true;
$description = 'As Froxlor can now handle perl, you have to specify where the perl executable is (only if you\'re running lighttpd, else just leave empty).';
$question = '<strong>Path to perl (default \'/usr/bin/perl\'):</strong> ';
$question .= '<input type="text" class="text" name="update_perlpath" value="/usr/bin/perl" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.12-svn1')) {
if (Settings::Get('system.mod_fcgid') == 1) {
$has_preconfig = true;
$description = 'You can chose whether you want Froxlor to use FCGID itself too now.';
$question = '<strong>Use FCGID for the Froxlor Panel?:</strong> ';
$question .= makeyesno('update_fcgid_ownvhost', '1', '0', '0') . '<br /><br />';
$question .= '<strong>If \'yes\', please specify local user/group (have to exist, Froxlor does not add them automatically):</strong><br /><br />';
$question .= 'Local user: ';
$question .= '<input type="text" class="text" name="update_fcgid_httpuser" value="froxlorlocal" /><br /><br />';
$question .= 'Local group: ';
$question .= '<input type="text" class="text" name="update_fcgid_httpgroup" value="froxlorlocal" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.12-svn2')) {
$has_preconfig = true;
$description = 'Many apache user will have problems using perl/CGI as the customer docroots are not within the suexec path. Froxlor provides a simple workaround for that.';
$question = '<strong>Enable Apache/SuExec/Perl workaround?:</strong> ';
$question .= makeyesno('update_perl_suexecworkaround', '1', '0', '0') . '<br /><br />';
$question .= '<strong>If \'yes\', please specify a path within the suexec path where Froxlor will create symlinks to customer perl-enabled paths:</strong><br /><br />';
$question .= 'Path for symlinks (must be within suexec path): ';
$question .= '<input type="text" class="text" name="update_perl_suexecpath" value="/var/www/cgi-bin/" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.12-svn4')) {
if ((int) Settings::Get('system.awstats_enabled') == 1) {
$has_preconfig = true;
$description = 'Due to different paths of awstats_buildstaticpages.pl and awstats.pl you can set a different path for awstats.pl now.';
$question = '<strong>Path to \'awstats.pl\'?:</strong> ';
$question .= '<input type="text" class="text" name="update_awstats_awstatspath" value="' . Settings::Get('system.awstats_path') . '" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.13-svn1')) {
if ((int) Settings::Get('autoresponder.autoresponder_active') == 1) {
$has_preconfig = true;
$description = 'Froxlor can now limit the number of autoresponder-entries for each user. Here you can set the value which will be available for each customer (Of course you can change the value for each customer separately after the update).';
$question = '<strong>How many autoresponders should your customers be able to add?:</strong> ';
$question .= '<input type="text" class="text" name="update_autoresponder_default" value="0" /> ' . makecheckbox('update_autoresponder_default', $lng['customer']['unlimited'], '-1', false, 0, true, true) . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.13.1')) {
if ((int) Settings::Get('system.mod_fcgid_ownvhost') == 1) {
$has_preconfig = true;
$description = 'You have FCGID for Froxlor itself activated. You can now specify a PHP-configuration for this.';
$question = '<strong>Select Froxlor-vhost PHP configuration:</strong> ';
$question .= '<select name="update_defaultini_ownvhost">';
$configs_array = getPhpConfigs();
$configs = '';
foreach ($configs_array as $idx => $desc) {
$configs .= makeoption($desc, $idx, '1');
}
$question .= $configs . '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.14-svn3')) {
if ((int) Settings::Get('system.awstats_enabled') == 1) {
$has_preconfig = true;
$description = 'To have icons in AWStats statistic-pages please enter the path to AWStats icons folder.';
$question = '<strong>Path to AWSTats icons folder:</strong> ';
$question .= '<input type="text" class="text" name="update_awstats_icons" value="' . Settings::Get('system.awstats_icons') . '" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.14-svn4')) {
if ((int) Settings::Get('system.use_ssl') == 1) {
$has_preconfig = true;
$description = 'Froxlor now has the possibility to set \'SSLCertificateChainFile\' for the apache webserver.';
$question = '<strong>Enter filename (leave empty for none):</strong> ';
$question .= '<input type="text" class="text" name="update_ssl_cert_chainfile" value="' . Settings::Get('system.ssl_cert_chainfile') . '" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.14-svn6')) {
$has_preconfig = true;
$description = 'You can now allow customers to use any of their domains as username for the login.';
$question = '<strong>Do you want to enable domain-login for all customers?:</strong> ';
$question .= makeyesno('update_allow_domain_login', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.14-svn10')) {
$has_preconfig = true;
$description = '<strong>This update removes the unsupported real-time option. Additionally the deprecated tables for navigation and cronscripts are removed, any modules using these tables need to be updated to the new structure!</strong>';
$question = '';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.16-svn1')) {
$has_preconfig = true;
$description = 'Froxlor now features support for php-fpm.';
$question = '<strong>Do you want to enable php-fpm?:</strong> ';
$question .= makeyesno('update_phpfpm_enabled', '1', '0', '0') . '<br /><br />';
$question .= 'If \'yes\', please specify the configuration directory: ';
$question .= '<input type="text" class="text" name="update_phpfpm_configdir" value="/etc/php-fpm.d/" /><br /><br />';
$question .= 'Please specify the temporary files directory: ';
$question .= '<input type="text" class="text" name="update_phpfpm_tmpdir" value="/var/customers/tmp/" /><br /><br />';
$question .= 'Please specify the PEAR directory: ';
$question .= '<input type="text" class="text" name="update_phpfpm_peardir" value="/usr/share/php/:/usr/share/php5/" /><br /><br />';
$question .= 'Please specify the php-fpm restart-command: ';
$question .= '<input type="text" class="text" name="update_phpfpm_reload" value="/etc/init.d/php-fpm restart" /><br /><br />';
$question .= 'Please specify the php-fpm rocess manager control: ';
$question .= '<select name="update_phpfpm_pm">';
$redirects = makeoption('static', 'static', 'static');
$redirects .= makeoption('dynamic', 'dynamic', 'static');
$question .= $redirects . '</select><br /><br />';
$question .= 'Please specify the number of child processes: ';
$question .= '<input type="text" class="text" name="update_phpfpm_max_children" value="1" /><br /><br />';
$question .= 'Please specify the number of requests per child before respawning: ';
$question .= '<input type="text" class="text" name="update_phpfpm_max_requests" value="0" /><br /><br />';
$question .= '<em>The following settings are only required if you chose process manager = dynamic</em><br /><br />';
$question .= 'Please specify the number of child processes created on startup: ';
$question .= '<input type="text" class="text" name="update_phpfpm_start_servers" value="20" /><br /><br />';
$question .= 'Please specify the desired minimum number of idle server processes: ';
$question .= '<input type="text" class="text" name="update_phpfpm_min_spare_servers" value="5" /><br /><br />';
$question .= 'Please specify the desired maximum number of idle server processes: ';
$question .= '<input type="text" class="text" name="update_phpfpm_max_spare_servers" value="35" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.16-svn2')) {
if ((int) Settings::Get('phpfpm.enabled') == 1) {
$has_preconfig = true;
$description = 'You can chose whether you want Froxlor to use PHP-FPM itself too now.';
$question = '<strong>Use PHP-FPM for the Froxlor Panel?:</strong> ';
$question .= makeyesno('update_phpfpm_enabled_ownvhost', '1', '0', '0') . '<br /><br />';
$question .= '<strong>If \'yes\', please specify local user/group (have to exist, Froxlor does not add them automatically):</strong><br /><br />';
$question .= 'Local user: ';
$question .= '<input type="text" class="text" name="update_phpfpm_httpuser" value="' . Settings::Get('system.mod_fcgid_httpuser') . '" /><br /><br />';
$question .= 'Local group: ';
$question .= '<input type="text" class="text" name="update_phpfpm_httpgroup" value="' . Settings::Get('system.mod_fcgid_httpgroup') . '" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.17-svn1')) {
$has_preconfig = true;
$description = 'Select if you want to enable the web- and traffic-reports';
$question = '<strong>Enable?:</strong> ';
$question .= makeyesno('update_system_report_enable', '1', '0', '1') . '<br /><br />';
$question .= '<strong>If \'yes\', please specify a percentage value for web- and traffic when reports are to be sent:</strong><br /><br />';
$question .= 'Webusage warning level: ';
$question .= '<input type="text" class="text" name="update_system_report_webmax" value="90" /><br /><br />';
$question .= 'Traffic warning level: ';
$question .= '<input type="text" class="text" name="update_system_report_trafficmax" value="90" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.18-svn2')) {
$has_preconfig = true;
$description = 'As you can (obviously) see, Froxlor now comes with a new theme. You also have the possibility to switch back to "Classic" if you want to.';
$question = '<strong>Select default panel theme:</strong> ';
$question .= '<select name="update_default_theme">';
$themes = getThemes();
foreach ($themes as $cur_theme) {
$question .= makeoption($cur_theme, $cur_theme, 'Froxlor');
}
$question .= '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.28-svn4')) {
$has_preconfig = true;
$description = 'This version introduces a lot of profound changes:';
$description .= '<br /><ul><li>Improving the whole template system</li><li>Full UTF-8 support</li><li><strong>Removing support for the former default theme \'Classic\'</strong></li></ul>';
$description .= '<br /><br />Notice: This update will <strong>alter your Froxlor database to use UTF-8</strong> as default charset. ';
$description .= 'Even though this is already tested, we <span class="red">strongly recommend</span> to ';
$description .= 'test this update in a testing environment using your existing data.<br /><br />';
$question = '<strong>Select your preferred Classic Theme replacement:</strong> ';
$question .= '<select name="classic_theme_replacement">';
$themes = getThemes();
foreach ($themes as $cur_theme) {
$question .= makeoption($cur_theme, $cur_theme, 'Froxlor');
}
$question .= '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.28-svn6')) {
if (Settings::Get('system.webserver') == 'apache2') {
$has_preconfig = true;
$description = 'Froxlor now supports the new Apache 2.4. Please be aware that you need to load additional apache-modules in ordner to use it.<br />';
$description .= '<pre>LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so</pre><br />';
$question = '<strong>Do you want to enable the Apache-2.4 modification?:</strong> ';
$question .= makeyesno('update_system_apache24', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
} elseif (Settings::Get('system.webserver') == 'nginx') {
$has_preconfig = true;
$description = 'The path to nginx\'s fastcgi_params file is now customizable.<br /><br />';
$question = '<strong>Please enter full path to you nginx/fastcgi_params file (including filename):</strong> ';
$question .= '<input type="text" class="text" name="nginx_fastcgi_params" value="/etc/nginx/fastcgi_params" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.28-rc2')) {
$has_preconfig = true;
$description = 'This version adds an option to append the domain-name to the document-root for domains and subdomains.<br />';
$description .= 'You can enable or disable this feature anytime from settings -> system settings.<br />';
$question = '<strong>Do you want to automatically append the domain-name to the documentroot of newly created domains?:</strong> ';
$question .= makeyesno('update_system_documentroot_use_default_value', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.28')) {
$has_preconfig = true;
// just an information about the new sendmail parameter (#1134)
$description = 'Froxlor changed the default parameter-set of sendmail (php.ini)<br />';
$description .= 'sendmail_path = "/usr/sbin/sendmail -t <strong>-i</strong> -f {CUSTOMER_EMAIL}"<br /><br />';
$description .= 'If you don\'t have any problems with sending mails, you don\'t need to change this';
if (Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1') {
// information about removal of php's safe_mode
$description .= '<br /><br />The php safe_mode flag has been removed as current versions of PHP<br />';
$description .= 'do not support it anymore.<br /><br />';
$description .= 'Please check your php-configurations and remove safe_mode-directives to avoid php notices/warnings.';
}
$question = '';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.29-dev1')) {
// we only need to ask if fcgid|php-fpm is enabled
if (Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1') {
$has_preconfig = true;
$description = 'Standard-subdomains can now be hidden from the php-configuration overview.<br />';
$question = '<strong>Do you want to hide the standard-subdomains (this can be changed in the settings any time)?:</strong> ';
$question .= makeyesno('hide_stdsubdomains', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.29-dev2')) {
$has_preconfig = true;
$description = 'You can now decide whether admins/customers are able to change the theme<br />';
$question = '<strong>If you want to disallow theme-changing, select "no" from the dropdowns:</strong> ';
$question .= "Admins: " . makeyesno('allow_themechange_a', '1', '0', '1') . ' ';
$question .= "Customers: " . makeyesno('allow_themechange_c', '1', '0', '1');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.29-dev3')) {
$has_preconfig = true;
$description = 'There is now a possibility to specify AXFR servers for your bind zone-configuration<br />';
$question = '<strong>Enter a comma-separated list of AXFR servers or leave empty (default):</strong> ';
$question .= '<input type="text" class="text" name="system_afxrservers" value="" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.29-dev4')) {
$has_preconfig = true;
$description = 'As customers can now specify ssl-certificate data for their domains, you need to specify where the generated files are stored<br />';
$question = '<strong>Specify the directory for customer ssl-certificates:</strong> ';
$question .= '<input type="text" class="text" name="system_customersslpath" value="/etc/ssl/froxlor-custom/" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.29.1-dev3')) {
$has_preconfig = true;
$description = 'The build in logrotation-feature has been removed. Please follow the configuration-instructions for your system to enable logrotating again.';
$question = '';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
// let the apache+fpm users know that they MUST change their config
// for the domains / webserver to work after the update
if (versionInUpdate($current_version, '0.9.30-dev1')) {
if (Settings::Get('system.webserver') == 'apache2' && Settings::Get('phpfpm.enabled') == '1') {
$has_preconfig = true;
$description = 'The PHP-FPM implementation for apache2 has changed. Please look for the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) within /etc/apache2/ and change it as shown below:<br /><br />';
$description .= '<pre class="code-block"><IfModule mod_fastcgi.c>
FastCgiIpcDir /var/lib/apache2/fastcgi/
<Location "/fastcgiphp">
Order Deny,Allow
Deny from All
# Prevent accessing this path directly
Allow from env=REDIRECT_STATUS
</Location>
</IfModule></pre>';
$question = '';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.31-dev2')) {
if (Settings::Get('system.webserver') == 'apache2' && Settings::Get('phpfpm.enabled') == '1') {
$has_preconfig = true;
$description = 'The FPM socket directory is now a setting in froxlor. Its default is <b>/var/lib/apache2/fastcgi/</b>.<br/>If you are using <b>/var/run/apache2</b> in the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) please correct this path accordingly<br />';
$question = '';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.31-dev4')) {
$has_preconfig = true;
$description = 'The template-variable {PASSWORD} has been replaced with {LINK}. Please update your password reset templates!<br />';
$question = '';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.31-dev5')) {
$has_preconfig = true;
$description = 'You can enable/disable error-reporting for admins and customers!<br /><br />';
$question = '<strong>Do you want to enable error-reporting for admins? (default: yes):</strong> ';
$question .= makeyesno('update_error_report_admin', '1', '0', '1') . '<br />';
$question .= '<strong>Do you want to enable error-reporting for customers? (default: no):</strong> ';
$question .= makeyesno('update_error_report_customer', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.31-rc2')) {
$has_preconfig = true;
$description = 'You can enable/disable the display/usage of the news-feed for admins<br /><br />';
$question = '<strong>Do you want to enable the news-feed for admins? (default: yes):</strong> ';
$question .= makeyesno('update_admin_news_feed', '1', '0', '1') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.32-dev2')) {
$has_preconfig = true;
$description = 'To enable logging of the mail-traffic, you need to set the following settings accordingly<br /><br />';
$question = '<strong>Do you want to enable the traffic collection for mail? (default: yes):</strong> ';
$question .= makeyesno('mailtraffic_enabled', '1', '0', '1') . '<br />';
$question .= '<strong>Mail Transfer Agent</strong><br />';
$question .= 'Type of your MTA: ';
$question .= '<select name="mtaserver">';
$question .= makeoption('Postfix', 'postfix', 'postfix');
$question .= makeoption('Exim4', 'exim4', 'postfix');
$question .= '</select><br />';
$question .= 'Logfile for your MTA: ';
$question .= '<input type="text" class="text" name="mtalog" value="/var/log/mail.log" /><br />';
$question .= '<strong>Mail Delivery Agent</strong><br />';
$question .= 'Type of your MDA: ';
$question .= '<select name="mdaserver">';
$question .= makeoption('Dovecot', 'dovecot', 'dovecot');
$question .= makeoption('Courier', 'courier', 'dovecot');
$question .= '</select><br /><br />';
$question .= 'Logfile for your MDA: ';
$question .= '<input type="text" class="text" name="mdalog" value="/var/log/mail.log" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.32-dev5')) {
$has_preconfig = true;
$description = 'Froxlor now generates a cron-configuration file for the cron-daemon. Please set a filename which will be included automatically by your crond (e.g. files in /etc/cron.d/)<br /><br />';
$question = '<strong>Path to the cron-service configuration-file.</strong> This file will be updated regularly and automatically by froxlor.<br />Note: please <b>be sure</b> to use the same filename as for the main froxlor cronjob (default: /etc/cron.d/froxlor)!<br />';
$question .= '<input type="text" class="text" name="crondfile" value="/etc/cron.d/froxlor" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.32-dev6')) {
$has_preconfig = true;
$description = 'In order for the new cron.d file to work properly, we need to know about the cron-service reload command.<br /><br />';
$question = '<strong>Please specify the reload-command of your cron-daemon</strong> (default: /etc/init.d/cron reload)<br />';
$question .= '<input type="text" class="text" name="crondreload" value="/etc/init.d/cron reload" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.32-rc2')) {
$has_preconfig = true;
$description = 'To customize the command which executes the cronjob (php - basically) change the path below according to your system.<br /><br />';
$question = '<strong>Please specify the command to execute cronscripts</strong> (default: "/usr/bin/nice -n 5 /usr/bin/php5 -q")<br />';
$question .= '<input type="text" class="text" name="croncmdline" value="/usr/bin/nice -n 5 /usr/bin/php5 -q" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.33-dev1')) {
$has_preconfig = true;
$description = 'You can enable/disable the display/usage of the custom newsfeed for customers.<br /><br />';
$question = '<strong>Do you want to enable the custom newsfeed for customer? (default: no):</strong> ';
$question .= makeyesno('customer_show_news_feed', '1', '0', '0') . '<br />';
$question .= '<strong>You have to set the URL for your RSS-feed here, if you have chosen to enable the custom newsfeed on the customer-dashboard:</strong> ';
$question .= '<input type="text" class="text" name="customer_news_feed_url" value="" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.33-dev2')) {
// only if bind is used - if not the default will be set, which is '0' (off)
if (Settings::get('system.bind_enable') == 1) {
$has_preconfig = true;
$description = 'You can enable/disable the generation of the bind-zone / config for the system hostname.<br /><br />';
$question = '<strong>Do you want to generate a bind-zone for the system-hostname? (default: no):</strong> ';
$question .= makeyesno('dns_createhostnameentry', '1', '0', '0') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.33-rc2')) {
$has_preconfig = true;
$description = 'You can chose whether you want to receive an e-mail on cronjob errors. Keep in mind that this can lead to an e-mail being sent every 5 minutes.<br /><br />';
$question = '<strong>Do you want to receive cron-errors via mail? (default: no):</strong> ';
$question .= makeyesno('system_send_cron_errors', '1', '0', '0') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.34-dev3')) {
$has_preconfig = true;
$description = 'Froxlor now requires the PHP mbstring-extension as we need to be multibyte-character safe in some cases';
$question = '<strong>PHP mbstring</strong> is currently: ';
if (!extension_loaded('mbstring')) {
$question .= '<span class="red">not installed/loaded</span>';
$question .= '<br>Please install the PHP mbstring extension in order to finish the update';
} else {
$question .= '<span class="green">installed/loaded</span>';
}
$question .= '<br>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
function eZSetupPrvPosixExtension()
{
$userInfo = array('has_extension' => false);
if (extension_loaded('posix')) {
$userInfo['has_extension'] = true;
$uinfo = posix_getpwuid(posix_getuid());
$ginfo = posix_getgrgid(posix_getgid());
$userInfo['user_name'] = $uinfo['name'];
$userInfo['user_id'] = $uinfo['uid'];
$userInfo['group_name'] = $ginfo['name'];
$userInfo['group_id'] = $ginfo['gid'];
$userInfo['group_members'] = $ginfo['members'];
$userInfo['script_user_id'] = getmyuid();
$userInfo['script_group_id'] = getmygid();
}
return $userInfo;
}
/**
* Called when request iterated.
* @return integer Status.
*/
public function run()
{
$stime = microtime(TRUE);
$this->header('Content-Type: text/html');
$this->setcookie('testcookie', '1');
$this->registerShutdownFunction(function () {
?>
</html><?php
});
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>It works!</title>
</head>
<body>
<h1>It works! Be happy! ;-)</h1>
Hello world!
<br />Counter of requests to this Application Instance: <b><?php
echo ++$this->appInstance->counter;
?>
</b>
<br />Memory usage: <?php
$mem = memory_get_usage();
echo $mem / 1024 / 1024;
?>
MB. (<?php
echo $mem;
?>
)
<br />Memory real usage: <?php
$mem = memory_get_usage(TRUE);
echo $mem / 1024 / 1024;
?>
MB. (<?php
echo $mem;
?>
)
<br />Pool size: <?php
echo sizeof(Daemon::$process->pool);
?>
.
<br />My PID: <?php
echo getmypid();
?>
.
<?php
$user = posix_getpwuid(posix_getuid());
$group = posix_getgrgid(posix_getgid());
?>
<br />My user/group: <?php
echo $user['name'] . '/' . $group['name'];
$displaystate = TRUE;
if ($displaystate) {
?>
<br /><br /><b>State of workers:</b><?php
$stat = Daemon::getStateOfWorkers();
?>
<br />Idle: <?php
echo $stat['idle'];
?>
<br />Busy: <?php
echo $stat['busy'];
?>
<br />Total alive: <?php
echo $stat['alive'];
?>
<br />Shutdown: <?php
echo $stat['shutdown'];
?>
<br />Pre-init: <?php
echo $stat['preinit'];
?>
<br />Wait-init: <?php
echo $stat['waitinit'];
?>
<br />Init: <?php
echo $stat['init'];
?>
<br />
<?php
}
?>
<br /><br />
<br /><br /><form action="<?php
echo htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES);
?>
" method="post" enctype="multipart/form-data">
<input type="file" name="myfile" />
<input type="submit" name="submit" value="Upload" />
</form>
<br />
<form action="<?php
echo htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES);
?>
" method="post">
<input type="text" name="mytext" value="" />
<input type="submit" name="submit" value="Send" />
</form>
<pre>
<?php
var_dump(array('_GET' => $_GET, '_POST' => $_POST, '_COOKIE' => $_COOKIE, '_REQUEST' => $_REQUEST, '_FILES' => $_FILES, '_SERVER' => $_SERVER));
?>
</pre>
<br />Request took: <?php
printf('%f', round(microtime(TRUE) - $stime, 6));
?>
</body><?php
}
public function runTaskAsDaemon($task_name, $options = array())
{
$this->_ensurePosixAndPcntlAreAvailable();
require_once 'System/Daemon.php';
$app_name = AkInflector::underscore($task_name);
$pid_file = AK_BASE_DIR . DS . 'run' . DS . $app_name . DS . $app_name . '.pid';
$log_file = AK_LOG_DIR . DS . 'daemons' . DS . $app_name . '.log';
if (!file_exists($pid_file)) {
if (empty($options['attributes']['kill'])) {
AkFileSystem::file_put_contents($pid_file, '');
AkFileSystem::file_delete($pid_file);
} else {
$this->error("Could not kill process for {$task_name}", true);
}
} else {
$pid = (int) file_get_contents($pid_file);
if ($pid > 0) {
if (!empty($options['attributes']['kill'])) {
$this->message("Killing process {$pid}");
`kill {$pid}`;
AkFileSystem::file_delete($pid_file);
die;
} elseif (!empty($options['attributes']['restart'])) {
$this->message("Restarting {$task_name}.");
$this->message(`kill {$pid}`);
} else {
$this->error("Daemon for {$task_name} still running ({$pid_file}).\nTask aborted.", true);
}
}
}
if (!empty($options['attributes']['kill']) && empty($pid)) {
$this->error("No daemon running for task {$task_name}", true);
}
unset($options['attributes']['restart']);
if (!file_exists($log_file)) {
AkFileSystem::file_put_contents($log_file, '');
}
System_Daemon::setOption('appName', $app_name);
System_Daemon::setOption('appDir', AK_BASE_DIR);
System_Daemon::setOption('logLocation', $log_file);
System_Daemon::setOption('appRunAsUID', posix_geteuid());
System_Daemon::setOption('appRunAsGID', posix_getgid());
System_Daemon::setOption('appPidLocation', $pid_file);
$this->message("Staring daemon. ({$log_file})");
System_Daemon::start();
$dsn = Ak::getStaticVar('dsn');
defined('AK_SKIP_DB_CONNECTION') && AK_SKIP_DB_CONNECTION ? null : Ak::db($dsn);
$this->runTask($task_name, $options);
System_Daemon::stop();
AkFileSystem::file_delete($pid_file);
die;
}
/**
* Check and chdir to $_workDir
*
* @return void
*/
private function ___init_userGroup()
{
$this->_debug("-----> " . __CLASS__ . '::' . __FUNCTION__ . '()', 9);
// Get current uid and gid
$uid_cur = posix_getuid();
$gid_cur = posix_getgid();
// If not root, skip the rest of this procedure
if ($uid_cur != 0) {
$this->_log("Skipping the setUid/setGid part, because we are not root");
return;
}
// Get desired uid/gid
$r = posix_getpwnam($this->_user);
if ($r === false) {
throw new A2o_AppSrv_Exception("Unable to get uid for user: {$this->_user}");
}
$userData = $r;
$r = posix_getgrnam($this->_group);
if ($r === false) {
throw new A2o_AppSrv_Exception("Unable to get gid for group: {$this->_group}");
}
$groupData = $r;
$uid_desired = $userData['uid'];
$gid_desired = $groupData['gid'];
// Change effective uid/gid if required
if ($gid_cur != $gid_desired) {
$r = posix_setgid($gid_desired);
if ($r === false) {
throw new A2o_AppSrv_Exception("Unable to setgid: {$gid_cur} -> {$gid_desired}");
}
$this->_debug("Group (GID) changed to {$this->_group} ({$gid_desired})");
}
if ($uid_cur != $uid_desired) {
$r = posix_setuid($uid_desired);
if ($r === false) {
throw new A2o_AppSrv_Exception("Unable to setuid: {$uid_cur} -> {$uid_desired}");
}
$this->_debug("User (UID) changed to {$this->_user} ({$uid_desired})");
}
$this->_debug("Setuid/setgid complete");
}
/**
* 设置运行用户
* @param string $worker_user
* @return void
*/
protected static function setProcUser($worker_user)
{
$user_info = posix_getpwnam($worker_user);
if ($user_info['uid'] != posix_getuid() || $user_info['gid'] != posix_getgid()) {
// 尝试设置gid uid
if (!posix_setgid($user_info['gid']) || !posix_setuid($user_info['uid'])) {
self::notice('Notice : Can not run woker as ' . $worker_user . " , You shuld be root\n", true);
}
}
}
/**
* Generates an array that will be converted to the `docker-compose.yml` file
* for this environment.
*
* @return array
*/
public function getDockerComposeArray()
{
$this->getConfig();
$source_root = $this->environment->path;
if (!empty($this->config['document_root'])) {
$document_root = $this->environment->path . '/' . $this->config['document_root'];
} else {
$document_root = $source_root;
}
// Look for this users SSH public key
// @TODO: Move ssh_authorized_keys to terra config. Ask the user on first run.
$ssh_key_path = $_SERVER['HOME'] . '/.ssh/id_rsa.pub';
if (file_exists($ssh_key_path)) {
$ssh_authorized_keys = file_get_contents($ssh_key_path);
}
$compose = array();
$compose['load'] = array('image' => 'tutum/haproxy', 'environment' => array('VIRTUAL_HOST' => $this->getUrl()), 'links' => array('app'), 'expose' => array('80/tcp'), 'ports' => array(':80'), 'restart' => 'always');
$compose['app'] = array('image' => 'terra/drupal', 'tty' => true, 'stdin_open' => true, 'links' => array('database'), 'volumes' => array("{$document_root}:/usr/share/nginx/html"), 'environment' => array('HOST_UID' => posix_getuid(), 'HOST_GID' => posix_getgid()), 'expose' => array('80/tcp'), 'restart' => 'always');
$compose['database'] = array('image' => 'mariadb', 'tty' => true, 'stdin_open' => true, 'environment' => array('MYSQL_ROOT_PASSWORD' => 'RANDOMIZEPLEASE', 'MYSQL_DATABASE' => 'drupal', 'MYSQL_USER' => 'drupal', 'MYSQL_PASSWORD' => 'drupal'), 'restart' => 'always');
$compose['drush'] = array('image' => 'terra/drush', 'tty' => true, 'stdin_open' => true, 'links' => array('database'), 'ports' => array(':22'), 'volumes' => array("{$document_root}:/var/www/html", "{$source_root}:/source"), 'environment' => array('AUTHORIZED_KEYS' => $ssh_authorized_keys), 'restart' => 'always');
// Add "app_services": Additional containers linked to the app container.
$this->getConfig();
if (isset($this->config['docker_compose']['app_services']) && is_array($this->config['docker_compose']['app_services'])) {
foreach ($this->config['docker_compose']['app_services'] as $service => $info) {
$compose['app']['links'][] = $service;
// Look for volume paths to change
foreach ($info['volumes'] as &$volume) {
$volume = strtr($volume, array('{APP_PATH}' => $source_root));
}
$compose[$service] = $info;
}
}
// Add "overrides" to docker-compose.
if (isset($this->config['docker_compose']['overrides']) && is_array($this->config['docker_compose']['overrides'])) {
foreach ($this->config['docker_compose']['overrides'] as $service => $info) {
$compose[$service] = array_merge_recursive($compose[$service], $info);
}
}
return $compose;
}
function get_webserver_uid()
{
global $wwwuser;
global $wwwgroup;
$wwwuser = '';
$wwwgroup = '';
if (isWindows()) {
$wwwuser = '******';
$wwwgroup = 'SYSTEM';
}
if (function_exists('posix_getuid')) {
$user = @posix_getpwuid(@posix_getuid());
$group = @posix_getpwuid(@posix_getgid());
$wwwuser = $user ? $user['name'] : false;
$wwwgroup = $group ? $group['name'] : false;
}
if (!$wwwuser) {
$wwwuser = '******';
}
if (!$wwwgroup) {
$wwwgroup = 'nobody (or the group account the web server is running under)';
}
}
var_dump($x === $y);
if ($x !== $y) {
echo "Failed: {$y}\n";
echo "Got: {$x}\n";
var_dump(debug_backtrace());
}
}
function VERIFY($x)
{
VS($x != false, true);
}
//////////////////////////////////////////////////////////////////////
VERIFY(posix_access(__DIR__ . "/ext_posix.php"));
VERIFY(strlen(posix_ctermid()));
VERIFY(strlen(posix_getcwd()));
$ret = posix_getgrgid(posix_getgid());
VERIFY($ret != false);
VERIFY(count((array) $ret) != 0);
$bynam = posix_getgrnam($ret['name']);
VS($ret, $bynam);
$ret = posix_getgrnam("root");
VERIFY($ret != false);
VERIFY(count((array) $ret) != 0);
$bygid = posix_getgrgid($ret['gid']);
VS($ret, $bygid);
// $ret = posix_getgroups();
// VERIFY($ret != false);
// VERIFY(count((array)$ret) != 0);
VERIFY(posix_getpgid(0));
VERIFY(posix_getpgrp());
VERIFY(posix_getpid());
/**
* returns current group
*
* If the system does not support posix_getgid() the current group will be root (0).
*
* @return int
*/
public static function getCurrentGroup()
{
return function_exists('posix_getgid') ? posix_getgid() : self::GROUP_ROOT;
}
// Testing the SSH installation
header("Content-Type: text/html; charset=UTF-8");
echo "<html><head>\r\n <!-- Should include a stylesheet here -->\r\n </head><body>";
// First test, check that the required files are all present
echo "<h1>Testing installation</h1>";
if (!file_exists("class.sshAccessDriver.php") || !file_exists("class.SSHOperations.php") || !file_exists("manifest.xml") || !file_exists("showPass.php") || !file_exists("sshActions.xml")) {
echo "ERROR: Missing at least one of these files:\r\n <ul>\r\n <li>class.sshDriver.php</li>\r\n <li>class.SSHOperations.php</li>\r\n <li>manifest.xml</li>\r\n <li>showPass.php</li>\r\n <li>sshActions.xml</li>\r\n </ul>";
} else {
echo "All required files are installed";
}
// Testing file permissions
echo "<h1>Testing file permission</h1>";
$stat = stat("showPass.php");
$mode = $stat['mode'] & 0x7fff;
// We don't care about the type
if (is_executable('showPass.php') || $mode & 0x40 && $stat['uid'] == posix_getuid() || $mode & 0x8 && $stat['gid'] == posix_getgid() || $mode & 0x1) {
echo "Required showPass.php is executable";
} else {
echo "ERROR: showPass.php isn't executable.<br><h2>Trying to make it executable</h2>";
chmod('showPass.php', 0555);
if (!is_executable('showPass.php')) {
echo "FAILED: Please log on the server and make showPass.php executable for your webserver user";
} else {
echo "Success: showPass.php was made executable";
}
}
// Checking if ssh is accessible
echo "<h1>Testing ssh access from webserver's user</h1>";
$handle = popen("ssh 2>&1", "r");
$usage = fread($handle, 30);
if (strpos($usage, "usage") === FALSE) {
/**
* Tests permissions on a directory and throws out friendly
* error messages and attempts to chmod it itself if possible
* @param $dir Directory path
* @param $chmod Permissions
* @return True if directory writable
*/
private function _testPermissions($dir, $chmod)
{
// early abort, if it is writable, everything is hunky-dory
if (is_writable($dir)) {
return true;
}
if (!is_dir($dir)) {
// generally, you'll want to handle this beforehand
// so a more specific error message can be given
trigger_error('Directory ' . $dir . ' does not exist', E_USER_WARNING);
return false;
}
if (function_exists('posix_getuid')) {
// POSIX system, we can give more specific advice
if (fileowner($dir) === posix_getuid()) {
// we can chmod it ourselves
$chmod = $chmod | 0700;
if (chmod($dir, $chmod)) {
return true;
}
} elseif (filegroup($dir) === posix_getgid()) {
$chmod = $chmod | 070;
} else {
// PHP's probably running as nobody, so we'll
// need to give global permissions
$chmod = $chmod | 0777;
}
trigger_error('Directory ' . $dir . ' not writable, ' . 'please chmod to ' . decoct($chmod), E_USER_WARNING);
} else {
// generic error message
trigger_error('Directory ' . $dir . ' not writable, ' . 'please alter file permissions', E_USER_WARNING);
}
return false;
}
/**
* Set unix user and group for current process.
* @return void
*/
public function setUserAndGroup()
{
// Get uid.
$user_info = posix_getpwnam($this->user);
if (!$user_info) {
return self::log("Waring: User {$this->user} not exsits", true);
}
$uid = $user_info['uid'];
// Get gid.
if ($this->group) {
$group_info = posix_getgrnam($this->group);
if (!$group_info) {
return self::log("Waring: Group {$this->group} not exsits", true);
}
$gid = $group_info['gid'];
} else {
$gid = $user_info['gid'];
}
// Set uid and gid.
if ($uid != posix_getuid() || $gid != posix_getgid()) {
if (!posix_setgid($gid) || !posix_initgroups($user_info['name'], $gid) || !posix_setuid($uid)) {
self::log("Waring: change gid or uid fail.", true);
}
}
}
