function CheckFilesAndSecurity()
{
$squid_user = SquidUser();
$unix = new unix();
$chown = $unix->find_program("chown");
$squid_user = SquidUser();
if (!is_dir("/var/cache/squid/00")) {
@mkdir("/var/cache/squid", 644, true);
shell_exec("{$chown} {$squid_user} /var/cache/squid >/dev/null 2>&1");
exec("{$GLOBALS["SQUIDBIN"]} -z 2>&1", $results);
}
shell_exec("{$chown} -R {$squid_user} /etc/squid3/* >/dev/null 2>&1");
if (!is_dir("/var/run/squid")) {
@mkdir("/var/run/squid", 755, true);
}
shell_exec("{$chown} {$squid_user} /var/run/squid >/dev/null 2>&1");
if (is_dir("/usr/share/squid-langpack")) {
shell_exec("{$chown} -R {$squid_user} /usr/share/squid-langpack");
}
if (!is_file("/var/log/squid/squidGuard.log")) {
@file_put_contents("/var/log/squid/squidGuard.log", "#");
}
@mkdir("/var/log/squid/squid", 755, true);
shell_exec("{$chown} -R {$squid_user} /var/log/squid/* >/dev/null 2>&1");
if (!is_file("/etc/squid3/squid-block.acl")) {
@file_put_contents("/etc/squid3/squid-block.acl", "");
}
if (!is_file("/etc/squid3/clients_ftp.acl")) {
@file_put_contents("/etc/squid3/clients_ftp.acl", "");
}
if (!is_file("/etc/squid3/allowed-user-agents.acl")) {
@file_put_contents("/etc/squid3/allowed-user-agents.acl", "");
}
if (is_file("/var/lib/samba/winbindd_privileged")) {
$setfacl = $unix->find_program("setfacl");
if (is_file($setfacl)) {
shell_exec("{$setfacl} -m u:squid:rx /var/lib/samba/winbindd_privileged >/dev/null 2>&1");
}
}
$ssl_crtd = locate_ssl_crtd();
if (!is_file("/var/lib/ssl_db")) {
if (is_file($ssl_crtd)) {
shell_exec("{$ssl_crtd} -c -s /var/lib/ssl_db");
} else {
echo "Starting......: unable to stat ssl_crtd !!!\n";
}
}
}
function CheckFilesAndSecurity()
{
if (isset($GLOBALS[__FUNCTION__ . "_EXECUTED"])) {
return;
}
$GLOBALS[__FUNCTION__ . "_EXECUTED"] = true;
$squid_user = SquidUser();
$unix = new unix();
$chown = $unix->find_program("chown");
$chmod = $unix->find_program("chmod");
$squid_user = SquidUser();
$ln = $unix->find_program("ln");
$rm = $unix->find_program("rm");
if (!is_dir("/var/logs")) {
@mkdir("/var/logs", 0755, true);
}
$squidlogdir = "/var/log/squid";
if (is_link($squidlogdir)) {
$squidlogdir = @readlink($squidlogdir);
}
$baselogdir = dirname($squidlogdir);
@chmod($baselogdir, 0755);
@mkdir("/var/lib/squid/session", 0755, true);
@mkdir("/usr/local/share/artica", 0755, true);
@mkdir("/var/squid/cache", 0755, true);
@mkdir("/var/lib/ssl_db", 0755, true);
@mkdir("/var/log/squid/nudity", 0755, true);
if (!is_dir("/var/run/squid")) {
@mkdir("/var/run/squid", 0755, true);
}
@mkdir("/var/log/squid/squid", 0755, true);
if (!is_file("/var/logs/cache.log")) {
@file_put_contents("/var/logs/cache.log", "\n");
}
if (!is_dir("/usr/share/squid-langpack/templates/lb-lu")) {
shell_exec("{$ln} -sf /usr/share/squid-langpack/templates/en-us /usr/share/squid-langpack/templates/lb-lu");
}
if (!is_file("/etc/squid3/squid-block.acl")) {
@touch("/etc/squid3/squid-block.acl", "");
}
if (!is_file("/etc/squid3/clients_ftp.acl")) {
@touch("/etc/squid3/clients_ftp.acl", "");
}
if (!is_file("/etc/squid3/allowed-user-agents.acl")) {
@touch("/etc/squid3/allowed-user-agents.acl", "");
}
$unix->chmod_func(0755, "/etc/artica-postfix/settings/Daemons");
$unix->chmod_func(0755, "/etc/artica-postfix/settings/Daemons/*");
//helpers
@chmod("/usr/share/artica-postfix/ufdbgclient.php", 0755);
@chown("/usr/share/artica-postfix/ufdbgclient.php", "squid");
@chgrp("/usr/share/artica-postfix/ufdbgclient.php", "squid");
$GLOBALS["LogFileDeamonLogDir"] = @file_get_contents("/etc/artica-postfix/settings/Daemons/LogFileDeamonLogDir");
if ($GLOBALS["LogFileDeamonLogDir"] == null) {
$GLOBALS["LogFileDeamonLogDir"] = "/home/artica/squid/realtime-events";
}
@mkdir($GLOBALS["LogFileDeamonLogDir"], 0755, true);
@chmod($GLOBALS["LogFileDeamonLogDir"], 0755);
@chown($GLOBALS["LogFileDeamonLogDir"], "squid");
@chgrp($GLOBALS["LogFileDeamonLogDir"], "squid");
$items[] = "/etc/squid3/SquidNudityScanParams";
$items[] = "/var/squid/cache";
$items[] = "/var/lib/squid/session";
$items[] = "/etc/squid3/*";
$items[] = "{$squidlogdir}";
$items[] = "{$squidlogdir}/*";
$items[] = "{$squidlogdir}/nudity";
$items[] = "/var/logs";
$items[] = "/var/lib/ssl_db";
$items[] = "/var/logs/cache.log";
$items[] = "/home/squid/cache";
$items[] = "/home/squid";
$items[] = "/var/run/squid/*";
$items[] = "/usr/local/share/artica";
while (list($none, $path) = each($items)) {
echo "Starting......: " . date("H:i:s") . " [SYS]: permissions on \"{$path}\"\n";
$unix->chown_func($squid_user, $squid_user, $path);
$unix->chmod_func(0755, $path);
}
$squid_locate_pinger = $unix->squid_locate_pinger();
$setcap = $unix->find_program("setcap");
if (is_file($squid_locate_pinger)) {
shell_exec("{$chmod} 0755 {$squid_locate_pinger}");
@chown($squid_locate_pinger, "squid");
@chgrp($squid_locate_pinger, "squid");
if (is_file("{$setcap}")) {
shell_exec("{$setcap} cap_net_raw=pe {$squid_locate_pinger}");
} else {
$unix->DEBIAN_INSTALL_PACKAGE("libcap2-bin");
}
}
$unix->THREAD_COMMAND_SET("{$chown} -R squid:squid /var/lib/squid/session");
$GetCachesInsquidConf = $unix->SQUID_CACHE_FROM_SQUIDCONF();
while (list($CacheDirectory, $type) = each($GetCachesInsquidConf)) {
if (trim($CacheDirectory) == null) {
continue;
}
if (!is_dir($CacheDirectory)) {
continue;
}
$unix->chown_func("squid", "squid", $CacheDirectory);
$unix->THREAD_COMMAND_SET("{$chown} -R squid:squid {$CacheDirectory}");
$unix->THREAD_COMMAND_SET("{$chmod} -R 0755 {$CacheDirectory}");
@chmod($CacheDirectory, 0755);
}
if (is_dir("/usr/share/squid-langpack")) {
$unix->chown_func($squid_user, $squid_user, "/usr/share/squid-langpack");
}
if (!is_file("{$squidlogdir}/squidGuard.log")) {
@file_put_contents("/var/log/squid/squidGuard.log", "#");
}
$unix->Winbindd_privileged_SQUID();
$tpls["ERR_CONFLICT_HOST"] = "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"> <html><head> <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"> <title>ERROR: The requested URL could not be retrieved</title> <style type=\"text/css\"><!-- %l body :lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; } :lang(he) { direction: rtl; } --></style> </head><body id=%c> <div id=\"titles\"> <h1>ERROR</h1> <h2>The requested URL could not be retrieved</h2> </div> <hr> <div id=\"content\"> <p>The following error was encountered while trying to retrieve the URL: <a href=\"%U\">%U</a></p> <blockquote id=\"data\"> <pre>URI Host Conflict</pre> </blockquote> <p>This means the domain name you are trying to access apparently no longer exists on the machine you are requesting it from.</p> <p>Some possible problems are:</p> <ul> <li>The domain may have moved very recently. Trying again will resolve that.</li> <li>The website may require you to use a local country-based version. Using your ISP provided DNS server(s) should resolve that.</li> </ul> <p>Your cache administrator is <a href=\"mailto:%w%W\">%w</a>.</p> <br> </div> <hr> <div id=\"footer\"> <p>Generated %T by %h (%s)</p> <!-- %c --> </div> </body></html>";
$tpls["MGR_INDEX"] = "\n";
while (list($file, $lined) = each($tpls)) {
if (!is_file("/usr/share/squid-langpack/en/{$file}")) {
@file_put_contents("/usr/share/squid-langpack/en/{$file}", $lined);
}
if (!is_file("/usr/share/squid-langpack/templates/{$file}")) {
@file_put_contents("/usr/share/squid-langpack/templates/{$file}", $lined);
}
}
$ssl_crtd = locate_ssl_crtd();
if (!is_file("/var/lib/ssl_db/index.txt")) {
if (is_file($ssl_crtd)) {
if (is_dir("/var/lib/ssl_db")) {
shell_exec("{$rm} -rf /var/lib/ssl_db");
}
shell_exec("{$ssl_crtd} -c -s /var/lib/ssl_db");
$unix->chown_func($squid_user, $squid_user, "/var/lib/ssl_db/*");
} else {
echo "Starting......: " . date("H:i:s") . " unable to stat ssl_crtd to fill `/var/lib/ssl_db`\n";
}
}
}
