function start($aspid = false) { $unix = new unix(); $sock = new sockets(); $Masterbin = $unix->LOCATE_STUNNEL(); if (!is_file($Masterbin)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, not installed\n"; } return; } if (!$aspid) { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = $unix->get_pid_from_file($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { $time = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n"; } return; } @file_put_contents($pidfile, getmypid()); } $pid = PID_NUM(); if ($unix->process_exists($pid)) { $timepid = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n"; } return; } $sTunnel4enabled = $sock->GET_INFO("sTunnel4enabled"); if (!is_numeric($sTunnel4enabled)) { $sTunnel4enabled = 0; } if ($sTunnel4enabled == 0) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see sTunnel4enabled)\n"; } return; } $php5 = $unix->LOCATE_PHP5_BIN(); $sysctl = $unix->find_program("sysctl"); $echo = $unix->find_program("echo"); $nohup = $unix->find_program("nohup"); $version = version(); $cmds = "{$Masterbin} /etc/stunnel/stunnel.conf"; $unix->CreateUnixUser("stunnel4", "stunnel4"); @mkdir("/var/run/stunnel", 0755, true); @mkdir("/var/lib/stunnel4", 0755, true); @chown("/var/run/stunnel", "stunnel4"); @chown("/var/lib/stunnel4", "stunnel4"); $stunnel = new stunnel4(); $relay = $stunnel->main_array["postfix_relayhost"]["connect"]; $relayPort = $stunnel->main_array["postfix_relayhost"]["port"]; $localport = $stunnel->main_array["postfix_relayhost"]["accept"]; if (!is_numeric($relayPort)) { $relayPort = 465; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} version {$version}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Local to 127.0.0.1:{$localport}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} connection to {$relay}:{$relayPort}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n"; } build(); $cmd = $cmds; shell_exec($cmd); for ($i = 1; $i < 5; $i++) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n"; } sleep(1); $pid = PID_NUM(); if ($unix->process_exists($pid)) { break; } } $pid = PID_NUM(); if ($unix->process_exists($pid)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n"; } } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n"; } } }
function start($aspid = false) { $unix = new unix(); $sock = new sockets(); $users = new usersMenus(); $Masterbin = "/usr/local/ArticaStats/bin/postgres"; if (!is_file($Masterbin)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, arpd not installed\n"; } return; } if (!$aspid) { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = $unix->get_pid_from_file($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { $time = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n"; } return; } @file_put_contents($pidfile, getmypid()); } $pid = PID_NUM(); if ($unix->MEM_TOTAL_INSTALLEE() < 624288) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} not enough memory\n"; } if ($unix->process_exists($pid)) { stop(); } build_progress_restart("{starting} {failed} no memory", 110); return; } if ($unix->process_exists($pid)) { $timepid = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n"; } build_progress_restart("{starting} {success}", 30); return true; } $php5 = $unix->LOCATE_PHP5_BIN(); $sysctl = $unix->find_program("sysctl"); $echo = $unix->find_program("echo"); $nohup = $unix->find_program("nohup"); $su = $unix->find_program("su"); $rm = $unix->find_program("rm"); $SquidPerformance = intval($sock->GET_INFO("SquidPerformance")); $EnableInfluxDB = intval($sock->GET_INFO("EnableInfluxDB")); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} EnableInfluxDB: {$EnableInfluxDB}\n"; } $InfluxUseRemote = intval($sock->GET_INFO("InfluxUseRemote")); if ($users->POSTFIX_INSTALLED) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Postfix installed: True\n"; } } if ($InfluxUseRemote == 1) { $EnableInfluxDB = 0; } $FreeZePostGres = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/FreeZePostGres")); if ($FreeZePostGres == 1) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Freeze !!! Aborting...\n"; } return; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Remote statistics.: {$InfluxUseRemote}\n"; } if (!$users->POSTFIX_INSTALLED) { $EnableIntelCeleron = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableIntelCeleron")); if ($EnableIntelCeleron == 1) { $EnableInfluxDB = 0; } } if (is_file("/etc/artica-postfix/STATS_APPLIANCE")) { $EnableInfluxDB = 1; $SquidPerformance = 0; $EnableIntelCeleron = 0; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Statistics DB.....: {$EnableInfluxDB}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Intel Celeron mode: {$EnableIntelCeleron}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Use Performance.......: {$SquidPerformance}\n"; } if ($EnableInfluxDB == 0) { build_progress_restart("{starting} {failed} {disabled}", 110); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableInflux)\n"; } return; } if (!function_exists("pg_connect")) { build_progress_restart("{starting} installing php5-pgsql", 35); $unix->DEBIAN_INSTALL_PACKAGE("php5-pgsql"); system("/usr/share/artica-postfix/exec.php.ini.php"); if (!function_exists("pg_connect")) { build_progress_restart("{starting} installing php5-pgsql {failed}", 110); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} pg_connect no such function\n"; } return; } system("/etc/init.d/artica-webconsole restart"); } build_progress_restart("{starting}", 40); if (!$unix->UnixUserExists("ArticaStats")) { $unix->CreateUnixUser("ArticaStats", "ArticaStats"); } @mkdir("/var/run/ArticaStats", 0755, true); @mkdir("/home/ArticaStatsDB", 0700, true); @mkdir("/var/log/ArticaStatsDB", 0755, true); @chown("/home/ArticaStatsDB", "ArticaStats"); @chgrp("/home/ArticaStatsDB", "ArticaStats"); @chown("/var/run/ArticaStats", "ArticaStats"); @chgrp("/var/run/ArticaStats", "ArticaStats"); @chown("/var/log/ArticaStatsDB", "ArticaStats"); @chgrp("/var/log/ArticaStatsDB", "ArticaStats"); if (is_file("/var/log/ArticaStatsDB/ArticaStatsDB.log")) { @unlink("/var/log/ArticaStatsDB/ArticaStatsDB.log"); @touch("/var/log/ArticaStatsDB/ArticaStatsDB.log"); } @chown("/var/log/ArticaStatsDB/ArticaStatsDB.log", "ArticaStats"); @chgrp("/var/log/ArticaStatsDB/ArticaStatsDB.log", "ArticaStats"); if (is_file("/var/run/ArticaStats/.s.PGSQL.8086")) { @unlink("/var/run/ArticaStats/.s.PGSQL.8086"); } $php = $unix->LOCATE_PHP5_BIN(); if (!is_file("/etc/artica-postfix/locales.gen")) { squid_admin_mysql(1, "Generating languages for the PostGreSQL compatibility", null, __FILE__, __LINE__); build_progress_restart("{generating_langs}", 42); system("{$php} /usr/share/artica-postfix/exec.locale.gen.php"); } if (!is_dir("/home/ArticaStatsDB/base/1")) { squid_admin_mysql(0, "Creating a new PostgreSQL database in ArticaStatsDB", null, __FILE__, __LINE__); build_progress_restart("{starting}", 45); $rm = $unix->find_program("rm"); shell_exec("{$rm} -rf /home/ArticaStatsDB/*"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} initialize database...\n"; } system("{$su} -c \"/usr/local/ArticaStats/bin/initdb --username=ArticaStats /home/ArticaStatsDB --no-locale -E UTF8\" ArticaStats"); } if (!is_dir("/home/ArticaStatsDB/base/1")) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} initialize database failed...\n"; } $rm = $unix->find_program("rm"); shell_exec("{$rm} -rf /home/ArticaStatsDB/*"); return; } build_progress_restart("{starting}", 50); xbuild(); fuser_port(); build_progress_restart("{starting} {permissions}", 55); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Apply permissions on /home/ArticaStatsDB\n"; } $chown = $unix->find_program("chown"); $chmod = $unix->find_program("chmod"); shell_exec("{$chown} -R ArticaStats:ArticaStats /home/ArticaStatsDB"); shell_exec("{$chmod} 0700 /home/ArticaStatsDB"); if (is_file("/home/ArticaStatsDB/postmaster.pid")) { @unlink("/home/ArticaStatsDB/postmaster.pid"); } $f[] = "su -l ArticaStats -c '"; $f[] = "/usr/local/ArticaStats/bin/pg_ctl -o \"-k /tmp,/var/run/ArticaStats\" -D /home/ArticaStatsDB -l /var/log/ArticaStatsDB/ArticaStatsDB.log start'"; $cmd = @implode(" ", $f) . " >/dev/null 2>&1 &"; if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n"; } shell_exec($cmd); for ($i = 1; $i < 5; $i++) { build_progress_restart("{starting} {wait} {$i}/5", 70); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n"; } sleep(1); $pid = PID_NUM(); if ($unix->process_exists($pid)) { break; } } $pid = PID_NUM(); if ($unix->process_exists($pid)) { build_progress_restart("{starting} {success}", 75); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n"; } $pg = new postgres_sql(); $pg->CREATE_TABLES(); return true; } else { build_progress_restart("{starting} {failed}", 110); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n"; } } }
function BuildDHCP($nopid = false) { $LOGBIN = "DHCP Server"; $timefile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time"; $unix = new unix(); if (!$nopid) { if (!$GLOBALS["FORCE"]) { if ($unix->file_time_min($timefile) < 2) { if ($GLOBALS["VERBOSE"]) { echo "{$timefile} -> is less than 2mn\n"; } return; } } } build_progress("{starting_service}", 65); $dhcpd = new dhcpd(); $conf = $dhcpd->BuildConf(); $confpath = dhcp3Config(); $unix = new unix(); @mkdir(dirname($confpath), null, true); @file_put_contents($confpath, $conf); echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} saving \"{$confpath}\" (" . strlen($conf) . " bytes) done\n"; if (!$unix->UnixUserExists("dhcpd")) { $unix->CreateUnixUser("dhcpd", "dhcpd"); } if (!is_dir("/var/lib/dhcp3")) { @mkdir("/var/lib/dhcp3", 0755, true); } $unix->chown_func("dhcpd", "dhcpd", "/var/lib/dhcp3/*"); $unix->chmod_func(0755, "/var/lib/dhcp3"); $complain = $unix->find_program("aa-complain"); if (is_file($complain)) { $dhcpd3 = $unix->DHCPD_BIN_PATH(); if (is_file($dhcpd3)) { shell_exec("{$complain} {$dhcpd3} >/dev/null 2>&1"); } } @unlink($timefile); @file_put_contents($timefile, time()); if ($GLOBALS["PROGRESS"]) { build_progress("{starting_service}", 70); $sock = new sockets(); $sock->getFrameWork("dnsmasq.php?restart=yes"); $sock->getFrameWork("services.php?restart-monit=yes"); $sock->getFrameWork("cmd.php?restart-artica-status=yes"); } }
function build() { $unix = new unix(); @mkdir("/var/run/lighttpd", 0755, true); @mkdir("/var/log/lighttpd", 0755, true); $username = $unix->LIGHTTPD_USER(); $sock = new sockets(); $phpcgi = $unix->LIGHTTPD_PHP5_CGI_BIN_PATH(); $chown = $unix->find_program("chown"); $perlbin = $unix->find_program("perl"); $nohup = $unix->find_program("nohup"); $php = $unix->LOCATE_PHP5_BIN(); $PHP_STANDARD_MODE = true; $SquidGuardApachePort = intval($sock->GET_INFO("SquidGuardApachePort")); $SquidGuardApacheSSLPort = intval($sock->GET_INFO("SquidGuardApacheSSLPort")); if ($SquidGuardApachePort == 0) { $SquidGuardApachePort = 9020; } if ($SquidGuardApacheSSLPort == 0) { $SquidGuardApacheSSLPort = 9025; } $SquidGuardWebSSLCertificate = $sock->GET_INFO("SquidGuardWebSSLCertificate"); @mkdir("/home/squid/error_page_sessions", 0755, true); @mkdir("/home/squid/error_page_cache", 0755, true); if ($username == null) { $username = "******"; $unix->CreateUnixUser($username, $username, "lighttpd username"); } if (preg_match("#^(.+?):(.+)#", $username, $re)) { $username = $re[1]; $username = $re[1]; } $SquidGuardStorageDir = $sock->GET_INFO("SquidGuardStorageDir"); @unlink("/var/log/lighttpd/squidguard-lighttpd-error.log"); @unlink("/var/log/lighttpd/squidguard-lighttpd.log"); if (!is_file("/var/log/lighttpd/squidguard-lighttpd.log")) { @file_put_contents("/var/log/lighttpd/squidguard-lighttpd.log", "#"); } if (!is_file("/var/log/lighttpd/squidguard-lighttpd-error.log")) { @file_put_contents("/var/log/artica-postfix/lighttpd-error.log", "#"); } $unix->chown_func($username, $username, "/var/log/lighttpd/squidguard-lighttpd.log"); $unix->chown_func($username, $username, "/var/log/lighttpd/squidguard-lighttpd-error.log"); $unix->chown_func($username, $username, "/home/squid/error_page_sessions"); $unix->chown_func($username, $username, "/home/squid/error_page_cache"); $unix->chown_func($username, $username, "/usr/share/artica-postfix/bin/install/squid/adzap/zaps/*"); @chmod("/var/log/lighttpd/squidguard-lighttpd-error.log", 0777); @chmod("/var/log/lighttpd/squidguard-lighttpd.log", 0777); if ($SquidGuardStorageDir == null) { $SquidGuardStorageDir = "/home/artica/cache"; } @mkdir($SquidGuardStorageDir, 0755, true); $unix->chown_func($username, $username, $SquidGuardStorageDir); $LighttpdUseUnixSocket = $sock->GET_INFO('LighttpdUseUnixSocket'); if (!is_numeric($LighttpdUseUnixSocket)) { $LighttpdUseUnixSocket = 0; } $lighttpdPhpPort = $sock->GET_INFO('lighttpdPhpPort'); if (!is_numeric($lighttpdPhpPort)) { $lighttpdPhpPort = 1808; } $LighttpdArticaMaxProcs = $sock->GET_INFO('LighttpdArticaMaxProcs'); if (!is_numeric($LighttpdArticaMaxProcs)) { $LighttpdArticaMaxProcs = 0; } $LighttpdArticaMaxChildren = $sock->GET_INFO('LighttpdArticaMaxChildren'); if (!is_numeric($LighttpdArticaMaxChildren)) { $LighttpdArticaMaxChildren = 0; } $LighttpdRunAsminimal = $sock->GET_INFO('LighttpdRunAsminimal'); if (!is_numeric($LighttpdRunAsminimal)) { $LighttpdRunAsminimal = 0; } $PHP_FCGI_MAX_REQUESTS = $sock->GET_INFO('PHP_FCGI_MAX_REQUESTS'); if (!is_numeric($PHP_FCGI_MAX_REQUESTS)) { $PHP_FCGI_MAX_REQUESTS = 200; } $EnablePHPFPM = $sock->GET_INFO('EnablePHPFPM'); if (!is_numeric($EnablePHPFPM)) { $EnablePHPFPM = 0; } $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM"); if (!is_numeric($EnableArticaApachePHPFPM)) { $EnableArticaApachePHPFPM = 0; } if ($EnableArticaApachePHPFPM == 0) { $EnablePHPFPM = 0; } $PHP_STANDARD_MODE = true; $phpcgi_path = $unix->LIGHTTPD_PHP5_CGI_BIN_PATH(); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Run as: {$username}\n"; } $PHP_FCGI_CHILDREN = 1; $max_procs = 2; if ($LighttpdArticaMaxProcs > 0) { $max_procs = $LighttpdArticaMaxProcs; } if ($LighttpdArticaMaxChildren > 0) { $HP_FCGI_CHILDREN = $LighttpdArticaMaxChildren; } if ($LighttpdRunAsminimal == 1) { $max_procs = 2; $PHP_FCGI_CHILDREN = 2; } $f[] = "#artica-postfix saved by artica lighttpd.conf"; $f[] = ""; $f[] = "server.modules = ("; $f[] = " \"mod_alias\","; $f[] = " \"mod_access\","; $f[] = " \"mod_accesslog\","; $f[] = " \"mod_compress\","; $f[] = " \"mod_fastcgi\","; $f[] = " \"mod_cgi\","; $f[] = "\t \"mod_status\""; $f[] = ")"; $f[] = ""; $f[] = "server.document-root = \"/usr/share/artica-postfix\""; $f[] = "server.username = \"{$username}\""; $f[] = "server.groupname = \"{$username}\""; $f[] = "server.errorlog = \"/var/log/lighttpd/squidguard-lighttpd-error.log\""; $f[] = "index-file.names = ( \"exec.squidguard.php\")"; $f[] = ""; $f[] = "mimetype.assign = ("; $f[] = " \".pdf\" => \"application/pdf\","; $f[] = " \".sig\" => \"application/pgp-signature\","; $f[] = " \".spl\" => \"application/futuresplash\","; $f[] = " \".class\" => \"application/octet-stream\","; $f[] = " \".ps\" => \"application/postscript\","; $f[] = " \".torrent\" => \"application/x-bittorrent\","; $f[] = " \".dvi\" => \"application/x-dvi\","; $f[] = " \".gz\" => \"application/x-gzip\","; $f[] = " \".pac\" => \"application/x-ns-proxy-autoconfig\","; $f[] = " \".swf\" => \"application/x-shockwave-flash\","; $f[] = " \".tar.gz\" => \"application/x-tgz\","; $f[] = " \".tgz\" => \"application/x-tgz\","; $f[] = " \".tar\" => \"application/x-tar\","; $f[] = " \".zip\" => \"application/zip\","; $f[] = " \".mp3\" => \"audio/mpeg\","; $f[] = " \".m3u\" => \"audio/x-mpegurl\","; $f[] = " \".wma\" => \"audio/x-ms-wma\","; $f[] = " \".wax\" => \"audio/x-ms-wax\","; $f[] = " \".ogg\" => \"application/ogg\","; $f[] = " \".wav\" => \"audio/x-wav\","; $f[] = " \".gif\" => \"image/gif\","; $f[] = " \".jar\" => \"application/x-java-archive\","; $f[] = " \".jpg\" => \"image/jpeg\","; $f[] = " \".jpeg\" => \"image/jpeg\","; $f[] = " \".png\" => \"image/png\","; $f[] = " \".xbm\" => \"image/x-xbitmap\","; $f[] = " \".xpm\" => \"image/x-xpixmap\","; $f[] = " \".xwd\" => \"image/x-xwindowdump\","; $f[] = " \".css\" => \"text/css\","; $f[] = " \".html\" => \"text/html\","; $f[] = " \".htm\" => \"text/html\","; $f[] = " \".js\" => \"text/javascript\","; $f[] = " \".asc\" => \"text/plain\","; $f[] = " \".c\" => \"text/plain\","; $f[] = " \".cpp\" => \"text/plain\","; $f[] = " \".log\" => \"text/plain\","; $f[] = " \".conf\" => \"text/plain\","; $f[] = " \".text\" => \"text/plain\","; $f[] = " \".txt\" => \"text/plain\","; $f[] = " \".dtd\" => \"text/xml\","; $f[] = " \".xml\" => \"text/xml\","; $f[] = " \".mpeg\" => \"video/mpeg\","; $f[] = " \".mpg\" => \"video/mpeg\","; $f[] = " \".mov\" => \"video/quicktime\","; $f[] = " \".qt\" => \"video/quicktime\","; $f[] = " \".avi\" => \"video/x-msvideo\","; $f[] = " \".asf\" => \"video/x-ms-asf\","; $f[] = " \".asx\" => \"video/x-ms-asf\","; $f[] = " \".wmv\" => \"video/x-ms-wmv\","; $f[] = " \".bz2\" => \"application/x-bzip\","; $f[] = " \".tbz\" => \"application/x-bzip-compressed-tar\","; $f[] = " \".tar.bz2\" => \"application/x-bzip-compressed-tar\","; $f[] = " \"\" => \"application/octet-stream\","; $f[] = " )"; $f[] = ""; $f[] = ""; $f[] = "accesslog.filename = \"/var/log/lighttpd/squidguard-lighttpd.log\""; $f[] = "url.access-deny = ( \"~\", \".inc\",\".log\",\".ini\",\"ressources\",\"computers\",\"user-backup\",\"logon.php\",\"index.php\")"; $f[] = ""; $f[] = "static-file.exclude-extensions = ( \".php\", \".pl\", \".fcgi\" )"; $f[] = "server.port = {$SquidGuardApachePort}"; $f[] = "#server.bind = \"127.0.0.1\""; $f[] = "server.error-handler-404 = \"/exec.squidguard.php\""; $f[] = "#server.error-handler-404 = \"/error-handler.php\""; $f[] = "server.pid-file = \"/var/run/lighttpd/squidguard-lighttpd.pid\""; $f[] = "server.max-fds \t\t = 2048"; $f[] = "server.network-backend = \"write\""; $f[] = "server.follow-symlink = \"enable\""; $f[] = ""; $f[] = ''; $f[] = "\$SERVER[\"socket\"]== \":{$SquidGuardApacheSSLPort}\" {"; $f[] = "\tssl.engine = \"enable\""; $cert = new lighttpd_certificate($SquidGuardWebSSLCertificate); $f[] = $cert->build(); $f[] = "ssl.cipher-list=\"ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:+SSLv3\""; $f[] = "}"; if (!is_file("/opt/artica/ssl/certs/lighttpd.pem")) { @chmod("/usr/share/artica-postfix/bin/artica-install", 0755); shell_exec("/usr/share/artica-postfix/bin/artica-install -lighttpd-cert"); } // if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen on: {$SquidGuardApachePort}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen on: {$SquidGuardApacheSSLPort} SSL\n"; } $phpfpm = $unix->find_program('php5-fpm'); if (!is_file($phpfpm)) { $phpfpm = $unix->find_program('php-fpm'); } if (is_file($phpfpm)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} PHP-FPM is installed\n"; } if ($EnablePHPFPM == 1) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} PHP-FPM is enabled\n"; } $PHP_STANDARD_MODE = false; $f[] = 'fastcgi.server = ( ".php" =>(('; $f[] = ' "socket" => "/var/run/php-fpm.sock",'; } } if ($PHP_STANDARD_MODE) { $f[] = 'fastcgi.server = ( ".php" =>(('; $f[] = ' "bin-path" => "/usr/bin/php-cgi",'; if ($LighttpdUseUnixSocket == 1) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Fast-cgi server unix socket mode\n"; } $f[] = ' "socket" => "/var/run/lighttpd/php.socket" + var.PID,'; } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Fast-cgi server socket 127.0.0.1:{$lighttpdPhpPort}\n"; } $f[] = ' "host" => "127.0.0.1","port" =>' . $lighttpdPhpPort . ','; } } $f[] = ' "max-procs" => ' . $max_procs . ','; $f[] = ' "idle-timeout" => 10,'; $f[] = ' "bin-environment" => ('; $f[] = ' "PHP_FCGI_CHILDREN" => "' . $PHP_FCGI_CHILDREN . '",'; $f[] = ' "PHP_FCGI_MAX_REQUESTS" => "' . $PHP_FCGI_MAX_REQUESTS . '"'; $f[] = ' ),'; $f[] = ' "bin-copy-environment" => ('; $f[] = ' "PATH", "SHELL", "USER"'; $f[] = ' ),'; $f[] = ' "broken-scriptfilename" => "enable"'; $f[] = ' ))'; $f[] = ')'; $f[] = "alias.url += ( \"/css/\" => \"/usr/share/artica-postfix/css/\" )"; $f[] = "alias.url += ( \"/img/\" => \"/usr/share/artica-postfix/img/\" )"; $f[] = "alias.url += ( \"/js/\" => \"/usr/share/artica-postfix/js/\" )"; $f[] = "alias.url += ( \"/zaps/\" => \"/usr/share/artica-postfix/bin/install/squid/adzap/zaps/\" )"; $f[] = ""; $f[] = "cgi.assign= ("; $f[] = "\t\".pl\" => \"/usr/bin/perl\","; $f[] = "\t\".php\" => \"/usr/bin/php-cgi\","; $f[] = "\t\".py\" => \"/usr/bin/python\","; $f[] = "\t\".cgi\" => \"/usr/bin/perl\","; $f[] = ")"; @file_put_contents("/etc/artica-postfix/squidguard-lighttpd.conf", @implode("\n", $f)); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} squidguard-lighttpd.conf done.\n"; } }
function apache_config() { $sock = new sockets(); $unix = new unix(); $EnablePHPFPM = 0; $ipaddr = null; @mkdir("/var/run/apache2", 0755, true); @mkdir("/var/run/sarg-apache", 0755, true); @mkdir("/var/log/apache2", 0755, true); @mkdir(dirname($GLOBALS["APACHE_PID_PATH"]), 0755, true); $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT(); $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP(); $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH(); $SargOutputDir = $sock->GET_INFO("SargOutputDir"); if ($SargOutputDir == null) { $SargOutputDir = "/var/www/html/squid-reports"; } $SargWebPort = intval($sock->GET_INFO("SargWebPort")); if ($SargWebPort == 0) { $SargWebPort = rand(55600, 59000); $sock->SET_INFO("SargWebPort", $SargWebPort); } if (is_link($SargOutputDir)) { $SargOutputDir = @readlink($SargOutputDir); } @mkdir($SargOutputDir, 0755, true); if (!is_file("{$SargOutputDir}/index.html")) { $php = $unix->LOCATE_PHP5_BIN(); shell_exec("{$php} /usr/share/artica-postfix/exec.sarg.php --exec --force >/dev/null 2>&1 &"); } if ($ipaddr == null) { $ipaddr = "*"; } $phpfpm = $unix->APACHE_LOCATE_PHP_FPM(); $php = $unix->LOCATE_PHP5_BIN(); $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM"); if (!is_numeric($EnableArticaApachePHPFPM)) { $EnableArticaApachePHPFPM = 0; } if (!is_file($phpfpm)) { $EnableArticaApachePHPFPM = 0; } $logfile = "/var/log/apache2/apache-sarg-access.log"; $ErrorLog = "/var/log/apache2/apache-sarg-error.log"; $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache"); $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES(); if ($EnableArticaApachePHPFPM == 1) { if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n"; } $EnableArticaApachePHPFPM = 0; } } if ($APACHE_SRC_ACCOUNT == null) { $APACHE_SRC_ACCOUNT = "www-data"; $APACHE_SRC_GROUP = "www-data"; $unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username"); } @unlink($ErrorLog); @unlink($logfile); if (!is_file("{$logfile}")) { @touch("{$logfile}"); } if (!is_file("{$ErrorLog}")) { @touch("{$ErrorLog}"); } $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $ErrorLog); $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $logfile); $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache"); $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/apache2"); $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, dirname($GLOBALS["APACHE_PID_PATH"])); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n"; } $f[] = "LockFile /var/run/apache2/sarg-artica-accept.lock"; $f[] = "PidFile {$GLOBALS["APACHE_PID_PATH"]}"; $f[] = "AcceptMutex flock"; $f[] = "DocumentRoot {$SargOutputDir}"; $f[] = "DirectoryIndex index.html"; $f[] = "ErrorDocument 400 /index.html"; $f[] = "ErrorDocument 401 /index.html"; $f[] = "ErrorDocument 403 /index.html"; $f[] = "ErrorDocument 404 /index.html"; $f[] = "ErrorDocument 500 /index.html"; $f[] = "NameVirtualHost {$ipaddr}:{$SargWebPort}"; $f[] = "Listen {$ipaddr}:{$SargWebPort}"; $f[] = "<VirtualHost {$ipaddr}:{$SargWebPort}>"; $f[] = "\tServerName {$ipaddr}"; $f[] = "\tDocumentRoot {$SargOutputDir}"; $f[] = "</VirtualHost>"; $f[] = "<IfModule mpm_prefork_module>"; $f[] = "</IfModule>"; $f[] = "<IfModule mpm_worker_module>"; $f[] = "\tMinSpareThreads 25"; $f[] = "\tMaxSpareThreads 75 "; $f[] = "\tThreadLimit 64"; $f[] = "\tThreadsPerChild 25"; $f[] = "</IfModule>"; $f[] = "<IfModule mpm_event_module>"; $f[] = "\tMinSpareThreads 25"; $f[] = "\tMaxSpareThreads 75 "; $f[] = "\tThreadLimit 64"; $f[] = "\tThreadsPerChild 25"; $f[] = "</IfModule>"; $f[] = "AccessFileName .htaccess"; $f[] = "<Files ~ \"^\\.ht\">"; $f[] = "\tOrder allow,deny"; $f[] = "\tDeny from all"; $f[] = "\tSatisfy all"; $f[] = "</Files>"; $f[] = "DefaultType text/plain"; $f[] = "HostnameLookups Off"; $f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}"; $f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}"; $f[] = "Timeout 300"; $f[] = "KeepAlive Off"; $f[] = "KeepAliveTimeout 15"; $f[] = "StartServers 1"; $f[] = "MaxClients 50"; $f[] = "MinSpareServers 2"; $f[] = "MaxSpareServers 5"; $f[] = "MaxRequestsPerChild 5000"; $f[] = "MaxKeepAliveRequests 100"; $f[] = "ServerName " . $unix->hostname_g(); $f[] = "<IfModule mod_mime.c>"; $f[] = "\tTypesConfig /etc/mime.types"; $f[] = "\tAddType application/x-compress .Z"; $f[] = "\tAddType application/x-gzip .gz .tgz"; $f[] = "\tAddType application/x-bzip2 .bz2"; $f[] = "\tAddType application/x-httpd-php .php .phtml"; $f[] = "\tAddType application/x-httpd-php-source .phps"; $f[] = "\tAddLanguage ca .ca"; $f[] = "\tAddLanguage cs .cz .cs"; $f[] = "\tAddLanguage da .dk"; $f[] = "\tAddLanguage de .de"; $f[] = "\tAddLanguage el .el"; $f[] = "\tAddLanguage en .en"; $f[] = "\tAddLanguage eo .eo"; $f[] = "\tRemoveType es"; $f[] = "\tAddLanguage es .es"; $f[] = "\tAddLanguage et .et"; $f[] = "\tAddLanguage fr .fr"; $f[] = "\tAddLanguage he .he"; $f[] = "\tAddLanguage hr .hr"; $f[] = "\tAddLanguage it .it"; $f[] = "\tAddLanguage ja .ja"; $f[] = "\tAddLanguage ko .ko"; $f[] = "\tAddLanguage ltz .ltz"; $f[] = "\tAddLanguage nl .nl"; $f[] = "\tAddLanguage nn .nn"; $f[] = "\tAddLanguage no .no"; $f[] = "\tAddLanguage pl .po"; $f[] = "\tAddLanguage pt .pt"; $f[] = "\tAddLanguage pt-BR .pt-br"; $f[] = "\tAddLanguage ru .ru"; $f[] = "\tAddLanguage sv .sv"; $f[] = "\tRemoveType tr"; $f[] = "\tAddLanguage tr .tr"; $f[] = "\tAddLanguage zh-CN .zh-cn"; $f[] = "\tAddLanguage zh-TW .zh-tw"; $f[] = "\tAddCharset us-ascii .ascii .us-ascii"; $f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1"; $f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen"; $f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3"; $f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4"; $f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru"; $f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic"; $f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek"; $f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew"; $f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk"; $f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6"; $f[] = "\tAddCharset ISO-8859-13 .iso8859-13"; $f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8"; $f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9"; $f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10"; $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis"; $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis"; $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis"; $f[] = "\tAddCharset Big5 .Big5 .big5 .b5"; $f[] = "\tAddCharset cn-Big5 .cn-big5"; $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):"; $f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251"; $f[] = "\tAddCharset CP866 .cp866"; $f[] = "\tAddCharset KOI8 .koi8"; $f[] = "\tAddCharset KOI8-E .koi8-e"; $f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru"; $f[] = "\tAddCharset KOI8-U .koi8-u"; $f[] = "\tAddCharset KOI8-ru .koi8-uk .ua"; $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2"; $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4"; $f[] = "\tAddCharset UTF-7 .utf7"; $f[] = "\tAddCharset UTF-8 .utf8"; $f[] = "\tAddCharset UTF-16 .utf16"; $f[] = "\tAddCharset UTF-16BE .utf16be"; $f[] = "\tAddCharset UTF-16LE .utf16le"; $f[] = "\tAddCharset UTF-32 .utf32"; $f[] = "\tAddCharset UTF-32BE .utf32be"; $f[] = "\tAddCharset UTF-32LE .utf32le"; $f[] = "\tAddCharset euc-cn .euc-cn"; $f[] = "\tAddCharset euc-gb .euc-gb"; $f[] = "\tAddCharset euc-jp .euc-jp"; $f[] = "\tAddCharset euc-kr .euc-kr"; $f[] = "\tAddCharset EUC-TW .euc-tw"; $f[] = "\tAddCharset gb2312 .gb2312 .gb"; $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2"; $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4"; $f[] = "\tAddCharset shift_jis .shift_jis .sjis"; $f[] = "\tAddType text/html .shtml"; $f[] = "\tAddOutputFilter INCLUDES .shtml"; $f[] = "</IfModule>"; //$f[]="Alias /index.php /usr/share/artica-postfix/hotspot.php"; //$f[]="Alias /index.html /usr/share/artica-postfix/hotspot.php"; $f[] = "<Directory \"{$SargOutputDir}\">"; $f[] = "\tDirectorySlash On"; $f[] = "\tDirectoryIndex index.html"; $f[] = "\t\t<Files \"hostpot.php\">"; $f[] = "\t\t\tOrder allow,deny"; $f[] = "\t\t\tallow from all"; $f[] = "\t\t</Files>"; $f[] = "\tErrorDocument 400 /index.html"; $f[] = "\tErrorDocument 401 /index.html"; $f[] = "\tErrorDocument 403 /index.html"; $f[] = "\tErrorDocument 404 /index.html"; $f[] = "\tErrorDocument 500 /index.html"; $f[] = "\tOptions -Indexes"; $f[] = "\tAllowOverride All"; $f[] = "\tOrder allow,deny"; $f[] = "\tAllow from all"; $f[] = "</Directory>"; $f[] = "Loglevel debug"; $f[] = "ErrorLog {$ErrorLog}"; $f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common"; $f[] = "CustomLog {$logfile} common"; $array["actions_module"] = "mod_actions.so"; $array["expires_module"] = "mod_expires.so"; $array["rewrite_module"] = "mod_rewrite.so"; $array["dir_module"] = "mod_dir.so"; $array["mime_module"] = "mod_mime.so"; $array["alias_module"] = "mod_alias.so"; $array["auth_basic_module"] = "mod_auth_basic.so"; $array["authz_host_module"] = "mod_authz_host.so"; $array["autoindex_module"] = "mod_autoindex.so"; $array["negotiation_module"] = "mod_negotiation.so"; $array["headers_module"] = "mod_headers.so"; //$array["ldap_module"]="mod_ldap.so"; if (is_dir("/etc/apache2")) { if (!is_file("/etc/apache2/mime.types")) { if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") { @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types"); } } } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n"; } while (list($module, $lib) = each($array)) { if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n"; } $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}"; } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n"; } } } @file_put_contents($GLOBALS["APACHE_CONFIG_PATH"], @implode("\n", $f)); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$GLOBALS["APACHE_CONFIG_PATH"]} done\n"; } }
function apache_config() { $sock = new sockets(); $unix = new unix(); $EnablePHPFPM = 0; $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT(); $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP(); if (preg_match("#APACHE_RUN_GROUP#", $APACHE_SRC_GROUP)) { $APACHE_SRC_GROUP = "www-data"; } $LogFilePath = "/var/log/artica-wifidog/access.log"; $directories[] = "/var/run/apache2"; $directories[] = "/var/run/artica-apache"; $directories[] = "/var/log/artica-wifidog"; $directories[] = "/home/artica/hotspot/sessions"; $directories[] = "/home/artica/hotspot/caches"; while (list($index, $maindir) = each($directories)) { @mkdir($maindir, 0755, true); @chown($maindir, $APACHE_SRC_ACCOUNT); @chgrp($maindir, $APACHE_SRC_GROUP); } $ErrorLog = dirname($LogFilePath) . "/error.log"; if (!is_file($LogFilePath)) { @touch($LogFilePath); } @chown($LogFilePath, $APACHE_SRC_ACCOUNT); @chgrp($LogFilePath, $APACHE_SRC_GROUP); if (!is_file($ErrorLog)) { @touch($ErrorLog); } @chown($ErrorLog, $APACHE_SRC_ACCOUNT); @chgrp($ErrorLog, $APACHE_SRC_GROUP); $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH(); $HotSpotMaxClients = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotMaxClients")); $HotSpotStartServers = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotStartServers")); $HotSpotForceDDOSDisable = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotForceDDOSDisable")); if ($HotSpotMaxClients == 0) { $HotSpotMaxClients = 20; } if ($HotSpotStartServers == 0) { $HotSpotStartServers = 5; } $EnableArticaHotSpot = $sock->GET_INFO("EnableArticaHotSpot"); $SquidHotSpotPort = $sock->GET_INFO("SquidHotSpotPort"); $ArticaHotSpotPort = $sock->GET_INFO("ArticaHotSpotPort"); $ArticaSSLHotSpotPort = $sock->GET_INFO("ArticaSSLHotSpotPort"); $ArticaSplashHotSpotPort = $sock->GET_INFO("ArticaSplashHotSpotPort"); $ArticaSplashHotSpotPortSSL = $sock->GET_INFO("ArticaSplashHotSpotPortSSL"); if (!is_numeric($ArticaHotSpotPort)) { $ArticaHotSpotPort = 0; } if (!is_numeric($ArticaSplashHotSpotPort)) { $ArticaSplashHotSpotPort = 16080; } if (!is_numeric($ArticaSplashHotSpotPortSSL)) { $ArticaSplashHotSpotPortSSL = 16443; } $ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface"); $HospotHTTPServerName = trim($sock->GET_INFO("HospotHTTPServerName")); $HotSpotErrorRedirect = $sock->GET_INFO("HotSpotErrorRedirect"); if ($HotSpotErrorRedirect == null) { $HotSpotErrorRedirect = "http://www.msftncsi.com"; } $Params = unserialize($sock->GET_INFO("HotSpotEvasive")); $ApacheEvasiveInstalled = intval($sock->GET_INFO("ApacheEvasiveInstalled")); if (!is_numeric($Params["DOSEnable"])) { $Params["DOSEnable"] = 1; } if (!is_numeric($Params["DOSHashTableSize"])) { $Params["DOSHashTableSize"] = 1024; } if (!is_numeric($Params["DOSPageCount"])) { $Params["DOSPageCount"] = 3; } if (!is_numeric($Params["DOSSiteCount"])) { $Params["DOSSiteCount"] = 20; } if (!is_numeric($Params["DOSPageInterval"])) { $Params["DOSPageInterval"] = 1; } if (!is_numeric($Params["DOSSiteInterval"])) { $Params["DOSSiteInterval"] = 10; } if (!is_numeric($Params["DOSBlockingPeriod"])) { $Params["DOSBlockingPeriod"] = 5; } $unix = new unix(); $NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES(); $ipaddr = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"]; if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HotSpot run as {$ArticaHotSpotInterface} ( {$ipaddr} )\n"; } if ($ipaddr == "0.0.0.0") { $ipaddr = "*"; } if ($ipaddr == null) { $ipaddr = "*"; } $GLOBALS["HOSTPOT_WEB_INTERFACE"] = $ipaddr; $phpfpm = $unix->APACHE_LOCATE_PHP_FPM(); $php = $unix->LOCATE_PHP5_BIN(); $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM"); if (!is_numeric($EnableArticaApachePHPFPM)) { $EnableArticaApachePHPFPM = 0; } if (!is_file($phpfpm)) { $EnableArticaApachePHPFPM = 0; } $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache"); $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES(); if ($EnableArticaApachePHPFPM == 1) { if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n"; } $EnableArticaApachePHPFPM = 0; } } if ($APACHE_SRC_ACCOUNT == null) { $APACHE_SRC_ACCOUNT = "www-data"; $APACHE_SRC_GROUP = "www-data"; $unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username"); } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as....: {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port.: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM...: {$EnablePHPFPM}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} MaxClients: {$HotSpotMaxClients}\n"; } $f[] = "Group {$APACHE_SRC_GROUP}"; $f[] = "User {$APACHE_SRC_ACCOUNT}"; $f[] = "LockFile /var/run/apache2/hotspot-artica-accept.lock"; $f[] = "PidFile /var/run/artica-apache/hotspot-apache.pid"; $f[] = "AcceptMutex flock"; $f[] = "SSLRandomSeed startup file:/dev/urandom 256"; $f[] = "SSLRandomSeed connect builtin"; $f[] = "SSLSessionCache shmcb:/var/run/apache2/ssl_scache-hotspot(512000)"; $f[] = "SSLSessionCacheTimeout 300"; $f[] = "SSLSessionCacheTimeout 300"; $f[] = "DocumentRoot /usr/share/artica-postfix"; $f[] = "DirectoryIndex hotspot.html"; $f[] = "ErrorDocument 400 /hotspot.html"; $f[] = "ErrorDocument 401 /hotspot.html"; $f[] = "ErrorDocument 403 /hotspot.html"; $f[] = "ErrorDocument 404 /hotspot.html"; $f[] = "ErrorDocument 500 /hotspot.html"; $NameVirtualHost = $ipaddr; if ($HospotHTTPServerName != null) { $NameVirtualHost = $HospotHTTPServerName; } $f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}"; $f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}"; $f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPort}"; $f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}"; $ddos_config = null; if ($HotSpotForceDDOSDisable == 1) { $Params["DOSEnable"] = 0; } if ($Params["DOSEnable"] == 1) { //$ddos[]="<IfModule mod_evasive20.c>"; $ddos[] = "\tDOSHashTableSize {$Params["DOSHashTableSize"]}"; $ddos[] = "\tDOSPageCount {$Params["DOSPageCount"]}"; $ddos[] = "\tDOSSiteCount {$Params["DOSSiteCount"]}"; $ddos[] = "\tDOSPageInterval {$Params["DOSPageInterval"]}"; $ddos[] = "\tDOSSiteInterval {$Params["DOSSiteInterval"]}"; $ddos[] = "\tDOSBlockingPeriod {$Params["DOSBlockingPeriod"]}"; $ddos[] = "\tDOSLogDir \"/var/log/artica-wifidog\""; $ddos[] = "\tDOSSystemCommand \"/bin/echo `date '+%F %T'` HOTSPOT %s >> /var/log/artica-wifidog/dos_evasive_attacks.log\""; $ddos_config = @implode("\n", $ddos); //$ddos[]="</IfModule>"; } $f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}>"; $f[] = "\tServerName {$NameVirtualHost}"; $f[] = "\tDocumentRoot /usr/share/artica-postfix"; $f[] = "{$ddos_config}"; $f[] = "\tErrorDocument 400 /hotspot.html"; $f[] = "\tErrorDocument 401 /hotspot.html"; $f[] = "\tErrorDocument 403 /hotspot.html"; $f[] = "\tErrorDocument 404 /hotspot.html"; $f[] = "\tErrorDocument 500 /hotspot.html"; $f[] = "\tFallbackResource /hotspot.html"; $f[] = "</VirtualHost>"; $f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}>"; $f[] = "\tServerName {$NameVirtualHost}"; $f[] = "\tDocumentRoot /usr/share/artica-postfix"; $f[] = "\tSSLEngine on"; $squid = new squidbee(); $ArticaSplashHotSpotCertificate = $sock->GET_INFO("ArticaSplashHotSpotCertificate"); $data = $squid->SaveCertificate($ArticaSplashHotSpotCertificate, false, true, false); if ($ArticaSplashHotSpotCertificate != null) { $apache = new apache_certificate($ArticaSplashHotSpotCertificate); $f[] = $apache->build(); } else { if (preg_match("#ssl_certificate\\s+(.+?);\\s+ssl_certificate_key\\s+(.+?);#is", $data, $re)) { $cert = $re[1]; $key = $re[2]; $f[] = "\tSSLCertificateFile \"{$cert}\""; $f[] = "\tSSLCertificateKeyFile \"{$key}\""; } } $f[] = "\tSSLVerifyClient none"; $f[] = "\tServerSignature Off"; $f[] = "{$ddos_config}"; $f[] = "\tErrorDocument 400 /hotspot.html"; $f[] = "\tErrorDocument 401 /hotspot.html"; $f[] = "\tErrorDocument 403 /hotspot.html"; $f[] = "\tErrorDocument 404 /hotspot.html"; $f[] = "\tErrorDocument 500 /hotspot.html"; $f[] = "\tFallbackResource /hotspot.html"; $f[] = "</VirtualHost>"; $f[] = "AccessFileName .htaccess"; $f[] = "<Files ~ \"^\\.ht\">"; $f[] = "\tOrder allow,deny"; $f[] = "\tDeny from all"; $f[] = "\tSatisfy all"; $f[] = "</Files>"; $f[] = "DefaultType text/plain"; $f[] = "HostnameLookups Off"; $f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}"; $f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}"; $f[] = "Timeout 300"; $f[] = "KeepAlive Off"; $f[] = "KeepAliveTimeout 3"; if ($HotSpotStartServers >= $HotSpotMaxClients) { $HotSpotMaxClients = $HotSpotMaxClients + $HotSpotStartServers; } if ($HotSpotMaxClients > 1024) { $HotSpotMaxClients = 1024; } $ServerLimit = $HotSpotMaxClients + 100; if ($ServerLimit > 2000) { $ServerLimit = 2000; } $f[] = "StartServers {$HotSpotStartServers}"; $f[] = "MaxClients {$HotSpotMaxClients}"; $f[] = "ServerLimit\t\t {$ServerLimit}"; $MinSpareServers = $HotSpotStartServers + 5; $MaxSpareServers = $MinSpareServers + 1; $f[] = "MinSpareServers {$MinSpareServers}"; $f[] = "MaxSpareServers {$MaxSpareServers}"; $f[] = "MaxRequestsPerChild 800"; $f[] = "MaxKeepAliveRequests 100"; $f[] = "ServerName " . $unix->hostname_g(); $f[] = "<IfModule mod_ssl.c>"; $f[] = "\tSSLRandomSeed connect builtin"; $f[] = "\tSSLRandomSeed connect file:/dev/urandom 512"; $f[] = "\tAddType application/x-x509-ca-cert .crt"; $f[] = "\tAddType application/x-pkcs7-crl .crl"; $f[] = "\tSSLPassPhraseDialog builtin"; $f[] = "\tSSLSessionCache shmcb:/var/run/apache2/ssl_scache-articahtp(512000)"; $f[] = "\tSSLSessionCacheTimeout 300"; $f[] = "\tSSLSessionCacheTimeout 300"; $f[] = "\tSSLMutex sem"; $f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH"; $f[] = "\tSSLProtocol all -SSLv2"; $f[] = "</IfModule>"; $f[] = ""; $f[] = "AddType application/x-httpd-php .php"; $f[] = "php_value error_log \"/var/log/artica-wifidog/access.log\""; $f[] = "php_value session.save_path \"/home/artica/hotspot/sessions\""; $f[] = "<IfModule mod_fcgid.c>"; $f[] = "\tPHP_Fix_Pathinfo_Enable 1"; $f[] = "</IfModule>"; $f[] = "<IfModule mod_php5.c>"; $f[] = " <FilesMatch \"\\.ph(p3?|tml)\$\">"; $f[] = "\tSetHandler application/x-httpd-php"; $f[] = " </FilesMatch>"; $f[] = " <FilesMatch \"\\.phps\$\">"; $f[] = "\tSetHandler application/x-httpd-php-source"; $f[] = " </FilesMatch>"; $f[] = " <IfModule mod_userdir.c>"; $f[] = " <Directory /home/*/public_html>"; $f[] = " php_admin_value engine Off"; $f[] = " </Directory>"; $f[] = " </IfModule>"; $f[] = "</IfModule>"; $f[] = "<IfModule mod_mime.c>"; $f[] = "\tTypesConfig /etc/mime.types"; $f[] = "\tAddType application/x-compress .Z"; $f[] = "\tAddType application/x-gzip .gz .tgz"; $f[] = "\tAddType application/x-bzip2 .bz2"; $f[] = "\tAddType application/x-httpd-php .php .phtml"; $f[] = "\tAddType application/x-httpd-php-source .phps"; $f[] = "\tAddLanguage ca .ca"; $f[] = "\tAddLanguage cs .cz .cs"; $f[] = "\tAddLanguage da .dk"; $f[] = "\tAddLanguage de .de"; $f[] = "\tAddLanguage el .el"; $f[] = "\tAddLanguage en .en"; $f[] = "\tAddLanguage eo .eo"; $f[] = "\tRemoveType es"; $f[] = "\tAddLanguage es .es"; $f[] = "\tAddLanguage et .et"; $f[] = "\tAddLanguage fr .fr"; $f[] = "\tAddLanguage he .he"; $f[] = "\tAddLanguage hr .hr"; $f[] = "\tAddLanguage it .it"; $f[] = "\tAddLanguage ja .ja"; $f[] = "\tAddLanguage ko .ko"; $f[] = "\tAddLanguage ltz .ltz"; $f[] = "\tAddLanguage nl .nl"; $f[] = "\tAddLanguage nn .nn"; $f[] = "\tAddLanguage no .no"; $f[] = "\tAddLanguage pl .po"; $f[] = "\tAddLanguage pt .pt"; $f[] = "\tAddLanguage pt-BR .pt-br"; $f[] = "\tAddLanguage ru .ru"; $f[] = "\tAddLanguage sv .sv"; $f[] = "\tRemoveType tr"; $f[] = "\tAddLanguage tr .tr"; $f[] = "\tAddLanguage zh-CN .zh-cn"; $f[] = "\tAddLanguage zh-TW .zh-tw"; $f[] = "\tAddCharset us-ascii .ascii .us-ascii"; $f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1"; $f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen"; $f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3"; $f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4"; $f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru"; $f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic"; $f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek"; $f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew"; $f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk"; $f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6"; $f[] = "\tAddCharset ISO-8859-13 .iso8859-13"; $f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8"; $f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9"; $f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10"; $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis"; $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis"; $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis"; $f[] = "\tAddCharset Big5 .Big5 .big5 .b5"; $f[] = "\tAddCharset cn-Big5 .cn-big5"; $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):"; $f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251"; $f[] = "\tAddCharset CP866 .cp866"; $f[] = "\tAddCharset KOI8 .koi8"; $f[] = "\tAddCharset KOI8-E .koi8-e"; $f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru"; $f[] = "\tAddCharset KOI8-U .koi8-u"; $f[] = "\tAddCharset KOI8-ru .koi8-uk .ua"; $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2"; $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4"; $f[] = "\tAddCharset UTF-7 .utf7"; $f[] = "\tAddCharset UTF-8 .utf8"; $f[] = "\tAddCharset UTF-16 .utf16"; $f[] = "\tAddCharset UTF-16BE .utf16be"; $f[] = "\tAddCharset UTF-16LE .utf16le"; $f[] = "\tAddCharset UTF-32 .utf32"; $f[] = "\tAddCharset UTF-32BE .utf32be"; $f[] = "\tAddCharset UTF-32LE .utf32le"; $f[] = "\tAddCharset euc-cn .euc-cn"; $f[] = "\tAddCharset euc-gb .euc-gb"; $f[] = "\tAddCharset euc-jp .euc-jp"; $f[] = "\tAddCharset euc-kr .euc-kr"; $f[] = "\tAddCharset EUC-TW .euc-tw"; $f[] = "\tAddCharset gb2312 .gb2312 .gb"; $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2"; $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4"; $f[] = "\tAddCharset shift_jis .shift_jis .sjis"; $f[] = "\tAddType text/html .shtml"; $f[] = "\tAddOutputFilter INCLUDES .shtml"; $f[] = "</IfModule>"; $f[] = "Alias /index.php /hotspot.html"; $f[] = "Alias /index.html /hotspot.html"; $f[] = "Alias /Microsoft-Server-ActiveSync /hotspot-none.html"; $f[] = "<Directory \"/usr/share/artica-postfix\">"; $f[] = "\tDirectorySlash On"; $f[] = "\tDirectoryIndex hostpot.php"; $f[] = "\t\t<Files \"hostpot.php\">"; $f[] = "\t\t\tOrder allow,deny"; $f[] = "\t\t\tallow from all"; $f[] = "\t\t</Files>"; $f[] = "\t\t<Files \"hostpot.html\">"; $f[] = "\t\t\tOrder allow,deny"; $f[] = "\t\t\tallow from all"; $f[] = "\t\t</Files>"; $f[] = "\t\t<FilesMatch \"!(hostpot)\\.(html|php)\$\">"; $f[] = "\t\t\tOrder allow,deny"; $f[] = "\t\t\tdeny from all"; $f[] = "\t\t</FilesMatch>"; $f[] = "\tErrorDocument 400 /hotspot.html"; $f[] = "\tErrorDocument 401 /hotspot.html"; $f[] = "\tErrorDocument 403 /hotspot.html"; $f[] = "\tErrorDocument 404 /hotspot.html"; $f[] = "\tErrorDocument 500 /hotspot.html"; $f[] = "\tFallbackResource /hotspot.html"; $f[] = "\tOptions -Indexes"; $f[] = "\tSSLOptions +StdEnvVars"; $f[] = "\tAllowOverride All"; $f[] = "\tOrder allow,deny"; $f[] = "\tAllow from all"; $f[] = "</Directory>"; if ($EnableArticaApachePHPFPM == 1) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n"; } shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n"; } shell_exec("/etc/init.d/php5-fpm restart"); $f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi"; $f[] = "\tAddHandler php-script .php"; $f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610"; $f[] = "\tAction php-script /php5.fastcgi virtual"; $f[] = "\t<Directory /var/run/artica-apache>"; $f[] = "\t\t<Files php5.fastcgi>"; $f[] = "\t\tOrder deny,allow"; $f[] = "\t\tAllow from all"; $f[] = "\t\t</Files>"; $f[] = "\t</Directory>"; } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n"; } } $f[] = "Loglevel debug"; $f[] = "ErrorLog {$ErrorLog}"; $f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common"; $f[] = "CustomLog {$LogFilePath} common"; if ($EnableArticaApachePHPFPM == 0) { $array["php5_module"] = "libphp5.so"; } $array["actions_module"] = "mod_actions.so"; $array["expires_module"] = "mod_expires.so"; $array["rewrite_module"] = "mod_rewrite.so"; $array["dir_module"] = "mod_dir.so"; $array["mime_module"] = "mod_mime.so"; $array["alias_module"] = "mod_alias.so"; $array["auth_basic_module"] = "mod_auth_basic.so"; $array["authz_host_module"] = "mod_authz_host.so"; $array["autoindex_module"] = "mod_autoindex.so"; $array["negotiation_module"] = "mod_negotiation.so"; $array["ssl_module"] = "mod_ssl.so"; $array["headers_module"] = "mod_headers.so"; $array["ldap_module"] = "mod_ldap.so"; if ($Params["DOSEnable"] == 1) { $array["evasive20_module"] = "mod_evasive20.so"; } if ($EnableArticaApachePHPFPM == 1) { $array["fastcgi_module"] = "mod_fastcgi.so"; } if (is_dir("/etc/apache2")) { if (!is_file("/etc/apache2/mime.types")) { if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") { @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types"); } } } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n"; } while (list($module, $lib) = each($array)) { if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n"; } $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}"; } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n"; } } } build_error_page(); @file_put_contents("/etc/artica-postfix/hotspot-httpd.conf", @implode("\n", $f) . "\n"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/hotspot-httpd.conf done\n"; } }
function start($aspid = false) { $unix = new unix(); $sock = new sockets(); $postconf = $unix->find_program("postconf"); $postfix = $unix->find_program("postfix"); $usermod = $unix->find_program("usermod"); $users = new usersMenus(); if (!is_file($postconf)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix, not installed\n"; } return; } if (!$aspid) { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = $unix->get_pid_from_file($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { $time = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix Already Artica task running PID {$pid} since {$time}mn\n"; } return; } @file_put_contents($pidfile, getmypid()); } $pid = PID_NUM(); if ($unix->process_exists($pid)) { $timepid = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix Service already started {$pid} since {$timepid}Mn...\n"; } return; } $EnablePostfix = $sock->GET_INFO("EnablePostfix"); $EnableStopPostfix = $sock->GET_INFO("EnableStopPostfix"); if (!is_numeric($EnablePostfix)) { $EnablePostfix = 1; } if (!is_numeric($EnableStopPostfix)) { $EnableStopPostfix = 0; } if ($EnableStopPostfix == 1) { $EnablePostfix = 0; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix EnablePostfix = {$EnablePostfix}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix EnableStopPostfix = {$EnableStopPostfix}\n"; } if ($EnablePostfix == 0) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service disabled\n"; } return; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix checking postfix user\n"; } $unix->CreateUnixUser("postfix", "postfix"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix checking clamav user\n"; } $unix->CreateUnixUser("clamav", "clamav"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix checking postdrop group\n"; } $unix->SystemCreateGroup("postdrop"); shell_exec("{$usermod} -a -G postfix clamav >/dev/null 2>&1"); @mkdir("/var/amavis", 0755, true); @chmod("/var/amavis", 0755); if (!is_file("/etc/postfix/relay_domains.db")) { @touch("/etc/postfix/relay_domains"); shell_exec("postmap hash:/etc/postfix/relay_domains"); } if (is_file("/etc/sasldb2")) { @chown("/etc/sasldb2", "postfix"); @chgrp("/etc/sasldb2", "postfix"); } $unixsocket = $users->cyrus_lmtp_path; if ($unixsocket == null) { $unixsocket = "/var/spool/postfix/var/run/cyrus/socket/lmtp"; } @chown($unixsocket, "postfix"); @chgrp($unixsocket, "postfix"); @chmod($unixsocket, 0777); $nohup = $unix->find_program("nohup"); $php5 = $unix->LOCATE_PHP5_BIN(); $TMPFILE = $unix->FILE_TEMP(); $cmd = "{$nohup} {$postfix} start >{$TMPFILE} 2>&1 &"; if ($GLOBALS["VERBOSE"]) { echo "{$cmd}\n"; } shell_exec($cmd); for ($i = 0; $i < 6; $i++) { $pid = PID_NUM(); if ($unix->process_exists($pid)) { break; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service waiting {$i}/6...\n"; } sleep(1); } $f = explode("\n", @file_get_contents($TMPFILE)); @unlink($TMPFILE); while (list($num, $line) = each($f)) { if (trim($line) == null) { continue; } if (strpos($line, "unused parameter:") > 0) { continue; } if (preg_match("#fatal:.*?directory\\s+(.+?):\\s+Permission denied#", $line, $re)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: permission error on \"{$re[1]}\"\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Running permission tool\n"; } exec("{$postfix} set-permissions 2>&1", $results2); while (list($num, $line) = each($results2)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$line}\n"; } } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: You need to restart again the service\n"; } } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$line}\n"; } } $pid = PID_NUM(); if ($unix->process_exists($pid)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service Success service started pid:{$pid}...\n"; } return; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: Postfix service failed...\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$cmd}\n"; } if ($GLOBALS["VERBOSE"]) { echo "{$cmd}\n"; } }
function start($aspid = false) { $unix = new unix(); $sock = new sockets(); $Masterbin = "/opt/kaspersky/kav4proxy/sbin/kav4proxy-kavicapserver"; if (!is_file($Masterbin)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, Not installed\n"; } return; } if (!$aspid) { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = $unix->get_pid_from_file($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { $time = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n"; } return; } @file_put_contents($pidfile, getmypid()); } if ($unix->MEM_TOTAL_INSTALLEE() < 624288) { $sock->SET_INFO("kavicapserverEnabled", 0); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Not enough memory\n"; } if ($unix->process_exists($pid)) { stop(); } return; } $pid = PID_NUM(); $kavicapserverEnabled = intval($sock->GET_INFO("kavicapserverEnabled")); if ($unix->process_exists($pid)) { $timepid = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n"; } if ($kavicapserverEnabled == 0) { stop(); } return; } if ($kavicapserverEnabled == 0) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see kavicapserverEnabled)\n"; } return; } $php5 = $unix->LOCATE_PHP5_BIN(); $sysctl = $unix->find_program("sysctl"); $echo = $unix->find_program("echo"); $nohup = $unix->find_program("nohup"); $unix->CreateUnixUser("kluser", "klusers"); build(); $version = kav4proxy_version(); $KL_SERVICE_CONFIG = "/etc/opt/kaspersky/kav4proxy.conf"; $f[] = $nohup; $f[] = $Masterbin; $f[] = "-C \"{$KL_SERVICE_CONFIG}\""; $cmd = @implode(" ", $f) . " >/dev/null 2>&1 &"; if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n"; } shell_exec($cmd); for ($i = 1; $i < 5; $i++) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n"; } sleep(1); $pid = PID_NUM(); if ($unix->process_exists($pid)) { break; } } $pid = PID_NUM(); if ($unix->process_exists($pid)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n"; } } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n"; } } }
function start_prepare() { if ($GLOBALS["CRASHED"]) { return; } buil_init_squid_cache_log(); initd_squid(); $reconfigure = false; $unix = new unix(); $sock = new sockets(); $NtpdateAD = $sock->GET_INFO("NtpdateAD"); $php = $unix->LOCATE_PHP5_BIN(); $nohup = $unix->find_program("nohup"); if (!is_file("/etc/squid3/malwares.acl")) { @file_put_contents("/etc/squid3/malwares.acl", "\n"); } if (!is_file("/etc/squid3/squid-block.acl")) { @file_put_contents("/etc/squid3/squid-block.acl", "\n"); } $EXPLODED = explode("\n", @file_get_contents("/etc/squid3/squid.conf")); while (list($index, $val) = each($EXPLODED)) { if (preg_match("#INSERT YOUR OWN RULE#", $val)) { if ($GLOBALS["OUTPUT"]) { echo "Preparing.....: " . date("H:i:s") . " squid must be reconfigured...\n"; } $reconfigure = true; } } if ($reconfigure) { if ($GLOBALS["OUTPUT"]) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " Rebuild configuration\n"; } system("{$php} /usr/share/artica-postfix/exec.squid.php --build --withoutloading"); } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " Rebuild configuration\n"; } exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --withoutloading 2>&1", $GLOBALS["LOGS"]); } } if ($NtpdateAD == 1) { shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.kerbauth.php --ntpdate >/dev/null 2>&1 &"); } $unix->CreateUnixUser("squid", "squid"); if (!is_file("/etc/squid3/squid.conf")) { if ($GLOBALS["OUTPUT"]) { echo "Preparing.....: " . date("H:i:s") . " Warning /etc/squid3/squid.conf no such file\n"; } if ($GLOBALS["OUTPUT"]) { echo "Preparing.....: " . date("H:i:s") . " Ask to build it and die\n"; } shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --force --withoutloading"); die; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " initd-squid\n"; } shell_exec("{$php} /usr/share/artica-postfix/exec.initd-squid.php >/dev/null 2>&1"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " Watchdog config\n"; } shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --watchdog-config >/dev/null 2>&1"); exec("{$php} /usr/share/artica-postfix/exec.squid.transparent.php", $GLOBALS["LOGS"]); if (!is_file("/etc/init.d/tproxy start")) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " Building transparent method\n"; } exec("{$php} /usr/share/artica-postfix/exec.squid.transparent.php", $GLOBALS["LOGS"]); } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " Starting transparent method\n"; } exec("/etc/init.d/tproxy start", $GLOBALS["LOGS"]); } $directories_squid[] = "/var/squid"; $directories_squid[] = "/var/squid/cache"; $directories_squid[] = "/usr/share/squid3/icons"; $directories_squid[] = "/var/log/squid"; $directories_squid[] = "/etc/squid3"; $directories_squid[] = "/var/lib/squidguard"; $directories_squid[] = "/var/run/squid"; $directories_squid[] = "/lib/squid3"; $directories_chmod[] = "/var/logs"; $directories_chmod[] = "/var/log"; $directories_chmod[] = "/var"; $directories_chmod_owned[] = "/home/squid"; $filesOblig[] = "/etc/squid3/url_rewrite_program.deny.db"; $filesOblig[] = "/var/run/squid/squid.pid"; while (list($num, $directory) = each($directories_squid)) { if ($GLOBALS["OUTPUT"]) { echo "Preparing.....: " . date("H:i:s") . " {$directory}\n"; } if (!is_dir($directory)) { @mkdir($directory, 0755, true); } @chmod($directory, 0755); $unix->chmod_func(0755, "{$directory}/*"); $unix->chown_func("squid", "squid", "{$directory}/*"); } while (list($num, $directory) = each($directories_chmod)) { if ($GLOBALS["OUTPUT"]) { echo "Preparing.....: " . date("H:i:s") . " {$directory}\n"; } if (!is_dir($directory)) { @mkdir($directory, 0755, true); } @chmod($directory, 0755); } while (list($num, $directory) = each($directories_chmod)) { if ($GLOBALS["OUTPUT"]) { echo "Preparing.....: " . date("H:i:s") . " {$directory}\n"; } if (!is_dir($directory)) { @mkdir($directory, 0755, true); } $unix->chmod_func(0755, "{$directory}"); $unix->chown_func("squid", "squid", "{$directory}"); } while (list($num, $filepath) = each($filesOblig)) { if ($GLOBALS["OUTPUT"]) { echo "Preparing.....: " . date("H:i:s") . " {$filepath}\n"; } if (!is_file($filepath)) { @touch("{$filepath}"); } @chmod($filepath, 0755); @chown($filepath, "squid"); @chgrp($filepath, "squid"); } $articafiles[] = "exec.logfile_daemon.php"; $articafiles[] = "external_acl_squid_ldap.php"; $articafiles[] = "external_acl_dynamic.php"; $articafiles[] = "external_acl_quota.php"; $articafiles[] = "external_acl_basic_auth.php"; $articafiles[] = "external_acl_squid.php"; while (list($num, $filename) = each($articafiles)) { $filepath = "/usr/share/artica-postfix/{$filename}"; if ($GLOBALS["OUTPUT"]) { echo "Preparing.....: " . date("H:i:s") . " {$filepath}\n"; } @chmod($filepath, 0755); @chown($filepath, "squid"); @chgrp($filepath, "squid"); } $squid_locate_pinger = $unix->squid_locate_pinger(); $setcap = $unix->find_program("setcap"); if (is_file($squid_locate_pinger)) { @chmod($squid_locate_pinger, 0755); @chown($squid_locate_pinger, "squid"); @chgrp($squid_locate_pinger, "squid"); if (is_file("{$setcap}")) { shell_exec("{$setcap} cap_net_raw=pe {$squid_locate_pinger}"); } else { if ($GLOBALS["OUTPUT"]) { echo "Preparing.....: " . date("H:i:s") . " WARNING! setcap, no such binary!!\n"; } $unix->DEBIAN_INSTALL_PACKAGE("libcap2-bin"); } } }
function checkdb() { $unix = new unix(); $q = new mysql(); $JAVA_HOME = $unix->JAVA_HOME_GET(); if (strlen($JAVA_HOME) == 0) { echo "Starting......: " . date("H:i:s") . " OpenEMM JAVA_HOME failed\n"; return; } echo "Starting......: " . date("H:i:s") . " OpenEMM JAVA_HOME {$JAVA_HOME}\n"; if (!is_file("/home/openemm/bin/openemm.sh")) { echo "Starting......: " . date("H:i:s") . " OpenEMM /home/openemm/bin/openemm.sh no such file\n"; return; } if (!is_file("/opt/openemm/tomcat6/bin/startup.sh")) { echo "Starting......: " . date("H:i:s") . " OpenEMM tomcat 6.x is not installed\n"; return; } if (!$q->DATABASE_EXISTS("openemm")) { $q->CREATE_DATABASE("openemm"); } if (!$q->DATABASE_EXISTS("openemm")) { echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating database openemm\n"; return; } echo "Starting......: " . date("H:i:s") . " OpenEMM database openemm OK\n"; if (!$q->DATABASE_EXISTS("openemm_cms")) { $q->CREATE_DATABASE("openemm_cms"); } if (!$q->DATABASE_EXISTS("openemm_cms")) { echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating database openemm_cms\n"; return; } if (!test_cms_tables()) { if (is_file("/home/openemm/USR_SHARE/openemm_cms-2011.sql")) { $mysql = $unix->find_program("mysql"); $cmd = "{$mysql} -u {$q->mysql_admin} -p\"{$q->mysql_password}\" --batch --database=openemm_cms < /home/openemm/USR_SHARE/openemm_cms-2011.sql"; shell_exec($cmd); } } if (!testtables()) { $mysql = $unix->find_program("mysql"); if (is_file("/home/openemm/USR_SHARE/openemm-2011.sql")) { $cmd = "{$mysql} -u {$q->mysql_admin} -p\"{$q->mysql_password}\" --batch --database=openemm < /home/openemm/USR_SHARE/openemm-2011.sql"; shell_exec($cmd); } } if (!testtables()) { echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating openemm tables\n"; return; } if (!test_cms_tables()) { echo "Starting......: " . date("H:i:s") . " OpenEMM failed creating openemm_cms tables\n"; return; } echo "Starting......: " . date("H:i:s") . " OpenEMM tables in openemm base OK\n"; echo "Starting......: " . date("H:i:s") . " OpenEMM tables in openemm_cms base OK\n"; if (!$unix->CreateUnixUser("openemm")) { echo "Starting......: " . date("H:i:s") . " OpenEMM unix user openemm failed\n"; return; } echo "Starting......: " . date("H:i:s") . " OpenEMM unix user openemm OK\n"; patch_javahome($JAVA_HOME); patch_tomcat_dir("/opt/openemm/tomcat6"); if (!is_dir("/home/openemm/logs")) { echo "Starting......: " . date("H:i:s") . " OpenEMM creating /home/openemm/logs directory\n"; @mkdir("/home/openemm/logs", 0755, true); } $aa_complain = $unix->find_program("aa-complain"); if (is_file($aa_complain)) { shell_exec("{$aa_complain} {$JAVA_HOME}/bin/java"); } if (!is_file("/home/openemm/webapps/openemm/WEB-INF/classes/messages_en_US.properties")) { shell_exec("/bin/cp /home/openemm/webapps/openemm/WEB-INF/classes/messages_en.properties /home/openemm/webapps/openemm/WEB-INF/classes/messages_en_US.properties"); } cms_properties(); if (!is_dir("/home/openemm/work/Catalina/openemm/_")) { @mkdir("/home/openemm/work/Catalina/openemm/_", 0755, true); } shell_exec("/bin/chown openemm /home/openemm"); shell_exec("/bin/chown -R openemm /home/openemm"); if (is_numeric(is_tomcat_running())) { echo "Starting......: " . date("H:i:s") . " OpenEMM stopping tomcat first...\n"; shell_exec("/etc/init.d/artica-postfix stop tomcat"); } @unlink("/home/openemm/logs/catalina.out"); @unlink("/home/openemm/logs/openemm/openemm_axis.log"); @unlink("/home/openemm/logs/openemm/openemm_axis.log"); @unlink("/home/openemm/logs/openemm/openemm_core.log"); @unlink("/home/openemm/logs/openemm/userlogs.log"); }
function apache_config() { $sock = new sockets(); $unix = new unix(); $EnablePHPFPM = 0; @mkdir("/var/run/apache2", 0755, true); @mkdir("/var/run/artica-apache", 0755, true); @mkdir("/var/log/lighttpd", 0755, true); $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT(); $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP(); $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH(); $pydio_installed = false; if (is_file(" /etc/php5/cli/conf.d/ming.ini")) { @unlink(" /etc/php5/cli/conf.d/ming.ini"); } @unlink("/var/log/lighttpd/apache-error.log"); @touch("/var/log/lighttpd/apache-error.log"); @chmod("/var/log/lighttpd/apache-error.log", 0755); $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/lighttpd/*"); $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/usr/share/artica-postfix/ressources/logs/*"); if (is_dir("/usr/share/artica-postfix/pydio")) { $pydio_installed = true; } $ArticaHttpsPort = 9000; $NoLDAPInLighttpdd = 0; $ArticaHttpUseSSL = 1; $ArticaHttpsPort = $sock->GET_INFO("ArticaHttpsPort"); $ArticaHttpUseSSL = $sock->GET_INFO("ArticaHttpUseSSL"); if (!is_numeric($ArticaHttpUseSSL)) { $ArticaHttpUseSSL = 1; } if (!is_numeric($ArticaHttpsPort)) { $ArticaHttpsPort = "9000"; } $LighttpdArticaListenIP = $sock->GET_INFO("LighttpdArticaListenIP"); $phpfpm = $unix->APACHE_LOCATE_PHP_FPM(); $php = $unix->LOCATE_PHP5_BIN(); $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM"); if (!is_numeric($EnableArticaApachePHPFPM)) { $EnableArticaApachePHPFPM = 0; } if (!is_file($phpfpm)) { $EnableArticaApachePHPFPM = 0; } $EnablePHPFPM = intval($sock->GET_INFO("EnablePHPFPM")); if (!is_numeric($EnablePHPFPM)) { $EnablePHPFPM = 0; } if ($EnablePHPFPM == 0) { $EnableArticaApachePHPFPM = 0; } $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache"); $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES(); if ($EnableArticaApachePHPFPM == 1) { if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n"; } $EnableArticaApachePHPFPM = 0; } } if ($APACHE_SRC_ACCOUNT == null) { $APACHE_SRC_ACCOUNT = "www-data"; $APACHE_SRC_GROUP = "www-data"; $unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username"); } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM Enabled: {$EnableArticaApachePHPFPM}\n"; } $f[] = "LockFile /var/run/apache2/artica-accept.lock"; $f[] = "PidFile /var/run/artica-apache/apache.pid"; $f[] = "DocumentRoot /usr/share/artica-postfix"; $open_basedir[] = "/usr/share/artica-postfix"; $open_basedir[] = "/etc/artica-postfix"; $open_basedir[] = "/etc/artica-postfix/settings"; $open_basedir[] = "/var/log"; $open_basedir[] = "/var/run/mysqld"; $open_basedir[] = "/usr/share/php"; $open_basedir[] = "/usr/share/php5"; $open_basedir[] = "/var/lib/php5"; $open_basedir[] = "/var/lighttpd/upload"; $open_basedir[] = "/usr/share/artica-postfix/ressources"; $open_basedir[] = "/usr/share/artica-postfix/framework"; $open_basedir[] = "/etc/ssl/certs/mysql-client-download"; $open_basedir[] = "/var/run"; $open_basedir[] = "/bin"; $open_basedir[] = "/tmp"; $open_basedir[] = "/usr/sbin"; $open_basedir[] = "/home"; //$f[]="php_value open_basedir \"".@implode(":", $open_basedir)."\""; //$f[]="php_value output_buffering Off"; //$f[]="php_flag magic_quotes_gpc Off"; if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen Port: {$ArticaHttpsPort}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen IP: {$LighttpdArticaListenIP}\n"; } if ($LighttpdArticaListenIP != null) { $unix = new unix(); $IPS = $unix->NETWORK_ALL_INTERFACES(true); if (!isset($IPS[$LighttpdArticaListenIP])) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} ERROR! Listen IP: {$LighttpdArticaListenIP} -> FALSE !!\n"; } $LighttpdArticaListenIP = null; } } if ($LighttpdArticaListenIP == null) { $LighttpdArticaListenIP = "*"; } if ($LighttpdArticaListenIP != null) { $ArticaHttpsPort = "{$LighttpdArticaListenIP}:{$ArticaHttpsPort}"; } $f[] = "Listen {$ArticaHttpsPort}"; $MaxClients = 20; $f[] = "<IfModule mpm_prefork_module>"; $f[] = "\tStartServers 1"; $f[] = "\tMinSpareServers 2"; $f[] = "\tMaxSpareServers 3"; $f[] = "\tMaxClients {$MaxClients}"; $f[] = "\tServerLimit {$MaxClients}"; $f[] = "\tMaxRequestsPerChild 100"; $f[] = "</IfModule>"; $f[] = "<IfModule mpm_worker_module>"; $f[] = "\tMinSpareThreads 25"; $f[] = "\tMaxSpareThreads 75 "; $f[] = "\tThreadLimit 64"; $f[] = "\tThreadsPerChild 25"; $f[] = "</IfModule>"; $f[] = "<IfModule mpm_event_module>"; $f[] = "\tMinSpareThreads 25"; $f[] = "\tMaxSpareThreads 75 "; $f[] = "\tThreadLimit 64"; $f[] = "\tThreadsPerChild 25"; $f[] = "</IfModule>"; $f[] = "AccessFileName .htaccess"; $f[] = "<Files ~ \"^\\.ht\">"; //$f[]="\tOrder allow,deny"; //$f[]="\tDeny from all"; //$f[]="\tSatisfy all"; $f[] = "</Files>"; $f[] = "DefaultType text/plain"; $f[] = "HostnameLookups Off"; $f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}"; $f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}"; $f[] = "Timeout 300"; $f[] = "KeepAlive Off"; $f[] = "KeepAliveTimeout 15"; $f[] = "StartServers 1"; $f[] = "MaxClients {$MaxClients}"; $f[] = "MinSpareServers 2"; $f[] = "MaxSpareServers 3"; $f[] = "MaxRequestsPerChild 100"; $f[] = "MaxKeepAliveRequests 100"; $ServerName = $unix->hostname_g(); if ($ServerName == null) { $ServerName = "localhost.localdomain"; } $f[] = "ServerName {$ServerName}"; if ($ArticaHttpUseSSL == 1) { $mknod = $unix->find_program("mknod"); shell_exec("{$mknod} /dev/random c 1 9 >/dev/null 2>&1"); $f[] = "<IfModule mod_ssl.c>"; $f[] = "\tListen {$ArticaHttpsPort}"; $f[] = "\tSSLRandomSeed connect builtin"; $f[] = "\tSSLRandomSeed connect file:/dev/urandom 256"; $f[] = "\tAddType application/x-x509-ca-cert .crt"; $f[] = "\tAddType application/x-pkcs7-crl .crl"; $f[] = "\tSSLPassPhraseDialog builtin"; $f[] = "\tSSLSessionCache shmcb:/var/run/apache2/ssl_scache-artica(512000)"; $f[] = "\tSSLSessionCacheTimeout 300"; $f[] = "\tSSLSessionCacheTimeout 300"; $f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH"; $f[] = "\tSSLProtocol all -SSLv2"; $f[] = "</IfModule>"; $f[] = ""; $f[] = "<IfModule mod_gnutls.c>"; $f[] = "\tListen {$ArticaHttpsPort}"; $f[] = "</IfModule>"; } if (!is_file("/etc/ssl/certs/apache/server.crt")) { shell_exec("/usr/share/artica-postfix/bin/artica-install --apache-ssl-cert"); } if ($ArticaHttpUseSSL == 1) { $f[] = "SSLEngine on"; $f[] = "AcceptMutex flock"; $f[] = "SSLCertificateFile \"/etc/ssl/certs/apache/server.crt\""; $f[] = "SSLCertificateKeyFile \"/etc/ssl/certs/apache/server.key\""; $f[] = "SSLVerifyClient none"; $f[] = "ServerSignature Off"; $f[] = "SSLRandomSeed startup file:/dev/urandom 256"; $f[] = "SSLRandomSeed connect builtin"; } $f[] = "AddType application/x-httpd-php .php"; if ($EnableArticaApachePHPFPM == 0) { $f[] = "php_value error_log \"/var/log/php.log\""; } @chown("/var/log/php.log", $APACHE_SRC_ACCOUNT); $f[] = "<IfModule mod_fcgid.c>"; $f[] = "\tPHP_Fix_Pathinfo_Enable 1"; $f[] = "</IfModule>"; $f[] = "<IfModule mod_php5.c>"; $f[] = " <FilesMatch \"\\.ph(p3?|tml)\$\">"; $f[] = "\tSetHandler application/x-httpd-php"; $f[] = " </FilesMatch>"; $f[] = " <FilesMatch \"\\.phps\$\">"; $f[] = "\tSetHandler application/x-httpd-php-source"; $f[] = " </FilesMatch>"; $f[] = " <IfModule mod_userdir.c>"; $f[] = " <Directory /home/*/public_html>"; $f[] = " php_admin_value engine Off"; $f[] = " </Directory>"; $f[] = " </IfModule>"; $f[] = "</IfModule>"; $f[] = "<IfModule mod_mime.c>"; $f[] = "\tTypesConfig /etc/mime.types"; $f[] = "\tAddType application/x-compress .Z"; $f[] = "\tAddType application/x-gzip .gz .tgz"; $f[] = "\tAddType application/x-bzip2 .bz2"; $f[] = "\tAddType application/x-httpd-php .php .phtml"; $f[] = "\tAddType application/x-httpd-php-source .phps"; $f[] = "\tAddType application/octet-stream .acl"; $f[] = "\tAddLanguage ca .ca"; $f[] = "\tAddLanguage cs .cz .cs"; $f[] = "\tAddLanguage da .dk"; $f[] = "\tAddLanguage de .de"; $f[] = "\tAddLanguage el .el"; $f[] = "\tAddLanguage en .en"; $f[] = "\tAddLanguage eo .eo"; $f[] = "\tRemoveType es"; $f[] = "\tAddLanguage es .es"; $f[] = "\tAddLanguage et .et"; $f[] = "\tAddLanguage fr .fr"; $f[] = "\tAddLanguage he .he"; $f[] = "\tAddLanguage hr .hr"; $f[] = "\tAddLanguage it .it"; $f[] = "\tAddLanguage ja .ja"; $f[] = "\tAddLanguage ko .ko"; $f[] = "\tAddLanguage ltz .ltz"; $f[] = "\tAddLanguage nl .nl"; $f[] = "\tAddLanguage nn .nn"; $f[] = "\tAddLanguage no .no"; $f[] = "\tAddLanguage pl .po"; $f[] = "\tAddLanguage pt .pt"; $f[] = "\tAddLanguage pt-BR .pt-br"; $f[] = "\tAddLanguage ru .ru"; $f[] = "\tAddLanguage sv .sv"; $f[] = "\tRemoveType tr"; $f[] = "\tAddLanguage tr .tr"; $f[] = "\tAddLanguage zh-CN .zh-cn"; $f[] = "\tAddLanguage zh-TW .zh-tw"; $f[] = "\tAddCharset us-ascii .ascii .us-ascii"; $f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1"; $f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen"; $f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3"; $f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4"; $f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru"; $f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic"; $f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek"; $f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew"; $f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk"; $f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6"; $f[] = "\tAddCharset ISO-8859-13 .iso8859-13"; $f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8"; $f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9"; $f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10"; $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis"; $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis"; $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis"; $f[] = "\tAddCharset Big5 .Big5 .big5 .b5"; $f[] = "\tAddCharset cn-Big5 .cn-big5"; $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):"; $f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251"; $f[] = "\tAddCharset CP866 .cp866"; $f[] = "\tAddCharset KOI8 .koi8"; $f[] = "\tAddCharset KOI8-E .koi8-e"; $f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru"; $f[] = "\tAddCharset KOI8-U .koi8-u"; $f[] = "\tAddCharset KOI8-ru .koi8-uk .ua"; $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2"; $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4"; $f[] = "\tAddCharset UTF-7 .utf7"; $f[] = "\tAddCharset UTF-8 .utf8"; $f[] = "\tAddCharset UTF-16 .utf16"; $f[] = "\tAddCharset UTF-16BE .utf16be"; $f[] = "\tAddCharset UTF-16LE .utf16le"; $f[] = "\tAddCharset UTF-32 .utf32"; $f[] = "\tAddCharset UTF-32BE .utf32be"; $f[] = "\tAddCharset UTF-32LE .utf32le"; $f[] = "\tAddCharset euc-cn .euc-cn"; $f[] = "\tAddCharset euc-gb .euc-gb"; $f[] = "\tAddCharset euc-jp .euc-jp"; $f[] = "\tAddCharset euc-kr .euc-kr"; $f[] = "\tAddCharset EUC-TW .euc-tw"; $f[] = "\tAddCharset gb2312 .gb2312 .gb"; $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2"; $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4"; $f[] = "\tAddCharset shift_jis .shift_jis .sjis"; $f[] = "\tAddType text/html .shtml"; $f[] = "\tAddOutputFilter INCLUDES .shtml"; $f[] = "</IfModule>"; $f[] = apache_nagios_config(); $f[] = apache_phpldapadmin(); $squid = $unix->LOCATE_SQUID_BIN(); if (is_file($squid)) { $f[] = "Alias /proxy /usr/share/artica-postfix/squid.access.log.php"; $f[] = "Alias /parent /usr/share/artica-postfix/squid.access.log.php"; $f[] = "Alias /webfilter /usr/share/artica-postfix/squid.access.webfilter.log.php"; $f[] = "Alias /meta-updates /home/artica-meta"; $f[] = "Alias /categories /usr/share/artica-postfix/public.categories.personnal.php"; } $f[] = "<Directory \"/home/artica-meta\">"; $f[] = "\tOptions Indexes FollowSymLinks"; $f[] = "</Directory>"; $f[] = "<Directory \"/usr/share/artica-postfix\">"; $f[] = "\tDirectoryIndex logon.php"; $f[] = "\tSSLOptions +StdEnvVars"; $f[] = "\tOptions Indexes FollowSymLinks"; $f[] = "\tAllowOverride None"; //$f[]="\tOrder allow,deny"; //$f[]="\tAllow from all"; $f[] = "</Directory>"; if (is_file($unix->LOCATE_SQUID_BIN())) { $ArticaProxyStatisticsBackupFolder = $sock->GET_INFO("ArticaProxyStatisticsBackupFolder"); if ($ArticaProxyStatisticsBackupFolder == null) { $ArticaProxyStatisticsBackupFolder = "/home/artica/squid/backup-statistics"; } $ArticaProxyStatisticsOpenWeb = intval($sock->GET_INFO("ArticaProxyStatisticsOpenWeb")); if ($ArticaProxyStatisticsOpenWeb == 1) { $f[] = "Alias /backup-stats \"{$ArticaProxyStatisticsBackupFolder}\""; $f[] = "<Directory \"{$ArticaProxyStatisticsBackupFolder}\">"; $f[] = "\tSSLOptions +StdEnvVars"; $f[] = "\tOptions Indexes FollowSymLinks"; $f[] = "\tAllowOverride All"; //$f[]="\tOrder allow,deny"; //$f[]="\tAllow from all"; $f[] = "</Directory>"; } } if ($pydio_installed) { $directories[] = "/home/pydio/plugins/auth.serial"; $directories[] = "/home/pydio/plugins/conf.serial"; $directories[] = "/home/pydio/plugins"; $directories[] = "/home/pydio/cache"; $directories[] = "/home/pydio/files"; $directories[] = "/home/pydio/logs"; $directories[] = "/home/pydio/personal"; $directories[] = "/home/pydio/public"; $directories[] = "/home/pydio/tmp"; while (list($index, $dir) = each($directories)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} permissions on {$dir}\n"; } @mkdir($dir, 0755, true); $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $dir); } $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/cache"); $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/plugins"); $f[] = "Alias /explorer \"/usr/share/artica-postfix/pyio\""; $f[] = "<Directory \"/usr/share/artica-postfix/pyio\">"; $f[] = "\tDirectoryIndex index.php"; $f[] = "\tSSLOptions +StdEnvVars"; $f[] = "\tOptions Indexes FollowSymLinks"; $f[] = "\tAllowOverride All"; //$f[]="\tOrder allow,deny"; //$f[]="\tAllow from all"; $f[] = "</Directory>"; } if ($EnableArticaApachePHPFPM == 1) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n"; } shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n"; } shell_exec("/etc/init.d/php5-fpm restart"); $f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi"; $f[] = "\tAddHandler php-script .php"; $f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610"; $f[] = "\tAction php-script /php5.fastcgi virtual"; $f[] = "\t<Directory /var/run/artica-apache>"; $f[] = "\t\t<Files php5.fastcgi>"; //$f[]="\t\tOrder deny,allow"; //$f[]="\t\tAllow from all"; $f[] = "\t\t</Files>"; $f[] = "\t</Directory>"; } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n"; } } $f[] = "Loglevel info"; $f[] = "ErrorLog /var/log/lighttpd/apache-error.log"; $f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common"; $f[] = "CustomLog /var/log/lighttpd/apache-access.log common"; if ($EnableArticaApachePHPFPM == 0) { $array["php5_module"] = "libphp5.so"; } $array["actions_module"] = "mod_actions.so"; $array["expires_module"] = "mod_expires.so"; $array["rewrite_module"] = "mod_rewrite.so"; $array["dir_module"] = "mod_dir.so"; $array["mime_module"] = "mod_mime.so"; $array["alias_module"] = "mod_alias.so"; $array["auth_basic_module"] = "mod_auth_basic.so"; $array["authn_file_module"] = "mod_authn_file.so"; //$array["authz_host_module"]="mod_authz_host.so"; $array["autoindex_module"] = "mod_autoindex.so"; $array["negotiation_module"] = "mod_negotiation.so"; $array["ssl_module"] = "mod_ssl.so"; $array["headers_module"] = "mod_headers.so"; $array["ldap_module"] = "mod_ldap.so"; if ($EnableArticaApachePHPFPM == 1) { $array["fastcgi_module"] = "mod_fastcgi.so"; } if (is_dir("/etc/apache2")) { if (!is_file("/etc/apache2/mime.types")) { if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") { @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types"); } } } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n"; } while (list($module, $lib) = each($array)) { if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n"; } $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}"; } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n"; } } } $f[] = apache_phpmyadmin(); @file_put_contents("/etc/artica-postfix/httpd.conf", @implode("\n", $f)); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/httpd.conf done\n"; } }
function CheckFilesAndSecurity() { $unix = new unix(); $unix->CreateUnixUser("redis", "redis"); $f[] = "/var/run/redis"; $f[] = "/var/log/redis"; $f[] = "/home/redis"; $f[] = "/etc/redis"; while (list($num, $val) = each($f)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} checking \"{$val}\"\n"; } if (!is_dir($val)) { @mkdir($val, 0755, true); } $unix->chown_func("redis", "redis", "{$val}/*"); } }
function build() { build_progress("{reconfigure} (1)", 2); if ($GLOBALS["VERBOSE"]) { echo "Running build...\n"; } $unix = new unix(); $sock = new sockets(); $users = new usersMenus(); $forceCMD = null; $argv = null; $PHP = $unix->LOCATE_PHP5_BIN(); $mypid = getmypid(); if (isset($argv[1])) { $argv = $argv[1]; } $pids = $unix->PIDOF_PATTERN_ALL(basename(__FILE__) . ".*?{$argv}"); if (count($pids) > 1) { build_progress("{already_process_exists_try_later}", 110); while (list($num, $ligne) = each($pids)) { $cmdline = @file_get_contents("/proc/{$num}/cmdline"); echo "Starting......: " . date("H:i:s") . " [SERV]: [{$mypid}] Already process PID {$num} {$cmdline} exists..\n"; echo "Starting......: " . date("H:i:s") . " [SERV]: [{$mypid}] Running " . @file_get_contents("/proc/{$num}/cmdline") . "\n"; } die; } $EnableKerbAuth = $sock->GET_INFO("EnableKerbAuth"); if (!is_numeric($EnableKerbAuth)) { $EnableKerbAuth = 0; } $EnableWebProxyStatsAppliance = $sock->GET_INFO("EnableWebProxyStatsAppliance"); $EnableRemoteStatisticsAppliance = $sock->GET_INFO("EnableRemoteStatisticsAppliance"); if (!is_numeric($EnableRemoteStatisticsAppliance)) { $EnableRemoteStatisticsAppliance = 0; } if (!is_numeric($EnableWebProxyStatsAppliance)) { $EnableWebProxyStatsAppliance = 0; } $UnlockWebStats = $sock->GET_INFO("UnlockWebStats"); if (!is_numeric($UnlockWebStats)) { $UnlockWebStats = 0; } $ServiceFTPEnabled = intval($sock->GET_INFO("ServiceFTPEnabled")); if ($users->WEBSTATS_APPLIANCE) { $EnableWebProxyStatsAppliance = 1; $sock->SET_INFO("{$EnableWebProxyStatsAppliance}", 1); } if ($EnableWebProxyStatsAppliance == 1) { notify_remote_proxys(); } if ($UnlockWebStats == 1) { $EnableRemoteStatisticsAppliance = 0; } //Vérifie le compte utilisateur. //------------------------------------------------------------------------------------------------------------------------------------------------------------ $unix->CreateUnixUser("squid", "squid", "Squid Cache Service"); $MustHave[] = "/etc/squid3/artica-meta/whitelist-nets.db"; $MustHave[] = "/var/logs/cache.log"; $MustHave[] = "/etc/squid3/squid-block.acl"; $MustHave[] = "/etc/squid3/allowed-user-agents.acl"; $MustHave[] = "/etc/squid3/GlobalAccessManager_auth.conf"; $MustHave[] = "/etc/squid3/icap.conf"; $MustHave[] = "/etc/squid3/GlobalAccessManager_url_rewrite.conf"; $MustHave[] = "/etc/squid3/GlobalAccessManager_deny_cache.conf"; $MustHave[] = "/etc/squid3/GlobalAccessManager_deny.conf"; $MustHave[] = "/etc/squid3/squid-block.acl"; $MustHave[] = "/etc/squid3/clients_ftp.acl"; $MustHave[] = "/etc/squid3/allowed-user-agents.acl"; $MustHave[] = "/etc/squid3/whitelisted-computers-by-mac.acl"; while (list($none, $path) = each($MustHave)) { echo "Starting......: " . date("H:i:s") . " [SYS]: checking {$path}\n"; if (!is_file($path)) { @touch($path); } @chown($path, "squid"); @chgrp($path, "squid"); } if ($GLOBALS["FORCE"]) { $forceCMD = " --force"; } $squidbin = $unix->LOCATE_SQUID_BIN(); if (!is_file($squidbin)) { build_progress("{squid_binary_not_found}", 110); echo "Starting......: " . date("H:i:s") . " [SERV]: Unable to stat squid binary, aborting..\n"; die; } $EXEC_TIME_FILE = "/etc/artica-postfix/" . basename(__FILE__) . ".build.time"; if (!$GLOBALS["FORCE"]) { $time = $unix->file_time_min($EXEC_TIME_FILE); if ($time == 0) { build_progress("Failed! Only one config per minute !!!", 110); echo "Starting......: " . date("H:i:s") . " [SERV]: Only one config per minute...\n"; die; } } @unlink($EXEC_TIME_FILE); @file_put_contents($EXEC_TIME_FILE, time()); if ($GLOBALS["EMERGENCY"]) { squid_admin_mysql(0, "Reconfiguring Proxy service after Emergency enabled", null, __FILE__, __LINE__); } $TimeStart = time(); $EXEC_PID_FILE = "/etc/artica-postfix/" . basename(__FILE__) . ".build.pid"; $kill = $unix->find_program("kill"); $pid = @file_get_contents($EXEC_PID_FILE); if ($unix->process_exists($pid, basename(__FILE__))) { $TimePid = $unix->PROCCESS_TIME_MIN($pid); if ($TimePid > 30) { posix_kill(intval($pid), 9); } else { if (!$GLOBALS["FORCE"]) { print "Starting......: " . date("H:i:s") . " Checking (L." . __LINE__ . ") Squid Already executed pid {$pid} since {$TimePid}mn ...\n"; die; } } } echo "Starting......: " . date("H:i:s") . " [SERV]: is connected to remote appliance ? `{$EnableRemoteStatisticsAppliance}`\n"; if ($EnableRemoteStatisticsAppliance == 1) { $r = new squid_stats_appliance(); echo "Starting......: " . date("H:i:s") . " [SERV]: ################################\n"; echo "Starting......: " . date("H:i:s") . " [SERV]: # This server is connected to: #\n"; echo "Starting......: " . date("H:i:s") . " [SERV]: # {$r->URI} #\n"; echo "Starting......: " . date("H:i:s") . " [SERV]: ################################\n"; remote_appliance_restore_tables(); } build_progress("{reconfigure} (1)", 5); if (!PortsConversion()) { build_progress("{reconfigure} {failed} !PortsConversion", 110); return; } squid_reconfigure_build_tool(); build_progress("{reconfigure}", 10); squid_pactester(); build_progress("{reconfigure}", 15); $childpid = posix_getpid(); $sock = new sockets(); $squid_user = SquidUser(); $SQUID_CONFIG_PATH = $unix->SQUID_CONFIG_PATH(); $PHP = LOCATE_PHP5_BIN2(); $NOHUP = $unix->find_program("nohup"); build_progress("{reconfigure}", 20); @file_put_contents($EXEC_PID_FILE, $childpid); if (is_file("/etc/squid3/mime.conf")) { shell_exec("/bin/chown squid:squid /etc/squid3/mime.conf"); } $EnableKerbAuth = $sock->GET_INFO("EnableKerbAuth"); if (!is_numeric("{$EnableKerbAuth}")) { $EnableKerbAuth = 0; } if (!is_dir("/usr/share/squid-langpack")) { TemplatesInMysql(true); exit; } echo "Starting......: " . date("H:i:s") . " Checking squid kerberos authentification is set to {$EnableKerbAuth}\n"; echo "Starting......: " . date("H:i:s") . " Checking squid certificate\n"; build_progress("{reconfigure} Check database", 25); checkdatabase(); build_progress("{reconfigure} certificates", 30); certificate_generate(); build_progress("{reconfigure}", 35); remote_appliance_restore_tables(); build_progress("{reconfigure}", 40); echo "Starting......: " . date("H:i:s") . " Instanciate squid library..\n"; $squid = new squidbee(); $squidbin = $unix->find_program("squid3"); echo "Starting......: " . date("H:i:s") . " checking squid binaries..\n"; if (!is_file($squidbin)) { $squidbin = $unix->find_program("squid"); } echo "Starting......: " . date("H:i:s") . " Binary: {$squidbin}\n"; echo "Starting......: " . date("H:i:s") . " Config: {$SQUID_CONFIG_PATH}\n"; echo "Starting......: " . date("H:i:s") . " User..: {$squid_user}\n"; echo "Starting......: " . date("H:i:s") . " Checking blocked sites\n"; build_progress("{reconfigure} {building} NET ADS", 45); shell_exec("{$NOHUP} {$PHP} " . basename(__FILE__) . "/exec.squid.netads.php >/dev/null 2>&1 &"); echo "Starting......: " . date("H:i:s") . " Building master configuration\n"; $squid->ASROOT = true; echo "Starting......: " . date("H:i:s") . " Checking Watchdog\n"; build_progress("{reconfigure} checking Watchdog settings", 46); watchdog_config(); build_progress("{reconfigure} build errors", 47); errors_details_txt(); build_progress("{reconfigure} Checking caches", 48); BuildCaches(true); build_progress("{reconfigure} Check files and security", 49); CheckFilesAndSecurity(); build_progress("{reconfigure} Building schedules", 50); build_schedules(true); build_progress("{reconfigure} Building SSL passwords", 89); build_sslpasswords(); build_progress("{reconfigure} Building blacklists", 90); build_blacklists(); build_progress("{reconfigure} Building No caches list", 91); build_denycaches(); build_progress("{reconfigure} Building {GLOBAL_ACCESS_CENTER}", 93); system("{$PHP} /usr/share/artica-postfix/exec.squid.global.access.php --nochek"); build_progress("{reconfigure} Building main configuration", 94); if (!ApplyConfig()) { build_progress("Apply configuration failed", 110); echo "Starting......: " . date("H:i:s") . " Apply configuration failed....\n"; return; } build_progress("{reconfigure} FTP Proxy service", 95); system("{$NOHUP} {$PHP} /usr/share/artica-postfix/exec.ftpproxy-multi.php --build >/dev/null 2>&1 &"); build_progress("{reconfigure} Wan Compressor Proxy service", 95); system("{$NOHUP} {$PHP} /usr/share/artica-postfix/exec.wanproxy.php --build-squid >/dev/null 2>&1 &"); build_progress("{checking_transparent_mode}", 95); if ($unix->IS_FIREHOLE_ACTIVE()) { build_progress("{restarting_firewall}", 95); system("{$PHP} /usr/share/artica-postfix/exec.firehol.php"); system("/etc/init.d/firehol restart"); } else { system("{$PHP} /usr/share/artica-postfix/exec.squid.transparent.php"); system("{$PHP} /usr/share/artica-postfix/exec.secure.gateway.php"); if (is_file("/etc/init.d/iptables-transparent")) { build_progress("{restarting_firewall}", 95); system("/etc/init.d/iptables-transparent restart"); } if (is_file("/bin/iptables-parents.sh")) { build_progress("{restarting_firewall} (parent)", 95); system("/bin/iptables-parents.sh"); } if (is_file("/bin/artica-secure-gateway.sh")) { build_progress("{restarting_firewall} (Secure gateway)", 95); shell_exec("/bin/artica-secure-gateway.sh"); } } build_progress("{checking_wccp_mode}", 95); system("{$PHP} /usr/share/artica-postfix/exec.squid.wccp.php --reconfigure"); build_progress("{checking_mikrotik_mode}", 95); system("{$PHP} /usr/share/artica-postfix/exec.mikrotik.php"); build_progress("{reconfigure}", 96); $GLOBALS["OUTPUT"] = true; if ($GLOBALS["NOAPPLY"]) { build_progress("{reconfiguring_proxy_service} {success}", 100); return; } if (!$GLOBALS["RESTART"]) { build_progress("{reloading_service}", 91); if (!$GLOBALS["NORELOAD"]) { Reload_Squid(); } } if ($GLOBALS["RESTART"]) { if (!$GLOBALS["NORELOAD"]) { build_progress("{stopping_service}", 91); system("{$PHP} /usr/share/artica-postfix/exec.squid.watchdog.php --stop {$forceCMD} --byForceReconfigure"); build_progress("{starting_service}", 93); system("{$PHP} /usr/share/artica-postfix/exec.squid.watchdog.php --start {$forceCMD} --byForceReconfigure"); build_progress("{starting_service}", 95); } } build_progress("{building} Cached Web frontend pages", 97); shell_exec("{$NOHUP} {$PHP} " . basename(__FILE__) . "/exec.cache.pages.php --force >/dev/null 2>&1 &"); $BuildAllTemplatesDone = $sock->GET_INFO("BuildAllTemplatesDone"); if (!is_numeric($BuildAllTemplatesDone)) { $BuildAllTemplatesDone = 0; } if ($BuildAllTemplatesDone == 0) { build_progress("{building} Templates schedules", 97); echo "Starting......: " . date("H:i:s") . " scheduling Building templates\n"; sys_THREAD_COMMAND_SET("{$PHP} " . __FILE__ . " --tpl-save"); $sock->SET_INFO("BuildAllTemplatesDone", 1); } build_progress("{building} Templates", 98); sys_THREAD_COMMAND_SET("{$PHP} " . __FILE__ . " --mysql-tpl"); build_progress("{reconfiguring_proxy_service} {success}", 100); echo "Starting......: " . date("H:i:s") . " Done (Took: " . $unix->distanceOfTimeInWords($TimeStart, time()) . ")\n"; die; }
function start($nopid = false) { $users = new usersMenus(); $unix = new unix(); $ettercap_bin = $unix->find_program("ettercap"); if (!$users->ETTERCAP_INSTALLED) { echo "ArpSpoofing.........: [START]: Ettercap, not installed...\n"; return; } if (!is_file($ettercap_bin)) { echo "ArpSpoofing.........: [START]: Ettercap, not such binary...\n"; return; } $sock = new sockets(); $ArpSpoofEnabled = $sock->GET_INFO("ArpSpoofEnabled"); if (!is_numeric($ArpSpoofEnabled)) { $ArpSpoofEnabled = 0; } if (!$nopid) { $me = basename(__FILE__); $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid"; $pid = $unix->get_pid_from_file($pidfile); if ($unix->process_exists($pid, $me)) { $time = $unix->PROCCESS_TIME_MIN($pid); echo "ArpSpoofing.........: [START]: Ettercap, Already start instance executed PID {$pid} since {$time}Mn...\n"; return; } @file_put_contents($pidfile, getmypid()); } if ($ArpSpoofEnabled == 0) { echo "ArpSpoofing.........: [START]: Ettercap, not enabled\n"; stop(true); } $nohup = $unix->find_program("nohup"); $q = new mysql(); if (!$q->BD_CONNECT()) { echo "ArpSpoofing.........: [START]: unable to connect to MySQL database...\n"; return; } if (!$unix->SystemUserExists("nobody")) { echo "ArpSpoofing.........: [START]: Creating nobody user...\n"; $unix->CreateUnixUser("nobody", "nogroup"); } if (!$unix->SystemGroupExists("nogroup")) { $unix->SystemCreateGroup("nogroup"); $unix->CreateUnixUser("nobody", "nogroup"); } $uid = $unix->SystemUserGetuid("nobody"); $guid = $unix->SystemGroupUid("nogroup"); init_debian(); $sql = "SELECT * FROM arpspoof_rules WHERE enabled=1"; $results = $q->QUERY_SQL($sql, "artica_backup"); while ($ligne = mysql_fetch_assoc($results)) { $rulename = $ligne["rulename"]; $pid = get_rule_pid($ligne["ID"]); if ($unix->process_exists($pid)) { echo "ArpSpoofing.........: [START]: `{$rulename}` already running pid {$pid}\n"; continue; } $sources = getobjects($ligne["ID"]); $gateway = $ligne["gateway"]; if ($sources == null) { echo "ArpSpoofing.........: [START]: `{$rulename}` no item set...\n"; continue; } if ($sources == "all") { $sources = null; } $f = array(); $f[] = "[privs]"; $f[] = "ec_uid = {$uid} # nobody is the default"; $f[] = "ec_gid = {$guid} # nobody is the default"; $f[] = "[mitm]"; $f[] = "arp_storm_delay = 10"; $f[] = "arp_poison_warm_up = 1"; $f[] = "arp_poison_delay = 10"; $f[] = "arp_poison_equal_mac= 1"; $f[] = "arp_poison_reply=1"; $f[] = "arp_poison_icmp = 1"; $f[] = "dhcp_lease_time = 600"; $f[] = "port_steal_delay = 10 # milliseconds"; $f[] = "port_steal_send_delay = 2000 # microseconds"; $f[] = "[connections]"; $f[] = "connection_timeout = 300 # seconds"; $f[] = "connection_idle = 5 # seconds"; $f[] = "connection_buffer = 10000 # bytes"; $f[] = "connect_timeout = 5 # seconds"; $f[] = ""; $f[] = "[stats]"; $f[] = "sampling_rate = 50 # number of packets"; $f[] = ""; $f[] = "[misc]"; $f[] = "close_on_eof = 1 # boolean value"; $f[] = "store_profiles = 1 # 0 = disabled; 1 = all; 2 = local; 3 = remote"; $f[] = "aggressive_dissectors = 1 # boolean value"; $f[] = "skip_forwarded_pcks = 1 # boolean value"; $f[] = "checksum_check = 0 # boolean value"; $f[] = "checksum_warning = 0 # boolean value (valid only if checksum_check is 1)"; $f[] = ""; @mkdir("/etc/ettercap", 0755, true); @file_put_contents("/etc/ettercap/{$ligne["ID"]}.conf", @implode("\n", $f)); $unix->chown_func("nobody", "nogroup", '/etc/ettercap/*'); echo "ArpSpoofing.........: [START]: `{$rulename}`:uid:{$uid}...\n"; $cmdline = "{$nohup} {$ettercap_bin} --daemon --superquiet --config /etc/ettercap/{$ligne["ID"]}.conf --log-msg /etc/ettercap/{$ligne["ID"]}.log --iface {$ligne["iface"]} --only-mitm --mitm arp:remote /{$sources}/ /{$gateway}/ >/dev/null 2>&1 &"; shell_exec($cmdline); for ($i = 0; $i < 6; $i++) { $pid = get_rule_pid($ligne["ID"]); if ($unix->process_exists($pid)) { echo "ArpSpoofing.........: [START]: `{$rulename}` success running pid {$pid}\n"; break; } echo "ArpSpoofing.........: [START]: `{$rulename}` waiting to start... {$i}/5\n"; sleep(1); } $pid = get_rule_pid($ligne["ID"]); if (!$unix->process_exists($pid)) { echo "ArpSpoofing.........: [START]: `{$rulename}` failed with commandline:`{$cmdline}`\n"; } } echo "ArpSpoofing.........: [START]: done...\n"; }
function install() { $filename = "kav4proxy_5.5-88.tar.gz"; $uri = "http://articatech.net/download/kaspersky/{$filename}"; $time = time(); $unix = new unix(); $pidFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = $unix->get_pid_from_file($pidFile); if ($unix->process_exists($pid)) { if ($unix->PROCCESS_TIME_MIN($pid, 10) < 2) { return; } } $cacheFile = "/usr/share/artica-postfix/ressources/logs/web/KAV4PROXYINST.status"; @unlink($cacheFile); $rm = $unix->find_program("rm"); $cp = $unix->find_program("cp"); $TMPDIR = $unix->TEMP_DIR() . "/{$time}"; $FINAL_TARGET_DIR = null; $TARGET_PATH = "{$TMPDIR}/{$filename}"; progress("{downloading} 5.5.88 version", "Downloading {$filename}", 30); progress("{downloading} 5.5.88 version", "Temporary directory = {$TMPDIR}", 30); $curl = new ccurl("{$uri}"); $debianbin = $unix->find_program("update-rc.d"); $redhatbin = $unix->find_program("chkconfig"); @mkdir($TMPDIR); if (!$curl->GetFile($TARGET_PATH)) { progress("{failed}", $curl->error, 100); shell_exec("{$rm} -rf {$TMPDIR}"); return; } progress("{downloading} 5.5.88 version {success}", "success saving {$TARGET_PATH} ", 50); progress("{extracting} 5.5.88 version", "Extracting {$TARGET_PATH} ", 55); $tar = $unix->find_program("tar"); exec("{$tar} xvf {$TARGET_PATH} -C /{$TMPDIR}/ 2>&1", $results); while (list($index, $line) = each($results)) { progress("{extracting} 5.5.88 version", $line, 60); } $dir = $unix->dirdir($TMPDIR); while (list($index, $line) = each($dir)) { progress("{search} {directory}", $line, 65); if (preg_match("#kav4proxy#", $line)) { progress("{search} {directory}", "Found directory {$line}", 65); $FINAL_TARGET_DIR = $line; break; } } if ($FINAL_TARGET_DIR == null) { progress("{extracting} 5.5.88 version {failed}", "Unable to find a suitable directory", 100); shell_exec("{$rm} -rf {$TMPDIR}"); return; } progress("{installing} 5.5.88 version", "Copy the content of {$FINAL_TARGET_DIR}", 70); exec("{$cp} -rfdv {$FINAL_TARGET_DIR}/* / 2>&1", $resultsA); while (list($index, $line) = each($resultsA)) { progress("{installing} 5.5.88 version", $line, 70); } progress("{installing} 5.5.88 version", "Removing the {$TMPDIR} directory", 71); shell_exec("{$rm} -rf {$TMPDIR}"); if (!is_file("/opt/kaspersky/kav4proxy/bin/kav4proxy-licensemanager")) { progress("{installing} 5.5.88 version {failed}", "install from {$FINAL_TARGET_DIR} failed ", 100); return; } $ln = $unix->find_program("ln"); $chown = $unix->find_program("chown"); $chmod = $unix->find_program("chmod"); progress("{installing} 5.5.88 version", "linking /etc/init.d/kav4proxy", 75); shell_exec("ln -s --force /opt/kaspersky/kav4proxy/lib/bin/kav4proxy /etc/init.d/kav4proxy"); if (is_file($debianbin)) { shell_exec("{$debianbin} -f kav4proxy defaults >/dev/null 2>&1"); } if (is_file($redhatbin)) { shell_exec("{$redhatbin} --add kav4proxy >/dev/null 2>&1"); } progress("{installing} 5.5.88 version", "executing preinstall", 78); exec('/usr/share/artica-postfix/bin/install/kavgroup/kav4prox_predoinst.sh 2>&1', $results2); while (list($index, $line) = each($results2)) { progress("{installing} 5.5.88 version", $line, 78); } progress("{installing} 5.5.88 version", "Creating kluser user", 80); $unix->CreateUnixUser("kluser", "klusers"); progress("{installing} 5.5.88 version", "Apply permissions", 85); @mkdir("/var/log/kaspersky/kav4proxy", 0755, true); @mkdir("/var/run/kav4proxy", 0755, true); shell_exec("{$chown} -R kluser:klusers /var/log/kaspersky/kav4proxy"); shell_exec("{$chown} -R kluser:klusers /var/opt/kaspersky/kav4proxy"); shell_exec("{$chown} -R kluser:klusers /var/run/kav4proxy"); shell_exec("{$chown} -R kluser:klusers /var/opt/kaspersky/kav4proxy"); shell_exec("{$chmod} 0755 /var/opt/kaspersky/kav4proxy"); $f[] = "EULA_AGREED=yes"; $f[] = ""; @file_put_contents("/var/opt/kaspersky/kav4proxy/installer.dat", @implode("\n", $f)); $f = array(); $f[] = "CONFIGURE_ENTER_KEY_PATH="; $f[] = "KAVMS_SETUP_LICENSE_DOMAINS=*"; $f[] = "CONFIGURE_KEEPUP2DATE_ASKPROXY=no"; $f[] = "CONFIGURE_RUN_KEEPUP2DATE=no"; $f[] = "CONFIGURE_WEBMIN_ASKCFGPATH="; $f[] = "KAV4PROXY_SETUP_TYPE=3"; $f[] = "KAV4PROXY_SETUP_LISTENADDRESS=127.0.0.1:1344"; $f[] = "KAV4PROXY_SETUP_CONFPATH=/etc/squid3/squid.conf"; $f[] = "KAV4PROXY_SETUP_BINPATH=" . $unix->LOCATE_SQUID_BIN(); $f[] = "KAV4PROXY_CONFIRM_FOUND=Y"; $f[] = "KAVICAP_SETUP_NONICAPCFG=Y"; @file_put_contents("/opt/kaspersky/kav4proxy/lib/bin/setup/autoanswers.conf", @implode("\n", $f)); chdir('/opt/kaspersky/kav4proxy/lib/bin/setup'); exec('./postinstall.pl 2>&1', $results3); while (list($index, $line) = each($results3)) { progress("{installing} 5.5.88 version", $line, 90); } shell_exec("/usr/share/artica-postfix/bin/process1 --force --verbose --" . time() . " >/dev/null 2>&1"); shell_exec("/etc/init.d/artica-status restart --force >/dev/null 2>&1"); progress("{installed}", "Done", 100); }
function start($aspid = false) { $unix = new unix(); $sock = new sockets(); $Masterbin = $unix->CYRUS_DAEMON_BIN_PATH(); $zarafaBin = $unix->find_program("zarafa-server"); if (!is_file($Masterbin)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, arpd not installed\n"; } return; } if (!$aspid) { $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $pid = $unix->get_pid_from_file($pidfile); if ($unix->process_exists($pid, basename(__FILE__))) { $time = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n"; } return; } @file_put_contents($pidfile, getmypid()); } if ($unix->process_exists($unix->get_pid_from_file("/etc/artica-postfix/artica-backup.pid"))) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} A backup task currently is in use\n"; } return; } $pid = PID_NUM(); if ($unix->process_exists($pid)) { $timepid = $unix->PROCCESS_TIME_MIN($pid); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n"; } return; } if (is_file("/etc/artica-postfix/stop.cyrus.imapd")) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} LOCKED !\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Remove /etc/artica-postfix/stop.cyrus.imapd !\n"; } return; } if (is_file("/etc/artica-postfix/cyrus-stop")) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} LOCKED !\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Remove /etc/artica-postfix/cyrus-stop !\n"; } return; } $unix->CreateUnixUser("postfix", "postfix"); $php5 = $unix->LOCATE_PHP5_BIN(); $EnableCyrusImap = $sock->GET_INFO("EnableCyrusImap"); if (!is_numeric($EnableCyrusImap)) { $EnableCyrusImap = 1; } $DisableMessaging = intval($sock->GET_INFO("DisableMessaging")); $DisableIMAPVerif = intval($sock->GET_INFO("DisableIMAPVerif")); if ($DisableIMAPVerif == 0) { if (is_file("{$zarafaBin}")) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Zarafa is installed, aborting\n"; } stop(true); return; } } if ($EnableCyrusImap == 0) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableCyrusImap)\n"; } return; } if ($DisableMessaging == 1) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see DisableMessaging)\n"; } return; } if (!is_file('/usr/bin/cyradm')) { $cyradm = $unix->CYRADM_PATH(); if (is_file($cyradm)) { shell_exec("/bin/ln -s {$cyradm} /usr/bin/cyradm"); } } if (is_file('/usr/share/artica-postfix/exec.imapd.conf.php')) { shell_exec("{$php5} /usr/share/artica-postfix/exec.imapd.conf.php >/dev/null 2>&1"); } if (!is_file('/etc/artica-postfix/cyrus.check.time')) { shell_exec("/usr/share/artica-postfix/bin/artica-install --cyrus-rights >/dev/null 2>&1"); } shell_exec("{$php5} /usr/share/artica-postfix/exec.check-cyrus-account.php --check-adms"); $sysctl = $unix->find_program("sysctl"); $echo = $unix->find_program("echo"); $nohup = $unix->find_program("nohup"); if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Check permissions\n"; } CheckPermissions(); BuildConfig(); $params[] = "{$nohup} {$Masterbin}"; $params[] = "-M /etc/cyrus.conf"; $params[] = "-C /etc/imapd.conf"; $params[] = "-p /var/run/cyrmaster.pid -d >/dev/null 2>&1 &"; $cmd = @implode(" ", $params); shell_exec($cmd); for ($i = 1; $i < 5; $i++) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Waiting {$i}/5\n"; } sleep(1); $pid = PID_NUM(); if ($unix->process_exists($pid)) { break; } } $pid = PID_NUM(); if ($unix->process_exists($pid)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n"; } $lmtpsocket = "/var/spool/postfix/var/run/cyrus/socket/lmtp"; for ($i = 1; $i < 5; $i++) { if ($unix->is_socket($lmtpsocket)) { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Waiting socket success..\n"; } $unix->chown_func("postfix", "postfix", "/var/spool/postfix/var/run"); $unix->chown_func("postfix", "postfix", "{$lmtpsocket}"); break; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Waiting socket {$i}/5\n"; } sleep(1); } } else { if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n"; } if ($GLOBALS["OUTPUT"]) { echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n"; } } }