Exemple #1
0
function start($aspid = false)
{
    $unix = new unix();
    $sock = new sockets();
    $Masterbin = $unix->LOCATE_STUNNEL();
    if (!is_file($Masterbin)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, not installed\n";
        }
        return;
    }
    if (!$aspid) {
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
        $pid = $unix->get_pid_from_file($pidfile);
        if ($unix->process_exists($pid, basename(__FILE__))) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
            }
            return;
        }
        @file_put_contents($pidfile, getmypid());
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        $timepid = $unix->PROCCESS_TIME_MIN($pid);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
        }
        return;
    }
    $sTunnel4enabled = $sock->GET_INFO("sTunnel4enabled");
    if (!is_numeric($sTunnel4enabled)) {
        $sTunnel4enabled = 0;
    }
    if ($sTunnel4enabled == 0) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see sTunnel4enabled)\n";
        }
        return;
    }
    $php5 = $unix->LOCATE_PHP5_BIN();
    $sysctl = $unix->find_program("sysctl");
    $echo = $unix->find_program("echo");
    $nohup = $unix->find_program("nohup");
    $version = version();
    $cmds = "{$Masterbin} /etc/stunnel/stunnel.conf";
    $unix->CreateUnixUser("stunnel4", "stunnel4");
    @mkdir("/var/run/stunnel", 0755, true);
    @mkdir("/var/lib/stunnel4", 0755, true);
    @chown("/var/run/stunnel", "stunnel4");
    @chown("/var/lib/stunnel4", "stunnel4");
    $stunnel = new stunnel4();
    $relay = $stunnel->main_array["postfix_relayhost"]["connect"];
    $relayPort = $stunnel->main_array["postfix_relayhost"]["port"];
    $localport = $stunnel->main_array["postfix_relayhost"]["accept"];
    if (!is_numeric($relayPort)) {
        $relayPort = 465;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} version {$version}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Local to 127.0.0.1:{$localport}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} connection to {$relay}:{$relayPort}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
    }
    build();
    $cmd = $cmds;
    shell_exec($cmd);
    for ($i = 1; $i < 5; $i++) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
        }
        sleep(1);
        $pid = PID_NUM();
        if ($unix->process_exists($pid)) {
            break;
        }
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
        }
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
        }
    }
}
Exemple #2
0
function start($aspid = false)
{
    $unix = new unix();
    $sock = new sockets();
    $users = new usersMenus();
    $Masterbin = "/usr/local/ArticaStats/bin/postgres";
    if (!is_file($Masterbin)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, arpd not installed\n";
        }
        return;
    }
    if (!$aspid) {
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
        $pid = $unix->get_pid_from_file($pidfile);
        if ($unix->process_exists($pid, basename(__FILE__))) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
            }
            return;
        }
        @file_put_contents($pidfile, getmypid());
    }
    $pid = PID_NUM();
    if ($unix->MEM_TOTAL_INSTALLEE() < 624288) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} not enough memory\n";
        }
        if ($unix->process_exists($pid)) {
            stop();
        }
        build_progress_restart("{starting} {failed} no memory", 110);
        return;
    }
    if ($unix->process_exists($pid)) {
        $timepid = $unix->PROCCESS_TIME_MIN($pid);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
        }
        build_progress_restart("{starting} {success}", 30);
        return true;
    }
    $php5 = $unix->LOCATE_PHP5_BIN();
    $sysctl = $unix->find_program("sysctl");
    $echo = $unix->find_program("echo");
    $nohup = $unix->find_program("nohup");
    $su = $unix->find_program("su");
    $rm = $unix->find_program("rm");
    $SquidPerformance = intval($sock->GET_INFO("SquidPerformance"));
    $EnableInfluxDB = intval($sock->GET_INFO("EnableInfluxDB"));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} EnableInfluxDB: {$EnableInfluxDB}\n";
    }
    $InfluxUseRemote = intval($sock->GET_INFO("InfluxUseRemote"));
    if ($users->POSTFIX_INSTALLED) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Postfix installed: True\n";
        }
    }
    if ($InfluxUseRemote == 1) {
        $EnableInfluxDB = 0;
    }
    $FreeZePostGres = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/FreeZePostGres"));
    if ($FreeZePostGres == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Freeze !!! Aborting...\n";
        }
        return;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Remote statistics.: {$InfluxUseRemote}\n";
    }
    if (!$users->POSTFIX_INSTALLED) {
        $EnableIntelCeleron = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableIntelCeleron"));
        if ($EnableIntelCeleron == 1) {
            $EnableInfluxDB = 0;
        }
    }
    if (is_file("/etc/artica-postfix/STATS_APPLIANCE")) {
        $EnableInfluxDB = 1;
        $SquidPerformance = 0;
        $EnableIntelCeleron = 0;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Statistics DB.....: {$EnableInfluxDB}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Intel Celeron mode: {$EnableIntelCeleron}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Performance.......: {$SquidPerformance}\n";
    }
    if ($EnableInfluxDB == 0) {
        build_progress_restart("{starting} {failed} {disabled}", 110);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableInflux)\n";
        }
        return;
    }
    if (!function_exists("pg_connect")) {
        build_progress_restart("{starting} installing php5-pgsql", 35);
        $unix->DEBIAN_INSTALL_PACKAGE("php5-pgsql");
        system("/usr/share/artica-postfix/exec.php.ini.php");
        if (!function_exists("pg_connect")) {
            build_progress_restart("{starting} installing php5-pgsql {failed}", 110);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} pg_connect no such function\n";
            }
            return;
        }
        system("/etc/init.d/artica-webconsole restart");
    }
    build_progress_restart("{starting}", 40);
    if (!$unix->UnixUserExists("ArticaStats")) {
        $unix->CreateUnixUser("ArticaStats", "ArticaStats");
    }
    @mkdir("/var/run/ArticaStats", 0755, true);
    @mkdir("/home/ArticaStatsDB", 0700, true);
    @mkdir("/var/log/ArticaStatsDB", 0755, true);
    @chown("/home/ArticaStatsDB", "ArticaStats");
    @chgrp("/home/ArticaStatsDB", "ArticaStats");
    @chown("/var/run/ArticaStats", "ArticaStats");
    @chgrp("/var/run/ArticaStats", "ArticaStats");
    @chown("/var/log/ArticaStatsDB", "ArticaStats");
    @chgrp("/var/log/ArticaStatsDB", "ArticaStats");
    if (is_file("/var/log/ArticaStatsDB/ArticaStatsDB.log")) {
        @unlink("/var/log/ArticaStatsDB/ArticaStatsDB.log");
        @touch("/var/log/ArticaStatsDB/ArticaStatsDB.log");
    }
    @chown("/var/log/ArticaStatsDB/ArticaStatsDB.log", "ArticaStats");
    @chgrp("/var/log/ArticaStatsDB/ArticaStatsDB.log", "ArticaStats");
    if (is_file("/var/run/ArticaStats/.s.PGSQL.8086")) {
        @unlink("/var/run/ArticaStats/.s.PGSQL.8086");
    }
    $php = $unix->LOCATE_PHP5_BIN();
    if (!is_file("/etc/artica-postfix/locales.gen")) {
        squid_admin_mysql(1, "Generating languages for the PostGreSQL compatibility", null, __FILE__, __LINE__);
        build_progress_restart("{generating_langs}", 42);
        system("{$php} /usr/share/artica-postfix/exec.locale.gen.php");
    }
    if (!is_dir("/home/ArticaStatsDB/base/1")) {
        squid_admin_mysql(0, "Creating a new PostgreSQL database in ArticaStatsDB", null, __FILE__, __LINE__);
        build_progress_restart("{starting}", 45);
        $rm = $unix->find_program("rm");
        shell_exec("{$rm} -rf /home/ArticaStatsDB/*");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} initialize database...\n";
        }
        system("{$su} -c \"/usr/local/ArticaStats/bin/initdb --username=ArticaStats /home/ArticaStatsDB --no-locale -E UTF8\" ArticaStats");
    }
    if (!is_dir("/home/ArticaStatsDB/base/1")) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} initialize database failed...\n";
        }
        $rm = $unix->find_program("rm");
        shell_exec("{$rm} -rf /home/ArticaStatsDB/*");
        return;
    }
    build_progress_restart("{starting}", 50);
    xbuild();
    fuser_port();
    build_progress_restart("{starting} {permissions}", 55);
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Apply permissions on /home/ArticaStatsDB\n";
    }
    $chown = $unix->find_program("chown");
    $chmod = $unix->find_program("chmod");
    shell_exec("{$chown} -R ArticaStats:ArticaStats /home/ArticaStatsDB");
    shell_exec("{$chmod} 0700 /home/ArticaStatsDB");
    if (is_file("/home/ArticaStatsDB/postmaster.pid")) {
        @unlink("/home/ArticaStatsDB/postmaster.pid");
    }
    $f[] = "su -l ArticaStats -c '";
    $f[] = "/usr/local/ArticaStats/bin/pg_ctl -o \"-k /tmp,/var/run/ArticaStats\"  -D /home/ArticaStatsDB -l /var/log/ArticaStatsDB/ArticaStatsDB.log start'";
    $cmd = @implode(" ", $f) . " >/dev/null 2>&1 &";
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
    }
    shell_exec($cmd);
    for ($i = 1; $i < 5; $i++) {
        build_progress_restart("{starting} {wait} {$i}/5", 70);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
        }
        sleep(1);
        $pid = PID_NUM();
        if ($unix->process_exists($pid)) {
            break;
        }
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        build_progress_restart("{starting} {success}", 75);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
        }
        $pg = new postgres_sql();
        $pg->CREATE_TABLES();
        return true;
    } else {
        build_progress_restart("{starting} {failed}", 110);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
        }
    }
}
function BuildDHCP($nopid = false)
{
    $LOGBIN = "DHCP Server";
    $timefile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
    $unix = new unix();
    if (!$nopid) {
        if (!$GLOBALS["FORCE"]) {
            if ($unix->file_time_min($timefile) < 2) {
                if ($GLOBALS["VERBOSE"]) {
                    echo "{$timefile} -> is less than 2mn\n";
                }
                return;
            }
        }
    }
    build_progress("{starting_service}", 65);
    $dhcpd = new dhcpd();
    $conf = $dhcpd->BuildConf();
    $confpath = dhcp3Config();
    $unix = new unix();
    @mkdir(dirname($confpath), null, true);
    @file_put_contents($confpath, $conf);
    echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} saving \"{$confpath}\" (" . strlen($conf) . " bytes) done\n";
    if (!$unix->UnixUserExists("dhcpd")) {
        $unix->CreateUnixUser("dhcpd", "dhcpd");
    }
    if (!is_dir("/var/lib/dhcp3")) {
        @mkdir("/var/lib/dhcp3", 0755, true);
    }
    $unix->chown_func("dhcpd", "dhcpd", "/var/lib/dhcp3/*");
    $unix->chmod_func(0755, "/var/lib/dhcp3");
    $complain = $unix->find_program("aa-complain");
    if (is_file($complain)) {
        $dhcpd3 = $unix->DHCPD_BIN_PATH();
        if (is_file($dhcpd3)) {
            shell_exec("{$complain} {$dhcpd3} >/dev/null 2>&1");
        }
    }
    @unlink($timefile);
    @file_put_contents($timefile, time());
    if ($GLOBALS["PROGRESS"]) {
        build_progress("{starting_service}", 70);
        $sock = new sockets();
        $sock->getFrameWork("dnsmasq.php?restart=yes");
        $sock->getFrameWork("services.php?restart-monit=yes");
        $sock->getFrameWork("cmd.php?restart-artica-status=yes");
    }
}
function build()
{
    $unix = new unix();
    @mkdir("/var/run/lighttpd", 0755, true);
    @mkdir("/var/log/lighttpd", 0755, true);
    $username = $unix->LIGHTTPD_USER();
    $sock = new sockets();
    $phpcgi = $unix->LIGHTTPD_PHP5_CGI_BIN_PATH();
    $chown = $unix->find_program("chown");
    $perlbin = $unix->find_program("perl");
    $nohup = $unix->find_program("nohup");
    $php = $unix->LOCATE_PHP5_BIN();
    $PHP_STANDARD_MODE = true;
    $SquidGuardApachePort = intval($sock->GET_INFO("SquidGuardApachePort"));
    $SquidGuardApacheSSLPort = intval($sock->GET_INFO("SquidGuardApacheSSLPort"));
    if ($SquidGuardApachePort == 0) {
        $SquidGuardApachePort = 9020;
    }
    if ($SquidGuardApacheSSLPort == 0) {
        $SquidGuardApacheSSLPort = 9025;
    }
    $SquidGuardWebSSLCertificate = $sock->GET_INFO("SquidGuardWebSSLCertificate");
    @mkdir("/home/squid/error_page_sessions", 0755, true);
    @mkdir("/home/squid/error_page_cache", 0755, true);
    if ($username == null) {
        $username = "******";
        $unix->CreateUnixUser($username, $username, "lighttpd username");
    }
    if (preg_match("#^(.+?):(.+)#", $username, $re)) {
        $username = $re[1];
        $username = $re[1];
    }
    $SquidGuardStorageDir = $sock->GET_INFO("SquidGuardStorageDir");
    @unlink("/var/log/lighttpd/squidguard-lighttpd-error.log");
    @unlink("/var/log/lighttpd/squidguard-lighttpd.log");
    if (!is_file("/var/log/lighttpd/squidguard-lighttpd.log")) {
        @file_put_contents("/var/log/lighttpd/squidguard-lighttpd.log", "#");
    }
    if (!is_file("/var/log/lighttpd/squidguard-lighttpd-error.log")) {
        @file_put_contents("/var/log/artica-postfix/lighttpd-error.log", "#");
    }
    $unix->chown_func($username, $username, "/var/log/lighttpd/squidguard-lighttpd.log");
    $unix->chown_func($username, $username, "/var/log/lighttpd/squidguard-lighttpd-error.log");
    $unix->chown_func($username, $username, "/home/squid/error_page_sessions");
    $unix->chown_func($username, $username, "/home/squid/error_page_cache");
    $unix->chown_func($username, $username, "/usr/share/artica-postfix/bin/install/squid/adzap/zaps/*");
    @chmod("/var/log/lighttpd/squidguard-lighttpd-error.log", 0777);
    @chmod("/var/log/lighttpd/squidguard-lighttpd.log", 0777);
    if ($SquidGuardStorageDir == null) {
        $SquidGuardStorageDir = "/home/artica/cache";
    }
    @mkdir($SquidGuardStorageDir, 0755, true);
    $unix->chown_func($username, $username, $SquidGuardStorageDir);
    $LighttpdUseUnixSocket = $sock->GET_INFO('LighttpdUseUnixSocket');
    if (!is_numeric($LighttpdUseUnixSocket)) {
        $LighttpdUseUnixSocket = 0;
    }
    $lighttpdPhpPort = $sock->GET_INFO('lighttpdPhpPort');
    if (!is_numeric($lighttpdPhpPort)) {
        $lighttpdPhpPort = 1808;
    }
    $LighttpdArticaMaxProcs = $sock->GET_INFO('LighttpdArticaMaxProcs');
    if (!is_numeric($LighttpdArticaMaxProcs)) {
        $LighttpdArticaMaxProcs = 0;
    }
    $LighttpdArticaMaxChildren = $sock->GET_INFO('LighttpdArticaMaxChildren');
    if (!is_numeric($LighttpdArticaMaxChildren)) {
        $LighttpdArticaMaxChildren = 0;
    }
    $LighttpdRunAsminimal = $sock->GET_INFO('LighttpdRunAsminimal');
    if (!is_numeric($LighttpdRunAsminimal)) {
        $LighttpdRunAsminimal = 0;
    }
    $PHP_FCGI_MAX_REQUESTS = $sock->GET_INFO('PHP_FCGI_MAX_REQUESTS');
    if (!is_numeric($PHP_FCGI_MAX_REQUESTS)) {
        $PHP_FCGI_MAX_REQUESTS = 200;
    }
    $EnablePHPFPM = $sock->GET_INFO('EnablePHPFPM');
    if (!is_numeric($EnablePHPFPM)) {
        $EnablePHPFPM = 0;
    }
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if ($EnableArticaApachePHPFPM == 0) {
        $EnablePHPFPM = 0;
    }
    $PHP_STANDARD_MODE = true;
    $phpcgi_path = $unix->LIGHTTPD_PHP5_CGI_BIN_PATH();
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Run as: {$username}\n";
    }
    $PHP_FCGI_CHILDREN = 1;
    $max_procs = 2;
    if ($LighttpdArticaMaxProcs > 0) {
        $max_procs = $LighttpdArticaMaxProcs;
    }
    if ($LighttpdArticaMaxChildren > 0) {
        $HP_FCGI_CHILDREN = $LighttpdArticaMaxChildren;
    }
    if ($LighttpdRunAsminimal == 1) {
        $max_procs = 2;
        $PHP_FCGI_CHILDREN = 2;
    }
    $f[] = "#artica-postfix saved by artica lighttpd.conf";
    $f[] = "";
    $f[] = "server.modules = (";
    $f[] = "        \"mod_alias\",";
    $f[] = "        \"mod_access\",";
    $f[] = "        \"mod_accesslog\",";
    $f[] = "        \"mod_compress\",";
    $f[] = "        \"mod_fastcgi\",";
    $f[] = "        \"mod_cgi\",";
    $f[] = "\t       \"mod_status\"";
    $f[] = ")";
    $f[] = "";
    $f[] = "server.document-root        = \"/usr/share/artica-postfix\"";
    $f[] = "server.username = \"{$username}\"";
    $f[] = "server.groupname = \"{$username}\"";
    $f[] = "server.errorlog             = \"/var/log/lighttpd/squidguard-lighttpd-error.log\"";
    $f[] = "index-file.names            = ( \"exec.squidguard.php\")";
    $f[] = "";
    $f[] = "mimetype.assign             = (";
    $f[] = "  \".pdf\"          =>      \"application/pdf\",";
    $f[] = "  \".sig\"          =>      \"application/pgp-signature\",";
    $f[] = "  \".spl\"          =>      \"application/futuresplash\",";
    $f[] = "  \".class\"        =>      \"application/octet-stream\",";
    $f[] = "  \".ps\"           =>      \"application/postscript\",";
    $f[] = "  \".torrent\"      =>      \"application/x-bittorrent\",";
    $f[] = "  \".dvi\"          =>      \"application/x-dvi\",";
    $f[] = "  \".gz\"           =>      \"application/x-gzip\",";
    $f[] = "  \".pac\"          =>      \"application/x-ns-proxy-autoconfig\",";
    $f[] = "  \".swf\"          =>      \"application/x-shockwave-flash\",";
    $f[] = "  \".tar.gz\"       =>      \"application/x-tgz\",";
    $f[] = "  \".tgz\"          =>      \"application/x-tgz\",";
    $f[] = "  \".tar\"          =>      \"application/x-tar\",";
    $f[] = "  \".zip\"          =>      \"application/zip\",";
    $f[] = "  \".mp3\"          =>      \"audio/mpeg\",";
    $f[] = "  \".m3u\"          =>      \"audio/x-mpegurl\",";
    $f[] = "  \".wma\"          =>      \"audio/x-ms-wma\",";
    $f[] = "  \".wax\"          =>      \"audio/x-ms-wax\",";
    $f[] = "  \".ogg\"          =>      \"application/ogg\",";
    $f[] = "  \".wav\"          =>      \"audio/x-wav\",";
    $f[] = "  \".gif\"          =>      \"image/gif\",";
    $f[] = "  \".jar\"          =>      \"application/x-java-archive\",";
    $f[] = "  \".jpg\"          =>      \"image/jpeg\",";
    $f[] = "  \".jpeg\"         =>      \"image/jpeg\",";
    $f[] = "  \".png\"          =>      \"image/png\",";
    $f[] = "  \".xbm\"          =>      \"image/x-xbitmap\",";
    $f[] = "  \".xpm\"          =>      \"image/x-xpixmap\",";
    $f[] = "  \".xwd\"          =>      \"image/x-xwindowdump\",";
    $f[] = "  \".css\"          =>      \"text/css\",";
    $f[] = "  \".html\"         =>      \"text/html\",";
    $f[] = "  \".htm\"          =>      \"text/html\",";
    $f[] = "  \".js\"           =>      \"text/javascript\",";
    $f[] = "  \".asc\"          =>      \"text/plain\",";
    $f[] = "  \".c\"            =>      \"text/plain\",";
    $f[] = "  \".cpp\"          =>      \"text/plain\",";
    $f[] = "  \".log\"          =>      \"text/plain\",";
    $f[] = "  \".conf\"         =>      \"text/plain\",";
    $f[] = "  \".text\"         =>      \"text/plain\",";
    $f[] = "  \".txt\"          =>      \"text/plain\",";
    $f[] = "  \".dtd\"          =>      \"text/xml\",";
    $f[] = "  \".xml\"          =>      \"text/xml\",";
    $f[] = "  \".mpeg\"         =>      \"video/mpeg\",";
    $f[] = "  \".mpg\"          =>      \"video/mpeg\",";
    $f[] = "  \".mov\"          =>      \"video/quicktime\",";
    $f[] = "  \".qt\"           =>      \"video/quicktime\",";
    $f[] = "  \".avi\"          =>      \"video/x-msvideo\",";
    $f[] = "  \".asf\"          =>      \"video/x-ms-asf\",";
    $f[] = "  \".asx\"          =>      \"video/x-ms-asf\",";
    $f[] = "  \".wmv\"          =>      \"video/x-ms-wmv\",";
    $f[] = "  \".bz2\"          =>      \"application/x-bzip\",";
    $f[] = "  \".tbz\"          =>      \"application/x-bzip-compressed-tar\",";
    $f[] = "  \".tar.bz2\"      =>      \"application/x-bzip-compressed-tar\",";
    $f[] = "  \"\"              =>      \"application/octet-stream\",";
    $f[] = " )";
    $f[] = "";
    $f[] = "";
    $f[] = "accesslog.filename          = \"/var/log/lighttpd/squidguard-lighttpd.log\"";
    $f[] = "url.access-deny             = ( \"~\", \".inc\",\".log\",\".ini\",\"ressources\",\"computers\",\"user-backup\",\"logon.php\",\"index.php\")";
    $f[] = "";
    $f[] = "static-file.exclude-extensions = ( \".php\", \".pl\", \".fcgi\" )";
    $f[] = "server.port                 = {$SquidGuardApachePort}";
    $f[] = "#server.bind                = \"127.0.0.1\"";
    $f[] = "server.error-handler-404   = \"/exec.squidguard.php\"";
    $f[] = "#server.error-handler-404   = \"/error-handler.php\"";
    $f[] = "server.pid-file             = \"/var/run/lighttpd/squidguard-lighttpd.pid\"";
    $f[] = "server.max-fds \t\t   = 2048";
    $f[] = "server.network-backend      = \"write\"";
    $f[] = "server.follow-symlink = \"enable\"";
    $f[] = "";
    $f[] = '';
    $f[] = "\$SERVER[\"socket\"]== \":{$SquidGuardApacheSSLPort}\" {";
    $f[] = "\tssl.engine                 = \"enable\"";
    $cert = new lighttpd_certificate($SquidGuardWebSSLCertificate);
    $f[] = $cert->build();
    $f[] = "ssl.cipher-list=\"ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:+SSLv3\"";
    $f[] = "}";
    if (!is_file("/opt/artica/ssl/certs/lighttpd.pem")) {
        @chmod("/usr/share/artica-postfix/bin/artica-install", 0755);
        shell_exec("/usr/share/artica-postfix/bin/artica-install -lighttpd-cert");
    }
    //
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen on: {$SquidGuardApachePort}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen on: {$SquidGuardApacheSSLPort} SSL\n";
    }
    $phpfpm = $unix->find_program('php5-fpm');
    if (!is_file($phpfpm)) {
        $phpfpm = $unix->find_program('php-fpm');
    }
    if (is_file($phpfpm)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} PHP-FPM is installed\n";
        }
        if ($EnablePHPFPM == 1) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} PHP-FPM is enabled\n";
            }
            $PHP_STANDARD_MODE = false;
            $f[] = 'fastcgi.server = ( ".php" =>((';
            $f[] = '         "socket" => "/var/run/php-fpm.sock",';
        }
    }
    if ($PHP_STANDARD_MODE) {
        $f[] = 'fastcgi.server = ( ".php" =>((';
        $f[] = '         "bin-path" => "/usr/bin/php-cgi",';
        if ($LighttpdUseUnixSocket == 1) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Fast-cgi server unix socket mode\n";
            }
            $f[] = '         "socket" => "/var/run/lighttpd/php.socket" + var.PID,';
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Fast-cgi server socket 127.0.0.1:{$lighttpdPhpPort}\n";
            }
            $f[] = '         "host" => "127.0.0.1","port" =>' . $lighttpdPhpPort . ',';
        }
    }
    $f[] = '         "max-procs" => ' . $max_procs . ',';
    $f[] = '         "idle-timeout" => 10,';
    $f[] = '         "bin-environment" => (';
    $f[] = '             "PHP_FCGI_CHILDREN" => "' . $PHP_FCGI_CHILDREN . '",';
    $f[] = '             "PHP_FCGI_MAX_REQUESTS" => "' . $PHP_FCGI_MAX_REQUESTS . '"';
    $f[] = '          ),';
    $f[] = '          "bin-copy-environment" => (';
    $f[] = '            "PATH", "SHELL", "USER"';
    $f[] = '           ),';
    $f[] = '          "broken-scriptfilename" => "enable"';
    $f[] = '        ))';
    $f[] = ')';
    $f[] = "alias.url += ( \"/css/\" => \"/usr/share/artica-postfix/css/\" )";
    $f[] = "alias.url += ( \"/img/\" => \"/usr/share/artica-postfix/img/\" )";
    $f[] = "alias.url += ( \"/js/\" => \"/usr/share/artica-postfix/js/\" )";
    $f[] = "alias.url += ( \"/zaps/\" => \"/usr/share/artica-postfix/bin/install/squid/adzap/zaps/\" )";
    $f[] = "";
    $f[] = "cgi.assign= (";
    $f[] = "\t\".pl\"  => \"/usr/bin/perl\",";
    $f[] = "\t\".php\" => \"/usr/bin/php-cgi\",";
    $f[] = "\t\".py\"  => \"/usr/bin/python\",";
    $f[] = "\t\".cgi\"  => \"/usr/bin/perl\",";
    $f[] = ")";
    @file_put_contents("/etc/artica-postfix/squidguard-lighttpd.conf", @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} squidguard-lighttpd.conf done.\n";
    }
}
Exemple #5
0
function apache_config()
{
    $sock = new sockets();
    $unix = new unix();
    $EnablePHPFPM = 0;
    $ipaddr = null;
    @mkdir("/var/run/apache2", 0755, true);
    @mkdir("/var/run/sarg-apache", 0755, true);
    @mkdir("/var/log/apache2", 0755, true);
    @mkdir(dirname($GLOBALS["APACHE_PID_PATH"]), 0755, true);
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
    $SargOutputDir = $sock->GET_INFO("SargOutputDir");
    if ($SargOutputDir == null) {
        $SargOutputDir = "/var/www/html/squid-reports";
    }
    $SargWebPort = intval($sock->GET_INFO("SargWebPort"));
    if ($SargWebPort == 0) {
        $SargWebPort = rand(55600, 59000);
        $sock->SET_INFO("SargWebPort", $SargWebPort);
    }
    if (is_link($SargOutputDir)) {
        $SargOutputDir = @readlink($SargOutputDir);
    }
    @mkdir($SargOutputDir, 0755, true);
    if (!is_file("{$SargOutputDir}/index.html")) {
        $php = $unix->LOCATE_PHP5_BIN();
        shell_exec("{$php} /usr/share/artica-postfix/exec.sarg.php --exec --force >/dev/null 2>&1 &");
    }
    if ($ipaddr == null) {
        $ipaddr = "*";
    }
    $phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
    $php = $unix->LOCATE_PHP5_BIN();
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_file($phpfpm)) {
        $EnableArticaApachePHPFPM = 0;
    }
    $logfile = "/var/log/apache2/apache-sarg-access.log";
    $ErrorLog = "/var/log/apache2/apache-sarg-error.log";
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
    $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
    if ($EnableArticaApachePHPFPM == 1) {
        if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
            }
            $EnableArticaApachePHPFPM = 0;
        }
    }
    if ($APACHE_SRC_ACCOUNT == null) {
        $APACHE_SRC_ACCOUNT = "www-data";
        $APACHE_SRC_GROUP = "www-data";
        $unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
    }
    @unlink($ErrorLog);
    @unlink($logfile);
    if (!is_file("{$logfile}")) {
        @touch("{$logfile}");
    }
    if (!is_file("{$ErrorLog}")) {
        @touch("{$ErrorLog}");
    }
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $ErrorLog);
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $logfile);
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/apache2");
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, dirname($GLOBALS["APACHE_PID_PATH"]));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
    }
    $f[] = "LockFile /var/run/apache2/sarg-artica-accept.lock";
    $f[] = "PidFile {$GLOBALS["APACHE_PID_PATH"]}";
    $f[] = "AcceptMutex flock";
    $f[] = "DocumentRoot {$SargOutputDir}";
    $f[] = "DirectoryIndex index.html";
    $f[] = "ErrorDocument 400 /index.html";
    $f[] = "ErrorDocument 401 /index.html";
    $f[] = "ErrorDocument 403 /index.html";
    $f[] = "ErrorDocument 404 /index.html";
    $f[] = "ErrorDocument 500 /index.html";
    $f[] = "NameVirtualHost {$ipaddr}:{$SargWebPort}";
    $f[] = "Listen {$ipaddr}:{$SargWebPort}";
    $f[] = "<VirtualHost {$ipaddr}:{$SargWebPort}>";
    $f[] = "\tServerName {$ipaddr}";
    $f[] = "\tDocumentRoot {$SargOutputDir}";
    $f[] = "</VirtualHost>";
    $f[] = "<IfModule mpm_prefork_module>";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_worker_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_event_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "AccessFileName .htaccess";
    $f[] = "<Files ~ \"^\\.ht\">";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tDeny from all";
    $f[] = "\tSatisfy all";
    $f[] = "</Files>";
    $f[] = "DefaultType text/plain";
    $f[] = "HostnameLookups Off";
    $f[] = "User\t\t\t\t   {$APACHE_SRC_ACCOUNT}";
    $f[] = "Group\t\t\t\t   {$APACHE_SRC_GROUP}";
    $f[] = "Timeout              300";
    $f[] = "KeepAlive            Off";
    $f[] = "KeepAliveTimeout     15";
    $f[] = "StartServers         1";
    $f[] = "MaxClients           50";
    $f[] = "MinSpareServers      2";
    $f[] = "MaxSpareServers      5";
    $f[] = "MaxRequestsPerChild  5000";
    $f[] = "MaxKeepAliveRequests 100";
    $f[] = "ServerName " . $unix->hostname_g();
    $f[] = "<IfModule mod_mime.c>";
    $f[] = "\tTypesConfig /etc/mime.types";
    $f[] = "\tAddType application/x-compress .Z";
    $f[] = "\tAddType application/x-gzip .gz .tgz";
    $f[] = "\tAddType application/x-bzip2 .bz2";
    $f[] = "\tAddType application/x-httpd-php .php .phtml";
    $f[] = "\tAddType application/x-httpd-php-source .phps";
    $f[] = "\tAddLanguage ca .ca";
    $f[] = "\tAddLanguage cs .cz .cs";
    $f[] = "\tAddLanguage da .dk";
    $f[] = "\tAddLanguage de .de";
    $f[] = "\tAddLanguage el .el";
    $f[] = "\tAddLanguage en .en";
    $f[] = "\tAddLanguage eo .eo";
    $f[] = "\tRemoveType  es";
    $f[] = "\tAddLanguage es .es";
    $f[] = "\tAddLanguage et .et";
    $f[] = "\tAddLanguage fr .fr";
    $f[] = "\tAddLanguage he .he";
    $f[] = "\tAddLanguage hr .hr";
    $f[] = "\tAddLanguage it .it";
    $f[] = "\tAddLanguage ja .ja";
    $f[] = "\tAddLanguage ko .ko";
    $f[] = "\tAddLanguage ltz .ltz";
    $f[] = "\tAddLanguage nl .nl";
    $f[] = "\tAddLanguage nn .nn";
    $f[] = "\tAddLanguage no .no";
    $f[] = "\tAddLanguage pl .po";
    $f[] = "\tAddLanguage pt .pt";
    $f[] = "\tAddLanguage pt-BR .pt-br";
    $f[] = "\tAddLanguage ru .ru";
    $f[] = "\tAddLanguage sv .sv";
    $f[] = "\tRemoveType  tr";
    $f[] = "\tAddLanguage tr .tr";
    $f[] = "\tAddLanguage zh-CN .zh-cn";
    $f[] = "\tAddLanguage zh-TW .zh-tw";
    $f[] = "\tAddCharset us-ascii    .ascii .us-ascii";
    $f[] = "\tAddCharset ISO-8859-1  .iso8859-1  .latin1";
    $f[] = "\tAddCharset ISO-8859-2  .iso8859-2  .latin2 .cen";
    $f[] = "\tAddCharset ISO-8859-3  .iso8859-3  .latin3";
    $f[] = "\tAddCharset ISO-8859-4  .iso8859-4  .latin4";
    $f[] = "\tAddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru";
    $f[] = "\tAddCharset ISO-8859-6  .iso8859-6  .arb .arabic";
    $f[] = "\tAddCharset ISO-8859-7  .iso8859-7  .grk .greek";
    $f[] = "\tAddCharset ISO-8859-8  .iso8859-8  .heb .hebrew";
    $f[] = "\tAddCharset ISO-8859-9  .iso8859-9  .latin5 .trk";
    $f[] = "\tAddCharset ISO-8859-10  .iso8859-10  .latin6";
    $f[] = "\tAddCharset ISO-8859-13  .iso8859-13";
    $f[] = "\tAddCharset ISO-8859-14  .iso8859-14  .latin8";
    $f[] = "\tAddCharset ISO-8859-15  .iso8859-15  .latin9";
    $f[] = "\tAddCharset ISO-8859-16  .iso8859-16  .latin10";
    $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
    $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
    $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
    $f[] = "\tAddCharset Big5        .Big5       .big5 .b5";
    $f[] = "\tAddCharset cn-Big5     .cn-big5";
    $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
    $f[] = "\tAddCharset WINDOWS-1251 .cp-1251   .win-1251";
    $f[] = "\tAddCharset CP866       .cp866";
    $f[] = "\tAddCharset KOI8      .koi8";
    $f[] = "\tAddCharset KOI8-E      .koi8-e";
    $f[] = "\tAddCharset KOI8-r      .koi8-r .koi8-ru";
    $f[] = "\tAddCharset KOI8-U      .koi8-u";
    $f[] = "\tAddCharset KOI8-ru     .koi8-uk .ua";
    $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
    $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
    $f[] = "\tAddCharset UTF-7       .utf7";
    $f[] = "\tAddCharset UTF-8       .utf8";
    $f[] = "\tAddCharset UTF-16      .utf16";
    $f[] = "\tAddCharset UTF-16BE    .utf16be";
    $f[] = "\tAddCharset UTF-16LE    .utf16le";
    $f[] = "\tAddCharset UTF-32      .utf32";
    $f[] = "\tAddCharset UTF-32BE    .utf32be";
    $f[] = "\tAddCharset UTF-32LE    .utf32le";
    $f[] = "\tAddCharset euc-cn      .euc-cn";
    $f[] = "\tAddCharset euc-gb      .euc-gb";
    $f[] = "\tAddCharset euc-jp      .euc-jp";
    $f[] = "\tAddCharset euc-kr      .euc-kr";
    $f[] = "\tAddCharset EUC-TW      .euc-tw";
    $f[] = "\tAddCharset gb2312      .gb2312 .gb";
    $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
    $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
    $f[] = "\tAddCharset shift_jis   .shift_jis .sjis";
    $f[] = "\tAddType text/html .shtml";
    $f[] = "\tAddOutputFilter INCLUDES .shtml";
    $f[] = "</IfModule>";
    //$f[]="Alias /index.php /usr/share/artica-postfix/hotspot.php";
    //$f[]="Alias /index.html /usr/share/artica-postfix/hotspot.php";
    $f[] = "<Directory \"{$SargOutputDir}\">";
    $f[] = "\tDirectorySlash On";
    $f[] = "\tDirectoryIndex index.html";
    $f[] = "\t\t<Files \"hostpot.php\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tallow from all";
    $f[] = "\t\t</Files>";
    $f[] = "\tErrorDocument 400 /index.html";
    $f[] = "\tErrorDocument 401 /index.html";
    $f[] = "\tErrorDocument 403 /index.html";
    $f[] = "\tErrorDocument 404 /index.html";
    $f[] = "\tErrorDocument 500 /index.html";
    $f[] = "\tOptions -Indexes";
    $f[] = "\tAllowOverride All";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tAllow from all";
    $f[] = "</Directory>";
    $f[] = "Loglevel debug";
    $f[] = "ErrorLog {$ErrorLog}";
    $f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
    $f[] = "CustomLog {$logfile} common";
    $array["actions_module"] = "mod_actions.so";
    $array["expires_module"] = "mod_expires.so";
    $array["rewrite_module"] = "mod_rewrite.so";
    $array["dir_module"] = "mod_dir.so";
    $array["mime_module"] = "mod_mime.so";
    $array["alias_module"] = "mod_alias.so";
    $array["auth_basic_module"] = "mod_auth_basic.so";
    $array["authz_host_module"] = "mod_authz_host.so";
    $array["autoindex_module"] = "mod_autoindex.so";
    $array["negotiation_module"] = "mod_negotiation.so";
    $array["headers_module"] = "mod_headers.so";
    //$array["ldap_module"]="mod_ldap.so";
    if (is_dir("/etc/apache2")) {
        if (!is_file("/etc/apache2/mime.types")) {
            if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
                @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
            }
        }
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
    }
    while (list($module, $lib) = each($array)) {
        if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
            }
            $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
            }
        }
    }
    @file_put_contents($GLOBALS["APACHE_CONFIG_PATH"], @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$GLOBALS["APACHE_CONFIG_PATH"]} done\n";
    }
}
function apache_config()
{
    $sock = new sockets();
    $unix = new unix();
    $EnablePHPFPM = 0;
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    if (preg_match("#APACHE_RUN_GROUP#", $APACHE_SRC_GROUP)) {
        $APACHE_SRC_GROUP = "www-data";
    }
    $LogFilePath = "/var/log/artica-wifidog/access.log";
    $directories[] = "/var/run/apache2";
    $directories[] = "/var/run/artica-apache";
    $directories[] = "/var/log/artica-wifidog";
    $directories[] = "/home/artica/hotspot/sessions";
    $directories[] = "/home/artica/hotspot/caches";
    while (list($index, $maindir) = each($directories)) {
        @mkdir($maindir, 0755, true);
        @chown($maindir, $APACHE_SRC_ACCOUNT);
        @chgrp($maindir, $APACHE_SRC_GROUP);
    }
    $ErrorLog = dirname($LogFilePath) . "/error.log";
    if (!is_file($LogFilePath)) {
        @touch($LogFilePath);
    }
    @chown($LogFilePath, $APACHE_SRC_ACCOUNT);
    @chgrp($LogFilePath, $APACHE_SRC_GROUP);
    if (!is_file($ErrorLog)) {
        @touch($ErrorLog);
    }
    @chown($ErrorLog, $APACHE_SRC_ACCOUNT);
    @chgrp($ErrorLog, $APACHE_SRC_GROUP);
    $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
    $HotSpotMaxClients = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotMaxClients"));
    $HotSpotStartServers = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotStartServers"));
    $HotSpotForceDDOSDisable = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotForceDDOSDisable"));
    if ($HotSpotMaxClients == 0) {
        $HotSpotMaxClients = 20;
    }
    if ($HotSpotStartServers == 0) {
        $HotSpotStartServers = 5;
    }
    $EnableArticaHotSpot = $sock->GET_INFO("EnableArticaHotSpot");
    $SquidHotSpotPort = $sock->GET_INFO("SquidHotSpotPort");
    $ArticaHotSpotPort = $sock->GET_INFO("ArticaHotSpotPort");
    $ArticaSSLHotSpotPort = $sock->GET_INFO("ArticaSSLHotSpotPort");
    $ArticaSplashHotSpotPort = $sock->GET_INFO("ArticaSplashHotSpotPort");
    $ArticaSplashHotSpotPortSSL = $sock->GET_INFO("ArticaSplashHotSpotPortSSL");
    if (!is_numeric($ArticaHotSpotPort)) {
        $ArticaHotSpotPort = 0;
    }
    if (!is_numeric($ArticaSplashHotSpotPort)) {
        $ArticaSplashHotSpotPort = 16080;
    }
    if (!is_numeric($ArticaSplashHotSpotPortSSL)) {
        $ArticaSplashHotSpotPortSSL = 16443;
    }
    $ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface");
    $HospotHTTPServerName = trim($sock->GET_INFO("HospotHTTPServerName"));
    $HotSpotErrorRedirect = $sock->GET_INFO("HotSpotErrorRedirect");
    if ($HotSpotErrorRedirect == null) {
        $HotSpotErrorRedirect = "http://www.msftncsi.com";
    }
    $Params = unserialize($sock->GET_INFO("HotSpotEvasive"));
    $ApacheEvasiveInstalled = intval($sock->GET_INFO("ApacheEvasiveInstalled"));
    if (!is_numeric($Params["DOSEnable"])) {
        $Params["DOSEnable"] = 1;
    }
    if (!is_numeric($Params["DOSHashTableSize"])) {
        $Params["DOSHashTableSize"] = 1024;
    }
    if (!is_numeric($Params["DOSPageCount"])) {
        $Params["DOSPageCount"] = 3;
    }
    if (!is_numeric($Params["DOSSiteCount"])) {
        $Params["DOSSiteCount"] = 20;
    }
    if (!is_numeric($Params["DOSPageInterval"])) {
        $Params["DOSPageInterval"] = 1;
    }
    if (!is_numeric($Params["DOSSiteInterval"])) {
        $Params["DOSSiteInterval"] = 10;
    }
    if (!is_numeric($Params["DOSBlockingPeriod"])) {
        $Params["DOSBlockingPeriod"] = 5;
    }
    $unix = new unix();
    $NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
    $ipaddr = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HotSpot run as {$ArticaHotSpotInterface} ( {$ipaddr} )\n";
    }
    if ($ipaddr == "0.0.0.0") {
        $ipaddr = "*";
    }
    if ($ipaddr == null) {
        $ipaddr = "*";
    }
    $GLOBALS["HOSTPOT_WEB_INTERFACE"] = $ipaddr;
    $phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
    $php = $unix->LOCATE_PHP5_BIN();
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_file($phpfpm)) {
        $EnableArticaApachePHPFPM = 0;
    }
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
    $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
    if ($EnableArticaApachePHPFPM == 1) {
        if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
            }
            $EnableArticaApachePHPFPM = 0;
        }
    }
    if ($APACHE_SRC_ACCOUNT == null) {
        $APACHE_SRC_ACCOUNT = "www-data";
        $APACHE_SRC_GROUP = "www-data";
        $unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as....: {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port.: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM...: {$EnablePHPFPM}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} MaxClients: {$HotSpotMaxClients}\n";
    }
    $f[] = "Group {$APACHE_SRC_GROUP}";
    $f[] = "User {$APACHE_SRC_ACCOUNT}";
    $f[] = "LockFile /var/run/apache2/hotspot-artica-accept.lock";
    $f[] = "PidFile /var/run/artica-apache/hotspot-apache.pid";
    $f[] = "AcceptMutex flock";
    $f[] = "SSLRandomSeed startup file:/dev/urandom  256";
    $f[] = "SSLRandomSeed connect builtin";
    $f[] = "SSLSessionCache        shmcb:/var/run/apache2/ssl_scache-hotspot(512000)";
    $f[] = "SSLSessionCacheTimeout  300";
    $f[] = "SSLSessionCacheTimeout  300";
    $f[] = "DocumentRoot /usr/share/artica-postfix";
    $f[] = "DirectoryIndex hotspot.html";
    $f[] = "ErrorDocument 400 /hotspot.html";
    $f[] = "ErrorDocument 401 /hotspot.html";
    $f[] = "ErrorDocument 403 /hotspot.html";
    $f[] = "ErrorDocument 404 /hotspot.html";
    $f[] = "ErrorDocument 500 /hotspot.html";
    $NameVirtualHost = $ipaddr;
    if ($HospotHTTPServerName != null) {
        $NameVirtualHost = $HospotHTTPServerName;
    }
    $f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
    $f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
    $f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
    $f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
    $ddos_config = null;
    if ($HotSpotForceDDOSDisable == 1) {
        $Params["DOSEnable"] = 0;
    }
    if ($Params["DOSEnable"] == 1) {
        //$ddos[]="<IfModule mod_evasive20.c>";
        $ddos[] = "\tDOSHashTableSize {$Params["DOSHashTableSize"]}";
        $ddos[] = "\tDOSPageCount {$Params["DOSPageCount"]}";
        $ddos[] = "\tDOSSiteCount {$Params["DOSSiteCount"]}";
        $ddos[] = "\tDOSPageInterval {$Params["DOSPageInterval"]}";
        $ddos[] = "\tDOSSiteInterval {$Params["DOSSiteInterval"]}";
        $ddos[] = "\tDOSBlockingPeriod {$Params["DOSBlockingPeriod"]}";
        $ddos[] = "\tDOSLogDir  \"/var/log/artica-wifidog\"";
        $ddos[] = "\tDOSSystemCommand \"/bin/echo `date '+%F %T'` HOTSPOT  %s >> /var/log/artica-wifidog/dos_evasive_attacks.log\"";
        $ddos_config = @implode("\n", $ddos);
        //$ddos[]="</IfModule>";
    }
    $f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}>";
    $f[] = "\tServerName {$NameVirtualHost}";
    $f[] = "\tDocumentRoot /usr/share/artica-postfix";
    $f[] = "{$ddos_config}";
    $f[] = "\tErrorDocument 400 /hotspot.html";
    $f[] = "\tErrorDocument 401 /hotspot.html";
    $f[] = "\tErrorDocument 403 /hotspot.html";
    $f[] = "\tErrorDocument 404 /hotspot.html";
    $f[] = "\tErrorDocument 500 /hotspot.html";
    $f[] = "\tFallbackResource /hotspot.html";
    $f[] = "</VirtualHost>";
    $f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}>";
    $f[] = "\tServerName {$NameVirtualHost}";
    $f[] = "\tDocumentRoot /usr/share/artica-postfix";
    $f[] = "\tSSLEngine on";
    $squid = new squidbee();
    $ArticaSplashHotSpotCertificate = $sock->GET_INFO("ArticaSplashHotSpotCertificate");
    $data = $squid->SaveCertificate($ArticaSplashHotSpotCertificate, false, true, false);
    if ($ArticaSplashHotSpotCertificate != null) {
        $apache = new apache_certificate($ArticaSplashHotSpotCertificate);
        $f[] = $apache->build();
    } else {
        if (preg_match("#ssl_certificate\\s+(.+?);\\s+ssl_certificate_key\\s+(.+?);#is", $data, $re)) {
            $cert = $re[1];
            $key = $re[2];
            $f[] = "\tSSLCertificateFile \"{$cert}\"";
            $f[] = "\tSSLCertificateKeyFile \"{$key}\"";
        }
    }
    $f[] = "\tSSLVerifyClient none";
    $f[] = "\tServerSignature Off";
    $f[] = "{$ddos_config}";
    $f[] = "\tErrorDocument 400 /hotspot.html";
    $f[] = "\tErrorDocument 401 /hotspot.html";
    $f[] = "\tErrorDocument 403 /hotspot.html";
    $f[] = "\tErrorDocument 404 /hotspot.html";
    $f[] = "\tErrorDocument 500 /hotspot.html";
    $f[] = "\tFallbackResource /hotspot.html";
    $f[] = "</VirtualHost>";
    $f[] = "AccessFileName .htaccess";
    $f[] = "<Files ~ \"^\\.ht\">";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tDeny from all";
    $f[] = "\tSatisfy all";
    $f[] = "</Files>";
    $f[] = "DefaultType text/plain";
    $f[] = "HostnameLookups Off";
    $f[] = "User\t\t\t\t   {$APACHE_SRC_ACCOUNT}";
    $f[] = "Group\t\t\t\t   {$APACHE_SRC_GROUP}";
    $f[] = "Timeout              300";
    $f[] = "KeepAlive            Off";
    $f[] = "KeepAliveTimeout     3";
    if ($HotSpotStartServers >= $HotSpotMaxClients) {
        $HotSpotMaxClients = $HotSpotMaxClients + $HotSpotStartServers;
    }
    if ($HotSpotMaxClients > 1024) {
        $HotSpotMaxClients = 1024;
    }
    $ServerLimit = $HotSpotMaxClients + 100;
    if ($ServerLimit > 2000) {
        $ServerLimit = 2000;
    }
    $f[] = "StartServers         {$HotSpotStartServers}";
    $f[] = "MaxClients           {$HotSpotMaxClients}";
    $f[] = "ServerLimit\t\t   {$ServerLimit}";
    $MinSpareServers = $HotSpotStartServers + 5;
    $MaxSpareServers = $MinSpareServers + 1;
    $f[] = "MinSpareServers      {$MinSpareServers}";
    $f[] = "MaxSpareServers      {$MaxSpareServers}";
    $f[] = "MaxRequestsPerChild  800";
    $f[] = "MaxKeepAliveRequests 100";
    $f[] = "ServerName " . $unix->hostname_g();
    $f[] = "<IfModule mod_ssl.c>";
    $f[] = "\tSSLRandomSeed connect builtin";
    $f[] = "\tSSLRandomSeed connect file:/dev/urandom 512";
    $f[] = "\tAddType application/x-x509-ca-cert .crt";
    $f[] = "\tAddType application/x-pkcs7-crl    .crl";
    $f[] = "\tSSLPassPhraseDialog  builtin";
    $f[] = "\tSSLSessionCache        shmcb:/var/run/apache2/ssl_scache-articahtp(512000)";
    $f[] = "\tSSLSessionCacheTimeout  300";
    $f[] = "\tSSLSessionCacheTimeout  300";
    $f[] = "\tSSLMutex  sem";
    $f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
    $f[] = "\tSSLProtocol all -SSLv2";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "AddType application/x-httpd-php .php";
    $f[] = "php_value error_log \"/var/log/artica-wifidog/access.log\"";
    $f[] = "php_value session.save_path \"/home/artica/hotspot/sessions\"";
    $f[] = "<IfModule mod_fcgid.c>";
    $f[] = "\tPHP_Fix_Pathinfo_Enable 1";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_php5.c>";
    $f[] = "    <FilesMatch \"\\.ph(p3?|tml)\$\">";
    $f[] = "\tSetHandler application/x-httpd-php";
    $f[] = "    </FilesMatch>";
    $f[] = "    <FilesMatch \"\\.phps\$\">";
    $f[] = "\tSetHandler application/x-httpd-php-source";
    $f[] = "    </FilesMatch>";
    $f[] = "    <IfModule mod_userdir.c>";
    $f[] = "        <Directory /home/*/public_html>";
    $f[] = "            php_admin_value engine Off";
    $f[] = "        </Directory>";
    $f[] = "    </IfModule>";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_mime.c>";
    $f[] = "\tTypesConfig /etc/mime.types";
    $f[] = "\tAddType application/x-compress .Z";
    $f[] = "\tAddType application/x-gzip .gz .tgz";
    $f[] = "\tAddType application/x-bzip2 .bz2";
    $f[] = "\tAddType application/x-httpd-php .php .phtml";
    $f[] = "\tAddType application/x-httpd-php-source .phps";
    $f[] = "\tAddLanguage ca .ca";
    $f[] = "\tAddLanguage cs .cz .cs";
    $f[] = "\tAddLanguage da .dk";
    $f[] = "\tAddLanguage de .de";
    $f[] = "\tAddLanguage el .el";
    $f[] = "\tAddLanguage en .en";
    $f[] = "\tAddLanguage eo .eo";
    $f[] = "\tRemoveType  es";
    $f[] = "\tAddLanguage es .es";
    $f[] = "\tAddLanguage et .et";
    $f[] = "\tAddLanguage fr .fr";
    $f[] = "\tAddLanguage he .he";
    $f[] = "\tAddLanguage hr .hr";
    $f[] = "\tAddLanguage it .it";
    $f[] = "\tAddLanguage ja .ja";
    $f[] = "\tAddLanguage ko .ko";
    $f[] = "\tAddLanguage ltz .ltz";
    $f[] = "\tAddLanguage nl .nl";
    $f[] = "\tAddLanguage nn .nn";
    $f[] = "\tAddLanguage no .no";
    $f[] = "\tAddLanguage pl .po";
    $f[] = "\tAddLanguage pt .pt";
    $f[] = "\tAddLanguage pt-BR .pt-br";
    $f[] = "\tAddLanguage ru .ru";
    $f[] = "\tAddLanguage sv .sv";
    $f[] = "\tRemoveType  tr";
    $f[] = "\tAddLanguage tr .tr";
    $f[] = "\tAddLanguage zh-CN .zh-cn";
    $f[] = "\tAddLanguage zh-TW .zh-tw";
    $f[] = "\tAddCharset us-ascii    .ascii .us-ascii";
    $f[] = "\tAddCharset ISO-8859-1  .iso8859-1  .latin1";
    $f[] = "\tAddCharset ISO-8859-2  .iso8859-2  .latin2 .cen";
    $f[] = "\tAddCharset ISO-8859-3  .iso8859-3  .latin3";
    $f[] = "\tAddCharset ISO-8859-4  .iso8859-4  .latin4";
    $f[] = "\tAddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru";
    $f[] = "\tAddCharset ISO-8859-6  .iso8859-6  .arb .arabic";
    $f[] = "\tAddCharset ISO-8859-7  .iso8859-7  .grk .greek";
    $f[] = "\tAddCharset ISO-8859-8  .iso8859-8  .heb .hebrew";
    $f[] = "\tAddCharset ISO-8859-9  .iso8859-9  .latin5 .trk";
    $f[] = "\tAddCharset ISO-8859-10  .iso8859-10  .latin6";
    $f[] = "\tAddCharset ISO-8859-13  .iso8859-13";
    $f[] = "\tAddCharset ISO-8859-14  .iso8859-14  .latin8";
    $f[] = "\tAddCharset ISO-8859-15  .iso8859-15  .latin9";
    $f[] = "\tAddCharset ISO-8859-16  .iso8859-16  .latin10";
    $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
    $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
    $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
    $f[] = "\tAddCharset Big5        .Big5       .big5 .b5";
    $f[] = "\tAddCharset cn-Big5     .cn-big5";
    $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
    $f[] = "\tAddCharset WINDOWS-1251 .cp-1251   .win-1251";
    $f[] = "\tAddCharset CP866       .cp866";
    $f[] = "\tAddCharset KOI8      .koi8";
    $f[] = "\tAddCharset KOI8-E      .koi8-e";
    $f[] = "\tAddCharset KOI8-r      .koi8-r .koi8-ru";
    $f[] = "\tAddCharset KOI8-U      .koi8-u";
    $f[] = "\tAddCharset KOI8-ru     .koi8-uk .ua";
    $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
    $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
    $f[] = "\tAddCharset UTF-7       .utf7";
    $f[] = "\tAddCharset UTF-8       .utf8";
    $f[] = "\tAddCharset UTF-16      .utf16";
    $f[] = "\tAddCharset UTF-16BE    .utf16be";
    $f[] = "\tAddCharset UTF-16LE    .utf16le";
    $f[] = "\tAddCharset UTF-32      .utf32";
    $f[] = "\tAddCharset UTF-32BE    .utf32be";
    $f[] = "\tAddCharset UTF-32LE    .utf32le";
    $f[] = "\tAddCharset euc-cn      .euc-cn";
    $f[] = "\tAddCharset euc-gb      .euc-gb";
    $f[] = "\tAddCharset euc-jp      .euc-jp";
    $f[] = "\tAddCharset euc-kr      .euc-kr";
    $f[] = "\tAddCharset EUC-TW      .euc-tw";
    $f[] = "\tAddCharset gb2312      .gb2312 .gb";
    $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
    $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
    $f[] = "\tAddCharset shift_jis   .shift_jis .sjis";
    $f[] = "\tAddType text/html .shtml";
    $f[] = "\tAddOutputFilter INCLUDES .shtml";
    $f[] = "</IfModule>";
    $f[] = "Alias /index.php /hotspot.html";
    $f[] = "Alias /index.html /hotspot.html";
    $f[] = "Alias /Microsoft-Server-ActiveSync /hotspot-none.html";
    $f[] = "<Directory \"/usr/share/artica-postfix\">";
    $f[] = "\tDirectorySlash On";
    $f[] = "\tDirectoryIndex hostpot.php";
    $f[] = "\t\t<Files \"hostpot.php\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tallow from all";
    $f[] = "\t\t</Files>";
    $f[] = "\t\t<Files \"hostpot.html\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tallow from all";
    $f[] = "\t\t</Files>";
    $f[] = "\t\t<FilesMatch \"!(hostpot)\\.(html|php)\$\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tdeny from all";
    $f[] = "\t\t</FilesMatch>";
    $f[] = "\tErrorDocument 400 /hotspot.html";
    $f[] = "\tErrorDocument 401 /hotspot.html";
    $f[] = "\tErrorDocument 403 /hotspot.html";
    $f[] = "\tErrorDocument 404 /hotspot.html";
    $f[] = "\tErrorDocument 500 /hotspot.html";
    $f[] = "\tFallbackResource /hotspot.html";
    $f[] = "\tOptions -Indexes";
    $f[] = "\tSSLOptions +StdEnvVars";
    $f[] = "\tAllowOverride All";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tAllow from all";
    $f[] = "</Directory>";
    if ($EnableArticaApachePHPFPM == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
        }
        shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
        }
        shell_exec("/etc/init.d/php5-fpm restart");
        $f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
        $f[] = "\tAddHandler php-script .php";
        $f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
        $f[] = "\tAction php-script /php5.fastcgi virtual";
        $f[] = "\t<Directory /var/run/artica-apache>";
        $f[] = "\t\t<Files php5.fastcgi>";
        $f[] = "\t\tOrder deny,allow";
        $f[] = "\t\tAllow from all";
        $f[] = "\t\t</Files>";
        $f[] = "\t</Directory>";
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
        }
    }
    $f[] = "Loglevel debug";
    $f[] = "ErrorLog {$ErrorLog}";
    $f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
    $f[] = "CustomLog {$LogFilePath} common";
    if ($EnableArticaApachePHPFPM == 0) {
        $array["php5_module"] = "libphp5.so";
    }
    $array["actions_module"] = "mod_actions.so";
    $array["expires_module"] = "mod_expires.so";
    $array["rewrite_module"] = "mod_rewrite.so";
    $array["dir_module"] = "mod_dir.so";
    $array["mime_module"] = "mod_mime.so";
    $array["alias_module"] = "mod_alias.so";
    $array["auth_basic_module"] = "mod_auth_basic.so";
    $array["authz_host_module"] = "mod_authz_host.so";
    $array["autoindex_module"] = "mod_autoindex.so";
    $array["negotiation_module"] = "mod_negotiation.so";
    $array["ssl_module"] = "mod_ssl.so";
    $array["headers_module"] = "mod_headers.so";
    $array["ldap_module"] = "mod_ldap.so";
    if ($Params["DOSEnable"] == 1) {
        $array["evasive20_module"] = "mod_evasive20.so";
    }
    if ($EnableArticaApachePHPFPM == 1) {
        $array["fastcgi_module"] = "mod_fastcgi.so";
    }
    if (is_dir("/etc/apache2")) {
        if (!is_file("/etc/apache2/mime.types")) {
            if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
                @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
            }
        }
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
    }
    while (list($module, $lib) = each($array)) {
        if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
            }
            $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
            }
        }
    }
    build_error_page();
    @file_put_contents("/etc/artica-postfix/hotspot-httpd.conf", @implode("\n", $f) . "\n");
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/hotspot-httpd.conf done\n";
    }
}
Exemple #7
0
function start($aspid = false)
{
    $unix = new unix();
    $sock = new sockets();
    $postconf = $unix->find_program("postconf");
    $postfix = $unix->find_program("postfix");
    $usermod = $unix->find_program("usermod");
    $users = new usersMenus();
    if (!is_file($postconf)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix, not installed\n";
        }
        return;
    }
    if (!$aspid) {
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
        $pid = $unix->get_pid_from_file($pidfile);
        if ($unix->process_exists($pid, basename(__FILE__))) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix Already Artica task running PID {$pid} since {$time}mn\n";
            }
            return;
        }
        @file_put_contents($pidfile, getmypid());
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        $timepid = $unix->PROCCESS_TIME_MIN($pid);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix Service already started {$pid} since {$timepid}Mn...\n";
        }
        return;
    }
    $EnablePostfix = $sock->GET_INFO("EnablePostfix");
    $EnableStopPostfix = $sock->GET_INFO("EnableStopPostfix");
    if (!is_numeric($EnablePostfix)) {
        $EnablePostfix = 1;
    }
    if (!is_numeric($EnableStopPostfix)) {
        $EnableStopPostfix = 0;
    }
    if ($EnableStopPostfix == 1) {
        $EnablePostfix = 0;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix EnablePostfix     = {$EnablePostfix}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix EnableStopPostfix = {$EnableStopPostfix}\n";
    }
    if ($EnablePostfix == 0) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service disabled\n";
        }
        return;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix checking postfix user\n";
    }
    $unix->CreateUnixUser("postfix", "postfix");
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix checking clamav user\n";
    }
    $unix->CreateUnixUser("clamav", "clamav");
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix checking postdrop group\n";
    }
    $unix->SystemCreateGroup("postdrop");
    shell_exec("{$usermod} -a -G postfix clamav >/dev/null 2>&1");
    @mkdir("/var/amavis", 0755, true);
    @chmod("/var/amavis", 0755);
    if (!is_file("/etc/postfix/relay_domains.db")) {
        @touch("/etc/postfix/relay_domains");
        shell_exec("postmap hash:/etc/postfix/relay_domains");
    }
    if (is_file("/etc/sasldb2")) {
        @chown("/etc/sasldb2", "postfix");
        @chgrp("/etc/sasldb2", "postfix");
    }
    $unixsocket = $users->cyrus_lmtp_path;
    if ($unixsocket == null) {
        $unixsocket = "/var/spool/postfix/var/run/cyrus/socket/lmtp";
    }
    @chown($unixsocket, "postfix");
    @chgrp($unixsocket, "postfix");
    @chmod($unixsocket, 0777);
    $nohup = $unix->find_program("nohup");
    $php5 = $unix->LOCATE_PHP5_BIN();
    $TMPFILE = $unix->FILE_TEMP();
    $cmd = "{$nohup} {$postfix} start >{$TMPFILE} 2>&1 &";
    if ($GLOBALS["VERBOSE"]) {
        echo "{$cmd}\n";
    }
    shell_exec($cmd);
    for ($i = 0; $i < 6; $i++) {
        $pid = PID_NUM();
        if ($unix->process_exists($pid)) {
            break;
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service waiting {$i}/6...\n";
        }
        sleep(1);
    }
    $f = explode("\n", @file_get_contents($TMPFILE));
    @unlink($TMPFILE);
    while (list($num, $line) = each($f)) {
        if (trim($line) == null) {
            continue;
        }
        if (strpos($line, "unused parameter:") > 0) {
            continue;
        }
        if (preg_match("#fatal:.*?directory\\s+(.+?):\\s+Permission denied#", $line, $re)) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: permission error on \"{$re[1]}\"\n";
            }
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: Running permission tool\n";
            }
            exec("{$postfix} set-permissions 2>&1", $results2);
            while (list($num, $line) = each($results2)) {
                if ($GLOBALS["OUTPUT"]) {
                    echo "Starting......: " . date("H:i:s") . " [INIT]: {$line}\n";
                }
            }
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: You need to restart again the service\n";
            }
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$line}\n";
        }
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service Success service started pid:{$pid}...\n";
        }
        return;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service failed...\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$cmd}\n";
    }
    if ($GLOBALS["VERBOSE"]) {
        echo "{$cmd}\n";
    }
}
function start($aspid = false)
{
    $unix = new unix();
    $sock = new sockets();
    $Masterbin = "/opt/kaspersky/kav4proxy/sbin/kav4proxy-kavicapserver";
    if (!is_file($Masterbin)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, Not installed\n";
        }
        return;
    }
    if (!$aspid) {
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
        $pid = $unix->get_pid_from_file($pidfile);
        if ($unix->process_exists($pid, basename(__FILE__))) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
            }
            return;
        }
        @file_put_contents($pidfile, getmypid());
    }
    if ($unix->MEM_TOTAL_INSTALLEE() < 624288) {
        $sock->SET_INFO("kavicapserverEnabled", 0);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Not enough memory\n";
        }
        if ($unix->process_exists($pid)) {
            stop();
        }
        return;
    }
    $pid = PID_NUM();
    $kavicapserverEnabled = intval($sock->GET_INFO("kavicapserverEnabled"));
    if ($unix->process_exists($pid)) {
        $timepid = $unix->PROCCESS_TIME_MIN($pid);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
        }
        if ($kavicapserverEnabled == 0) {
            stop();
        }
        return;
    }
    if ($kavicapserverEnabled == 0) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see kavicapserverEnabled)\n";
        }
        return;
    }
    $php5 = $unix->LOCATE_PHP5_BIN();
    $sysctl = $unix->find_program("sysctl");
    $echo = $unix->find_program("echo");
    $nohup = $unix->find_program("nohup");
    $unix->CreateUnixUser("kluser", "klusers");
    build();
    $version = kav4proxy_version();
    $KL_SERVICE_CONFIG = "/etc/opt/kaspersky/kav4proxy.conf";
    $f[] = $nohup;
    $f[] = $Masterbin;
    $f[] = "-C \"{$KL_SERVICE_CONFIG}\"";
    $cmd = @implode(" ", $f) . " >/dev/null 2>&1 &";
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
    }
    shell_exec($cmd);
    for ($i = 1; $i < 5; $i++) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
        }
        sleep(1);
        $pid = PID_NUM();
        if ($unix->process_exists($pid)) {
            break;
        }
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
        }
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
        }
    }
}
function start_prepare()
{
    if ($GLOBALS["CRASHED"]) {
        return;
    }
    buil_init_squid_cache_log();
    initd_squid();
    $reconfigure = false;
    $unix = new unix();
    $sock = new sockets();
    $NtpdateAD = $sock->GET_INFO("NtpdateAD");
    $php = $unix->LOCATE_PHP5_BIN();
    $nohup = $unix->find_program("nohup");
    if (!is_file("/etc/squid3/malwares.acl")) {
        @file_put_contents("/etc/squid3/malwares.acl", "\n");
    }
    if (!is_file("/etc/squid3/squid-block.acl")) {
        @file_put_contents("/etc/squid3/squid-block.acl", "\n");
    }
    $EXPLODED = explode("\n", @file_get_contents("/etc/squid3/squid.conf"));
    while (list($index, $val) = each($EXPLODED)) {
        if (preg_match("#INSERT YOUR OWN RULE#", $val)) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Preparing.....: " . date("H:i:s") . " squid must be reconfigured...\n";
            }
            $reconfigure = true;
        }
    }
    if ($reconfigure) {
        if ($GLOBALS["OUTPUT"]) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " Rebuild configuration\n";
            }
            system("{$php} /usr/share/artica-postfix/exec.squid.php --build --withoutloading");
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " Rebuild configuration\n";
            }
            exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --withoutloading 2>&1", $GLOBALS["LOGS"]);
        }
    }
    if ($NtpdateAD == 1) {
        shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.kerbauth.php --ntpdate >/dev/null 2>&1 &");
    }
    $unix->CreateUnixUser("squid", "squid");
    if (!is_file("/etc/squid3/squid.conf")) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " Warning /etc/squid3/squid.conf no such file\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " Ask to build it and die\n";
        }
        shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --force --withoutloading");
        die;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " initd-squid\n";
    }
    shell_exec("{$php} /usr/share/artica-postfix/exec.initd-squid.php >/dev/null 2>&1");
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " Watchdog config\n";
    }
    shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --watchdog-config >/dev/null 2>&1");
    exec("{$php} /usr/share/artica-postfix/exec.squid.transparent.php", $GLOBALS["LOGS"]);
    if (!is_file("/etc/init.d/tproxy start")) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " Building transparent method\n";
        }
        exec("{$php} /usr/share/artica-postfix/exec.squid.transparent.php", $GLOBALS["LOGS"]);
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " Starting transparent method\n";
        }
        exec("/etc/init.d/tproxy start", $GLOBALS["LOGS"]);
    }
    $directories_squid[] = "/var/squid";
    $directories_squid[] = "/var/squid/cache";
    $directories_squid[] = "/usr/share/squid3/icons";
    $directories_squid[] = "/var/log/squid";
    $directories_squid[] = "/etc/squid3";
    $directories_squid[] = "/var/lib/squidguard";
    $directories_squid[] = "/var/run/squid";
    $directories_squid[] = "/lib/squid3";
    $directories_chmod[] = "/var/logs";
    $directories_chmod[] = "/var/log";
    $directories_chmod[] = "/var";
    $directories_chmod_owned[] = "/home/squid";
    $filesOblig[] = "/etc/squid3/url_rewrite_program.deny.db";
    $filesOblig[] = "/var/run/squid/squid.pid";
    while (list($num, $directory) = each($directories_squid)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " {$directory}\n";
        }
        if (!is_dir($directory)) {
            @mkdir($directory, 0755, true);
        }
        @chmod($directory, 0755);
        $unix->chmod_func(0755, "{$directory}/*");
        $unix->chown_func("squid", "squid", "{$directory}/*");
    }
    while (list($num, $directory) = each($directories_chmod)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " {$directory}\n";
        }
        if (!is_dir($directory)) {
            @mkdir($directory, 0755, true);
        }
        @chmod($directory, 0755);
    }
    while (list($num, $directory) = each($directories_chmod)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " {$directory}\n";
        }
        if (!is_dir($directory)) {
            @mkdir($directory, 0755, true);
        }
        $unix->chmod_func(0755, "{$directory}");
        $unix->chown_func("squid", "squid", "{$directory}");
    }
    while (list($num, $filepath) = each($filesOblig)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " {$filepath}\n";
        }
        if (!is_file($filepath)) {
            @touch("{$filepath}");
        }
        @chmod($filepath, 0755);
        @chown($filepath, "squid");
        @chgrp($filepath, "squid");
    }
    $articafiles[] = "exec.logfile_daemon.php";
    $articafiles[] = "external_acl_squid_ldap.php";
    $articafiles[] = "external_acl_dynamic.php";
    $articafiles[] = "external_acl_quota.php";
    $articafiles[] = "external_acl_basic_auth.php";
    $articafiles[] = "external_acl_squid.php";
    while (list($num, $filename) = each($articafiles)) {
        $filepath = "/usr/share/artica-postfix/{$filename}";
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " {$filepath}\n";
        }
        @chmod($filepath, 0755);
        @chown($filepath, "squid");
        @chgrp($filepath, "squid");
    }
    $squid_locate_pinger = $unix->squid_locate_pinger();
    $setcap = $unix->find_program("setcap");
    if (is_file($squid_locate_pinger)) {
        @chmod($squid_locate_pinger, 0755);
        @chown($squid_locate_pinger, "squid");
        @chgrp($squid_locate_pinger, "squid");
        if (is_file("{$setcap}")) {
            shell_exec("{$setcap} cap_net_raw=pe {$squid_locate_pinger}");
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Preparing.....: " . date("H:i:s") . " WARNING! setcap, no such binary!!\n";
            }
            $unix->DEBIAN_INSTALL_PACKAGE("libcap2-bin");
        }
    }
}
Exemple #10
0
function checkdb()
{
    $unix = new unix();
    $q = new mysql();
    $JAVA_HOME = $unix->JAVA_HOME_GET();
    if (strlen($JAVA_HOME) == 0) {
        echo "Starting......: " . date("H:i:s") . " OpenEMM JAVA_HOME failed\n";
        return;
    }
    echo "Starting......: " . date("H:i:s") . " OpenEMM JAVA_HOME {$JAVA_HOME}\n";
    if (!is_file("/home/openemm/bin/openemm.sh")) {
        echo "Starting......: " . date("H:i:s") . " OpenEMM /home/openemm/bin/openemm.sh no such file\n";
        return;
    }
    if (!is_file("/opt/openemm/tomcat6/bin/startup.sh")) {
        echo "Starting......: " . date("H:i:s") . " OpenEMM tomcat 6.x is not installed\n";
        return;
    }
    if (!$q->DATABASE_EXISTS("openemm")) {
        $q->CREATE_DATABASE("openemm");
    }
    if (!$q->DATABASE_EXISTS("openemm")) {
        echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating database openemm\n";
        return;
    }
    echo "Starting......: " . date("H:i:s") . " OpenEMM database openemm OK\n";
    if (!$q->DATABASE_EXISTS("openemm_cms")) {
        $q->CREATE_DATABASE("openemm_cms");
    }
    if (!$q->DATABASE_EXISTS("openemm_cms")) {
        echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating database openemm_cms\n";
        return;
    }
    if (!test_cms_tables()) {
        if (is_file("/home/openemm/USR_SHARE/openemm_cms-2011.sql")) {
            $mysql = $unix->find_program("mysql");
            $cmd = "{$mysql} -u {$q->mysql_admin} -p\"{$q->mysql_password}\" --batch --database=openemm_cms < /home/openemm/USR_SHARE/openemm_cms-2011.sql";
            shell_exec($cmd);
        }
    }
    if (!testtables()) {
        $mysql = $unix->find_program("mysql");
        if (is_file("/home/openemm/USR_SHARE/openemm-2011.sql")) {
            $cmd = "{$mysql} -u {$q->mysql_admin} -p\"{$q->mysql_password}\" --batch --database=openemm < /home/openemm/USR_SHARE/openemm-2011.sql";
            shell_exec($cmd);
        }
    }
    if (!testtables()) {
        echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating openemm tables\n";
        return;
    }
    if (!test_cms_tables()) {
        echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating openemm_cms tables\n";
        return;
    }
    echo "Starting......: " . date("H:i:s") . " OpenEMM tables in openemm base OK\n";
    echo "Starting......: " . date("H:i:s") . " OpenEMM tables in openemm_cms base OK\n";
    if (!$unix->CreateUnixUser("openemm")) {
        echo "Starting......: " . date("H:i:s") . " OpenEMM unix user openemm failed\n";
        return;
    }
    echo "Starting......: " . date("H:i:s") . " OpenEMM unix user openemm OK\n";
    patch_javahome($JAVA_HOME);
    patch_tomcat_dir("/opt/openemm/tomcat6");
    if (!is_dir("/home/openemm/logs")) {
        echo "Starting......: " . date("H:i:s") . " OpenEMM creating /home/openemm/logs directory\n";
        @mkdir("/home/openemm/logs", 0755, true);
    }
    $aa_complain = $unix->find_program("aa-complain");
    if (is_file($aa_complain)) {
        shell_exec("{$aa_complain} {$JAVA_HOME}/bin/java");
    }
    if (!is_file("/home/openemm/webapps/openemm/WEB-INF/classes/messages_en_US.properties")) {
        shell_exec("/bin/cp /home/openemm/webapps/openemm/WEB-INF/classes/messages_en.properties /home/openemm/webapps/openemm/WEB-INF/classes/messages_en_US.properties");
    }
    cms_properties();
    if (!is_dir("/home/openemm/work/Catalina/openemm/_")) {
        @mkdir("/home/openemm/work/Catalina/openemm/_", 0755, true);
    }
    shell_exec("/bin/chown openemm /home/openemm");
    shell_exec("/bin/chown -R openemm /home/openemm");
    if (is_numeric(is_tomcat_running())) {
        echo "Starting......: " . date("H:i:s") . " OpenEMM stopping tomcat first...\n";
        shell_exec("/etc/init.d/artica-postfix stop tomcat");
    }
    @unlink("/home/openemm/logs/catalina.out");
    @unlink("/home/openemm/logs/openemm/openemm_axis.log");
    @unlink("/home/openemm/logs/openemm/openemm_axis.log");
    @unlink("/home/openemm/logs/openemm/openemm_core.log");
    @unlink("/home/openemm/logs/openemm/userlogs.log");
}
Exemple #11
0
function apache_config()
{
    $sock = new sockets();
    $unix = new unix();
    $EnablePHPFPM = 0;
    @mkdir("/var/run/apache2", 0755, true);
    @mkdir("/var/run/artica-apache", 0755, true);
    @mkdir("/var/log/lighttpd", 0755, true);
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
    $pydio_installed = false;
    if (is_file(" /etc/php5/cli/conf.d/ming.ini")) {
        @unlink(" /etc/php5/cli/conf.d/ming.ini");
    }
    @unlink("/var/log/lighttpd/apache-error.log");
    @touch("/var/log/lighttpd/apache-error.log");
    @chmod("/var/log/lighttpd/apache-error.log", 0755);
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/lighttpd/*");
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/usr/share/artica-postfix/ressources/logs/*");
    if (is_dir("/usr/share/artica-postfix/pydio")) {
        $pydio_installed = true;
    }
    $ArticaHttpsPort = 9000;
    $NoLDAPInLighttpdd = 0;
    $ArticaHttpUseSSL = 1;
    $ArticaHttpsPort = $sock->GET_INFO("ArticaHttpsPort");
    $ArticaHttpUseSSL = $sock->GET_INFO("ArticaHttpUseSSL");
    if (!is_numeric($ArticaHttpUseSSL)) {
        $ArticaHttpUseSSL = 1;
    }
    if (!is_numeric($ArticaHttpsPort)) {
        $ArticaHttpsPort = "9000";
    }
    $LighttpdArticaListenIP = $sock->GET_INFO("LighttpdArticaListenIP");
    $phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
    $php = $unix->LOCATE_PHP5_BIN();
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_file($phpfpm)) {
        $EnableArticaApachePHPFPM = 0;
    }
    $EnablePHPFPM = intval($sock->GET_INFO("EnablePHPFPM"));
    if (!is_numeric($EnablePHPFPM)) {
        $EnablePHPFPM = 0;
    }
    if ($EnablePHPFPM == 0) {
        $EnableArticaApachePHPFPM = 0;
    }
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
    $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
    if ($EnableArticaApachePHPFPM == 1) {
        if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
            }
            $EnableArticaApachePHPFPM = 0;
        }
    }
    if ($APACHE_SRC_ACCOUNT == null) {
        $APACHE_SRC_ACCOUNT = "www-data";
        $APACHE_SRC_GROUP = "www-data";
        $unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM Enabled: {$EnableArticaApachePHPFPM}\n";
    }
    $f[] = "LockFile /var/run/apache2/artica-accept.lock";
    $f[] = "PidFile /var/run/artica-apache/apache.pid";
    $f[] = "DocumentRoot /usr/share/artica-postfix";
    $open_basedir[] = "/usr/share/artica-postfix";
    $open_basedir[] = "/etc/artica-postfix";
    $open_basedir[] = "/etc/artica-postfix/settings";
    $open_basedir[] = "/var/log";
    $open_basedir[] = "/var/run/mysqld";
    $open_basedir[] = "/usr/share/php";
    $open_basedir[] = "/usr/share/php5";
    $open_basedir[] = "/var/lib/php5";
    $open_basedir[] = "/var/lighttpd/upload";
    $open_basedir[] = "/usr/share/artica-postfix/ressources";
    $open_basedir[] = "/usr/share/artica-postfix/framework";
    $open_basedir[] = "/etc/ssl/certs/mysql-client-download";
    $open_basedir[] = "/var/run";
    $open_basedir[] = "/bin";
    $open_basedir[] = "/tmp";
    $open_basedir[] = "/usr/sbin";
    $open_basedir[] = "/home";
    //$f[]="php_value open_basedir \"".@implode(":", $open_basedir)."\"";
    //$f[]="php_value output_buffering Off";
    //$f[]="php_flag magic_quotes_gpc Off";
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen Port: {$ArticaHttpsPort}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen IP: {$LighttpdArticaListenIP}\n";
    }
    if ($LighttpdArticaListenIP != null) {
        $unix = new unix();
        $IPS = $unix->NETWORK_ALL_INTERFACES(true);
        if (!isset($IPS[$LighttpdArticaListenIP])) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} ERROR! Listen IP: {$LighttpdArticaListenIP} -> FALSE !!\n";
            }
            $LighttpdArticaListenIP = null;
        }
    }
    if ($LighttpdArticaListenIP == null) {
        $LighttpdArticaListenIP = "*";
    }
    if ($LighttpdArticaListenIP != null) {
        $ArticaHttpsPort = "{$LighttpdArticaListenIP}:{$ArticaHttpsPort}";
    }
    $f[] = "Listen {$ArticaHttpsPort}";
    $MaxClients = 20;
    $f[] = "<IfModule mpm_prefork_module>";
    $f[] = "\tStartServers 1";
    $f[] = "\tMinSpareServers 2";
    $f[] = "\tMaxSpareServers 3";
    $f[] = "\tMaxClients {$MaxClients}";
    $f[] = "\tServerLimit {$MaxClients}";
    $f[] = "\tMaxRequestsPerChild 100";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_worker_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_event_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "AccessFileName .htaccess";
    $f[] = "<Files ~ \"^\\.ht\">";
    //$f[]="\tOrder allow,deny";
    //$f[]="\tDeny from all";
    //$f[]="\tSatisfy all";
    $f[] = "</Files>";
    $f[] = "DefaultType text/plain";
    $f[] = "HostnameLookups Off";
    $f[] = "User\t\t\t\t   {$APACHE_SRC_ACCOUNT}";
    $f[] = "Group\t\t\t\t   {$APACHE_SRC_GROUP}";
    $f[] = "Timeout              300";
    $f[] = "KeepAlive            Off";
    $f[] = "KeepAliveTimeout     15";
    $f[] = "StartServers         1";
    $f[] = "MaxClients           {$MaxClients}";
    $f[] = "MinSpareServers      2";
    $f[] = "MaxSpareServers      3";
    $f[] = "MaxRequestsPerChild  100";
    $f[] = "MaxKeepAliveRequests 100";
    $ServerName = $unix->hostname_g();
    if ($ServerName == null) {
        $ServerName = "localhost.localdomain";
    }
    $f[] = "ServerName {$ServerName}";
    if ($ArticaHttpUseSSL == 1) {
        $mknod = $unix->find_program("mknod");
        shell_exec("{$mknod} /dev/random c 1 9 >/dev/null 2>&1");
        $f[] = "<IfModule mod_ssl.c>";
        $f[] = "\tListen {$ArticaHttpsPort}";
        $f[] = "\tSSLRandomSeed connect builtin";
        $f[] = "\tSSLRandomSeed connect file:/dev/urandom 256";
        $f[] = "\tAddType application/x-x509-ca-cert .crt";
        $f[] = "\tAddType application/x-pkcs7-crl    .crl";
        $f[] = "\tSSLPassPhraseDialog  builtin";
        $f[] = "\tSSLSessionCache        shmcb:/var/run/apache2/ssl_scache-artica(512000)";
        $f[] = "\tSSLSessionCacheTimeout  300";
        $f[] = "\tSSLSessionCacheTimeout  300";
        $f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
        $f[] = "\tSSLProtocol all -SSLv2";
        $f[] = "</IfModule>";
        $f[] = "";
        $f[] = "<IfModule mod_gnutls.c>";
        $f[] = "\tListen {$ArticaHttpsPort}";
        $f[] = "</IfModule>";
    }
    if (!is_file("/etc/ssl/certs/apache/server.crt")) {
        shell_exec("/usr/share/artica-postfix/bin/artica-install --apache-ssl-cert");
    }
    if ($ArticaHttpUseSSL == 1) {
        $f[] = "SSLEngine on";
        $f[] = "AcceptMutex flock";
        $f[] = "SSLCertificateFile \"/etc/ssl/certs/apache/server.crt\"";
        $f[] = "SSLCertificateKeyFile \"/etc/ssl/certs/apache/server.key\"";
        $f[] = "SSLVerifyClient none";
        $f[] = "ServerSignature Off";
        $f[] = "SSLRandomSeed startup file:/dev/urandom  256";
        $f[] = "SSLRandomSeed connect builtin";
    }
    $f[] = "AddType application/x-httpd-php .php";
    if ($EnableArticaApachePHPFPM == 0) {
        $f[] = "php_value error_log \"/var/log/php.log\"";
    }
    @chown("/var/log/php.log", $APACHE_SRC_ACCOUNT);
    $f[] = "<IfModule mod_fcgid.c>";
    $f[] = "\tPHP_Fix_Pathinfo_Enable 1";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_php5.c>";
    $f[] = "    <FilesMatch \"\\.ph(p3?|tml)\$\">";
    $f[] = "\tSetHandler application/x-httpd-php";
    $f[] = "    </FilesMatch>";
    $f[] = "    <FilesMatch \"\\.phps\$\">";
    $f[] = "\tSetHandler application/x-httpd-php-source";
    $f[] = "    </FilesMatch>";
    $f[] = "    <IfModule mod_userdir.c>";
    $f[] = "        <Directory /home/*/public_html>";
    $f[] = "            php_admin_value engine Off";
    $f[] = "        </Directory>";
    $f[] = "    </IfModule>";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_mime.c>";
    $f[] = "\tTypesConfig /etc/mime.types";
    $f[] = "\tAddType application/x-compress .Z";
    $f[] = "\tAddType application/x-gzip .gz .tgz";
    $f[] = "\tAddType application/x-bzip2 .bz2";
    $f[] = "\tAddType application/x-httpd-php .php .phtml";
    $f[] = "\tAddType application/x-httpd-php-source .phps";
    $f[] = "\tAddType application/octet-stream .acl";
    $f[] = "\tAddLanguage ca .ca";
    $f[] = "\tAddLanguage cs .cz .cs";
    $f[] = "\tAddLanguage da .dk";
    $f[] = "\tAddLanguage de .de";
    $f[] = "\tAddLanguage el .el";
    $f[] = "\tAddLanguage en .en";
    $f[] = "\tAddLanguage eo .eo";
    $f[] = "\tRemoveType  es";
    $f[] = "\tAddLanguage es .es";
    $f[] = "\tAddLanguage et .et";
    $f[] = "\tAddLanguage fr .fr";
    $f[] = "\tAddLanguage he .he";
    $f[] = "\tAddLanguage hr .hr";
    $f[] = "\tAddLanguage it .it";
    $f[] = "\tAddLanguage ja .ja";
    $f[] = "\tAddLanguage ko .ko";
    $f[] = "\tAddLanguage ltz .ltz";
    $f[] = "\tAddLanguage nl .nl";
    $f[] = "\tAddLanguage nn .nn";
    $f[] = "\tAddLanguage no .no";
    $f[] = "\tAddLanguage pl .po";
    $f[] = "\tAddLanguage pt .pt";
    $f[] = "\tAddLanguage pt-BR .pt-br";
    $f[] = "\tAddLanguage ru .ru";
    $f[] = "\tAddLanguage sv .sv";
    $f[] = "\tRemoveType  tr";
    $f[] = "\tAddLanguage tr .tr";
    $f[] = "\tAddLanguage zh-CN .zh-cn";
    $f[] = "\tAddLanguage zh-TW .zh-tw";
    $f[] = "\tAddCharset us-ascii    .ascii .us-ascii";
    $f[] = "\tAddCharset ISO-8859-1  .iso8859-1  .latin1";
    $f[] = "\tAddCharset ISO-8859-2  .iso8859-2  .latin2 .cen";
    $f[] = "\tAddCharset ISO-8859-3  .iso8859-3  .latin3";
    $f[] = "\tAddCharset ISO-8859-4  .iso8859-4  .latin4";
    $f[] = "\tAddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru";
    $f[] = "\tAddCharset ISO-8859-6  .iso8859-6  .arb .arabic";
    $f[] = "\tAddCharset ISO-8859-7  .iso8859-7  .grk .greek";
    $f[] = "\tAddCharset ISO-8859-8  .iso8859-8  .heb .hebrew";
    $f[] = "\tAddCharset ISO-8859-9  .iso8859-9  .latin5 .trk";
    $f[] = "\tAddCharset ISO-8859-10  .iso8859-10  .latin6";
    $f[] = "\tAddCharset ISO-8859-13  .iso8859-13";
    $f[] = "\tAddCharset ISO-8859-14  .iso8859-14  .latin8";
    $f[] = "\tAddCharset ISO-8859-15  .iso8859-15  .latin9";
    $f[] = "\tAddCharset ISO-8859-16  .iso8859-16  .latin10";
    $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
    $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
    $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
    $f[] = "\tAddCharset Big5        .Big5       .big5 .b5";
    $f[] = "\tAddCharset cn-Big5     .cn-big5";
    $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
    $f[] = "\tAddCharset WINDOWS-1251 .cp-1251   .win-1251";
    $f[] = "\tAddCharset CP866       .cp866";
    $f[] = "\tAddCharset KOI8      .koi8";
    $f[] = "\tAddCharset KOI8-E      .koi8-e";
    $f[] = "\tAddCharset KOI8-r      .koi8-r .koi8-ru";
    $f[] = "\tAddCharset KOI8-U      .koi8-u";
    $f[] = "\tAddCharset KOI8-ru     .koi8-uk .ua";
    $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
    $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
    $f[] = "\tAddCharset UTF-7       .utf7";
    $f[] = "\tAddCharset UTF-8       .utf8";
    $f[] = "\tAddCharset UTF-16      .utf16";
    $f[] = "\tAddCharset UTF-16BE    .utf16be";
    $f[] = "\tAddCharset UTF-16LE    .utf16le";
    $f[] = "\tAddCharset UTF-32      .utf32";
    $f[] = "\tAddCharset UTF-32BE    .utf32be";
    $f[] = "\tAddCharset UTF-32LE    .utf32le";
    $f[] = "\tAddCharset euc-cn      .euc-cn";
    $f[] = "\tAddCharset euc-gb      .euc-gb";
    $f[] = "\tAddCharset euc-jp      .euc-jp";
    $f[] = "\tAddCharset euc-kr      .euc-kr";
    $f[] = "\tAddCharset EUC-TW      .euc-tw";
    $f[] = "\tAddCharset gb2312      .gb2312 .gb";
    $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
    $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
    $f[] = "\tAddCharset shift_jis   .shift_jis .sjis";
    $f[] = "\tAddType text/html .shtml";
    $f[] = "\tAddOutputFilter INCLUDES .shtml";
    $f[] = "</IfModule>";
    $f[] = apache_nagios_config();
    $f[] = apache_phpldapadmin();
    $squid = $unix->LOCATE_SQUID_BIN();
    if (is_file($squid)) {
        $f[] = "Alias /proxy /usr/share/artica-postfix/squid.access.log.php";
        $f[] = "Alias /parent /usr/share/artica-postfix/squid.access.log.php";
        $f[] = "Alias /webfilter /usr/share/artica-postfix/squid.access.webfilter.log.php";
        $f[] = "Alias /meta-updates /home/artica-meta";
        $f[] = "Alias /categories /usr/share/artica-postfix/public.categories.personnal.php";
    }
    $f[] = "<Directory \"/home/artica-meta\">";
    $f[] = "\tOptions Indexes FollowSymLinks";
    $f[] = "</Directory>";
    $f[] = "<Directory \"/usr/share/artica-postfix\">";
    $f[] = "\tDirectoryIndex logon.php";
    $f[] = "\tSSLOptions +StdEnvVars";
    $f[] = "\tOptions Indexes FollowSymLinks";
    $f[] = "\tAllowOverride None";
    //$f[]="\tOrder allow,deny";
    //$f[]="\tAllow from all";
    $f[] = "</Directory>";
    if (is_file($unix->LOCATE_SQUID_BIN())) {
        $ArticaProxyStatisticsBackupFolder = $sock->GET_INFO("ArticaProxyStatisticsBackupFolder");
        if ($ArticaProxyStatisticsBackupFolder == null) {
            $ArticaProxyStatisticsBackupFolder = "/home/artica/squid/backup-statistics";
        }
        $ArticaProxyStatisticsOpenWeb = intval($sock->GET_INFO("ArticaProxyStatisticsOpenWeb"));
        if ($ArticaProxyStatisticsOpenWeb == 1) {
            $f[] = "Alias /backup-stats  \"{$ArticaProxyStatisticsBackupFolder}\"";
            $f[] = "<Directory \"{$ArticaProxyStatisticsBackupFolder}\">";
            $f[] = "\tSSLOptions +StdEnvVars";
            $f[] = "\tOptions Indexes FollowSymLinks";
            $f[] = "\tAllowOverride All";
            //$f[]="\tOrder allow,deny";
            //$f[]="\tAllow from all";
            $f[] = "</Directory>";
        }
    }
    if ($pydio_installed) {
        $directories[] = "/home/pydio/plugins/auth.serial";
        $directories[] = "/home/pydio/plugins/conf.serial";
        $directories[] = "/home/pydio/plugins";
        $directories[] = "/home/pydio/cache";
        $directories[] = "/home/pydio/files";
        $directories[] = "/home/pydio/logs";
        $directories[] = "/home/pydio/personal";
        $directories[] = "/home/pydio/public";
        $directories[] = "/home/pydio/tmp";
        while (list($index, $dir) = each($directories)) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} permissions on {$dir}\n";
            }
            @mkdir($dir, 0755, true);
            $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $dir);
        }
        $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/cache");
        $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/plugins");
        $f[] = "Alias /explorer  \"/usr/share/artica-postfix/pyio\"";
        $f[] = "<Directory \"/usr/share/artica-postfix/pyio\">";
        $f[] = "\tDirectoryIndex index.php";
        $f[] = "\tSSLOptions +StdEnvVars";
        $f[] = "\tOptions Indexes FollowSymLinks";
        $f[] = "\tAllowOverride All";
        //$f[]="\tOrder allow,deny";
        //$f[]="\tAllow from all";
        $f[] = "</Directory>";
    }
    if ($EnableArticaApachePHPFPM == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
        }
        shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
        }
        shell_exec("/etc/init.d/php5-fpm restart");
        $f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
        $f[] = "\tAddHandler php-script .php";
        $f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
        $f[] = "\tAction php-script /php5.fastcgi virtual";
        $f[] = "\t<Directory /var/run/artica-apache>";
        $f[] = "\t\t<Files php5.fastcgi>";
        //$f[]="\t\tOrder deny,allow";
        //$f[]="\t\tAllow from all";
        $f[] = "\t\t</Files>";
        $f[] = "\t</Directory>";
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
        }
    }
    $f[] = "Loglevel info";
    $f[] = "ErrorLog /var/log/lighttpd/apache-error.log";
    $f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
    $f[] = "CustomLog /var/log/lighttpd/apache-access.log common";
    if ($EnableArticaApachePHPFPM == 0) {
        $array["php5_module"] = "libphp5.so";
    }
    $array["actions_module"] = "mod_actions.so";
    $array["expires_module"] = "mod_expires.so";
    $array["rewrite_module"] = "mod_rewrite.so";
    $array["dir_module"] = "mod_dir.so";
    $array["mime_module"] = "mod_mime.so";
    $array["alias_module"] = "mod_alias.so";
    $array["auth_basic_module"] = "mod_auth_basic.so";
    $array["authn_file_module"] = "mod_authn_file.so";
    //$array["authz_host_module"]="mod_authz_host.so";
    $array["autoindex_module"] = "mod_autoindex.so";
    $array["negotiation_module"] = "mod_negotiation.so";
    $array["ssl_module"] = "mod_ssl.so";
    $array["headers_module"] = "mod_headers.so";
    $array["ldap_module"] = "mod_ldap.so";
    if ($EnableArticaApachePHPFPM == 1) {
        $array["fastcgi_module"] = "mod_fastcgi.so";
    }
    if (is_dir("/etc/apache2")) {
        if (!is_file("/etc/apache2/mime.types")) {
            if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
                @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
            }
        }
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
    }
    while (list($module, $lib) = each($array)) {
        if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
            }
            $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
            }
        }
    }
    $f[] = apache_phpmyadmin();
    @file_put_contents("/etc/artica-postfix/httpd.conf", @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/httpd.conf done\n";
    }
}
function CheckFilesAndSecurity()
{
    $unix = new unix();
    $unix->CreateUnixUser("redis", "redis");
    $f[] = "/var/run/redis";
    $f[] = "/var/log/redis";
    $f[] = "/home/redis";
    $f[] = "/etc/redis";
    while (list($num, $val) = each($f)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} checking \"{$val}\"\n";
        }
        if (!is_dir($val)) {
            @mkdir($val, 0755, true);
        }
        $unix->chown_func("redis", "redis", "{$val}/*");
    }
}
Exemple #13
0
function build()
{
    build_progress("{reconfigure} (1)", 2);
    if ($GLOBALS["VERBOSE"]) {
        echo "Running build...\n";
    }
    $unix = new unix();
    $sock = new sockets();
    $users = new usersMenus();
    $forceCMD = null;
    $argv = null;
    $PHP = $unix->LOCATE_PHP5_BIN();
    $mypid = getmypid();
    if (isset($argv[1])) {
        $argv = $argv[1];
    }
    $pids = $unix->PIDOF_PATTERN_ALL(basename(__FILE__) . ".*?{$argv}");
    if (count($pids) > 1) {
        build_progress("{already_process_exists_try_later}", 110);
        while (list($num, $ligne) = each($pids)) {
            $cmdline = @file_get_contents("/proc/{$num}/cmdline");
            echo "Starting......: " . date("H:i:s") . " [SERV]: [{$mypid}] Already process PID {$num} {$cmdline} exists..\n";
            echo "Starting......: " . date("H:i:s") . " [SERV]: [{$mypid}] Running " . @file_get_contents("/proc/{$num}/cmdline") . "\n";
        }
        die;
    }
    $EnableKerbAuth = $sock->GET_INFO("EnableKerbAuth");
    if (!is_numeric($EnableKerbAuth)) {
        $EnableKerbAuth = 0;
    }
    $EnableWebProxyStatsAppliance = $sock->GET_INFO("EnableWebProxyStatsAppliance");
    $EnableRemoteStatisticsAppliance = $sock->GET_INFO("EnableRemoteStatisticsAppliance");
    if (!is_numeric($EnableRemoteStatisticsAppliance)) {
        $EnableRemoteStatisticsAppliance = 0;
    }
    if (!is_numeric($EnableWebProxyStatsAppliance)) {
        $EnableWebProxyStatsAppliance = 0;
    }
    $UnlockWebStats = $sock->GET_INFO("UnlockWebStats");
    if (!is_numeric($UnlockWebStats)) {
        $UnlockWebStats = 0;
    }
    $ServiceFTPEnabled = intval($sock->GET_INFO("ServiceFTPEnabled"));
    if ($users->WEBSTATS_APPLIANCE) {
        $EnableWebProxyStatsAppliance = 1;
        $sock->SET_INFO("{$EnableWebProxyStatsAppliance}", 1);
    }
    if ($EnableWebProxyStatsAppliance == 1) {
        notify_remote_proxys();
    }
    if ($UnlockWebStats == 1) {
        $EnableRemoteStatisticsAppliance = 0;
    }
    //Vérifie le compte utilisateur.
    //------------------------------------------------------------------------------------------------------------------------------------------------------------
    $unix->CreateUnixUser("squid", "squid", "Squid Cache Service");
    $MustHave[] = "/etc/squid3/artica-meta/whitelist-nets.db";
    $MustHave[] = "/var/logs/cache.log";
    $MustHave[] = "/etc/squid3/squid-block.acl";
    $MustHave[] = "/etc/squid3/allowed-user-agents.acl";
    $MustHave[] = "/etc/squid3/GlobalAccessManager_auth.conf";
    $MustHave[] = "/etc/squid3/icap.conf";
    $MustHave[] = "/etc/squid3/GlobalAccessManager_url_rewrite.conf";
    $MustHave[] = "/etc/squid3/GlobalAccessManager_deny_cache.conf";
    $MustHave[] = "/etc/squid3/GlobalAccessManager_deny.conf";
    $MustHave[] = "/etc/squid3/squid-block.acl";
    $MustHave[] = "/etc/squid3/clients_ftp.acl";
    $MustHave[] = "/etc/squid3/allowed-user-agents.acl";
    $MustHave[] = "/etc/squid3/whitelisted-computers-by-mac.acl";
    while (list($none, $path) = each($MustHave)) {
        echo "Starting......: " . date("H:i:s") . " [SYS]: checking {$path}\n";
        if (!is_file($path)) {
            @touch($path);
        }
        @chown($path, "squid");
        @chgrp($path, "squid");
    }
    if ($GLOBALS["FORCE"]) {
        $forceCMD = " --force";
    }
    $squidbin = $unix->LOCATE_SQUID_BIN();
    if (!is_file($squidbin)) {
        build_progress("{squid_binary_not_found}", 110);
        echo "Starting......: " . date("H:i:s") . " [SERV]: Unable to stat squid binary, aborting..\n";
        die;
    }
    $EXEC_TIME_FILE = "/etc/artica-postfix/" . basename(__FILE__) . ".build.time";
    if (!$GLOBALS["FORCE"]) {
        $time = $unix->file_time_min($EXEC_TIME_FILE);
        if ($time == 0) {
            build_progress("Failed! Only one config per minute !!!", 110);
            echo "Starting......: " . date("H:i:s") . " [SERV]: Only one config per minute...\n";
            die;
        }
    }
    @unlink($EXEC_TIME_FILE);
    @file_put_contents($EXEC_TIME_FILE, time());
    if ($GLOBALS["EMERGENCY"]) {
        squid_admin_mysql(0, "Reconfiguring Proxy service after Emergency enabled", null, __FILE__, __LINE__);
    }
    $TimeStart = time();
    $EXEC_PID_FILE = "/etc/artica-postfix/" . basename(__FILE__) . ".build.pid";
    $kill = $unix->find_program("kill");
    $pid = @file_get_contents($EXEC_PID_FILE);
    if ($unix->process_exists($pid, basename(__FILE__))) {
        $TimePid = $unix->PROCCESS_TIME_MIN($pid);
        if ($TimePid > 30) {
            posix_kill(intval($pid), 9);
        } else {
            if (!$GLOBALS["FORCE"]) {
                print "Starting......: " . date("H:i:s") . " Checking (L." . __LINE__ . ") Squid Already executed pid {$pid} since {$TimePid}mn ...\n";
                die;
            }
        }
    }
    echo "Starting......: " . date("H:i:s") . " [SERV]: is connected to remote appliance ? `{$EnableRemoteStatisticsAppliance}`\n";
    if ($EnableRemoteStatisticsAppliance == 1) {
        $r = new squid_stats_appliance();
        echo "Starting......: " . date("H:i:s") . " [SERV]: ################################\n";
        echo "Starting......: " . date("H:i:s") . " [SERV]: # This server is connected to: #\n";
        echo "Starting......: " . date("H:i:s") . " [SERV]: # {$r->URI} #\n";
        echo "Starting......: " . date("H:i:s") . " [SERV]: ################################\n";
        remote_appliance_restore_tables();
    }
    build_progress("{reconfigure} (1)", 5);
    if (!PortsConversion()) {
        build_progress("{reconfigure} {failed} !PortsConversion", 110);
        return;
    }
    squid_reconfigure_build_tool();
    build_progress("{reconfigure}", 10);
    squid_pactester();
    build_progress("{reconfigure}", 15);
    $childpid = posix_getpid();
    $sock = new sockets();
    $squid_user = SquidUser();
    $SQUID_CONFIG_PATH = $unix->SQUID_CONFIG_PATH();
    $PHP = LOCATE_PHP5_BIN2();
    $NOHUP = $unix->find_program("nohup");
    build_progress("{reconfigure}", 20);
    @file_put_contents($EXEC_PID_FILE, $childpid);
    if (is_file("/etc/squid3/mime.conf")) {
        shell_exec("/bin/chown squid:squid /etc/squid3/mime.conf");
    }
    $EnableKerbAuth = $sock->GET_INFO("EnableKerbAuth");
    if (!is_numeric("{$EnableKerbAuth}")) {
        $EnableKerbAuth = 0;
    }
    if (!is_dir("/usr/share/squid-langpack")) {
        TemplatesInMysql(true);
        exit;
    }
    echo "Starting......: " . date("H:i:s") . " Checking squid kerberos authentification is set to {$EnableKerbAuth}\n";
    echo "Starting......: " . date("H:i:s") . " Checking squid certificate\n";
    build_progress("{reconfigure} Check database", 25);
    checkdatabase();
    build_progress("{reconfigure} certificates", 30);
    certificate_generate();
    build_progress("{reconfigure}", 35);
    remote_appliance_restore_tables();
    build_progress("{reconfigure}", 40);
    echo "Starting......: " . date("H:i:s") . " Instanciate squid library..\n";
    $squid = new squidbee();
    $squidbin = $unix->find_program("squid3");
    echo "Starting......: " . date("H:i:s") . " checking squid binaries..\n";
    if (!is_file($squidbin)) {
        $squidbin = $unix->find_program("squid");
    }
    echo "Starting......: " . date("H:i:s") . " Binary: {$squidbin}\n";
    echo "Starting......: " . date("H:i:s") . " Config: {$SQUID_CONFIG_PATH}\n";
    echo "Starting......: " . date("H:i:s") . " User..: {$squid_user}\n";
    echo "Starting......: " . date("H:i:s") . " Checking blocked sites\n";
    build_progress("{reconfigure} {building} NET ADS", 45);
    shell_exec("{$NOHUP} {$PHP} " . basename(__FILE__) . "/exec.squid.netads.php >/dev/null 2>&1 &");
    echo "Starting......: " . date("H:i:s") . " Building master configuration\n";
    $squid->ASROOT = true;
    echo "Starting......: " . date("H:i:s") . " Checking Watchdog\n";
    build_progress("{reconfigure} checking Watchdog settings", 46);
    watchdog_config();
    build_progress("{reconfigure} build errors", 47);
    errors_details_txt();
    build_progress("{reconfigure} Checking caches", 48);
    BuildCaches(true);
    build_progress("{reconfigure} Check files and security", 49);
    CheckFilesAndSecurity();
    build_progress("{reconfigure} Building schedules", 50);
    build_schedules(true);
    build_progress("{reconfigure} Building SSL passwords", 89);
    build_sslpasswords();
    build_progress("{reconfigure} Building blacklists", 90);
    build_blacklists();
    build_progress("{reconfigure} Building No caches list", 91);
    build_denycaches();
    build_progress("{reconfigure} Building {GLOBAL_ACCESS_CENTER}", 93);
    system("{$PHP} /usr/share/artica-postfix/exec.squid.global.access.php --nochek");
    build_progress("{reconfigure} Building main configuration", 94);
    if (!ApplyConfig()) {
        build_progress("Apply configuration failed", 110);
        echo "Starting......: " . date("H:i:s") . " Apply configuration failed....\n";
        return;
    }
    build_progress("{reconfigure} FTP Proxy service", 95);
    system("{$NOHUP} {$PHP} /usr/share/artica-postfix/exec.ftpproxy-multi.php --build >/dev/null 2>&1 &");
    build_progress("{reconfigure} Wan Compressor Proxy service", 95);
    system("{$NOHUP} {$PHP} /usr/share/artica-postfix/exec.wanproxy.php --build-squid >/dev/null 2>&1 &");
    build_progress("{checking_transparent_mode}", 95);
    if ($unix->IS_FIREHOLE_ACTIVE()) {
        build_progress("{restarting_firewall}", 95);
        system("{$PHP} /usr/share/artica-postfix/exec.firehol.php");
        system("/etc/init.d/firehol restart");
    } else {
        system("{$PHP} /usr/share/artica-postfix/exec.squid.transparent.php");
        system("{$PHP} /usr/share/artica-postfix/exec.secure.gateway.php");
        if (is_file("/etc/init.d/iptables-transparent")) {
            build_progress("{restarting_firewall}", 95);
            system("/etc/init.d/iptables-transparent restart");
        }
        if (is_file("/bin/iptables-parents.sh")) {
            build_progress("{restarting_firewall} (parent)", 95);
            system("/bin/iptables-parents.sh");
        }
        if (is_file("/bin/artica-secure-gateway.sh")) {
            build_progress("{restarting_firewall} (Secure gateway)", 95);
            shell_exec("/bin/artica-secure-gateway.sh");
        }
    }
    build_progress("{checking_wccp_mode}", 95);
    system("{$PHP} /usr/share/artica-postfix/exec.squid.wccp.php --reconfigure");
    build_progress("{checking_mikrotik_mode}", 95);
    system("{$PHP} /usr/share/artica-postfix/exec.mikrotik.php");
    build_progress("{reconfigure}", 96);
    $GLOBALS["OUTPUT"] = true;
    if ($GLOBALS["NOAPPLY"]) {
        build_progress("{reconfiguring_proxy_service} {success}", 100);
        return;
    }
    if (!$GLOBALS["RESTART"]) {
        build_progress("{reloading_service}", 91);
        if (!$GLOBALS["NORELOAD"]) {
            Reload_Squid();
        }
    }
    if ($GLOBALS["RESTART"]) {
        if (!$GLOBALS["NORELOAD"]) {
            build_progress("{stopping_service}", 91);
            system("{$PHP} /usr/share/artica-postfix/exec.squid.watchdog.php --stop {$forceCMD} --byForceReconfigure");
            build_progress("{starting_service}", 93);
            system("{$PHP} /usr/share/artica-postfix/exec.squid.watchdog.php --start {$forceCMD} --byForceReconfigure");
            build_progress("{starting_service}", 95);
        }
    }
    build_progress("{building} Cached Web frontend pages", 97);
    shell_exec("{$NOHUP} {$PHP} " . basename(__FILE__) . "/exec.cache.pages.php --force >/dev/null 2>&1 &");
    $BuildAllTemplatesDone = $sock->GET_INFO("BuildAllTemplatesDone");
    if (!is_numeric($BuildAllTemplatesDone)) {
        $BuildAllTemplatesDone = 0;
    }
    if ($BuildAllTemplatesDone == 0) {
        build_progress("{building} Templates schedules", 97);
        echo "Starting......: " . date("H:i:s") . " scheduling Building templates\n";
        sys_THREAD_COMMAND_SET("{$PHP} " . __FILE__ . " --tpl-save");
        $sock->SET_INFO("BuildAllTemplatesDone", 1);
    }
    build_progress("{building} Templates", 98);
    sys_THREAD_COMMAND_SET("{$PHP} " . __FILE__ . " --mysql-tpl");
    build_progress("{reconfiguring_proxy_service} {success}", 100);
    echo "Starting......: " . date("H:i:s") . " Done (Took: " . $unix->distanceOfTimeInWords($TimeStart, time()) . ")\n";
    die;
}
Exemple #14
0
function start($nopid = false)
{
    $users = new usersMenus();
    $unix = new unix();
    $ettercap_bin = $unix->find_program("ettercap");
    if (!$users->ETTERCAP_INSTALLED) {
        echo "ArpSpoofing.........: [START]: Ettercap, not installed...\n";
        return;
    }
    if (!is_file($ettercap_bin)) {
        echo "ArpSpoofing.........: [START]: Ettercap, not such binary...\n";
        return;
    }
    $sock = new sockets();
    $ArpSpoofEnabled = $sock->GET_INFO("ArpSpoofEnabled");
    if (!is_numeric($ArpSpoofEnabled)) {
        $ArpSpoofEnabled = 0;
    }
    if (!$nopid) {
        $me = basename(__FILE__);
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid";
        $pid = $unix->get_pid_from_file($pidfile);
        if ($unix->process_exists($pid, $me)) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            echo "ArpSpoofing.........: [START]: Ettercap, Already start instance executed PID {$pid} since {$time}Mn...\n";
            return;
        }
        @file_put_contents($pidfile, getmypid());
    }
    if ($ArpSpoofEnabled == 0) {
        echo "ArpSpoofing.........: [START]: Ettercap, not enabled\n";
        stop(true);
    }
    $nohup = $unix->find_program("nohup");
    $q = new mysql();
    if (!$q->BD_CONNECT()) {
        echo "ArpSpoofing.........: [START]: unable to connect to MySQL database...\n";
        return;
    }
    if (!$unix->SystemUserExists("nobody")) {
        echo "ArpSpoofing.........: [START]: Creating nobody user...\n";
        $unix->CreateUnixUser("nobody", "nogroup");
    }
    if (!$unix->SystemGroupExists("nogroup")) {
        $unix->SystemCreateGroup("nogroup");
        $unix->CreateUnixUser("nobody", "nogroup");
    }
    $uid = $unix->SystemUserGetuid("nobody");
    $guid = $unix->SystemGroupUid("nogroup");
    init_debian();
    $sql = "SELECT * FROM arpspoof_rules WHERE enabled=1";
    $results = $q->QUERY_SQL($sql, "artica_backup");
    while ($ligne = mysql_fetch_assoc($results)) {
        $rulename = $ligne["rulename"];
        $pid = get_rule_pid($ligne["ID"]);
        if ($unix->process_exists($pid)) {
            echo "ArpSpoofing.........: [START]: `{$rulename}` already running pid {$pid}\n";
            continue;
        }
        $sources = getobjects($ligne["ID"]);
        $gateway = $ligne["gateway"];
        if ($sources == null) {
            echo "ArpSpoofing.........: [START]: `{$rulename}` no item set...\n";
            continue;
        }
        if ($sources == "all") {
            $sources = null;
        }
        $f = array();
        $f[] = "[privs]";
        $f[] = "ec_uid = {$uid} # nobody is the default";
        $f[] = "ec_gid = {$guid} # nobody is the default";
        $f[] = "[mitm]";
        $f[] = "arp_storm_delay = 10";
        $f[] = "arp_poison_warm_up = 1";
        $f[] = "arp_poison_delay = 10";
        $f[] = "arp_poison_equal_mac= 1";
        $f[] = "arp_poison_reply=1";
        $f[] = "arp_poison_icmp = 1";
        $f[] = "dhcp_lease_time = 600";
        $f[] = "port_steal_delay = 10         # milliseconds";
        $f[] = "port_steal_send_delay = 2000  # microseconds";
        $f[] = "[connections]";
        $f[] = "connection_timeout = 300 # seconds";
        $f[] = "connection_idle = 5 # seconds";
        $f[] = "connection_buffer = 10000 # bytes";
        $f[] = "connect_timeout = 5 # seconds";
        $f[] = "";
        $f[] = "[stats]";
        $f[] = "sampling_rate = 50 # number of packets";
        $f[] = "";
        $f[] = "[misc]";
        $f[] = "close_on_eof = 1 # boolean value";
        $f[] = "store_profiles = 1 # 0 = disabled; 1 = all; 2 = local; 3 = remote";
        $f[] = "aggressive_dissectors = 1 # boolean value";
        $f[] = "skip_forwarded_pcks = 1 # boolean value";
        $f[] = "checksum_check = 0 # boolean value";
        $f[] = "checksum_warning = 0 # boolean value (valid only if checksum_check is 1)";
        $f[] = "";
        @mkdir("/etc/ettercap", 0755, true);
        @file_put_contents("/etc/ettercap/{$ligne["ID"]}.conf", @implode("\n", $f));
        $unix->chown_func("nobody", "nogroup", '/etc/ettercap/*');
        echo "ArpSpoofing.........: [START]: `{$rulename}`:uid:{$uid}...\n";
        $cmdline = "{$nohup} {$ettercap_bin} --daemon --superquiet --config /etc/ettercap/{$ligne["ID"]}.conf --log-msg /etc/ettercap/{$ligne["ID"]}.log --iface {$ligne["iface"]} --only-mitm --mitm arp:remote /{$sources}/ /{$gateway}/ >/dev/null 2>&1 &";
        shell_exec($cmdline);
        for ($i = 0; $i < 6; $i++) {
            $pid = get_rule_pid($ligne["ID"]);
            if ($unix->process_exists($pid)) {
                echo "ArpSpoofing.........: [START]: `{$rulename}` success running pid {$pid}\n";
                break;
            }
            echo "ArpSpoofing.........: [START]: `{$rulename}` waiting to start... {$i}/5\n";
            sleep(1);
        }
        $pid = get_rule_pid($ligne["ID"]);
        if (!$unix->process_exists($pid)) {
            echo "ArpSpoofing.........: [START]: `{$rulename}` failed with commandline:`{$cmdline}`\n";
        }
    }
    echo "ArpSpoofing.........: [START]: done...\n";
}
function install()
{
    $filename = "kav4proxy_5.5-88.tar.gz";
    $uri = "http://articatech.net/download/kaspersky/{$filename}";
    $time = time();
    $unix = new unix();
    $pidFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
    $pid = $unix->get_pid_from_file($pidFile);
    if ($unix->process_exists($pid)) {
        if ($unix->PROCCESS_TIME_MIN($pid, 10) < 2) {
            return;
        }
    }
    $cacheFile = "/usr/share/artica-postfix/ressources/logs/web/KAV4PROXYINST.status";
    @unlink($cacheFile);
    $rm = $unix->find_program("rm");
    $cp = $unix->find_program("cp");
    $TMPDIR = $unix->TEMP_DIR() . "/{$time}";
    $FINAL_TARGET_DIR = null;
    $TARGET_PATH = "{$TMPDIR}/{$filename}";
    progress("{downloading} 5.5.88 version", "Downloading {$filename}", 30);
    progress("{downloading} 5.5.88 version", "Temporary directory = {$TMPDIR}", 30);
    $curl = new ccurl("{$uri}");
    $debianbin = $unix->find_program("update-rc.d");
    $redhatbin = $unix->find_program("chkconfig");
    @mkdir($TMPDIR);
    if (!$curl->GetFile($TARGET_PATH)) {
        progress("{failed}", $curl->error, 100);
        shell_exec("{$rm} -rf {$TMPDIR}");
        return;
    }
    progress("{downloading} 5.5.88 version {success}", "success saving {$TARGET_PATH} ", 50);
    progress("{extracting} 5.5.88 version", "Extracting {$TARGET_PATH} ", 55);
    $tar = $unix->find_program("tar");
    exec("{$tar} xvf {$TARGET_PATH} -C /{$TMPDIR}/ 2>&1", $results);
    while (list($index, $line) = each($results)) {
        progress("{extracting} 5.5.88 version", $line, 60);
    }
    $dir = $unix->dirdir($TMPDIR);
    while (list($index, $line) = each($dir)) {
        progress("{search} {directory}", $line, 65);
        if (preg_match("#kav4proxy#", $line)) {
            progress("{search} {directory}", "Found directory {$line}", 65);
            $FINAL_TARGET_DIR = $line;
            break;
        }
    }
    if ($FINAL_TARGET_DIR == null) {
        progress("{extracting} 5.5.88 version {failed}", "Unable to find a suitable directory", 100);
        shell_exec("{$rm} -rf {$TMPDIR}");
        return;
    }
    progress("{installing} 5.5.88 version", "Copy the content of {$FINAL_TARGET_DIR}", 70);
    exec("{$cp} -rfdv  {$FINAL_TARGET_DIR}/* / 2>&1", $resultsA);
    while (list($index, $line) = each($resultsA)) {
        progress("{installing} 5.5.88 version", $line, 70);
    }
    progress("{installing} 5.5.88 version", "Removing the {$TMPDIR} directory", 71);
    shell_exec("{$rm} -rf {$TMPDIR}");
    if (!is_file("/opt/kaspersky/kav4proxy/bin/kav4proxy-licensemanager")) {
        progress("{installing} 5.5.88 version {failed}", "install from {$FINAL_TARGET_DIR} failed ", 100);
        return;
    }
    $ln = $unix->find_program("ln");
    $chown = $unix->find_program("chown");
    $chmod = $unix->find_program("chmod");
    progress("{installing} 5.5.88 version", "linking /etc/init.d/kav4proxy", 75);
    shell_exec("ln -s --force /opt/kaspersky/kav4proxy/lib/bin/kav4proxy /etc/init.d/kav4proxy");
    if (is_file($debianbin)) {
        shell_exec("{$debianbin} -f kav4proxy defaults >/dev/null 2>&1");
    }
    if (is_file($redhatbin)) {
        shell_exec("{$redhatbin} --add kav4proxy >/dev/null 2>&1");
    }
    progress("{installing} 5.5.88 version", "executing preinstall", 78);
    exec('/usr/share/artica-postfix/bin/install/kavgroup/kav4prox_predoinst.sh 2>&1', $results2);
    while (list($index, $line) = each($results2)) {
        progress("{installing} 5.5.88 version", $line, 78);
    }
    progress("{installing} 5.5.88 version", "Creating kluser user", 80);
    $unix->CreateUnixUser("kluser", "klusers");
    progress("{installing} 5.5.88 version", "Apply permissions", 85);
    @mkdir("/var/log/kaspersky/kav4proxy", 0755, true);
    @mkdir("/var/run/kav4proxy", 0755, true);
    shell_exec("{$chown} -R kluser:klusers /var/log/kaspersky/kav4proxy");
    shell_exec("{$chown} -R kluser:klusers /var/opt/kaspersky/kav4proxy");
    shell_exec("{$chown} -R kluser:klusers /var/run/kav4proxy");
    shell_exec("{$chown} -R kluser:klusers /var/opt/kaspersky/kav4proxy");
    shell_exec("{$chmod} 0755 /var/opt/kaspersky/kav4proxy");
    $f[] = "EULA_AGREED=yes";
    $f[] = "";
    @file_put_contents("/var/opt/kaspersky/kav4proxy/installer.dat", @implode("\n", $f));
    $f = array();
    $f[] = "CONFIGURE_ENTER_KEY_PATH=";
    $f[] = "KAVMS_SETUP_LICENSE_DOMAINS=*";
    $f[] = "CONFIGURE_KEEPUP2DATE_ASKPROXY=no";
    $f[] = "CONFIGURE_RUN_KEEPUP2DATE=no";
    $f[] = "CONFIGURE_WEBMIN_ASKCFGPATH=";
    $f[] = "KAV4PROXY_SETUP_TYPE=3";
    $f[] = "KAV4PROXY_SETUP_LISTENADDRESS=127.0.0.1:1344";
    $f[] = "KAV4PROXY_SETUP_CONFPATH=/etc/squid3/squid.conf";
    $f[] = "KAV4PROXY_SETUP_BINPATH=" . $unix->LOCATE_SQUID_BIN();
    $f[] = "KAV4PROXY_CONFIRM_FOUND=Y";
    $f[] = "KAVICAP_SETUP_NONICAPCFG=Y";
    @file_put_contents("/opt/kaspersky/kav4proxy/lib/bin/setup/autoanswers.conf", @implode("\n", $f));
    chdir('/opt/kaspersky/kav4proxy/lib/bin/setup');
    exec('./postinstall.pl 2>&1', $results3);
    while (list($index, $line) = each($results3)) {
        progress("{installing} 5.5.88 version", $line, 90);
    }
    shell_exec("/usr/share/artica-postfix/bin/process1 --force --verbose --" . time() . " >/dev/null 2>&1");
    shell_exec("/etc/init.d/artica-status restart --force >/dev/null 2>&1");
    progress("{installed}", "Done", 100);
}
function start($aspid = false)
{
    $unix = new unix();
    $sock = new sockets();
    $Masterbin = $unix->CYRUS_DAEMON_BIN_PATH();
    $zarafaBin = $unix->find_program("zarafa-server");
    if (!is_file($Masterbin)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, arpd not installed\n";
        }
        return;
    }
    if (!$aspid) {
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
        $pid = $unix->get_pid_from_file($pidfile);
        if ($unix->process_exists($pid, basename(__FILE__))) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
            }
            return;
        }
        @file_put_contents($pidfile, getmypid());
    }
    if ($unix->process_exists($unix->get_pid_from_file("/etc/artica-postfix/artica-backup.pid"))) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} A backup task currently is in use\n";
        }
        return;
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        $timepid = $unix->PROCCESS_TIME_MIN($pid);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
        }
        return;
    }
    if (is_file("/etc/artica-postfix/stop.cyrus.imapd")) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} LOCKED !\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Remove /etc/artica-postfix/stop.cyrus.imapd !\n";
        }
        return;
    }
    if (is_file("/etc/artica-postfix/cyrus-stop")) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} LOCKED !\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Remove /etc/artica-postfix/cyrus-stop !\n";
        }
        return;
    }
    $unix->CreateUnixUser("postfix", "postfix");
    $php5 = $unix->LOCATE_PHP5_BIN();
    $EnableCyrusImap = $sock->GET_INFO("EnableCyrusImap");
    if (!is_numeric($EnableCyrusImap)) {
        $EnableCyrusImap = 1;
    }
    $DisableMessaging = intval($sock->GET_INFO("DisableMessaging"));
    $DisableIMAPVerif = intval($sock->GET_INFO("DisableIMAPVerif"));
    if ($DisableIMAPVerif == 0) {
        if (is_file("{$zarafaBin}")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Zarafa is installed, aborting\n";
            }
            stop(true);
            return;
        }
    }
    if ($EnableCyrusImap == 0) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableCyrusImap)\n";
        }
        return;
    }
    if ($DisableMessaging == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see DisableMessaging)\n";
        }
        return;
    }
    if (!is_file('/usr/bin/cyradm')) {
        $cyradm = $unix->CYRADM_PATH();
        if (is_file($cyradm)) {
            shell_exec("/bin/ln -s {$cyradm} /usr/bin/cyradm");
        }
    }
    if (is_file('/usr/share/artica-postfix/exec.imapd.conf.php')) {
        shell_exec("{$php5} /usr/share/artica-postfix/exec.imapd.conf.php >/dev/null 2>&1");
    }
    if (!is_file('/etc/artica-postfix/cyrus.check.time')) {
        shell_exec("/usr/share/artica-postfix/bin/artica-install --cyrus-rights >/dev/null 2>&1");
    }
    shell_exec("{$php5} /usr/share/artica-postfix/exec.check-cyrus-account.php --check-adms");
    $sysctl = $unix->find_program("sysctl");
    $echo = $unix->find_program("echo");
    $nohup = $unix->find_program("nohup");
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Check permissions\n";
    }
    CheckPermissions();
    BuildConfig();
    $params[] = "{$nohup} {$Masterbin}";
    $params[] = "-M /etc/cyrus.conf";
    $params[] = "-C /etc/imapd.conf";
    $params[] = "-p /var/run/cyrmaster.pid -d >/dev/null 2>&1 &";
    $cmd = @implode(" ", $params);
    shell_exec($cmd);
    for ($i = 1; $i < 5; $i++) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Waiting {$i}/5\n";
        }
        sleep(1);
        $pid = PID_NUM();
        if ($unix->process_exists($pid)) {
            break;
        }
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
        }
        $lmtpsocket = "/var/spool/postfix/var/run/cyrus/socket/lmtp";
        for ($i = 1; $i < 5; $i++) {
            if ($unix->is_socket($lmtpsocket)) {
                if ($GLOBALS["OUTPUT"]) {
                    echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Waiting socket success..\n";
                }
                $unix->chown_func("postfix", "postfix", "/var/spool/postfix/var/run");
                $unix->chown_func("postfix", "postfix", "{$lmtpsocket}");
                break;
            }
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Waiting socket {$i}/5\n";
            }
            sleep(1);
        }
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
        }
    }
}