function CheckFilesAndSecurity() { $squid_user = SquidUser(); $unix = new unix(); $chown = $unix->find_program("chown"); $squid_user = SquidUser(); if (!is_dir("/var/cache/squid/00")) { @mkdir("/var/cache/squid", 644, true); shell_exec("{$chown} {$squid_user} /var/cache/squid >/dev/null 2>&1"); exec("{$GLOBALS["SQUIDBIN"]} -z 2>&1", $results); } shell_exec("{$chown} -R {$squid_user} /etc/squid3/* >/dev/null 2>&1"); if (!is_dir("/var/run/squid")) { @mkdir("/var/run/squid", 755, true); } shell_exec("{$chown} {$squid_user} /var/run/squid >/dev/null 2>&1"); if (is_dir("/usr/share/squid-langpack")) { shell_exec("{$chown} -R {$squid_user} /usr/share/squid-langpack"); } if (!is_file("/var/log/squid/squidGuard.log")) { @file_put_contents("/var/log/squid/squidGuard.log", "#"); } @mkdir("/var/log/squid/squid", 755, true); shell_exec("{$chown} -R {$squid_user} /var/log/squid/* >/dev/null 2>&1"); if (!is_file("/etc/squid3/squid-block.acl")) { @file_put_contents("/etc/squid3/squid-block.acl", ""); } if (!is_file("/etc/squid3/clients_ftp.acl")) { @file_put_contents("/etc/squid3/clients_ftp.acl", ""); } if (!is_file("/etc/squid3/allowed-user-agents.acl")) { @file_put_contents("/etc/squid3/allowed-user-agents.acl", ""); } if (is_file("/var/lib/samba/winbindd_privileged")) { $setfacl = $unix->find_program("setfacl"); if (is_file($setfacl)) { shell_exec("{$setfacl} -m u:squid:rx /var/lib/samba/winbindd_privileged >/dev/null 2>&1"); } } $ssl_crtd = locate_ssl_crtd(); if (!is_file("/var/lib/ssl_db")) { if (is_file($ssl_crtd)) { shell_exec("{$ssl_crtd} -c -s /var/lib/ssl_db"); } else { echo "Starting......: unable to stat ssl_crtd !!!\n"; } } }
function CheckFilesAndSecurity() { if (isset($GLOBALS[__FUNCTION__ . "_EXECUTED"])) { return; } $GLOBALS[__FUNCTION__ . "_EXECUTED"] = true; $squid_user = SquidUser(); $unix = new unix(); $chown = $unix->find_program("chown"); $chmod = $unix->find_program("chmod"); $squid_user = SquidUser(); $ln = $unix->find_program("ln"); $rm = $unix->find_program("rm"); if (!is_dir("/var/logs")) { @mkdir("/var/logs", 0755, true); } $squidlogdir = "/var/log/squid"; if (is_link($squidlogdir)) { $squidlogdir = @readlink($squidlogdir); } $baselogdir = dirname($squidlogdir); @chmod($baselogdir, 0755); @mkdir("/var/lib/squid/session", 0755, true); @mkdir("/usr/local/share/artica", 0755, true); @mkdir("/var/squid/cache", 0755, true); @mkdir("/var/lib/ssl_db", 0755, true); @mkdir("/var/log/squid/nudity", 0755, true); if (!is_dir("/var/run/squid")) { @mkdir("/var/run/squid", 0755, true); } @mkdir("/var/log/squid/squid", 0755, true); if (!is_file("/var/logs/cache.log")) { @file_put_contents("/var/logs/cache.log", "\n"); } if (!is_dir("/usr/share/squid-langpack/templates/lb-lu")) { shell_exec("{$ln} -sf /usr/share/squid-langpack/templates/en-us /usr/share/squid-langpack/templates/lb-lu"); } if (!is_file("/etc/squid3/squid-block.acl")) { @touch("/etc/squid3/squid-block.acl", ""); } if (!is_file("/etc/squid3/clients_ftp.acl")) { @touch("/etc/squid3/clients_ftp.acl", ""); } if (!is_file("/etc/squid3/allowed-user-agents.acl")) { @touch("/etc/squid3/allowed-user-agents.acl", ""); } $unix->chmod_func(0755, "/etc/artica-postfix/settings/Daemons"); $unix->chmod_func(0755, "/etc/artica-postfix/settings/Daemons/*"); //helpers @chmod("/usr/share/artica-postfix/ufdbgclient.php", 0755); @chown("/usr/share/artica-postfix/ufdbgclient.php", "squid"); @chgrp("/usr/share/artica-postfix/ufdbgclient.php", "squid"); $GLOBALS["LogFileDeamonLogDir"] = @file_get_contents("/etc/artica-postfix/settings/Daemons/LogFileDeamonLogDir"); if ($GLOBALS["LogFileDeamonLogDir"] == null) { $GLOBALS["LogFileDeamonLogDir"] = "/home/artica/squid/realtime-events"; } @mkdir($GLOBALS["LogFileDeamonLogDir"], 0755, true); @chmod($GLOBALS["LogFileDeamonLogDir"], 0755); @chown($GLOBALS["LogFileDeamonLogDir"], "squid"); @chgrp($GLOBALS["LogFileDeamonLogDir"], "squid"); $items[] = "/etc/squid3/SquidNudityScanParams"; $items[] = "/var/squid/cache"; $items[] = "/var/lib/squid/session"; $items[] = "/etc/squid3/*"; $items[] = "{$squidlogdir}"; $items[] = "{$squidlogdir}/*"; $items[] = "{$squidlogdir}/nudity"; $items[] = "/var/logs"; $items[] = "/var/lib/ssl_db"; $items[] = "/var/logs/cache.log"; $items[] = "/home/squid/cache"; $items[] = "/home/squid"; $items[] = "/var/run/squid/*"; $items[] = "/usr/local/share/artica"; while (list($none, $path) = each($items)) { echo "Starting......: " . date("H:i:s") . " [SYS]: permissions on \"{$path}\"\n"; $unix->chown_func($squid_user, $squid_user, $path); $unix->chmod_func(0755, $path); } $squid_locate_pinger = $unix->squid_locate_pinger(); $setcap = $unix->find_program("setcap"); if (is_file($squid_locate_pinger)) { shell_exec("{$chmod} 0755 {$squid_locate_pinger}"); @chown($squid_locate_pinger, "squid"); @chgrp($squid_locate_pinger, "squid"); if (is_file("{$setcap}")) { shell_exec("{$setcap} cap_net_raw=pe {$squid_locate_pinger}"); } else { $unix->DEBIAN_INSTALL_PACKAGE("libcap2-bin"); } } $unix->THREAD_COMMAND_SET("{$chown} -R squid:squid /var/lib/squid/session"); $GetCachesInsquidConf = $unix->SQUID_CACHE_FROM_SQUIDCONF(); while (list($CacheDirectory, $type) = each($GetCachesInsquidConf)) { if (trim($CacheDirectory) == null) { continue; } if (!is_dir($CacheDirectory)) { continue; } $unix->chown_func("squid", "squid", $CacheDirectory); $unix->THREAD_COMMAND_SET("{$chown} -R squid:squid {$CacheDirectory}"); $unix->THREAD_COMMAND_SET("{$chmod} -R 0755 {$CacheDirectory}"); @chmod($CacheDirectory, 0755); } if (is_dir("/usr/share/squid-langpack")) { $unix->chown_func($squid_user, $squid_user, "/usr/share/squid-langpack"); } if (!is_file("{$squidlogdir}/squidGuard.log")) { @file_put_contents("/var/log/squid/squidGuard.log", "#"); } $unix->Winbindd_privileged_SQUID(); $tpls["ERR_CONFLICT_HOST"] = "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"> <html><head> <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"> <title>ERROR: The requested URL could not be retrieved</title> <style type=\"text/css\"><!-- %l body :lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; } :lang(he) { direction: rtl; } --></style> </head><body id=%c> <div id=\"titles\"> <h1>ERROR</h1> <h2>The requested URL could not be retrieved</h2> </div> <hr> <div id=\"content\"> <p>The following error was encountered while trying to retrieve the URL: <a href=\"%U\">%U</a></p> <blockquote id=\"data\"> <pre>URI Host Conflict</pre> </blockquote> <p>This means the domain name you are trying to access apparently no longer exists on the machine you are requesting it from.</p> <p>Some possible problems are:</p> <ul> <li>The domain may have moved very recently. Trying again will resolve that.</li> <li>The website may require you to use a local country-based version. Using your ISP provided DNS server(s) should resolve that.</li> </ul> <p>Your cache administrator is <a href=\"mailto:%w%W\">%w</a>.</p> <br> </div> <hr> <div id=\"footer\"> <p>Generated %T by %h (%s)</p> <!-- %c --> </div> </body></html>"; $tpls["MGR_INDEX"] = "\n"; while (list($file, $lined) = each($tpls)) { if (!is_file("/usr/share/squid-langpack/en/{$file}")) { @file_put_contents("/usr/share/squid-langpack/en/{$file}", $lined); } if (!is_file("/usr/share/squid-langpack/templates/{$file}")) { @file_put_contents("/usr/share/squid-langpack/templates/{$file}", $lined); } } $ssl_crtd = locate_ssl_crtd(); if (!is_file("/var/lib/ssl_db/index.txt")) { if (is_file($ssl_crtd)) { if (is_dir("/var/lib/ssl_db")) { shell_exec("{$rm} -rf /var/lib/ssl_db"); } shell_exec("{$ssl_crtd} -c -s /var/lib/ssl_db"); $unix->chown_func($squid_user, $squid_user, "/var/lib/ssl_db/*"); } else { echo "Starting......: " . date("H:i:s") . " unable to stat ssl_crtd to fill `/var/lib/ssl_db`\n"; } } }