function start($aspid = false)
{
$unix = new unix();
$sock = new sockets();
$Masterbin = $unix->LOCATE_STUNNEL();
if (!is_file($Masterbin)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, not installed\n";
}
return;
}
if (!$aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
$timepid = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
}
return;
}
$sTunnel4enabled = $sock->GET_INFO("sTunnel4enabled");
if (!is_numeric($sTunnel4enabled)) {
$sTunnel4enabled = 0;
}
if ($sTunnel4enabled == 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see sTunnel4enabled)\n";
}
return;
}
$php5 = $unix->LOCATE_PHP5_BIN();
$sysctl = $unix->find_program("sysctl");
$echo = $unix->find_program("echo");
$nohup = $unix->find_program("nohup");
$version = version();
$cmds = "{$Masterbin} /etc/stunnel/stunnel.conf";
$unix->CreateUnixUser("stunnel4", "stunnel4");
@mkdir("/var/run/stunnel", 0755, true);
@mkdir("/var/lib/stunnel4", 0755, true);
@chown("/var/run/stunnel", "stunnel4");
@chown("/var/lib/stunnel4", "stunnel4");
$stunnel = new stunnel4();
$relay = $stunnel->main_array["postfix_relayhost"]["connect"];
$relayPort = $stunnel->main_array["postfix_relayhost"]["port"];
$localport = $stunnel->main_array["postfix_relayhost"]["accept"];
if (!is_numeric($relayPort)) {
$relayPort = 465;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} version {$version}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Local to 127.0.0.1:{$localport}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} connection to {$relay}:{$relayPort}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
}
build();
$cmd = $cmds;
shell_exec($cmd);
for ($i = 1; $i < 5; $i++) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
}
sleep(1);
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
break;
}
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
}
}
}
function start($aspid = false)
{
$unix = new unix();
$sock = new sockets();
$users = new usersMenus();
$Masterbin = "/usr/local/ArticaStats/bin/postgres";
if (!is_file($Masterbin)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, arpd not installed\n";
}
return;
}
if (!$aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
$pid = PID_NUM();
if ($unix->MEM_TOTAL_INSTALLEE() < 624288) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} not enough memory\n";
}
if ($unix->process_exists($pid)) {
stop();
}
build_progress_restart("{starting} {failed} no memory", 110);
return;
}
if ($unix->process_exists($pid)) {
$timepid = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
}
build_progress_restart("{starting} {success}", 30);
return true;
}
$php5 = $unix->LOCATE_PHP5_BIN();
$sysctl = $unix->find_program("sysctl");
$echo = $unix->find_program("echo");
$nohup = $unix->find_program("nohup");
$su = $unix->find_program("su");
$rm = $unix->find_program("rm");
$SquidPerformance = intval($sock->GET_INFO("SquidPerformance"));
$EnableInfluxDB = intval($sock->GET_INFO("EnableInfluxDB"));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} EnableInfluxDB: {$EnableInfluxDB}\n";
}
$InfluxUseRemote = intval($sock->GET_INFO("InfluxUseRemote"));
if ($users->POSTFIX_INSTALLED) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Postfix installed: True\n";
}
}
if ($InfluxUseRemote == 1) {
$EnableInfluxDB = 0;
}
$FreeZePostGres = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/FreeZePostGres"));
if ($FreeZePostGres == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Freeze !!! Aborting...\n";
}
return;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Remote statistics.: {$InfluxUseRemote}\n";
}
if (!$users->POSTFIX_INSTALLED) {
$EnableIntelCeleron = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableIntelCeleron"));
if ($EnableIntelCeleron == 1) {
$EnableInfluxDB = 0;
}
}
if (is_file("/etc/artica-postfix/STATS_APPLIANCE")) {
$EnableInfluxDB = 1;
$SquidPerformance = 0;
$EnableIntelCeleron = 0;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Statistics DB.....: {$EnableInfluxDB}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Intel Celeron mode: {$EnableIntelCeleron}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Performance.......: {$SquidPerformance}\n";
}
if ($EnableInfluxDB == 0) {
build_progress_restart("{starting} {failed} {disabled}", 110);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableInflux)\n";
}
return;
}
if (!function_exists("pg_connect")) {
build_progress_restart("{starting} installing php5-pgsql", 35);
$unix->DEBIAN_INSTALL_PACKAGE("php5-pgsql");
system("/usr/share/artica-postfix/exec.php.ini.php");
if (!function_exists("pg_connect")) {
build_progress_restart("{starting} installing php5-pgsql {failed}", 110);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} pg_connect no such function\n";
}
return;
}
system("/etc/init.d/artica-webconsole restart");
}
build_progress_restart("{starting}", 40);
if (!$unix->UnixUserExists("ArticaStats")) {
$unix->CreateUnixUser("ArticaStats", "ArticaStats");
}
@mkdir("/var/run/ArticaStats", 0755, true);
@mkdir("/home/ArticaStatsDB", 0700, true);
@mkdir("/var/log/ArticaStatsDB", 0755, true);
@chown("/home/ArticaStatsDB", "ArticaStats");
@chgrp("/home/ArticaStatsDB", "ArticaStats");
@chown("/var/run/ArticaStats", "ArticaStats");
@chgrp("/var/run/ArticaStats", "ArticaStats");
@chown("/var/log/ArticaStatsDB", "ArticaStats");
@chgrp("/var/log/ArticaStatsDB", "ArticaStats");
if (is_file("/var/log/ArticaStatsDB/ArticaStatsDB.log")) {
@unlink("/var/log/ArticaStatsDB/ArticaStatsDB.log");
@touch("/var/log/ArticaStatsDB/ArticaStatsDB.log");
}
@chown("/var/log/ArticaStatsDB/ArticaStatsDB.log", "ArticaStats");
@chgrp("/var/log/ArticaStatsDB/ArticaStatsDB.log", "ArticaStats");
if (is_file("/var/run/ArticaStats/.s.PGSQL.8086")) {
@unlink("/var/run/ArticaStats/.s.PGSQL.8086");
}
$php = $unix->LOCATE_PHP5_BIN();
if (!is_file("/etc/artica-postfix/locales.gen")) {
squid_admin_mysql(1, "Generating languages for the PostGreSQL compatibility", null, __FILE__, __LINE__);
build_progress_restart("{generating_langs}", 42);
system("{$php} /usr/share/artica-postfix/exec.locale.gen.php");
}
if (!is_dir("/home/ArticaStatsDB/base/1")) {
squid_admin_mysql(0, "Creating a new PostgreSQL database in ArticaStatsDB", null, __FILE__, __LINE__);
build_progress_restart("{starting}", 45);
$rm = $unix->find_program("rm");
shell_exec("{$rm} -rf /home/ArticaStatsDB/*");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} initialize database...\n";
}
system("{$su} -c \"/usr/local/ArticaStats/bin/initdb --username=ArticaStats /home/ArticaStatsDB --no-locale -E UTF8\" ArticaStats");
}
if (!is_dir("/home/ArticaStatsDB/base/1")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} initialize database failed...\n";
}
$rm = $unix->find_program("rm");
shell_exec("{$rm} -rf /home/ArticaStatsDB/*");
return;
}
build_progress_restart("{starting}", 50);
xbuild();
fuser_port();
build_progress_restart("{starting} {permissions}", 55);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Apply permissions on /home/ArticaStatsDB\n";
}
$chown = $unix->find_program("chown");
$chmod = $unix->find_program("chmod");
shell_exec("{$chown} -R ArticaStats:ArticaStats /home/ArticaStatsDB");
shell_exec("{$chmod} 0700 /home/ArticaStatsDB");
if (is_file("/home/ArticaStatsDB/postmaster.pid")) {
@unlink("/home/ArticaStatsDB/postmaster.pid");
}
$f[] = "su -l ArticaStats -c '";
$f[] = "/usr/local/ArticaStats/bin/pg_ctl -o \"-k /tmp,/var/run/ArticaStats\" -D /home/ArticaStatsDB -l /var/log/ArticaStatsDB/ArticaStatsDB.log start'";
$cmd = @implode(" ", $f) . " >/dev/null 2>&1 &";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
}
shell_exec($cmd);
for ($i = 1; $i < 5; $i++) {
build_progress_restart("{starting} {wait} {$i}/5", 70);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
}
sleep(1);
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
break;
}
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
build_progress_restart("{starting} {success}", 75);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
}
$pg = new postgres_sql();
$pg->CREATE_TABLES();
return true;
} else {
build_progress_restart("{starting} {failed}", 110);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
}
}
}
function BuildDHCP($nopid = false)
{
$LOGBIN = "DHCP Server";
$timefile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$unix = new unix();
if (!$nopid) {
if (!$GLOBALS["FORCE"]) {
if ($unix->file_time_min($timefile) < 2) {
if ($GLOBALS["VERBOSE"]) {
echo "{$timefile} -> is less than 2mn\n";
}
return;
}
}
}
build_progress("{starting_service}", 65);
$dhcpd = new dhcpd();
$conf = $dhcpd->BuildConf();
$confpath = dhcp3Config();
$unix = new unix();
@mkdir(dirname($confpath), null, true);
@file_put_contents($confpath, $conf);
echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} saving \"{$confpath}\" (" . strlen($conf) . " bytes) done\n";
if (!$unix->UnixUserExists("dhcpd")) {
$unix->CreateUnixUser("dhcpd", "dhcpd");
}
if (!is_dir("/var/lib/dhcp3")) {
@mkdir("/var/lib/dhcp3", 0755, true);
}
$unix->chown_func("dhcpd", "dhcpd", "/var/lib/dhcp3/*");
$unix->chmod_func(0755, "/var/lib/dhcp3");
$complain = $unix->find_program("aa-complain");
if (is_file($complain)) {
$dhcpd3 = $unix->DHCPD_BIN_PATH();
if (is_file($dhcpd3)) {
shell_exec("{$complain} {$dhcpd3} >/dev/null 2>&1");
}
}
@unlink($timefile);
@file_put_contents($timefile, time());
if ($GLOBALS["PROGRESS"]) {
build_progress("{starting_service}", 70);
$sock = new sockets();
$sock->getFrameWork("dnsmasq.php?restart=yes");
$sock->getFrameWork("services.php?restart-monit=yes");
$sock->getFrameWork("cmd.php?restart-artica-status=yes");
}
}
function build()
{
$unix = new unix();
@mkdir("/var/run/lighttpd", 0755, true);
@mkdir("/var/log/lighttpd", 0755, true);
$username = $unix->LIGHTTPD_USER();
$sock = new sockets();
$phpcgi = $unix->LIGHTTPD_PHP5_CGI_BIN_PATH();
$chown = $unix->find_program("chown");
$perlbin = $unix->find_program("perl");
$nohup = $unix->find_program("nohup");
$php = $unix->LOCATE_PHP5_BIN();
$PHP_STANDARD_MODE = true;
$SquidGuardApachePort = intval($sock->GET_INFO("SquidGuardApachePort"));
$SquidGuardApacheSSLPort = intval($sock->GET_INFO("SquidGuardApacheSSLPort"));
if ($SquidGuardApachePort == 0) {
$SquidGuardApachePort = 9020;
}
if ($SquidGuardApacheSSLPort == 0) {
$SquidGuardApacheSSLPort = 9025;
}
$SquidGuardWebSSLCertificate = $sock->GET_INFO("SquidGuardWebSSLCertificate");
@mkdir("/home/squid/error_page_sessions", 0755, true);
@mkdir("/home/squid/error_page_cache", 0755, true);
if ($username == null) {
$username = "******";
$unix->CreateUnixUser($username, $username, "lighttpd username");
}
if (preg_match("#^(.+?):(.+)#", $username, $re)) {
$username = $re[1];
$username = $re[1];
}
$SquidGuardStorageDir = $sock->GET_INFO("SquidGuardStorageDir");
@unlink("/var/log/lighttpd/squidguard-lighttpd-error.log");
@unlink("/var/log/lighttpd/squidguard-lighttpd.log");
if (!is_file("/var/log/lighttpd/squidguard-lighttpd.log")) {
@file_put_contents("/var/log/lighttpd/squidguard-lighttpd.log", "#");
}
if (!is_file("/var/log/lighttpd/squidguard-lighttpd-error.log")) {
@file_put_contents("/var/log/artica-postfix/lighttpd-error.log", "#");
}
$unix->chown_func($username, $username, "/var/log/lighttpd/squidguard-lighttpd.log");
$unix->chown_func($username, $username, "/var/log/lighttpd/squidguard-lighttpd-error.log");
$unix->chown_func($username, $username, "/home/squid/error_page_sessions");
$unix->chown_func($username, $username, "/home/squid/error_page_cache");
$unix->chown_func($username, $username, "/usr/share/artica-postfix/bin/install/squid/adzap/zaps/*");
@chmod("/var/log/lighttpd/squidguard-lighttpd-error.log", 0777);
@chmod("/var/log/lighttpd/squidguard-lighttpd.log", 0777);
if ($SquidGuardStorageDir == null) {
$SquidGuardStorageDir = "/home/artica/cache";
}
@mkdir($SquidGuardStorageDir, 0755, true);
$unix->chown_func($username, $username, $SquidGuardStorageDir);
$LighttpdUseUnixSocket = $sock->GET_INFO('LighttpdUseUnixSocket');
if (!is_numeric($LighttpdUseUnixSocket)) {
$LighttpdUseUnixSocket = 0;
}
$lighttpdPhpPort = $sock->GET_INFO('lighttpdPhpPort');
if (!is_numeric($lighttpdPhpPort)) {
$lighttpdPhpPort = 1808;
}
$LighttpdArticaMaxProcs = $sock->GET_INFO('LighttpdArticaMaxProcs');
if (!is_numeric($LighttpdArticaMaxProcs)) {
$LighttpdArticaMaxProcs = 0;
}
$LighttpdArticaMaxChildren = $sock->GET_INFO('LighttpdArticaMaxChildren');
if (!is_numeric($LighttpdArticaMaxChildren)) {
$LighttpdArticaMaxChildren = 0;
}
$LighttpdRunAsminimal = $sock->GET_INFO('LighttpdRunAsminimal');
if (!is_numeric($LighttpdRunAsminimal)) {
$LighttpdRunAsminimal = 0;
}
$PHP_FCGI_MAX_REQUESTS = $sock->GET_INFO('PHP_FCGI_MAX_REQUESTS');
if (!is_numeric($PHP_FCGI_MAX_REQUESTS)) {
$PHP_FCGI_MAX_REQUESTS = 200;
}
$EnablePHPFPM = $sock->GET_INFO('EnablePHPFPM');
if (!is_numeric($EnablePHPFPM)) {
$EnablePHPFPM = 0;
}
$EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if ($EnableArticaApachePHPFPM == 0) {
$EnablePHPFPM = 0;
}
$PHP_STANDARD_MODE = true;
$phpcgi_path = $unix->LIGHTTPD_PHP5_CGI_BIN_PATH();
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Run as: {$username}\n";
}
$PHP_FCGI_CHILDREN = 1;
$max_procs = 2;
if ($LighttpdArticaMaxProcs > 0) {
$max_procs = $LighttpdArticaMaxProcs;
}
if ($LighttpdArticaMaxChildren > 0) {
$HP_FCGI_CHILDREN = $LighttpdArticaMaxChildren;
}
if ($LighttpdRunAsminimal == 1) {
$max_procs = 2;
$PHP_FCGI_CHILDREN = 2;
}
$f[] = "#artica-postfix saved by artica lighttpd.conf";
$f[] = "";
$f[] = "server.modules = (";
$f[] = " \"mod_alias\",";
$f[] = " \"mod_access\",";
$f[] = " \"mod_accesslog\",";
$f[] = " \"mod_compress\",";
$f[] = " \"mod_fastcgi\",";
$f[] = " \"mod_cgi\",";
$f[] = "\t \"mod_status\"";
$f[] = ")";
$f[] = "";
$f[] = "server.document-root = \"/usr/share/artica-postfix\"";
$f[] = "server.username = \"{$username}\"";
$f[] = "server.groupname = \"{$username}\"";
$f[] = "server.errorlog = \"/var/log/lighttpd/squidguard-lighttpd-error.log\"";
$f[] = "index-file.names = ( \"exec.squidguard.php\")";
$f[] = "";
$f[] = "mimetype.assign = (";
$f[] = " \".pdf\" => \"application/pdf\",";
$f[] = " \".sig\" => \"application/pgp-signature\",";
$f[] = " \".spl\" => \"application/futuresplash\",";
$f[] = " \".class\" => \"application/octet-stream\",";
$f[] = " \".ps\" => \"application/postscript\",";
$f[] = " \".torrent\" => \"application/x-bittorrent\",";
$f[] = " \".dvi\" => \"application/x-dvi\",";
$f[] = " \".gz\" => \"application/x-gzip\",";
$f[] = " \".pac\" => \"application/x-ns-proxy-autoconfig\",";
$f[] = " \".swf\" => \"application/x-shockwave-flash\",";
$f[] = " \".tar.gz\" => \"application/x-tgz\",";
$f[] = " \".tgz\" => \"application/x-tgz\",";
$f[] = " \".tar\" => \"application/x-tar\",";
$f[] = " \".zip\" => \"application/zip\",";
$f[] = " \".mp3\" => \"audio/mpeg\",";
$f[] = " \".m3u\" => \"audio/x-mpegurl\",";
$f[] = " \".wma\" => \"audio/x-ms-wma\",";
$f[] = " \".wax\" => \"audio/x-ms-wax\",";
$f[] = " \".ogg\" => \"application/ogg\",";
$f[] = " \".wav\" => \"audio/x-wav\",";
$f[] = " \".gif\" => \"image/gif\",";
$f[] = " \".jar\" => \"application/x-java-archive\",";
$f[] = " \".jpg\" => \"image/jpeg\",";
$f[] = " \".jpeg\" => \"image/jpeg\",";
$f[] = " \".png\" => \"image/png\",";
$f[] = " \".xbm\" => \"image/x-xbitmap\",";
$f[] = " \".xpm\" => \"image/x-xpixmap\",";
$f[] = " \".xwd\" => \"image/x-xwindowdump\",";
$f[] = " \".css\" => \"text/css\",";
$f[] = " \".html\" => \"text/html\",";
$f[] = " \".htm\" => \"text/html\",";
$f[] = " \".js\" => \"text/javascript\",";
$f[] = " \".asc\" => \"text/plain\",";
$f[] = " \".c\" => \"text/plain\",";
$f[] = " \".cpp\" => \"text/plain\",";
$f[] = " \".log\" => \"text/plain\",";
$f[] = " \".conf\" => \"text/plain\",";
$f[] = " \".text\" => \"text/plain\",";
$f[] = " \".txt\" => \"text/plain\",";
$f[] = " \".dtd\" => \"text/xml\",";
$f[] = " \".xml\" => \"text/xml\",";
$f[] = " \".mpeg\" => \"video/mpeg\",";
$f[] = " \".mpg\" => \"video/mpeg\",";
$f[] = " \".mov\" => \"video/quicktime\",";
$f[] = " \".qt\" => \"video/quicktime\",";
$f[] = " \".avi\" => \"video/x-msvideo\",";
$f[] = " \".asf\" => \"video/x-ms-asf\",";
$f[] = " \".asx\" => \"video/x-ms-asf\",";
$f[] = " \".wmv\" => \"video/x-ms-wmv\",";
$f[] = " \".bz2\" => \"application/x-bzip\",";
$f[] = " \".tbz\" => \"application/x-bzip-compressed-tar\",";
$f[] = " \".tar.bz2\" => \"application/x-bzip-compressed-tar\",";
$f[] = " \"\" => \"application/octet-stream\",";
$f[] = " )";
$f[] = "";
$f[] = "";
$f[] = "accesslog.filename = \"/var/log/lighttpd/squidguard-lighttpd.log\"";
$f[] = "url.access-deny = ( \"~\", \".inc\",\".log\",\".ini\",\"ressources\",\"computers\",\"user-backup\",\"logon.php\",\"index.php\")";
$f[] = "";
$f[] = "static-file.exclude-extensions = ( \".php\", \".pl\", \".fcgi\" )";
$f[] = "server.port = {$SquidGuardApachePort}";
$f[] = "#server.bind = \"127.0.0.1\"";
$f[] = "server.error-handler-404 = \"/exec.squidguard.php\"";
$f[] = "#server.error-handler-404 = \"/error-handler.php\"";
$f[] = "server.pid-file = \"/var/run/lighttpd/squidguard-lighttpd.pid\"";
$f[] = "server.max-fds \t\t = 2048";
$f[] = "server.network-backend = \"write\"";
$f[] = "server.follow-symlink = \"enable\"";
$f[] = "";
$f[] = '';
$f[] = "\$SERVER[\"socket\"]== \":{$SquidGuardApacheSSLPort}\" {";
$f[] = "\tssl.engine = \"enable\"";
$cert = new lighttpd_certificate($SquidGuardWebSSLCertificate);
$f[] = $cert->build();
$f[] = "ssl.cipher-list=\"ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:+SSLv3\"";
$f[] = "}";
if (!is_file("/opt/artica/ssl/certs/lighttpd.pem")) {
@chmod("/usr/share/artica-postfix/bin/artica-install", 0755);
shell_exec("/usr/share/artica-postfix/bin/artica-install -lighttpd-cert");
}
//
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen on: {$SquidGuardApachePort}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen on: {$SquidGuardApacheSSLPort} SSL\n";
}
$phpfpm = $unix->find_program('php5-fpm');
if (!is_file($phpfpm)) {
$phpfpm = $unix->find_program('php-fpm');
}
if (is_file($phpfpm)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} PHP-FPM is installed\n";
}
if ($EnablePHPFPM == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} PHP-FPM is enabled\n";
}
$PHP_STANDARD_MODE = false;
$f[] = 'fastcgi.server = ( ".php" =>((';
$f[] = ' "socket" => "/var/run/php-fpm.sock",';
}
}
if ($PHP_STANDARD_MODE) {
$f[] = 'fastcgi.server = ( ".php" =>((';
$f[] = ' "bin-path" => "/usr/bin/php-cgi",';
if ($LighttpdUseUnixSocket == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Fast-cgi server unix socket mode\n";
}
$f[] = ' "socket" => "/var/run/lighttpd/php.socket" + var.PID,';
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Fast-cgi server socket 127.0.0.1:{$lighttpdPhpPort}\n";
}
$f[] = ' "host" => "127.0.0.1","port" =>' . $lighttpdPhpPort . ',';
}
}
$f[] = ' "max-procs" => ' . $max_procs . ',';
$f[] = ' "idle-timeout" => 10,';
$f[] = ' "bin-environment" => (';
$f[] = ' "PHP_FCGI_CHILDREN" => "' . $PHP_FCGI_CHILDREN . '",';
$f[] = ' "PHP_FCGI_MAX_REQUESTS" => "' . $PHP_FCGI_MAX_REQUESTS . '"';
$f[] = ' ),';
$f[] = ' "bin-copy-environment" => (';
$f[] = ' "PATH", "SHELL", "USER"';
$f[] = ' ),';
$f[] = ' "broken-scriptfilename" => "enable"';
$f[] = ' ))';
$f[] = ')';
$f[] = "alias.url += ( \"/css/\" => \"/usr/share/artica-postfix/css/\" )";
$f[] = "alias.url += ( \"/img/\" => \"/usr/share/artica-postfix/img/\" )";
$f[] = "alias.url += ( \"/js/\" => \"/usr/share/artica-postfix/js/\" )";
$f[] = "alias.url += ( \"/zaps/\" => \"/usr/share/artica-postfix/bin/install/squid/adzap/zaps/\" )";
$f[] = "";
$f[] = "cgi.assign= (";
$f[] = "\t\".pl\" => \"/usr/bin/perl\",";
$f[] = "\t\".php\" => \"/usr/bin/php-cgi\",";
$f[] = "\t\".py\" => \"/usr/bin/python\",";
$f[] = "\t\".cgi\" => \"/usr/bin/perl\",";
$f[] = ")";
@file_put_contents("/etc/artica-postfix/squidguard-lighttpd.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} squidguard-lighttpd.conf done.\n";
}
}
function apache_config()
{
$sock = new sockets();
$unix = new unix();
$EnablePHPFPM = 0;
$ipaddr = null;
@mkdir("/var/run/apache2", 0755, true);
@mkdir("/var/run/sarg-apache", 0755, true);
@mkdir("/var/log/apache2", 0755, true);
@mkdir(dirname($GLOBALS["APACHE_PID_PATH"]), 0755, true);
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
$SargOutputDir = $sock->GET_INFO("SargOutputDir");
if ($SargOutputDir == null) {
$SargOutputDir = "/var/www/html/squid-reports";
}
$SargWebPort = intval($sock->GET_INFO("SargWebPort"));
if ($SargWebPort == 0) {
$SargWebPort = rand(55600, 59000);
$sock->SET_INFO("SargWebPort", $SargWebPort);
}
if (is_link($SargOutputDir)) {
$SargOutputDir = @readlink($SargOutputDir);
}
@mkdir($SargOutputDir, 0755, true);
if (!is_file("{$SargOutputDir}/index.html")) {
$php = $unix->LOCATE_PHP5_BIN();
shell_exec("{$php} /usr/share/artica-postfix/exec.sarg.php --exec --force >/dev/null 2>&1 &");
}
if ($ipaddr == null) {
$ipaddr = "*";
}
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
$php = $unix->LOCATE_PHP5_BIN();
$EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_file($phpfpm)) {
$EnableArticaApachePHPFPM = 0;
}
$logfile = "/var/log/apache2/apache-sarg-access.log";
$ErrorLog = "/var/log/apache2/apache-sarg-error.log";
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
$apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
if ($EnableArticaApachePHPFPM == 1) {
if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
}
$EnableArticaApachePHPFPM = 0;
}
}
if ($APACHE_SRC_ACCOUNT == null) {
$APACHE_SRC_ACCOUNT = "www-data";
$APACHE_SRC_GROUP = "www-data";
$unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
}
@unlink($ErrorLog);
@unlink($logfile);
if (!is_file("{$logfile}")) {
@touch("{$logfile}");
}
if (!is_file("{$ErrorLog}")) {
@touch("{$ErrorLog}");
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $ErrorLog);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $logfile);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/apache2");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, dirname($GLOBALS["APACHE_PID_PATH"]));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
}
$f[] = "LockFile /var/run/apache2/sarg-artica-accept.lock";
$f[] = "PidFile {$GLOBALS["APACHE_PID_PATH"]}";
$f[] = "AcceptMutex flock";
$f[] = "DocumentRoot {$SargOutputDir}";
$f[] = "DirectoryIndex index.html";
$f[] = "ErrorDocument 400 /index.html";
$f[] = "ErrorDocument 401 /index.html";
$f[] = "ErrorDocument 403 /index.html";
$f[] = "ErrorDocument 404 /index.html";
$f[] = "ErrorDocument 500 /index.html";
$f[] = "NameVirtualHost {$ipaddr}:{$SargWebPort}";
$f[] = "Listen {$ipaddr}:{$SargWebPort}";
$f[] = "<VirtualHost {$ipaddr}:{$SargWebPort}>";
$f[] = "\tServerName {$ipaddr}";
$f[] = "\tDocumentRoot {$SargOutputDir}";
$f[] = "</VirtualHost>";
$f[] = "<IfModule mpm_prefork_module>";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_worker_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_event_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "AccessFileName .htaccess";
$f[] = "<Files ~ \"^\\.ht\">";
$f[] = "\tOrder allow,deny";
$f[] = "\tDeny from all";
$f[] = "\tSatisfy all";
$f[] = "</Files>";
$f[] = "DefaultType text/plain";
$f[] = "HostnameLookups Off";
$f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}";
$f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}";
$f[] = "Timeout 300";
$f[] = "KeepAlive Off";
$f[] = "KeepAliveTimeout 15";
$f[] = "StartServers 1";
$f[] = "MaxClients 50";
$f[] = "MinSpareServers 2";
$f[] = "MaxSpareServers 5";
$f[] = "MaxRequestsPerChild 5000";
$f[] = "MaxKeepAliveRequests 100";
$f[] = "ServerName " . $unix->hostname_g();
$f[] = "<IfModule mod_mime.c>";
$f[] = "\tTypesConfig /etc/mime.types";
$f[] = "\tAddType application/x-compress .Z";
$f[] = "\tAddType application/x-gzip .gz .tgz";
$f[] = "\tAddType application/x-bzip2 .bz2";
$f[] = "\tAddType application/x-httpd-php .php .phtml";
$f[] = "\tAddType application/x-httpd-php-source .phps";
$f[] = "\tAddLanguage ca .ca";
$f[] = "\tAddLanguage cs .cz .cs";
$f[] = "\tAddLanguage da .dk";
$f[] = "\tAddLanguage de .de";
$f[] = "\tAddLanguage el .el";
$f[] = "\tAddLanguage en .en";
$f[] = "\tAddLanguage eo .eo";
$f[] = "\tRemoveType es";
$f[] = "\tAddLanguage es .es";
$f[] = "\tAddLanguage et .et";
$f[] = "\tAddLanguage fr .fr";
$f[] = "\tAddLanguage he .he";
$f[] = "\tAddLanguage hr .hr";
$f[] = "\tAddLanguage it .it";
$f[] = "\tAddLanguage ja .ja";
$f[] = "\tAddLanguage ko .ko";
$f[] = "\tAddLanguage ltz .ltz";
$f[] = "\tAddLanguage nl .nl";
$f[] = "\tAddLanguage nn .nn";
$f[] = "\tAddLanguage no .no";
$f[] = "\tAddLanguage pl .po";
$f[] = "\tAddLanguage pt .pt";
$f[] = "\tAddLanguage pt-BR .pt-br";
$f[] = "\tAddLanguage ru .ru";
$f[] = "\tAddLanguage sv .sv";
$f[] = "\tRemoveType tr";
$f[] = "\tAddLanguage tr .tr";
$f[] = "\tAddLanguage zh-CN .zh-cn";
$f[] = "\tAddLanguage zh-TW .zh-tw";
$f[] = "\tAddCharset us-ascii .ascii .us-ascii";
$f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1";
$f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen";
$f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3";
$f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4";
$f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru";
$f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic";
$f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek";
$f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew";
$f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk";
$f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6";
$f[] = "\tAddCharset ISO-8859-13 .iso8859-13";
$f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8";
$f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9";
$f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10";
$f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
$f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
$f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
$f[] = "\tAddCharset Big5 .Big5 .big5 .b5";
$f[] = "\tAddCharset cn-Big5 .cn-big5";
$f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
$f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251";
$f[] = "\tAddCharset CP866 .cp866";
$f[] = "\tAddCharset KOI8 .koi8";
$f[] = "\tAddCharset KOI8-E .koi8-e";
$f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru";
$f[] = "\tAddCharset KOI8-U .koi8-u";
$f[] = "\tAddCharset KOI8-ru .koi8-uk .ua";
$f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
$f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
$f[] = "\tAddCharset UTF-7 .utf7";
$f[] = "\tAddCharset UTF-8 .utf8";
$f[] = "\tAddCharset UTF-16 .utf16";
$f[] = "\tAddCharset UTF-16BE .utf16be";
$f[] = "\tAddCharset UTF-16LE .utf16le";
$f[] = "\tAddCharset UTF-32 .utf32";
$f[] = "\tAddCharset UTF-32BE .utf32be";
$f[] = "\tAddCharset UTF-32LE .utf32le";
$f[] = "\tAddCharset euc-cn .euc-cn";
$f[] = "\tAddCharset euc-gb .euc-gb";
$f[] = "\tAddCharset euc-jp .euc-jp";
$f[] = "\tAddCharset euc-kr .euc-kr";
$f[] = "\tAddCharset EUC-TW .euc-tw";
$f[] = "\tAddCharset gb2312 .gb2312 .gb";
$f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
$f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
$f[] = "\tAddCharset shift_jis .shift_jis .sjis";
$f[] = "\tAddType text/html .shtml";
$f[] = "\tAddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
//$f[]="Alias /index.php /usr/share/artica-postfix/hotspot.php";
//$f[]="Alias /index.html /usr/share/artica-postfix/hotspot.php";
$f[] = "<Directory \"{$SargOutputDir}\">";
$f[] = "\tDirectorySlash On";
$f[] = "\tDirectoryIndex index.html";
$f[] = "\t\t<Files \"hostpot.php\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tallow from all";
$f[] = "\t\t</Files>";
$f[] = "\tErrorDocument 400 /index.html";
$f[] = "\tErrorDocument 401 /index.html";
$f[] = "\tErrorDocument 403 /index.html";
$f[] = "\tErrorDocument 404 /index.html";
$f[] = "\tErrorDocument 500 /index.html";
$f[] = "\tOptions -Indexes";
$f[] = "\tAllowOverride All";
$f[] = "\tOrder allow,deny";
$f[] = "\tAllow from all";
$f[] = "</Directory>";
$f[] = "Loglevel debug";
$f[] = "ErrorLog {$ErrorLog}";
$f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
$f[] = "CustomLog {$logfile} common";
$array["actions_module"] = "mod_actions.so";
$array["expires_module"] = "mod_expires.so";
$array["rewrite_module"] = "mod_rewrite.so";
$array["dir_module"] = "mod_dir.so";
$array["mime_module"] = "mod_mime.so";
$array["alias_module"] = "mod_alias.so";
$array["auth_basic_module"] = "mod_auth_basic.so";
$array["authz_host_module"] = "mod_authz_host.so";
$array["autoindex_module"] = "mod_autoindex.so";
$array["negotiation_module"] = "mod_negotiation.so";
$array["headers_module"] = "mod_headers.so";
//$array["ldap_module"]="mod_ldap.so";
if (is_dir("/etc/apache2")) {
if (!is_file("/etc/apache2/mime.types")) {
if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
@copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
}
while (list($module, $lib) = each($array)) {
if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
}
$f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
}
}
}
@file_put_contents($GLOBALS["APACHE_CONFIG_PATH"], @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$GLOBALS["APACHE_CONFIG_PATH"]} done\n";
}
}
function apache_config()
{
$sock = new sockets();
$unix = new unix();
$EnablePHPFPM = 0;
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
if (preg_match("#APACHE_RUN_GROUP#", $APACHE_SRC_GROUP)) {
$APACHE_SRC_GROUP = "www-data";
}
$LogFilePath = "/var/log/artica-wifidog/access.log";
$directories[] = "/var/run/apache2";
$directories[] = "/var/run/artica-apache";
$directories[] = "/var/log/artica-wifidog";
$directories[] = "/home/artica/hotspot/sessions";
$directories[] = "/home/artica/hotspot/caches";
while (list($index, $maindir) = each($directories)) {
@mkdir($maindir, 0755, true);
@chown($maindir, $APACHE_SRC_ACCOUNT);
@chgrp($maindir, $APACHE_SRC_GROUP);
}
$ErrorLog = dirname($LogFilePath) . "/error.log";
if (!is_file($LogFilePath)) {
@touch($LogFilePath);
}
@chown($LogFilePath, $APACHE_SRC_ACCOUNT);
@chgrp($LogFilePath, $APACHE_SRC_GROUP);
if (!is_file($ErrorLog)) {
@touch($ErrorLog);
}
@chown($ErrorLog, $APACHE_SRC_ACCOUNT);
@chgrp($ErrorLog, $APACHE_SRC_GROUP);
$APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
$HotSpotMaxClients = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotMaxClients"));
$HotSpotStartServers = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotStartServers"));
$HotSpotForceDDOSDisable = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotForceDDOSDisable"));
if ($HotSpotMaxClients == 0) {
$HotSpotMaxClients = 20;
}
if ($HotSpotStartServers == 0) {
$HotSpotStartServers = 5;
}
$EnableArticaHotSpot = $sock->GET_INFO("EnableArticaHotSpot");
$SquidHotSpotPort = $sock->GET_INFO("SquidHotSpotPort");
$ArticaHotSpotPort = $sock->GET_INFO("ArticaHotSpotPort");
$ArticaSSLHotSpotPort = $sock->GET_INFO("ArticaSSLHotSpotPort");
$ArticaSplashHotSpotPort = $sock->GET_INFO("ArticaSplashHotSpotPort");
$ArticaSplashHotSpotPortSSL = $sock->GET_INFO("ArticaSplashHotSpotPortSSL");
if (!is_numeric($ArticaHotSpotPort)) {
$ArticaHotSpotPort = 0;
}
if (!is_numeric($ArticaSplashHotSpotPort)) {
$ArticaSplashHotSpotPort = 16080;
}
if (!is_numeric($ArticaSplashHotSpotPortSSL)) {
$ArticaSplashHotSpotPortSSL = 16443;
}
$ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface");
$HospotHTTPServerName = trim($sock->GET_INFO("HospotHTTPServerName"));
$HotSpotErrorRedirect = $sock->GET_INFO("HotSpotErrorRedirect");
if ($HotSpotErrorRedirect == null) {
$HotSpotErrorRedirect = "http://www.msftncsi.com";
}
$Params = unserialize($sock->GET_INFO("HotSpotEvasive"));
$ApacheEvasiveInstalled = intval($sock->GET_INFO("ApacheEvasiveInstalled"));
if (!is_numeric($Params["DOSEnable"])) {
$Params["DOSEnable"] = 1;
}
if (!is_numeric($Params["DOSHashTableSize"])) {
$Params["DOSHashTableSize"] = 1024;
}
if (!is_numeric($Params["DOSPageCount"])) {
$Params["DOSPageCount"] = 3;
}
if (!is_numeric($Params["DOSSiteCount"])) {
$Params["DOSSiteCount"] = 20;
}
if (!is_numeric($Params["DOSPageInterval"])) {
$Params["DOSPageInterval"] = 1;
}
if (!is_numeric($Params["DOSSiteInterval"])) {
$Params["DOSSiteInterval"] = 10;
}
if (!is_numeric($Params["DOSBlockingPeriod"])) {
$Params["DOSBlockingPeriod"] = 5;
}
$unix = new unix();
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$ipaddr = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HotSpot run as {$ArticaHotSpotInterface} ( {$ipaddr} )\n";
}
if ($ipaddr == "0.0.0.0") {
$ipaddr = "*";
}
if ($ipaddr == null) {
$ipaddr = "*";
}
$GLOBALS["HOSTPOT_WEB_INTERFACE"] = $ipaddr;
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
$php = $unix->LOCATE_PHP5_BIN();
$EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_file($phpfpm)) {
$EnableArticaApachePHPFPM = 0;
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
$apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
if ($EnableArticaApachePHPFPM == 1) {
if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
}
$EnableArticaApachePHPFPM = 0;
}
}
if ($APACHE_SRC_ACCOUNT == null) {
$APACHE_SRC_ACCOUNT = "www-data";
$APACHE_SRC_GROUP = "www-data";
$unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as....: {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port.: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM...: {$EnablePHPFPM}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} MaxClients: {$HotSpotMaxClients}\n";
}
$f[] = "Group {$APACHE_SRC_GROUP}";
$f[] = "User {$APACHE_SRC_ACCOUNT}";
$f[] = "LockFile /var/run/apache2/hotspot-artica-accept.lock";
$f[] = "PidFile /var/run/artica-apache/hotspot-apache.pid";
$f[] = "AcceptMutex flock";
$f[] = "SSLRandomSeed startup file:/dev/urandom 256";
$f[] = "SSLRandomSeed connect builtin";
$f[] = "SSLSessionCache shmcb:/var/run/apache2/ssl_scache-hotspot(512000)";
$f[] = "SSLSessionCacheTimeout 300";
$f[] = "SSLSessionCacheTimeout 300";
$f[] = "DocumentRoot /usr/share/artica-postfix";
$f[] = "DirectoryIndex hotspot.html";
$f[] = "ErrorDocument 400 /hotspot.html";
$f[] = "ErrorDocument 401 /hotspot.html";
$f[] = "ErrorDocument 403 /hotspot.html";
$f[] = "ErrorDocument 404 /hotspot.html";
$f[] = "ErrorDocument 500 /hotspot.html";
$NameVirtualHost = $ipaddr;
if ($HospotHTTPServerName != null) {
$NameVirtualHost = $HospotHTTPServerName;
}
$f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
$f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
$f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
$f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
$ddos_config = null;
if ($HotSpotForceDDOSDisable == 1) {
$Params["DOSEnable"] = 0;
}
if ($Params["DOSEnable"] == 1) {
//$ddos[]="<IfModule mod_evasive20.c>";
$ddos[] = "\tDOSHashTableSize {$Params["DOSHashTableSize"]}";
$ddos[] = "\tDOSPageCount {$Params["DOSPageCount"]}";
$ddos[] = "\tDOSSiteCount {$Params["DOSSiteCount"]}";
$ddos[] = "\tDOSPageInterval {$Params["DOSPageInterval"]}";
$ddos[] = "\tDOSSiteInterval {$Params["DOSSiteInterval"]}";
$ddos[] = "\tDOSBlockingPeriod {$Params["DOSBlockingPeriod"]}";
$ddos[] = "\tDOSLogDir \"/var/log/artica-wifidog\"";
$ddos[] = "\tDOSSystemCommand \"/bin/echo `date '+%F %T'` HOTSPOT %s >> /var/log/artica-wifidog/dos_evasive_attacks.log\"";
$ddos_config = @implode("\n", $ddos);
//$ddos[]="</IfModule>";
}
$f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}>";
$f[] = "\tServerName {$NameVirtualHost}";
$f[] = "\tDocumentRoot /usr/share/artica-postfix";
$f[] = "{$ddos_config}";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "</VirtualHost>";
$f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}>";
$f[] = "\tServerName {$NameVirtualHost}";
$f[] = "\tDocumentRoot /usr/share/artica-postfix";
$f[] = "\tSSLEngine on";
$squid = new squidbee();
$ArticaSplashHotSpotCertificate = $sock->GET_INFO("ArticaSplashHotSpotCertificate");
$data = $squid->SaveCertificate($ArticaSplashHotSpotCertificate, false, true, false);
if ($ArticaSplashHotSpotCertificate != null) {
$apache = new apache_certificate($ArticaSplashHotSpotCertificate);
$f[] = $apache->build();
} else {
if (preg_match("#ssl_certificate\\s+(.+?);\\s+ssl_certificate_key\\s+(.+?);#is", $data, $re)) {
$cert = $re[1];
$key = $re[2];
$f[] = "\tSSLCertificateFile \"{$cert}\"";
$f[] = "\tSSLCertificateKeyFile \"{$key}\"";
}
}
$f[] = "\tSSLVerifyClient none";
$f[] = "\tServerSignature Off";
$f[] = "{$ddos_config}";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "</VirtualHost>";
$f[] = "AccessFileName .htaccess";
$f[] = "<Files ~ \"^\\.ht\">";
$f[] = "\tOrder allow,deny";
$f[] = "\tDeny from all";
$f[] = "\tSatisfy all";
$f[] = "</Files>";
$f[] = "DefaultType text/plain";
$f[] = "HostnameLookups Off";
$f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}";
$f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}";
$f[] = "Timeout 300";
$f[] = "KeepAlive Off";
$f[] = "KeepAliveTimeout 3";
if ($HotSpotStartServers >= $HotSpotMaxClients) {
$HotSpotMaxClients = $HotSpotMaxClients + $HotSpotStartServers;
}
if ($HotSpotMaxClients > 1024) {
$HotSpotMaxClients = 1024;
}
$ServerLimit = $HotSpotMaxClients + 100;
if ($ServerLimit > 2000) {
$ServerLimit = 2000;
}
$f[] = "StartServers {$HotSpotStartServers}";
$f[] = "MaxClients {$HotSpotMaxClients}";
$f[] = "ServerLimit\t\t {$ServerLimit}";
$MinSpareServers = $HotSpotStartServers + 5;
$MaxSpareServers = $MinSpareServers + 1;
$f[] = "MinSpareServers {$MinSpareServers}";
$f[] = "MaxSpareServers {$MaxSpareServers}";
$f[] = "MaxRequestsPerChild 800";
$f[] = "MaxKeepAliveRequests 100";
$f[] = "ServerName " . $unix->hostname_g();
$f[] = "<IfModule mod_ssl.c>";
$f[] = "\tSSLRandomSeed connect builtin";
$f[] = "\tSSLRandomSeed connect file:/dev/urandom 512";
$f[] = "\tAddType application/x-x509-ca-cert .crt";
$f[] = "\tAddType application/x-pkcs7-crl .crl";
$f[] = "\tSSLPassPhraseDialog builtin";
$f[] = "\tSSLSessionCache shmcb:/var/run/apache2/ssl_scache-articahtp(512000)";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLMutex sem";
$f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
$f[] = "\tSSLProtocol all -SSLv2";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "AddType application/x-httpd-php .php";
$f[] = "php_value error_log \"/var/log/artica-wifidog/access.log\"";
$f[] = "php_value session.save_path \"/home/artica/hotspot/sessions\"";
$f[] = "<IfModule mod_fcgid.c>";
$f[] = "\tPHP_Fix_Pathinfo_Enable 1";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_php5.c>";
$f[] = " <FilesMatch \"\\.ph(p3?|tml)\$\">";
$f[] = "\tSetHandler application/x-httpd-php";
$f[] = " </FilesMatch>";
$f[] = " <FilesMatch \"\\.phps\$\">";
$f[] = "\tSetHandler application/x-httpd-php-source";
$f[] = " </FilesMatch>";
$f[] = " <IfModule mod_userdir.c>";
$f[] = " <Directory /home/*/public_html>";
$f[] = " php_admin_value engine Off";
$f[] = " </Directory>";
$f[] = " </IfModule>";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_mime.c>";
$f[] = "\tTypesConfig /etc/mime.types";
$f[] = "\tAddType application/x-compress .Z";
$f[] = "\tAddType application/x-gzip .gz .tgz";
$f[] = "\tAddType application/x-bzip2 .bz2";
$f[] = "\tAddType application/x-httpd-php .php .phtml";
$f[] = "\tAddType application/x-httpd-php-source .phps";
$f[] = "\tAddLanguage ca .ca";
$f[] = "\tAddLanguage cs .cz .cs";
$f[] = "\tAddLanguage da .dk";
$f[] = "\tAddLanguage de .de";
$f[] = "\tAddLanguage el .el";
$f[] = "\tAddLanguage en .en";
$f[] = "\tAddLanguage eo .eo";
$f[] = "\tRemoveType es";
$f[] = "\tAddLanguage es .es";
$f[] = "\tAddLanguage et .et";
$f[] = "\tAddLanguage fr .fr";
$f[] = "\tAddLanguage he .he";
$f[] = "\tAddLanguage hr .hr";
$f[] = "\tAddLanguage it .it";
$f[] = "\tAddLanguage ja .ja";
$f[] = "\tAddLanguage ko .ko";
$f[] = "\tAddLanguage ltz .ltz";
$f[] = "\tAddLanguage nl .nl";
$f[] = "\tAddLanguage nn .nn";
$f[] = "\tAddLanguage no .no";
$f[] = "\tAddLanguage pl .po";
$f[] = "\tAddLanguage pt .pt";
$f[] = "\tAddLanguage pt-BR .pt-br";
$f[] = "\tAddLanguage ru .ru";
$f[] = "\tAddLanguage sv .sv";
$f[] = "\tRemoveType tr";
$f[] = "\tAddLanguage tr .tr";
$f[] = "\tAddLanguage zh-CN .zh-cn";
$f[] = "\tAddLanguage zh-TW .zh-tw";
$f[] = "\tAddCharset us-ascii .ascii .us-ascii";
$f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1";
$f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen";
$f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3";
$f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4";
$f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru";
$f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic";
$f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek";
$f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew";
$f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk";
$f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6";
$f[] = "\tAddCharset ISO-8859-13 .iso8859-13";
$f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8";
$f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9";
$f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10";
$f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
$f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
$f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
$f[] = "\tAddCharset Big5 .Big5 .big5 .b5";
$f[] = "\tAddCharset cn-Big5 .cn-big5";
$f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
$f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251";
$f[] = "\tAddCharset CP866 .cp866";
$f[] = "\tAddCharset KOI8 .koi8";
$f[] = "\tAddCharset KOI8-E .koi8-e";
$f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru";
$f[] = "\tAddCharset KOI8-U .koi8-u";
$f[] = "\tAddCharset KOI8-ru .koi8-uk .ua";
$f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
$f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
$f[] = "\tAddCharset UTF-7 .utf7";
$f[] = "\tAddCharset UTF-8 .utf8";
$f[] = "\tAddCharset UTF-16 .utf16";
$f[] = "\tAddCharset UTF-16BE .utf16be";
$f[] = "\tAddCharset UTF-16LE .utf16le";
$f[] = "\tAddCharset UTF-32 .utf32";
$f[] = "\tAddCharset UTF-32BE .utf32be";
$f[] = "\tAddCharset UTF-32LE .utf32le";
$f[] = "\tAddCharset euc-cn .euc-cn";
$f[] = "\tAddCharset euc-gb .euc-gb";
$f[] = "\tAddCharset euc-jp .euc-jp";
$f[] = "\tAddCharset euc-kr .euc-kr";
$f[] = "\tAddCharset EUC-TW .euc-tw";
$f[] = "\tAddCharset gb2312 .gb2312 .gb";
$f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
$f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
$f[] = "\tAddCharset shift_jis .shift_jis .sjis";
$f[] = "\tAddType text/html .shtml";
$f[] = "\tAddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
$f[] = "Alias /index.php /hotspot.html";
$f[] = "Alias /index.html /hotspot.html";
$f[] = "Alias /Microsoft-Server-ActiveSync /hotspot-none.html";
$f[] = "<Directory \"/usr/share/artica-postfix\">";
$f[] = "\tDirectorySlash On";
$f[] = "\tDirectoryIndex hostpot.php";
$f[] = "\t\t<Files \"hostpot.php\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tallow from all";
$f[] = "\t\t</Files>";
$f[] = "\t\t<Files \"hostpot.html\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tallow from all";
$f[] = "\t\t</Files>";
$f[] = "\t\t<FilesMatch \"!(hostpot)\\.(html|php)\$\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tdeny from all";
$f[] = "\t\t</FilesMatch>";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "\tOptions -Indexes";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tAllowOverride All";
$f[] = "\tOrder allow,deny";
$f[] = "\tAllow from all";
$f[] = "</Directory>";
if ($EnableArticaApachePHPFPM == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
}
shell_exec("/etc/init.d/php5-fpm restart");
$f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
$f[] = "\tAddHandler php-script .php";
$f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
$f[] = "\tAction php-script /php5.fastcgi virtual";
$f[] = "\t<Directory /var/run/artica-apache>";
$f[] = "\t\t<Files php5.fastcgi>";
$f[] = "\t\tOrder deny,allow";
$f[] = "\t\tAllow from all";
$f[] = "\t\t</Files>";
$f[] = "\t</Directory>";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
}
}
$f[] = "Loglevel debug";
$f[] = "ErrorLog {$ErrorLog}";
$f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
$f[] = "CustomLog {$LogFilePath} common";
if ($EnableArticaApachePHPFPM == 0) {
$array["php5_module"] = "libphp5.so";
}
$array["actions_module"] = "mod_actions.so";
$array["expires_module"] = "mod_expires.so";
$array["rewrite_module"] = "mod_rewrite.so";
$array["dir_module"] = "mod_dir.so";
$array["mime_module"] = "mod_mime.so";
$array["alias_module"] = "mod_alias.so";
$array["auth_basic_module"] = "mod_auth_basic.so";
$array["authz_host_module"] = "mod_authz_host.so";
$array["autoindex_module"] = "mod_autoindex.so";
$array["negotiation_module"] = "mod_negotiation.so";
$array["ssl_module"] = "mod_ssl.so";
$array["headers_module"] = "mod_headers.so";
$array["ldap_module"] = "mod_ldap.so";
if ($Params["DOSEnable"] == 1) {
$array["evasive20_module"] = "mod_evasive20.so";
}
if ($EnableArticaApachePHPFPM == 1) {
$array["fastcgi_module"] = "mod_fastcgi.so";
}
if (is_dir("/etc/apache2")) {
if (!is_file("/etc/apache2/mime.types")) {
if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
@copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
}
while (list($module, $lib) = each($array)) {
if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
}
$f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
}
}
}
build_error_page();
@file_put_contents("/etc/artica-postfix/hotspot-httpd.conf", @implode("\n", $f) . "\n");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/hotspot-httpd.conf done\n";
}
}
function start($aspid = false)
{
$unix = new unix();
$sock = new sockets();
$postconf = $unix->find_program("postconf");
$postfix = $unix->find_program("postfix");
$usermod = $unix->find_program("usermod");
$users = new usersMenus();
if (!is_file($postconf)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix, not installed\n";
}
return;
}
if (!$aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
$timepid = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix Service already started {$pid} since {$timepid}Mn...\n";
}
return;
}
$EnablePostfix = $sock->GET_INFO("EnablePostfix");
$EnableStopPostfix = $sock->GET_INFO("EnableStopPostfix");
if (!is_numeric($EnablePostfix)) {
$EnablePostfix = 1;
}
if (!is_numeric($EnableStopPostfix)) {
$EnableStopPostfix = 0;
}
if ($EnableStopPostfix == 1) {
$EnablePostfix = 0;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix EnablePostfix = {$EnablePostfix}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix EnableStopPostfix = {$EnableStopPostfix}\n";
}
if ($EnablePostfix == 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service disabled\n";
}
return;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix checking postfix user\n";
}
$unix->CreateUnixUser("postfix", "postfix");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix checking clamav user\n";
}
$unix->CreateUnixUser("clamav", "clamav");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix checking postdrop group\n";
}
$unix->SystemCreateGroup("postdrop");
shell_exec("{$usermod} -a -G postfix clamav >/dev/null 2>&1");
@mkdir("/var/amavis", 0755, true);
@chmod("/var/amavis", 0755);
if (!is_file("/etc/postfix/relay_domains.db")) {
@touch("/etc/postfix/relay_domains");
shell_exec("postmap hash:/etc/postfix/relay_domains");
}
if (is_file("/etc/sasldb2")) {
@chown("/etc/sasldb2", "postfix");
@chgrp("/etc/sasldb2", "postfix");
}
$unixsocket = $users->cyrus_lmtp_path;
if ($unixsocket == null) {
$unixsocket = "/var/spool/postfix/var/run/cyrus/socket/lmtp";
}
@chown($unixsocket, "postfix");
@chgrp($unixsocket, "postfix");
@chmod($unixsocket, 0777);
$nohup = $unix->find_program("nohup");
$php5 = $unix->LOCATE_PHP5_BIN();
$TMPFILE = $unix->FILE_TEMP();
$cmd = "{$nohup} {$postfix} start >{$TMPFILE} 2>&1 &";
if ($GLOBALS["VERBOSE"]) {
echo "{$cmd}\n";
}
shell_exec($cmd);
for ($i = 0; $i < 6; $i++) {
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
break;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service waiting {$i}/6...\n";
}
sleep(1);
}
$f = explode("\n", @file_get_contents($TMPFILE));
@unlink($TMPFILE);
while (list($num, $line) = each($f)) {
if (trim($line) == null) {
continue;
}
if (strpos($line, "unused parameter:") > 0) {
continue;
}
if (preg_match("#fatal:.*?directory\\s+(.+?):\\s+Permission denied#", $line, $re)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: permission error on \"{$re[1]}\"\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Running permission tool\n";
}
exec("{$postfix} set-permissions 2>&1", $results2);
while (list($num, $line) = each($results2)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$line}\n";
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: You need to restart again the service\n";
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$line}\n";
}
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service Success service started pid:{$pid}...\n";
}
return;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service failed...\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$cmd}\n";
}
if ($GLOBALS["VERBOSE"]) {
echo "{$cmd}\n";
}
}
function start($aspid = false)
{
$unix = new unix();
$sock = new sockets();
$Masterbin = "/opt/kaspersky/kav4proxy/sbin/kav4proxy-kavicapserver";
if (!is_file($Masterbin)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, Not installed\n";
}
return;
}
if (!$aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
if ($unix->MEM_TOTAL_INSTALLEE() < 624288) {
$sock->SET_INFO("kavicapserverEnabled", 0);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Not enough memory\n";
}
if ($unix->process_exists($pid)) {
stop();
}
return;
}
$pid = PID_NUM();
$kavicapserverEnabled = intval($sock->GET_INFO("kavicapserverEnabled"));
if ($unix->process_exists($pid)) {
$timepid = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
}
if ($kavicapserverEnabled == 0) {
stop();
}
return;
}
if ($kavicapserverEnabled == 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see kavicapserverEnabled)\n";
}
return;
}
$php5 = $unix->LOCATE_PHP5_BIN();
$sysctl = $unix->find_program("sysctl");
$echo = $unix->find_program("echo");
$nohup = $unix->find_program("nohup");
$unix->CreateUnixUser("kluser", "klusers");
build();
$version = kav4proxy_version();
$KL_SERVICE_CONFIG = "/etc/opt/kaspersky/kav4proxy.conf";
$f[] = $nohup;
$f[] = $Masterbin;
$f[] = "-C \"{$KL_SERVICE_CONFIG}\"";
$cmd = @implode(" ", $f) . " >/dev/null 2>&1 &";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
}
shell_exec($cmd);
for ($i = 1; $i < 5; $i++) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
}
sleep(1);
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
break;
}
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
}
}
}
function start_prepare()
{
if ($GLOBALS["CRASHED"]) {
return;
}
buil_init_squid_cache_log();
initd_squid();
$reconfigure = false;
$unix = new unix();
$sock = new sockets();
$NtpdateAD = $sock->GET_INFO("NtpdateAD");
$php = $unix->LOCATE_PHP5_BIN();
$nohup = $unix->find_program("nohup");
if (!is_file("/etc/squid3/malwares.acl")) {
@file_put_contents("/etc/squid3/malwares.acl", "\n");
}
if (!is_file("/etc/squid3/squid-block.acl")) {
@file_put_contents("/etc/squid3/squid-block.acl", "\n");
}
$EXPLODED = explode("\n", @file_get_contents("/etc/squid3/squid.conf"));
while (list($index, $val) = each($EXPLODED)) {
if (preg_match("#INSERT YOUR OWN RULE#", $val)) {
if ($GLOBALS["OUTPUT"]) {
echo "Preparing.....: " . date("H:i:s") . " squid must be reconfigured...\n";
}
$reconfigure = true;
}
}
if ($reconfigure) {
if ($GLOBALS["OUTPUT"]) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " Rebuild configuration\n";
}
system("{$php} /usr/share/artica-postfix/exec.squid.php --build --withoutloading");
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " Rebuild configuration\n";
}
exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --withoutloading 2>&1", $GLOBALS["LOGS"]);
}
}
if ($NtpdateAD == 1) {
shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.kerbauth.php --ntpdate >/dev/null 2>&1 &");
}
$unix->CreateUnixUser("squid", "squid");
if (!is_file("/etc/squid3/squid.conf")) {
if ($GLOBALS["OUTPUT"]) {
echo "Preparing.....: " . date("H:i:s") . " Warning /etc/squid3/squid.conf no such file\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Preparing.....: " . date("H:i:s") . " Ask to build it and die\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --force --withoutloading");
die;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " initd-squid\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.initd-squid.php >/dev/null 2>&1");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " Watchdog config\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --watchdog-config >/dev/null 2>&1");
exec("{$php} /usr/share/artica-postfix/exec.squid.transparent.php", $GLOBALS["LOGS"]);
if (!is_file("/etc/init.d/tproxy start")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " Building transparent method\n";
}
exec("{$php} /usr/share/artica-postfix/exec.squid.transparent.php", $GLOBALS["LOGS"]);
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " Starting transparent method\n";
}
exec("/etc/init.d/tproxy start", $GLOBALS["LOGS"]);
}
$directories_squid[] = "/var/squid";
$directories_squid[] = "/var/squid/cache";
$directories_squid[] = "/usr/share/squid3/icons";
$directories_squid[] = "/var/log/squid";
$directories_squid[] = "/etc/squid3";
$directories_squid[] = "/var/lib/squidguard";
$directories_squid[] = "/var/run/squid";
$directories_squid[] = "/lib/squid3";
$directories_chmod[] = "/var/logs";
$directories_chmod[] = "/var/log";
$directories_chmod[] = "/var";
$directories_chmod_owned[] = "/home/squid";
$filesOblig[] = "/etc/squid3/url_rewrite_program.deny.db";
$filesOblig[] = "/var/run/squid/squid.pid";
while (list($num, $directory) = each($directories_squid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Preparing.....: " . date("H:i:s") . " {$directory}\n";
}
if (!is_dir($directory)) {
@mkdir($directory, 0755, true);
}
@chmod($directory, 0755);
$unix->chmod_func(0755, "{$directory}/*");
$unix->chown_func("squid", "squid", "{$directory}/*");
}
while (list($num, $directory) = each($directories_chmod)) {
if ($GLOBALS["OUTPUT"]) {
echo "Preparing.....: " . date("H:i:s") . " {$directory}\n";
}
if (!is_dir($directory)) {
@mkdir($directory, 0755, true);
}
@chmod($directory, 0755);
}
while (list($num, $directory) = each($directories_chmod)) {
if ($GLOBALS["OUTPUT"]) {
echo "Preparing.....: " . date("H:i:s") . " {$directory}\n";
}
if (!is_dir($directory)) {
@mkdir($directory, 0755, true);
}
$unix->chmod_func(0755, "{$directory}");
$unix->chown_func("squid", "squid", "{$directory}");
}
while (list($num, $filepath) = each($filesOblig)) {
if ($GLOBALS["OUTPUT"]) {
echo "Preparing.....: " . date("H:i:s") . " {$filepath}\n";
}
if (!is_file($filepath)) {
@touch("{$filepath}");
}
@chmod($filepath, 0755);
@chown($filepath, "squid");
@chgrp($filepath, "squid");
}
$articafiles[] = "exec.logfile_daemon.php";
$articafiles[] = "external_acl_squid_ldap.php";
$articafiles[] = "external_acl_dynamic.php";
$articafiles[] = "external_acl_quota.php";
$articafiles[] = "external_acl_basic_auth.php";
$articafiles[] = "external_acl_squid.php";
while (list($num, $filename) = each($articafiles)) {
$filepath = "/usr/share/artica-postfix/{$filename}";
if ($GLOBALS["OUTPUT"]) {
echo "Preparing.....: " . date("H:i:s") . " {$filepath}\n";
}
@chmod($filepath, 0755);
@chown($filepath, "squid");
@chgrp($filepath, "squid");
}
$squid_locate_pinger = $unix->squid_locate_pinger();
$setcap = $unix->find_program("setcap");
if (is_file($squid_locate_pinger)) {
@chmod($squid_locate_pinger, 0755);
@chown($squid_locate_pinger, "squid");
@chgrp($squid_locate_pinger, "squid");
if (is_file("{$setcap}")) {
shell_exec("{$setcap} cap_net_raw=pe {$squid_locate_pinger}");
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Preparing.....: " . date("H:i:s") . " WARNING! setcap, no such binary!!\n";
}
$unix->DEBIAN_INSTALL_PACKAGE("libcap2-bin");
}
}
}
function checkdb()
{
$unix = new unix();
$q = new mysql();
$JAVA_HOME = $unix->JAVA_HOME_GET();
if (strlen($JAVA_HOME) == 0) {
echo "Starting......: " . date("H:i:s") . " OpenEMM JAVA_HOME failed\n";
return;
}
echo "Starting......: " . date("H:i:s") . " OpenEMM JAVA_HOME {$JAVA_HOME}\n";
if (!is_file("/home/openemm/bin/openemm.sh")) {
echo "Starting......: " . date("H:i:s") . " OpenEMM /home/openemm/bin/openemm.sh no such file\n";
return;
}
if (!is_file("/opt/openemm/tomcat6/bin/startup.sh")) {
echo "Starting......: " . date("H:i:s") . " OpenEMM tomcat 6.x is not installed\n";
return;
}
if (!$q->DATABASE_EXISTS("openemm")) {
$q->CREATE_DATABASE("openemm");
}
if (!$q->DATABASE_EXISTS("openemm")) {
echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating database openemm\n";
return;
}
echo "Starting......: " . date("H:i:s") . " OpenEMM database openemm OK\n";
if (!$q->DATABASE_EXISTS("openemm_cms")) {
$q->CREATE_DATABASE("openemm_cms");
}
if (!$q->DATABASE_EXISTS("openemm_cms")) {
echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating database openemm_cms\n";
return;
}
if (!test_cms_tables()) {
if (is_file("/home/openemm/USR_SHARE/openemm_cms-2011.sql")) {
$mysql = $unix->find_program("mysql");
$cmd = "{$mysql} -u {$q->mysql_admin} -p\"{$q->mysql_password}\" --batch --database=openemm_cms < /home/openemm/USR_SHARE/openemm_cms-2011.sql";
shell_exec($cmd);
}
}
if (!testtables()) {
$mysql = $unix->find_program("mysql");
if (is_file("/home/openemm/USR_SHARE/openemm-2011.sql")) {
$cmd = "{$mysql} -u {$q->mysql_admin} -p\"{$q->mysql_password}\" --batch --database=openemm < /home/openemm/USR_SHARE/openemm-2011.sql";
shell_exec($cmd);
}
}
if (!testtables()) {
echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating openemm tables\n";
return;
}
if (!test_cms_tables()) {
echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating openemm_cms tables\n";
return;
}
echo "Starting......: " . date("H:i:s") . " OpenEMM tables in openemm base OK\n";
echo "Starting......: " . date("H:i:s") . " OpenEMM tables in openemm_cms base OK\n";
if (!$unix->CreateUnixUser("openemm")) {
echo "Starting......: " . date("H:i:s") . " OpenEMM unix user openemm failed\n";
return;
}
echo "Starting......: " . date("H:i:s") . " OpenEMM unix user openemm OK\n";
patch_javahome($JAVA_HOME);
patch_tomcat_dir("/opt/openemm/tomcat6");
if (!is_dir("/home/openemm/logs")) {
echo "Starting......: " . date("H:i:s") . " OpenEMM creating /home/openemm/logs directory\n";
@mkdir("/home/openemm/logs", 0755, true);
}
$aa_complain = $unix->find_program("aa-complain");
if (is_file($aa_complain)) {
shell_exec("{$aa_complain} {$JAVA_HOME}/bin/java");
}
if (!is_file("/home/openemm/webapps/openemm/WEB-INF/classes/messages_en_US.properties")) {
shell_exec("/bin/cp /home/openemm/webapps/openemm/WEB-INF/classes/messages_en.properties /home/openemm/webapps/openemm/WEB-INF/classes/messages_en_US.properties");
}
cms_properties();
if (!is_dir("/home/openemm/work/Catalina/openemm/_")) {
@mkdir("/home/openemm/work/Catalina/openemm/_", 0755, true);
}
shell_exec("/bin/chown openemm /home/openemm");
shell_exec("/bin/chown -R openemm /home/openemm");
if (is_numeric(is_tomcat_running())) {
echo "Starting......: " . date("H:i:s") . " OpenEMM stopping tomcat first...\n";
shell_exec("/etc/init.d/artica-postfix stop tomcat");
}
@unlink("/home/openemm/logs/catalina.out");
@unlink("/home/openemm/logs/openemm/openemm_axis.log");
@unlink("/home/openemm/logs/openemm/openemm_axis.log");
@unlink("/home/openemm/logs/openemm/openemm_core.log");
@unlink("/home/openemm/logs/openemm/userlogs.log");
}
function apache_config()
{
$sock = new sockets();
$unix = new unix();
$EnablePHPFPM = 0;
@mkdir("/var/run/apache2", 0755, true);
@mkdir("/var/run/artica-apache", 0755, true);
@mkdir("/var/log/lighttpd", 0755, true);
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
$pydio_installed = false;
if (is_file(" /etc/php5/cli/conf.d/ming.ini")) {
@unlink(" /etc/php5/cli/conf.d/ming.ini");
}
@unlink("/var/log/lighttpd/apache-error.log");
@touch("/var/log/lighttpd/apache-error.log");
@chmod("/var/log/lighttpd/apache-error.log", 0755);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/lighttpd/*");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/usr/share/artica-postfix/ressources/logs/*");
if (is_dir("/usr/share/artica-postfix/pydio")) {
$pydio_installed = true;
}
$ArticaHttpsPort = 9000;
$NoLDAPInLighttpdd = 0;
$ArticaHttpUseSSL = 1;
$ArticaHttpsPort = $sock->GET_INFO("ArticaHttpsPort");
$ArticaHttpUseSSL = $sock->GET_INFO("ArticaHttpUseSSL");
if (!is_numeric($ArticaHttpUseSSL)) {
$ArticaHttpUseSSL = 1;
}
if (!is_numeric($ArticaHttpsPort)) {
$ArticaHttpsPort = "9000";
}
$LighttpdArticaListenIP = $sock->GET_INFO("LighttpdArticaListenIP");
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
$php = $unix->LOCATE_PHP5_BIN();
$EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_file($phpfpm)) {
$EnableArticaApachePHPFPM = 0;
}
$EnablePHPFPM = intval($sock->GET_INFO("EnablePHPFPM"));
if (!is_numeric($EnablePHPFPM)) {
$EnablePHPFPM = 0;
}
if ($EnablePHPFPM == 0) {
$EnableArticaApachePHPFPM = 0;
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
$apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
if ($EnableArticaApachePHPFPM == 1) {
if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
}
$EnableArticaApachePHPFPM = 0;
}
}
if ($APACHE_SRC_ACCOUNT == null) {
$APACHE_SRC_ACCOUNT = "www-data";
$APACHE_SRC_GROUP = "www-data";
$unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM Enabled: {$EnableArticaApachePHPFPM}\n";
}
$f[] = "LockFile /var/run/apache2/artica-accept.lock";
$f[] = "PidFile /var/run/artica-apache/apache.pid";
$f[] = "DocumentRoot /usr/share/artica-postfix";
$open_basedir[] = "/usr/share/artica-postfix";
$open_basedir[] = "/etc/artica-postfix";
$open_basedir[] = "/etc/artica-postfix/settings";
$open_basedir[] = "/var/log";
$open_basedir[] = "/var/run/mysqld";
$open_basedir[] = "/usr/share/php";
$open_basedir[] = "/usr/share/php5";
$open_basedir[] = "/var/lib/php5";
$open_basedir[] = "/var/lighttpd/upload";
$open_basedir[] = "/usr/share/artica-postfix/ressources";
$open_basedir[] = "/usr/share/artica-postfix/framework";
$open_basedir[] = "/etc/ssl/certs/mysql-client-download";
$open_basedir[] = "/var/run";
$open_basedir[] = "/bin";
$open_basedir[] = "/tmp";
$open_basedir[] = "/usr/sbin";
$open_basedir[] = "/home";
//$f[]="php_value open_basedir \"".@implode(":", $open_basedir)."\"";
//$f[]="php_value output_buffering Off";
//$f[]="php_flag magic_quotes_gpc Off";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen Port: {$ArticaHttpsPort}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen IP: {$LighttpdArticaListenIP}\n";
}
if ($LighttpdArticaListenIP != null) {
$unix = new unix();
$IPS = $unix->NETWORK_ALL_INTERFACES(true);
if (!isset($IPS[$LighttpdArticaListenIP])) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} ERROR! Listen IP: {$LighttpdArticaListenIP} -> FALSE !!\n";
}
$LighttpdArticaListenIP = null;
}
}
if ($LighttpdArticaListenIP == null) {
$LighttpdArticaListenIP = "*";
}
if ($LighttpdArticaListenIP != null) {
$ArticaHttpsPort = "{$LighttpdArticaListenIP}:{$ArticaHttpsPort}";
}
$f[] = "Listen {$ArticaHttpsPort}";
$MaxClients = 20;
$f[] = "<IfModule mpm_prefork_module>";
$f[] = "\tStartServers 1";
$f[] = "\tMinSpareServers 2";
$f[] = "\tMaxSpareServers 3";
$f[] = "\tMaxClients {$MaxClients}";
$f[] = "\tServerLimit {$MaxClients}";
$f[] = "\tMaxRequestsPerChild 100";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_worker_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_event_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "AccessFileName .htaccess";
$f[] = "<Files ~ \"^\\.ht\">";
//$f[]="\tOrder allow,deny";
//$f[]="\tDeny from all";
//$f[]="\tSatisfy all";
$f[] = "</Files>";
$f[] = "DefaultType text/plain";
$f[] = "HostnameLookups Off";
$f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}";
$f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}";
$f[] = "Timeout 300";
$f[] = "KeepAlive Off";
$f[] = "KeepAliveTimeout 15";
$f[] = "StartServers 1";
$f[] = "MaxClients {$MaxClients}";
$f[] = "MinSpareServers 2";
$f[] = "MaxSpareServers 3";
$f[] = "MaxRequestsPerChild 100";
$f[] = "MaxKeepAliveRequests 100";
$ServerName = $unix->hostname_g();
if ($ServerName == null) {
$ServerName = "localhost.localdomain";
}
$f[] = "ServerName {$ServerName}";
if ($ArticaHttpUseSSL == 1) {
$mknod = $unix->find_program("mknod");
shell_exec("{$mknod} /dev/random c 1 9 >/dev/null 2>&1");
$f[] = "<IfModule mod_ssl.c>";
$f[] = "\tListen {$ArticaHttpsPort}";
$f[] = "\tSSLRandomSeed connect builtin";
$f[] = "\tSSLRandomSeed connect file:/dev/urandom 256";
$f[] = "\tAddType application/x-x509-ca-cert .crt";
$f[] = "\tAddType application/x-pkcs7-crl .crl";
$f[] = "\tSSLPassPhraseDialog builtin";
$f[] = "\tSSLSessionCache shmcb:/var/run/apache2/ssl_scache-artica(512000)";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
$f[] = "\tSSLProtocol all -SSLv2";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "<IfModule mod_gnutls.c>";
$f[] = "\tListen {$ArticaHttpsPort}";
$f[] = "</IfModule>";
}
if (!is_file("/etc/ssl/certs/apache/server.crt")) {
shell_exec("/usr/share/artica-postfix/bin/artica-install --apache-ssl-cert");
}
if ($ArticaHttpUseSSL == 1) {
$f[] = "SSLEngine on";
$f[] = "AcceptMutex flock";
$f[] = "SSLCertificateFile \"/etc/ssl/certs/apache/server.crt\"";
$f[] = "SSLCertificateKeyFile \"/etc/ssl/certs/apache/server.key\"";
$f[] = "SSLVerifyClient none";
$f[] = "ServerSignature Off";
$f[] = "SSLRandomSeed startup file:/dev/urandom 256";
$f[] = "SSLRandomSeed connect builtin";
}
$f[] = "AddType application/x-httpd-php .php";
if ($EnableArticaApachePHPFPM == 0) {
$f[] = "php_value error_log \"/var/log/php.log\"";
}
@chown("/var/log/php.log", $APACHE_SRC_ACCOUNT);
$f[] = "<IfModule mod_fcgid.c>";
$f[] = "\tPHP_Fix_Pathinfo_Enable 1";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_php5.c>";
$f[] = " <FilesMatch \"\\.ph(p3?|tml)\$\">";
$f[] = "\tSetHandler application/x-httpd-php";
$f[] = " </FilesMatch>";
$f[] = " <FilesMatch \"\\.phps\$\">";
$f[] = "\tSetHandler application/x-httpd-php-source";
$f[] = " </FilesMatch>";
$f[] = " <IfModule mod_userdir.c>";
$f[] = " <Directory /home/*/public_html>";
$f[] = " php_admin_value engine Off";
$f[] = " </Directory>";
$f[] = " </IfModule>";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_mime.c>";
$f[] = "\tTypesConfig /etc/mime.types";
$f[] = "\tAddType application/x-compress .Z";
$f[] = "\tAddType application/x-gzip .gz .tgz";
$f[] = "\tAddType application/x-bzip2 .bz2";
$f[] = "\tAddType application/x-httpd-php .php .phtml";
$f[] = "\tAddType application/x-httpd-php-source .phps";
$f[] = "\tAddType application/octet-stream .acl";
$f[] = "\tAddLanguage ca .ca";
$f[] = "\tAddLanguage cs .cz .cs";
$f[] = "\tAddLanguage da .dk";
$f[] = "\tAddLanguage de .de";
$f[] = "\tAddLanguage el .el";
$f[] = "\tAddLanguage en .en";
$f[] = "\tAddLanguage eo .eo";
$f[] = "\tRemoveType es";
$f[] = "\tAddLanguage es .es";
$f[] = "\tAddLanguage et .et";
$f[] = "\tAddLanguage fr .fr";
$f[] = "\tAddLanguage he .he";
$f[] = "\tAddLanguage hr .hr";
$f[] = "\tAddLanguage it .it";
$f[] = "\tAddLanguage ja .ja";
$f[] = "\tAddLanguage ko .ko";
$f[] = "\tAddLanguage ltz .ltz";
$f[] = "\tAddLanguage nl .nl";
$f[] = "\tAddLanguage nn .nn";
$f[] = "\tAddLanguage no .no";
$f[] = "\tAddLanguage pl .po";
$f[] = "\tAddLanguage pt .pt";
$f[] = "\tAddLanguage pt-BR .pt-br";
$f[] = "\tAddLanguage ru .ru";
$f[] = "\tAddLanguage sv .sv";
$f[] = "\tRemoveType tr";
$f[] = "\tAddLanguage tr .tr";
$f[] = "\tAddLanguage zh-CN .zh-cn";
$f[] = "\tAddLanguage zh-TW .zh-tw";
$f[] = "\tAddCharset us-ascii .ascii .us-ascii";
$f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1";
$f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen";
$f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3";
$f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4";
$f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru";
$f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic";
$f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek";
$f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew";
$f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk";
$f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6";
$f[] = "\tAddCharset ISO-8859-13 .iso8859-13";
$f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8";
$f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9";
$f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10";
$f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
$f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
$f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
$f[] = "\tAddCharset Big5 .Big5 .big5 .b5";
$f[] = "\tAddCharset cn-Big5 .cn-big5";
$f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
$f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251";
$f[] = "\tAddCharset CP866 .cp866";
$f[] = "\tAddCharset KOI8 .koi8";
$f[] = "\tAddCharset KOI8-E .koi8-e";
$f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru";
$f[] = "\tAddCharset KOI8-U .koi8-u";
$f[] = "\tAddCharset KOI8-ru .koi8-uk .ua";
$f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
$f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
$f[] = "\tAddCharset UTF-7 .utf7";
$f[] = "\tAddCharset UTF-8 .utf8";
$f[] = "\tAddCharset UTF-16 .utf16";
$f[] = "\tAddCharset UTF-16BE .utf16be";
$f[] = "\tAddCharset UTF-16LE .utf16le";
$f[] = "\tAddCharset UTF-32 .utf32";
$f[] = "\tAddCharset UTF-32BE .utf32be";
$f[] = "\tAddCharset UTF-32LE .utf32le";
$f[] = "\tAddCharset euc-cn .euc-cn";
$f[] = "\tAddCharset euc-gb .euc-gb";
$f[] = "\tAddCharset euc-jp .euc-jp";
$f[] = "\tAddCharset euc-kr .euc-kr";
$f[] = "\tAddCharset EUC-TW .euc-tw";
$f[] = "\tAddCharset gb2312 .gb2312 .gb";
$f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
$f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
$f[] = "\tAddCharset shift_jis .shift_jis .sjis";
$f[] = "\tAddType text/html .shtml";
$f[] = "\tAddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
$f[] = apache_nagios_config();
$f[] = apache_phpldapadmin();
$squid = $unix->LOCATE_SQUID_BIN();
if (is_file($squid)) {
$f[] = "Alias /proxy /usr/share/artica-postfix/squid.access.log.php";
$f[] = "Alias /parent /usr/share/artica-postfix/squid.access.log.php";
$f[] = "Alias /webfilter /usr/share/artica-postfix/squid.access.webfilter.log.php";
$f[] = "Alias /meta-updates /home/artica-meta";
$f[] = "Alias /categories /usr/share/artica-postfix/public.categories.personnal.php";
}
$f[] = "<Directory \"/home/artica-meta\">";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "</Directory>";
$f[] = "<Directory \"/usr/share/artica-postfix\">";
$f[] = "\tDirectoryIndex logon.php";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "\tAllowOverride None";
//$f[]="\tOrder allow,deny";
//$f[]="\tAllow from all";
$f[] = "</Directory>";
if (is_file($unix->LOCATE_SQUID_BIN())) {
$ArticaProxyStatisticsBackupFolder = $sock->GET_INFO("ArticaProxyStatisticsBackupFolder");
if ($ArticaProxyStatisticsBackupFolder == null) {
$ArticaProxyStatisticsBackupFolder = "/home/artica/squid/backup-statistics";
}
$ArticaProxyStatisticsOpenWeb = intval($sock->GET_INFO("ArticaProxyStatisticsOpenWeb"));
if ($ArticaProxyStatisticsOpenWeb == 1) {
$f[] = "Alias /backup-stats \"{$ArticaProxyStatisticsBackupFolder}\"";
$f[] = "<Directory \"{$ArticaProxyStatisticsBackupFolder}\">";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "\tAllowOverride All";
//$f[]="\tOrder allow,deny";
//$f[]="\tAllow from all";
$f[] = "</Directory>";
}
}
if ($pydio_installed) {
$directories[] = "/home/pydio/plugins/auth.serial";
$directories[] = "/home/pydio/plugins/conf.serial";
$directories[] = "/home/pydio/plugins";
$directories[] = "/home/pydio/cache";
$directories[] = "/home/pydio/files";
$directories[] = "/home/pydio/logs";
$directories[] = "/home/pydio/personal";
$directories[] = "/home/pydio/public";
$directories[] = "/home/pydio/tmp";
while (list($index, $dir) = each($directories)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} permissions on {$dir}\n";
}
@mkdir($dir, 0755, true);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $dir);
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/cache");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/plugins");
$f[] = "Alias /explorer \"/usr/share/artica-postfix/pyio\"";
$f[] = "<Directory \"/usr/share/artica-postfix/pyio\">";
$f[] = "\tDirectoryIndex index.php";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "\tAllowOverride All";
//$f[]="\tOrder allow,deny";
//$f[]="\tAllow from all";
$f[] = "</Directory>";
}
if ($EnableArticaApachePHPFPM == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
}
shell_exec("/etc/init.d/php5-fpm restart");
$f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
$f[] = "\tAddHandler php-script .php";
$f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
$f[] = "\tAction php-script /php5.fastcgi virtual";
$f[] = "\t<Directory /var/run/artica-apache>";
$f[] = "\t\t<Files php5.fastcgi>";
//$f[]="\t\tOrder deny,allow";
//$f[]="\t\tAllow from all";
$f[] = "\t\t</Files>";
$f[] = "\t</Directory>";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
}
}
$f[] = "Loglevel info";
$f[] = "ErrorLog /var/log/lighttpd/apache-error.log";
$f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
$f[] = "CustomLog /var/log/lighttpd/apache-access.log common";
if ($EnableArticaApachePHPFPM == 0) {
$array["php5_module"] = "libphp5.so";
}
$array["actions_module"] = "mod_actions.so";
$array["expires_module"] = "mod_expires.so";
$array["rewrite_module"] = "mod_rewrite.so";
$array["dir_module"] = "mod_dir.so";
$array["mime_module"] = "mod_mime.so";
$array["alias_module"] = "mod_alias.so";
$array["auth_basic_module"] = "mod_auth_basic.so";
$array["authn_file_module"] = "mod_authn_file.so";
//$array["authz_host_module"]="mod_authz_host.so";
$array["autoindex_module"] = "mod_autoindex.so";
$array["negotiation_module"] = "mod_negotiation.so";
$array["ssl_module"] = "mod_ssl.so";
$array["headers_module"] = "mod_headers.so";
$array["ldap_module"] = "mod_ldap.so";
if ($EnableArticaApachePHPFPM == 1) {
$array["fastcgi_module"] = "mod_fastcgi.so";
}
if (is_dir("/etc/apache2")) {
if (!is_file("/etc/apache2/mime.types")) {
if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
@copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
}
while (list($module, $lib) = each($array)) {
if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
}
$f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
}
}
}
$f[] = apache_phpmyadmin();
@file_put_contents("/etc/artica-postfix/httpd.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/httpd.conf done\n";
}
}
function CheckFilesAndSecurity()
{
$unix = new unix();
$unix->CreateUnixUser("redis", "redis");
$f[] = "/var/run/redis";
$f[] = "/var/log/redis";
$f[] = "/home/redis";
$f[] = "/etc/redis";
while (list($num, $val) = each($f)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} checking \"{$val}\"\n";
}
if (!is_dir($val)) {
@mkdir($val, 0755, true);
}
$unix->chown_func("redis", "redis", "{$val}/*");
}
}
function build()
{
build_progress("{reconfigure} (1)", 2);
if ($GLOBALS["VERBOSE"]) {
echo "Running build...\n";
}
$unix = new unix();
$sock = new sockets();
$users = new usersMenus();
$forceCMD = null;
$argv = null;
$PHP = $unix->LOCATE_PHP5_BIN();
$mypid = getmypid();
if (isset($argv[1])) {
$argv = $argv[1];
}
$pids = $unix->PIDOF_PATTERN_ALL(basename(__FILE__) . ".*?{$argv}");
if (count($pids) > 1) {
build_progress("{already_process_exists_try_later}", 110);
while (list($num, $ligne) = each($pids)) {
$cmdline = @file_get_contents("/proc/{$num}/cmdline");
echo "Starting......: " . date("H:i:s") . " [SERV]: [{$mypid}] Already process PID {$num} {$cmdline} exists..\n";
echo "Starting......: " . date("H:i:s") . " [SERV]: [{$mypid}] Running " . @file_get_contents("/proc/{$num}/cmdline") . "\n";
}
die;
}
$EnableKerbAuth = $sock->GET_INFO("EnableKerbAuth");
if (!is_numeric($EnableKerbAuth)) {
$EnableKerbAuth = 0;
}
$EnableWebProxyStatsAppliance = $sock->GET_INFO("EnableWebProxyStatsAppliance");
$EnableRemoteStatisticsAppliance = $sock->GET_INFO("EnableRemoteStatisticsAppliance");
if (!is_numeric($EnableRemoteStatisticsAppliance)) {
$EnableRemoteStatisticsAppliance = 0;
}
if (!is_numeric($EnableWebProxyStatsAppliance)) {
$EnableWebProxyStatsAppliance = 0;
}
$UnlockWebStats = $sock->GET_INFO("UnlockWebStats");
if (!is_numeric($UnlockWebStats)) {
$UnlockWebStats = 0;
}
$ServiceFTPEnabled = intval($sock->GET_INFO("ServiceFTPEnabled"));
if ($users->WEBSTATS_APPLIANCE) {
$EnableWebProxyStatsAppliance = 1;
$sock->SET_INFO("{$EnableWebProxyStatsAppliance}", 1);
}
if ($EnableWebProxyStatsAppliance == 1) {
notify_remote_proxys();
}
if ($UnlockWebStats == 1) {
$EnableRemoteStatisticsAppliance = 0;
}
//Vérifie le compte utilisateur.
//------------------------------------------------------------------------------------------------------------------------------------------------------------
$unix->CreateUnixUser("squid", "squid", "Squid Cache Service");
$MustHave[] = "/etc/squid3/artica-meta/whitelist-nets.db";
$MustHave[] = "/var/logs/cache.log";
$MustHave[] = "/etc/squid3/squid-block.acl";
$MustHave[] = "/etc/squid3/allowed-user-agents.acl";
$MustHave[] = "/etc/squid3/GlobalAccessManager_auth.conf";
$MustHave[] = "/etc/squid3/icap.conf";
$MustHave[] = "/etc/squid3/GlobalAccessManager_url_rewrite.conf";
$MustHave[] = "/etc/squid3/GlobalAccessManager_deny_cache.conf";
$MustHave[] = "/etc/squid3/GlobalAccessManager_deny.conf";
$MustHave[] = "/etc/squid3/squid-block.acl";
$MustHave[] = "/etc/squid3/clients_ftp.acl";
$MustHave[] = "/etc/squid3/allowed-user-agents.acl";
$MustHave[] = "/etc/squid3/whitelisted-computers-by-mac.acl";
while (list($none, $path) = each($MustHave)) {
echo "Starting......: " . date("H:i:s") . " [SYS]: checking {$path}\n";
if (!is_file($path)) {
@touch($path);
}
@chown($path, "squid");
@chgrp($path, "squid");
}
if ($GLOBALS["FORCE"]) {
$forceCMD = " --force";
}
$squidbin = $unix->LOCATE_SQUID_BIN();
if (!is_file($squidbin)) {
build_progress("{squid_binary_not_found}", 110);
echo "Starting......: " . date("H:i:s") . " [SERV]: Unable to stat squid binary, aborting..\n";
die;
}
$EXEC_TIME_FILE = "/etc/artica-postfix/" . basename(__FILE__) . ".build.time";
if (!$GLOBALS["FORCE"]) {
$time = $unix->file_time_min($EXEC_TIME_FILE);
if ($time == 0) {
build_progress("Failed! Only one config per minute !!!", 110);
echo "Starting......: " . date("H:i:s") . " [SERV]: Only one config per minute...\n";
die;
}
}
@unlink($EXEC_TIME_FILE);
@file_put_contents($EXEC_TIME_FILE, time());
if ($GLOBALS["EMERGENCY"]) {
squid_admin_mysql(0, "Reconfiguring Proxy service after Emergency enabled", null, __FILE__, __LINE__);
}
$TimeStart = time();
$EXEC_PID_FILE = "/etc/artica-postfix/" . basename(__FILE__) . ".build.pid";
$kill = $unix->find_program("kill");
$pid = @file_get_contents($EXEC_PID_FILE);
if ($unix->process_exists($pid, basename(__FILE__))) {
$TimePid = $unix->PROCCESS_TIME_MIN($pid);
if ($TimePid > 30) {
posix_kill(intval($pid), 9);
} else {
if (!$GLOBALS["FORCE"]) {
print "Starting......: " . date("H:i:s") . " Checking (L." . __LINE__ . ") Squid Already executed pid {$pid} since {$TimePid}mn ...\n";
die;
}
}
}
echo "Starting......: " . date("H:i:s") . " [SERV]: is connected to remote appliance ? `{$EnableRemoteStatisticsAppliance}`\n";
if ($EnableRemoteStatisticsAppliance == 1) {
$r = new squid_stats_appliance();
echo "Starting......: " . date("H:i:s") . " [SERV]: ################################\n";
echo "Starting......: " . date("H:i:s") . " [SERV]: # This server is connected to: #\n";
echo "Starting......: " . date("H:i:s") . " [SERV]: # {$r->URI} #\n";
echo "Starting......: " . date("H:i:s") . " [SERV]: ################################\n";
remote_appliance_restore_tables();
}
build_progress("{reconfigure} (1)", 5);
if (!PortsConversion()) {
build_progress("{reconfigure} {failed} !PortsConversion", 110);
return;
}
squid_reconfigure_build_tool();
build_progress("{reconfigure}", 10);
squid_pactester();
build_progress("{reconfigure}", 15);
$childpid = posix_getpid();
$sock = new sockets();
$squid_user = SquidUser();
$SQUID_CONFIG_PATH = $unix->SQUID_CONFIG_PATH();
$PHP = LOCATE_PHP5_BIN2();
$NOHUP = $unix->find_program("nohup");
build_progress("{reconfigure}", 20);
@file_put_contents($EXEC_PID_FILE, $childpid);
if (is_file("/etc/squid3/mime.conf")) {
shell_exec("/bin/chown squid:squid /etc/squid3/mime.conf");
}
$EnableKerbAuth = $sock->GET_INFO("EnableKerbAuth");
if (!is_numeric("{$EnableKerbAuth}")) {
$EnableKerbAuth = 0;
}
if (!is_dir("/usr/share/squid-langpack")) {
TemplatesInMysql(true);
exit;
}
echo "Starting......: " . date("H:i:s") . " Checking squid kerberos authentification is set to {$EnableKerbAuth}\n";
echo "Starting......: " . date("H:i:s") . " Checking squid certificate\n";
build_progress("{reconfigure} Check database", 25);
checkdatabase();
build_progress("{reconfigure} certificates", 30);
certificate_generate();
build_progress("{reconfigure}", 35);
remote_appliance_restore_tables();
build_progress("{reconfigure}", 40);
echo "Starting......: " . date("H:i:s") . " Instanciate squid library..\n";
$squid = new squidbee();
$squidbin = $unix->find_program("squid3");
echo "Starting......: " . date("H:i:s") . " checking squid binaries..\n";
if (!is_file($squidbin)) {
$squidbin = $unix->find_program("squid");
}
echo "Starting......: " . date("H:i:s") . " Binary: {$squidbin}\n";
echo "Starting......: " . date("H:i:s") . " Config: {$SQUID_CONFIG_PATH}\n";
echo "Starting......: " . date("H:i:s") . " User..: {$squid_user}\n";
echo "Starting......: " . date("H:i:s") . " Checking blocked sites\n";
build_progress("{reconfigure} {building} NET ADS", 45);
shell_exec("{$NOHUP} {$PHP} " . basename(__FILE__) . "/exec.squid.netads.php >/dev/null 2>&1 &");
echo "Starting......: " . date("H:i:s") . " Building master configuration\n";
$squid->ASROOT = true;
echo "Starting......: " . date("H:i:s") . " Checking Watchdog\n";
build_progress("{reconfigure} checking Watchdog settings", 46);
watchdog_config();
build_progress("{reconfigure} build errors", 47);
errors_details_txt();
build_progress("{reconfigure} Checking caches", 48);
BuildCaches(true);
build_progress("{reconfigure} Check files and security", 49);
CheckFilesAndSecurity();
build_progress("{reconfigure} Building schedules", 50);
build_schedules(true);
build_progress("{reconfigure} Building SSL passwords", 89);
build_sslpasswords();
build_progress("{reconfigure} Building blacklists", 90);
build_blacklists();
build_progress("{reconfigure} Building No caches list", 91);
build_denycaches();
build_progress("{reconfigure} Building {GLOBAL_ACCESS_CENTER}", 93);
system("{$PHP} /usr/share/artica-postfix/exec.squid.global.access.php --nochek");
build_progress("{reconfigure} Building main configuration", 94);
if (!ApplyConfig()) {
build_progress("Apply configuration failed", 110);
echo "Starting......: " . date("H:i:s") . " Apply configuration failed....\n";
return;
}
build_progress("{reconfigure} FTP Proxy service", 95);
system("{$NOHUP} {$PHP} /usr/share/artica-postfix/exec.ftpproxy-multi.php --build >/dev/null 2>&1 &");
build_progress("{reconfigure} Wan Compressor Proxy service", 95);
system("{$NOHUP} {$PHP} /usr/share/artica-postfix/exec.wanproxy.php --build-squid >/dev/null 2>&1 &");
build_progress("{checking_transparent_mode}", 95);
if ($unix->IS_FIREHOLE_ACTIVE()) {
build_progress("{restarting_firewall}", 95);
system("{$PHP} /usr/share/artica-postfix/exec.firehol.php");
system("/etc/init.d/firehol restart");
} else {
system("{$PHP} /usr/share/artica-postfix/exec.squid.transparent.php");
system("{$PHP} /usr/share/artica-postfix/exec.secure.gateway.php");
if (is_file("/etc/init.d/iptables-transparent")) {
build_progress("{restarting_firewall}", 95);
system("/etc/init.d/iptables-transparent restart");
}
if (is_file("/bin/iptables-parents.sh")) {
build_progress("{restarting_firewall} (parent)", 95);
system("/bin/iptables-parents.sh");
}
if (is_file("/bin/artica-secure-gateway.sh")) {
build_progress("{restarting_firewall} (Secure gateway)", 95);
shell_exec("/bin/artica-secure-gateway.sh");
}
}
build_progress("{checking_wccp_mode}", 95);
system("{$PHP} /usr/share/artica-postfix/exec.squid.wccp.php --reconfigure");
build_progress("{checking_mikrotik_mode}", 95);
system("{$PHP} /usr/share/artica-postfix/exec.mikrotik.php");
build_progress("{reconfigure}", 96);
$GLOBALS["OUTPUT"] = true;
if ($GLOBALS["NOAPPLY"]) {
build_progress("{reconfiguring_proxy_service} {success}", 100);
return;
}
if (!$GLOBALS["RESTART"]) {
build_progress("{reloading_service}", 91);
if (!$GLOBALS["NORELOAD"]) {
Reload_Squid();
}
}
if ($GLOBALS["RESTART"]) {
if (!$GLOBALS["NORELOAD"]) {
build_progress("{stopping_service}", 91);
system("{$PHP} /usr/share/artica-postfix/exec.squid.watchdog.php --stop {$forceCMD} --byForceReconfigure");
build_progress("{starting_service}", 93);
system("{$PHP} /usr/share/artica-postfix/exec.squid.watchdog.php --start {$forceCMD} --byForceReconfigure");
build_progress("{starting_service}", 95);
}
}
build_progress("{building} Cached Web frontend pages", 97);
shell_exec("{$NOHUP} {$PHP} " . basename(__FILE__) . "/exec.cache.pages.php --force >/dev/null 2>&1 &");
$BuildAllTemplatesDone = $sock->GET_INFO("BuildAllTemplatesDone");
if (!is_numeric($BuildAllTemplatesDone)) {
$BuildAllTemplatesDone = 0;
}
if ($BuildAllTemplatesDone == 0) {
build_progress("{building} Templates schedules", 97);
echo "Starting......: " . date("H:i:s") . " scheduling Building templates\n";
sys_THREAD_COMMAND_SET("{$PHP} " . __FILE__ . " --tpl-save");
$sock->SET_INFO("BuildAllTemplatesDone", 1);
}
build_progress("{building} Templates", 98);
sys_THREAD_COMMAND_SET("{$PHP} " . __FILE__ . " --mysql-tpl");
build_progress("{reconfiguring_proxy_service} {success}", 100);
echo "Starting......: " . date("H:i:s") . " Done (Took: " . $unix->distanceOfTimeInWords($TimeStart, time()) . ")\n";
die;
}
function start($nopid = false)
{
$users = new usersMenus();
$unix = new unix();
$ettercap_bin = $unix->find_program("ettercap");
if (!$users->ETTERCAP_INSTALLED) {
echo "ArpSpoofing.........: [START]: Ettercap, not installed...\n";
return;
}
if (!is_file($ettercap_bin)) {
echo "ArpSpoofing.........: [START]: Ettercap, not such binary...\n";
return;
}
$sock = new sockets();
$ArpSpoofEnabled = $sock->GET_INFO("ArpSpoofEnabled");
if (!is_numeric($ArpSpoofEnabled)) {
$ArpSpoofEnabled = 0;
}
if (!$nopid) {
$me = basename(__FILE__);
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, $me)) {
$time = $unix->PROCCESS_TIME_MIN($pid);
echo "ArpSpoofing.........: [START]: Ettercap, Already start instance executed PID {$pid} since {$time}Mn...\n";
return;
}
@file_put_contents($pidfile, getmypid());
}
if ($ArpSpoofEnabled == 0) {
echo "ArpSpoofing.........: [START]: Ettercap, not enabled\n";
stop(true);
}
$nohup = $unix->find_program("nohup");
$q = new mysql();
if (!$q->BD_CONNECT()) {
echo "ArpSpoofing.........: [START]: unable to connect to MySQL database...\n";
return;
}
if (!$unix->SystemUserExists("nobody")) {
echo "ArpSpoofing.........: [START]: Creating nobody user...\n";
$unix->CreateUnixUser("nobody", "nogroup");
}
if (!$unix->SystemGroupExists("nogroup")) {
$unix->SystemCreateGroup("nogroup");
$unix->CreateUnixUser("nobody", "nogroup");
}
$uid = $unix->SystemUserGetuid("nobody");
$guid = $unix->SystemGroupUid("nogroup");
init_debian();
$sql = "SELECT * FROM arpspoof_rules WHERE enabled=1";
$results = $q->QUERY_SQL($sql, "artica_backup");
while ($ligne = mysql_fetch_assoc($results)) {
$rulename = $ligne["rulename"];
$pid = get_rule_pid($ligne["ID"]);
if ($unix->process_exists($pid)) {
echo "ArpSpoofing.........: [START]: `{$rulename}` already running pid {$pid}\n";
continue;
}
$sources = getobjects($ligne["ID"]);
$gateway = $ligne["gateway"];
if ($sources == null) {
echo "ArpSpoofing.........: [START]: `{$rulename}` no item set...\n";
continue;
}
if ($sources == "all") {
$sources = null;
}
$f = array();
$f[] = "[privs]";
$f[] = "ec_uid = {$uid} # nobody is the default";
$f[] = "ec_gid = {$guid} # nobody is the default";
$f[] = "[mitm]";
$f[] = "arp_storm_delay = 10";
$f[] = "arp_poison_warm_up = 1";
$f[] = "arp_poison_delay = 10";
$f[] = "arp_poison_equal_mac= 1";
$f[] = "arp_poison_reply=1";
$f[] = "arp_poison_icmp = 1";
$f[] = "dhcp_lease_time = 600";
$f[] = "port_steal_delay = 10 # milliseconds";
$f[] = "port_steal_send_delay = 2000 # microseconds";
$f[] = "[connections]";
$f[] = "connection_timeout = 300 # seconds";
$f[] = "connection_idle = 5 # seconds";
$f[] = "connection_buffer = 10000 # bytes";
$f[] = "connect_timeout = 5 # seconds";
$f[] = "";
$f[] = "[stats]";
$f[] = "sampling_rate = 50 # number of packets";
$f[] = "";
$f[] = "[misc]";
$f[] = "close_on_eof = 1 # boolean value";
$f[] = "store_profiles = 1 # 0 = disabled; 1 = all; 2 = local; 3 = remote";
$f[] = "aggressive_dissectors = 1 # boolean value";
$f[] = "skip_forwarded_pcks = 1 # boolean value";
$f[] = "checksum_check = 0 # boolean value";
$f[] = "checksum_warning = 0 # boolean value (valid only if checksum_check is 1)";
$f[] = "";
@mkdir("/etc/ettercap", 0755, true);
@file_put_contents("/etc/ettercap/{$ligne["ID"]}.conf", @implode("\n", $f));
$unix->chown_func("nobody", "nogroup", '/etc/ettercap/*');
echo "ArpSpoofing.........: [START]: `{$rulename}`:uid:{$uid}...\n";
$cmdline = "{$nohup} {$ettercap_bin} --daemon --superquiet --config /etc/ettercap/{$ligne["ID"]}.conf --log-msg /etc/ettercap/{$ligne["ID"]}.log --iface {$ligne["iface"]} --only-mitm --mitm arp:remote /{$sources}/ /{$gateway}/ >/dev/null 2>&1 &";
shell_exec($cmdline);
for ($i = 0; $i < 6; $i++) {
$pid = get_rule_pid($ligne["ID"]);
if ($unix->process_exists($pid)) {
echo "ArpSpoofing.........: [START]: `{$rulename}` success running pid {$pid}\n";
break;
}
echo "ArpSpoofing.........: [START]: `{$rulename}` waiting to start... {$i}/5\n";
sleep(1);
}
$pid = get_rule_pid($ligne["ID"]);
if (!$unix->process_exists($pid)) {
echo "ArpSpoofing.........: [START]: `{$rulename}` failed with commandline:`{$cmdline}`\n";
}
}
echo "ArpSpoofing.........: [START]: done...\n";
}
function install()
{
$filename = "kav4proxy_5.5-88.tar.gz";
$uri = "http://articatech.net/download/kaspersky/{$filename}";
$time = time();
$unix = new unix();
$pidFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidFile);
if ($unix->process_exists($pid)) {
if ($unix->PROCCESS_TIME_MIN($pid, 10) < 2) {
return;
}
}
$cacheFile = "/usr/share/artica-postfix/ressources/logs/web/KAV4PROXYINST.status";
@unlink($cacheFile);
$rm = $unix->find_program("rm");
$cp = $unix->find_program("cp");
$TMPDIR = $unix->TEMP_DIR() . "/{$time}";
$FINAL_TARGET_DIR = null;
$TARGET_PATH = "{$TMPDIR}/{$filename}";
progress("{downloading} 5.5.88 version", "Downloading {$filename}", 30);
progress("{downloading} 5.5.88 version", "Temporary directory = {$TMPDIR}", 30);
$curl = new ccurl("{$uri}");
$debianbin = $unix->find_program("update-rc.d");
$redhatbin = $unix->find_program("chkconfig");
@mkdir($TMPDIR);
if (!$curl->GetFile($TARGET_PATH)) {
progress("{failed}", $curl->error, 100);
shell_exec("{$rm} -rf {$TMPDIR}");
return;
}
progress("{downloading} 5.5.88 version {success}", "success saving {$TARGET_PATH} ", 50);
progress("{extracting} 5.5.88 version", "Extracting {$TARGET_PATH} ", 55);
$tar = $unix->find_program("tar");
exec("{$tar} xvf {$TARGET_PATH} -C /{$TMPDIR}/ 2>&1", $results);
while (list($index, $line) = each($results)) {
progress("{extracting} 5.5.88 version", $line, 60);
}
$dir = $unix->dirdir($TMPDIR);
while (list($index, $line) = each($dir)) {
progress("{search} {directory}", $line, 65);
if (preg_match("#kav4proxy#", $line)) {
progress("{search} {directory}", "Found directory {$line}", 65);
$FINAL_TARGET_DIR = $line;
break;
}
}
if ($FINAL_TARGET_DIR == null) {
progress("{extracting} 5.5.88 version {failed}", "Unable to find a suitable directory", 100);
shell_exec("{$rm} -rf {$TMPDIR}");
return;
}
progress("{installing} 5.5.88 version", "Copy the content of {$FINAL_TARGET_DIR}", 70);
exec("{$cp} -rfdv {$FINAL_TARGET_DIR}/* / 2>&1", $resultsA);
while (list($index, $line) = each($resultsA)) {
progress("{installing} 5.5.88 version", $line, 70);
}
progress("{installing} 5.5.88 version", "Removing the {$TMPDIR} directory", 71);
shell_exec("{$rm} -rf {$TMPDIR}");
if (!is_file("/opt/kaspersky/kav4proxy/bin/kav4proxy-licensemanager")) {
progress("{installing} 5.5.88 version {failed}", "install from {$FINAL_TARGET_DIR} failed ", 100);
return;
}
$ln = $unix->find_program("ln");
$chown = $unix->find_program("chown");
$chmod = $unix->find_program("chmod");
progress("{installing} 5.5.88 version", "linking /etc/init.d/kav4proxy", 75);
shell_exec("ln -s --force /opt/kaspersky/kav4proxy/lib/bin/kav4proxy /etc/init.d/kav4proxy");
if (is_file($debianbin)) {
shell_exec("{$debianbin} -f kav4proxy defaults >/dev/null 2>&1");
}
if (is_file($redhatbin)) {
shell_exec("{$redhatbin} --add kav4proxy >/dev/null 2>&1");
}
progress("{installing} 5.5.88 version", "executing preinstall", 78);
exec('/usr/share/artica-postfix/bin/install/kavgroup/kav4prox_predoinst.sh 2>&1', $results2);
while (list($index, $line) = each($results2)) {
progress("{installing} 5.5.88 version", $line, 78);
}
progress("{installing} 5.5.88 version", "Creating kluser user", 80);
$unix->CreateUnixUser("kluser", "klusers");
progress("{installing} 5.5.88 version", "Apply permissions", 85);
@mkdir("/var/log/kaspersky/kav4proxy", 0755, true);
@mkdir("/var/run/kav4proxy", 0755, true);
shell_exec("{$chown} -R kluser:klusers /var/log/kaspersky/kav4proxy");
shell_exec("{$chown} -R kluser:klusers /var/opt/kaspersky/kav4proxy");
shell_exec("{$chown} -R kluser:klusers /var/run/kav4proxy");
shell_exec("{$chown} -R kluser:klusers /var/opt/kaspersky/kav4proxy");
shell_exec("{$chmod} 0755 /var/opt/kaspersky/kav4proxy");
$f[] = "EULA_AGREED=yes";
$f[] = "";
@file_put_contents("/var/opt/kaspersky/kav4proxy/installer.dat", @implode("\n", $f));
$f = array();
$f[] = "CONFIGURE_ENTER_KEY_PATH=";
$f[] = "KAVMS_SETUP_LICENSE_DOMAINS=*";
$f[] = "CONFIGURE_KEEPUP2DATE_ASKPROXY=no";
$f[] = "CONFIGURE_RUN_KEEPUP2DATE=no";
$f[] = "CONFIGURE_WEBMIN_ASKCFGPATH=";
$f[] = "KAV4PROXY_SETUP_TYPE=3";
$f[] = "KAV4PROXY_SETUP_LISTENADDRESS=127.0.0.1:1344";
$f[] = "KAV4PROXY_SETUP_CONFPATH=/etc/squid3/squid.conf";
$f[] = "KAV4PROXY_SETUP_BINPATH=" . $unix->LOCATE_SQUID_BIN();
$f[] = "KAV4PROXY_CONFIRM_FOUND=Y";
$f[] = "KAVICAP_SETUP_NONICAPCFG=Y";
@file_put_contents("/opt/kaspersky/kav4proxy/lib/bin/setup/autoanswers.conf", @implode("\n", $f));
chdir('/opt/kaspersky/kav4proxy/lib/bin/setup');
exec('./postinstall.pl 2>&1', $results3);
while (list($index, $line) = each($results3)) {
progress("{installing} 5.5.88 version", $line, 90);
}
shell_exec("/usr/share/artica-postfix/bin/process1 --force --verbose --" . time() . " >/dev/null 2>&1");
shell_exec("/etc/init.d/artica-status restart --force >/dev/null 2>&1");
progress("{installed}", "Done", 100);
}
function start($aspid = false)
{
$unix = new unix();
$sock = new sockets();
$Masterbin = $unix->CYRUS_DAEMON_BIN_PATH();
$zarafaBin = $unix->find_program("zarafa-server");
if (!is_file($Masterbin)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, arpd not installed\n";
}
return;
}
if (!$aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
if ($unix->process_exists($unix->get_pid_from_file("/etc/artica-postfix/artica-backup.pid"))) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} A backup task currently is in use\n";
}
return;
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
$timepid = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
}
return;
}
if (is_file("/etc/artica-postfix/stop.cyrus.imapd")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} LOCKED !\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Remove /etc/artica-postfix/stop.cyrus.imapd !\n";
}
return;
}
if (is_file("/etc/artica-postfix/cyrus-stop")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} LOCKED !\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Remove /etc/artica-postfix/cyrus-stop !\n";
}
return;
}
$unix->CreateUnixUser("postfix", "postfix");
$php5 = $unix->LOCATE_PHP5_BIN();
$EnableCyrusImap = $sock->GET_INFO("EnableCyrusImap");
if (!is_numeric($EnableCyrusImap)) {
$EnableCyrusImap = 1;
}
$DisableMessaging = intval($sock->GET_INFO("DisableMessaging"));
$DisableIMAPVerif = intval($sock->GET_INFO("DisableIMAPVerif"));
if ($DisableIMAPVerif == 0) {
if (is_file("{$zarafaBin}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Zarafa is installed, aborting\n";
}
stop(true);
return;
}
}
if ($EnableCyrusImap == 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableCyrusImap)\n";
}
return;
}
if ($DisableMessaging == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see DisableMessaging)\n";
}
return;
}
if (!is_file('/usr/bin/cyradm')) {
$cyradm = $unix->CYRADM_PATH();
if (is_file($cyradm)) {
shell_exec("/bin/ln -s {$cyradm} /usr/bin/cyradm");
}
}
if (is_file('/usr/share/artica-postfix/exec.imapd.conf.php')) {
shell_exec("{$php5} /usr/share/artica-postfix/exec.imapd.conf.php >/dev/null 2>&1");
}
if (!is_file('/etc/artica-postfix/cyrus.check.time')) {
shell_exec("/usr/share/artica-postfix/bin/artica-install --cyrus-rights >/dev/null 2>&1");
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.check-cyrus-account.php --check-adms");
$sysctl = $unix->find_program("sysctl");
$echo = $unix->find_program("echo");
$nohup = $unix->find_program("nohup");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Check permissions\n";
}
CheckPermissions();
BuildConfig();
$params[] = "{$nohup} {$Masterbin}";
$params[] = "-M /etc/cyrus.conf";
$params[] = "-C /etc/imapd.conf";
$params[] = "-p /var/run/cyrmaster.pid -d >/dev/null 2>&1 &";
$cmd = @implode(" ", $params);
shell_exec($cmd);
for ($i = 1; $i < 5; $i++) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Waiting {$i}/5\n";
}
sleep(1);
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
break;
}
}
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
}
$lmtpsocket = "/var/spool/postfix/var/run/cyrus/socket/lmtp";
for ($i = 1; $i < 5; $i++) {
if ($unix->is_socket($lmtpsocket)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Waiting socket success..\n";
}
$unix->chown_func("postfix", "postfix", "/var/spool/postfix/var/run");
$unix->chown_func("postfix", "postfix", "{$lmtpsocket}");
break;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Waiting socket {$i}/5\n";
}
sleep(1);
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
}
}
}
