function WhiteListed()
{
$ldap = new clladp();
$unix = new unix();
$SPAMASSASSIN_LOCAL_CF = $unix->SPAMASSASSIN_LOCAL_CF();
$spammassDirectory = dirname($SPAMASSASSIN_LOCAL_CF);
$assp = array();
$spamassassin = array();
$miltergrey = array();
$blacks = $ldap->BlackListFromDomain();
if (is_array($blacks)) {
while (list($to, $array) = each($blacks)) {
$spamassassin[] = "#rcpt :{$to}";
while (list($index, $from) = each($array)) {
if ($from == "*@*") {
continue;
}
if (preg_match("#(.+?)@(.+)#", $from, $re)) {
$first_part = $re[1];
$domain = $re[2];
} else {
$first_part = "*";
$domain = $from;
}
$domain = str_replace("@", "", $domain);
$spamassassin[] = "blacklist_from\t{$first_part}@{$domain}";
}
}
}
echo "Starting......: " . date("H:i:s") . " writing whitelist/blacklists for ASSP\n";
@mkdir("/usr/share/assp/files");
@mkdir("/usr/local/etc");
@file_put_contents("/usr/share/assp/files/whiteorg.txt", implode("\n", $assp));
echo "Starting......: " . date("H:i:s") . " writing whitelist/blacklists for Amavis\n";
$final = implode("\n", $sender_scores_sitewide);
$final = $final . "\n";
@file_put_contents("/usr/local/etc/sender_scores_sitewide", $final);
@chmod("/usr/local/etc/sender_scores_sitewide", 0644);
@chown("/usr/local/etc/sender_scores_sitewide", "postfix");
if (is_file('/usr/local/sbin/amavisd')) {
if (is_file('/usr/local/etc/amavisd.conf')) {
if (is_file('/var/spool/postfix/var/run/amavisd-new/amavisd-new.pid')) {
sys_THREAD_COMMAND_SET('/usr/local/sbin/amavisd -c /usr/local/etc/amavisd.conf -P /var/spool/postfix/var/run/amavisd-new/amavisd-new.pid reload');
}
}
}
echo "Starting......: " . date("H:i:s") . " writing whitelist/blacklists for spamassassin\n";
@file_put_contents("{$spammassDirectory}/wbl.cf", implode("\n", $spamassassin));
}
function WhiteListed()
{
$ldap = new clladp();
$whites = $ldap->WhitelistsFromDomain();
$unix = new unix();
$unix->miltergreylist_cleanconf();
$SPAMASSASSIN_LOCAL_CF = $unix->SPAMASSASSIN_LOCAL_CF();
$spammassDirectory = dirname($SPAMASSASSIN_LOCAL_CF);
$assp = array();
$spamassassin = array();
$miltergrey = array();
if (is_array($whites)) {
while (list($to, $array) = each($whites)) {
$spamassassin[] = "#rcpt :{$to}";
while (list($index, $from) = each($array)) {
if ($from == "*@*") {
continue;
}
if (preg_match("#(.+?)@(.+)#", $from, $re)) {
$first_part = $re[1];
$domain = $re[2];
} else {
$first_part = "*";
$domain = $from;
}
$s = "{$first_part}@{$domain}";
$s = str_replace("*@", '', $s);
$s = str_replace("@*", '', $s);
$asspwbl_string = "{$first_part}@{$domain}";
$asspwbl_string = str_replace('.', '\\.', $asspwbl_string);
$asspwbl_string = str_replace('*', '.*?', $asspwbl_string);
$assp[] = $asspwbl_string;
$sender_scores_sitewide[] = "{$s}\t-7.0";
$spamassassin[] = "whitelist_from\t{$first_part}@{$domain}";
$unix->miltergreylist_addacl($unix->miltergreylist_buildacl("{$first_part}@{$domain}"));
}
}
}
$blacks = $ldap->BlackListFromDomain();
if (is_array($blacks)) {
while (list($to, $array) = each($blacks)) {
$spamassassin[] = "#rcpt :{$to}";
while (list($index, $from) = each($array)) {
if ($from == "*@*") {
continue;
}
if (preg_match("#(.+?)@(.+)#", $from, $re)) {
$first_part = $re[1];
$domain = $re[2];
} else {
$first_part = "*";
$domain = $from;
}
$spamassassin[] = "blacklist_from\t{$first_part}@{$domain}";
}
}
}
echo "Starting......: writing whitelist/blacklists for ASSP\n";
@mkdir("/usr/share/assp/files");
@mkdir("/usr/local/etc");
@file_put_contents("/usr/share/assp/files/whiteorg.txt", implode("\n", $assp));
echo "Starting......: writing whitelist/blacklists for Amavis\n";
@file_put_contents("/usr/local/etc/sender_scores_sitewide", implode("\n", $sender_scores_sitewide));
@chmod("/usr/local/etc/sender_scores_sitewide", 0750);
if (is_file('/usr/local/sbin/amavisd')) {
if (is_file('/usr/local/etc/amavisd.conf')) {
if (is_file('/var/spool/postfix/var/run/amavisd-new/amavisd-new.pid')) {
sys_THREAD_COMMAND_SET('/usr/local/sbin/amavisd -c /usr/local/etc/amavisd.conf -P /var/spool/postfix/var/run/amavisd-new/amavisd-new.pid reload');
}
}
}
echo "Starting......: writing whitelist/blacklists for spamassassin\n";
@file_put_contents("{$spammassDirectory}/wbl.cf", implode("\n", $spamassassin));
}
function mailarchives()
{
$array[] = "exec.mailarchive.php";
$array[] = "exec.mailbackup.php";
$array[] = "exec.fetchmail.sql.php";
while (list($index, $file) = each($array)) {
if (system_is_overloaded()) {
events(__FUNCTION__ . ":: die, overloaded");
die;
}
$cmd = "{$_GET["PHP5"]} /usr/share/artica-postfix/{$file}";
sys_THREAD_COMMAND_SET($cmd);
}
if ($GLOBALS["VERBOSE"]) {
events(__FUNCTION__ . ":: die...");
}
}
function BuildCaches()
{
$squid = new squidbee();
$unix = new unix();
$SQUID_CONFIG_PATH = $unix->SQUID_CONFIG_PATH();
$conf = $squid->BuildSquidConf();
@file_put_contents($SQUID_CONFIG_PATH, $conf);
$unix = new unix();
$su_bin = $unix->find_program("su");
$chown = $unix->find_program("chown");
writelogs("Reconfigure squid", __FUNCTION__, __FILE__, __LINE__);
shell_exec("{$GLOBALS["SQUIDBIN"]} -k reconfigure");
writelogs("Stopping squid", __FUNCTION__, __FILE__, __LINE__);
$squid_user = SquidUser();
writelogs("Using squid user: \"{$squid_user}\"", __FUNCTION__, __FILE__, __LINE__);
writelogs("{$chown} cache directories...", __FUNCTION__, __FILE__, __LINE__);
shell_exec("{$chown} -R {$squid_user} /etc/squid3/* >/dev/null 2>&1");
if (is_dir("/usr/share/squid-langpack")) {
shell_exec("{$chown} -R {$squid_user} /usr/share/squid-langpack");
}
$main_cache = $squid->CACHE_PATH;
writelogs("Main cache: \"{$main_cache}\"", __FUNCTION__, __FILE__, __LINE__);
$squid->cache_list[$squid->CACHE_PATH] = $squid->CACHE_PATH;
writelogs(count($squid->cache_list) . " caches to check", __FUNCTION__, __FILE__, __LINE__);
if (count($squid->cache_list) == 0) {
writelogs("No caches has been set, verify squid configuration file...", __FUNCTION__, __FILE__, __LINE__);
$squid->cache_list = GetLocalCaches();
}
writelogs(count($squid->cache_list) . " caches to check", __FUNCTION__, __FILE__, __LINE__);
reset($squid->cache_list);
while (list($num, $val) = each($squid->cache_list)) {
writelogs("Directory \"{$num}\"", __FUNCTION__, __FILE__, __LINE__);
if (trim($num) == null) {
continue;
}
if (!is_dir($num)) {
@mkdir($num, 755, true);
}
writelogs("chown cache directory \"{$num}\"...", __FUNCTION__, __FILE__, __LINE__);
shell_exec("{$chown} -R {$squid_user} {$num}");
shell_exec("/bin/chmod -R 0755 {$num}");
}
if (preg_match("#(.+?):#", $squid_user, $re)) {
$squid_uid = $re[1];
} else {
$squid_uid = "squid";
}
writelogs("stopping squid...", __FUNCTION__, __FILE__, __LINE__);
shell_exec("/etc/init.d/artica-postfix stop squid-cache");
writelogs("Building caches with user: \"{$squid_uid}\"", __FUNCTION__, __FILE__, __LINE__);
writelogs("{$su_bin} {$squid_uid} -c \"{$GLOBALS["SQUIDBIN"]} -z\" 2>&1", __FUNCTION__, __FILE__, __LINE__);
exec("{$su_bin} {$squid_uid} -c \"{$GLOBALS["SQUIDBIN"]} -z\" 2>&1", $results);
while (list($agent, $val) = each($results)) {
writelogs("{$val}", __FUNCTION__, __FILE__, __LINE__);
}
writelogs("Send Notifications", __FUNCTION__, __FILE__, __LINE__);
send_email_events("Squid Cache: reconfigure caches", "Here it is the results\n", @implode("\n", $results), "proxy");
writelogs("Starting squid", __FUNCTION__, __FILE__, __LINE__);
unset($results);
exec("/etc/init.d/artica-postfix start squid-cache 2>&1", $results);
while (list($agent, $val) = each($results)) {
writelogs("{$val}", __FUNCTION__, __FILE__, __LINE__);
}
writelogs("Flush tasks", __FUNCTION__, __FILE__, __LINE__);
if (!is_file("/etc/artica-postfix/settings/Daemons/SquidCacheTask")) {
writelogs("/etc/artica-postfix/settings/Daemons/SquidCacheTask No such file", __FUNCTION__, __FILE__, __LINE__);
}
@unlink("/etc/artica-postfix/settings/Daemons/SquidCacheTask");
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.artica.meta.php --status --force");
}
echo "\n";
events("init status()", "MAIN", __FUNCTION__, __FILE__, __LINE__);
$status = new status(1, null, "/var/log/artica-postfix/status-jgrowl.log");
events("init templates()", "MAIN", __FUNCTION__, __FILE__, __LINE__);
$tpl = new templates();
events("init usersMenus()", "MAIN", __FUNCTION__, __FILE__, __LINE__);
$users = new usersMenus();
$GLOBALS["USERS"] = $users;
$GLOBALS["NO_CLAMAV_UPDATE"] = $sock->GET_INFO("jgrowl_no_clamav_update");
$GLOBALS["NO_KAS_UPDATE"] = $sock->GET_INFO("jgrowl_no_kas_update");
events("NO_CLAMAV_UPDATE={$GLOBALS["NO_CLAMAV_UPDATE"]}", "MAIN", __FUNCTION__, __FILE__, __LINE__);
events("NO_KAS_UPDATE={$GLOBALS["NO_KAS_UPDATE"]}", "MAIN", __FUNCTION__, __FILE__, __LINE__);
events("Running status->StatusFailed(1)", "MAIN", __FUNCTION__, __FILE__, __LINE__);
$array = $status->StatusFailed(1);
if (!is_file("/etc/artica-postfix/settings/Daemons/HdparmInfos")) {
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.hdparm.php");
}
if (count($array) > 2) {
while (list($num, $val) = each($array)) {
$disable_this_service = $tpl->_ENGINE_parse_body("{disable_this_service_click}");
$add_1[] = $tpl->_ENGINE_parse_body("<li style=color:#C3393E;font-size:10px><strong>{{$val["PRODUCT"]}}</strong></li>");
}
$title = $tpl->_ENGINE_parse_body("{TOO_MANY_STOPPED_SERVICES}");
$start_service_in_debug = $tpl->_ENGINE_parse_body("{start_all_failed_services}");
$title = str_replace(" ", " ", $title);
$html[] = "\$.jGrowl(\"";
$html[] = "<table>";
$html[] = "<tr>";
$html[] = "<td width=1% valign=top>";
$html[] = "<img src=img/danger48.png>";
$html[] = "</td>";
function OCSWEB_FINAL_CERTIFICATE()
{
$path = base64_decode($_GET["path"]);
if (!is_file($path)) {
return null;
}
shell_exec("/bin/cp {$path} /etc/artica-postfix/settings/Daemons/OCSServerDotCrt");
shell_exec("/bin/cp {$path} /etc/ocs/cert/server.crt");
shell_exec(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.ocsweb.php --final-cert");
sys_THREAD_COMMAND_SET("/etc/init.d/artica-postfix restart ocsweb");
}
shell_exec("{$NOHUP} {$PHP} " . basename(__FILE__) . "/exec.squidstream.php --restart >/dev/null 2>&1 &");
}
build_progress("{building} Cached Web frontend pages", 97);
shell_exec("{$NOHUP} {$PHP} " . basename(__FILE__) . "/exec.cache.pages.php --force >/dev/null 2>&1 &");
$BuildAllTemplatesDone = $sock->GET_INFO("BuildAllTemplatesDone");
if (!is_numeric($BuildAllTemplatesDone)) {
$BuildAllTemplatesDone = 0;
}
if ($BuildAllTemplatesDone == 0) {
build_progress("{building} Templates schedules", 97);
echo "Starting......: " . date("H:i:s") . " scheduling Building templates\n";
sys_THREAD_COMMAND_SET("{$PHP} " . __FILE__ . " --tpl-save");
$sock->SET_INFO("BuildAllTemplatesDone", 1);
}
build_progress("{building} Templates", 98);
sys_THREAD_COMMAND_SET("{$PHP} " . __FILE__ . " --mysql-tpl");
build_progress("{reconfiguring_proxy_service} {success}", 100);
echo "Starting......: " . date("H:i:s") . " Done (Took: " . $unix->distanceOfTimeInWords($TimeStart, time()) . ")\n";
die;
}
writelogs("Unable to understand:`" . @implode(" ", $argv) . "`", "MAIN", __FILE__, __LINE__);
function change_value($key, $val)
{
$squid = new squidbee();
$squid->global_conf_array[$key] = $val;
$squid->SaveToLdap();
echo "Starting......: " . date("H:i:s") . " Squid change {$key} to {$val} (squid will be restarted)\n";
}
function mime_conf()
{
$sock = new sockets();
function restart()
{
$value = exec("/etc/init.d/artica-postfix start daemon");
sys_events($value);
sys_THREAD_COMMAND_SET("/etc/init.d/artica-postfix restart apache-groupware");
}
function RestartClients()
{
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.openvpn.php --client-restart");
}
function conf()
{
$sock = new sockets();
$datas = $sock->GET_INFO("AuditDDaemonConf");
if (strlen($datas) < 50) {
return;
}
@file_put_contents("/etc/audit/auditd.conf", $datas);
sys_THREAD_COMMAND_SET("/etc/init.d/artica-postfix restart auditd");
}
function build()
{
build_progress("{reconfigure} (1)", 2);
if ($GLOBALS["VERBOSE"]) {
echo "Running build...\n";
}
$unix = new unix();
$sock = new sockets();
$users = new usersMenus();
$forceCMD = null;
$argv = null;
$PHP = $unix->LOCATE_PHP5_BIN();
$mypid = getmypid();
if (isset($argv[1])) {
$argv = $argv[1];
}
$pids = $unix->PIDOF_PATTERN_ALL(basename(__FILE__) . ".*?{$argv}");
if (count($pids) > 1) {
build_progress("{already_process_exists_try_later}", 110);
while (list($num, $ligne) = each($pids)) {
$cmdline = @file_get_contents("/proc/{$num}/cmdline");
echo "Starting......: " . date("H:i:s") . " [SERV]: [{$mypid}] Already process PID {$num} {$cmdline} exists..\n";
echo "Starting......: " . date("H:i:s") . " [SERV]: [{$mypid}] Running " . @file_get_contents("/proc/{$num}/cmdline") . "\n";
}
die;
}
$EnableKerbAuth = $sock->GET_INFO("EnableKerbAuth");
if (!is_numeric($EnableKerbAuth)) {
$EnableKerbAuth = 0;
}
$EnableWebProxyStatsAppliance = $sock->GET_INFO("EnableWebProxyStatsAppliance");
$EnableRemoteStatisticsAppliance = $sock->GET_INFO("EnableRemoteStatisticsAppliance");
if (!is_numeric($EnableRemoteStatisticsAppliance)) {
$EnableRemoteStatisticsAppliance = 0;
}
if (!is_numeric($EnableWebProxyStatsAppliance)) {
$EnableWebProxyStatsAppliance = 0;
}
$UnlockWebStats = $sock->GET_INFO("UnlockWebStats");
if (!is_numeric($UnlockWebStats)) {
$UnlockWebStats = 0;
}
$ServiceFTPEnabled = intval($sock->GET_INFO("ServiceFTPEnabled"));
if ($users->WEBSTATS_APPLIANCE) {
$EnableWebProxyStatsAppliance = 1;
$sock->SET_INFO("{$EnableWebProxyStatsAppliance}", 1);
}
if ($EnableWebProxyStatsAppliance == 1) {
notify_remote_proxys();
}
if ($UnlockWebStats == 1) {
$EnableRemoteStatisticsAppliance = 0;
}
//Vérifie le compte utilisateur.
//------------------------------------------------------------------------------------------------------------------------------------------------------------
$unix->CreateUnixUser("squid", "squid", "Squid Cache Service");
$MustHave[] = "/etc/squid3/artica-meta/whitelist-nets.db";
$MustHave[] = "/var/logs/cache.log";
$MustHave[] = "/etc/squid3/squid-block.acl";
$MustHave[] = "/etc/squid3/allowed-user-agents.acl";
$MustHave[] = "/etc/squid3/GlobalAccessManager_auth.conf";
$MustHave[] = "/etc/squid3/icap.conf";
$MustHave[] = "/etc/squid3/GlobalAccessManager_url_rewrite.conf";
$MustHave[] = "/etc/squid3/GlobalAccessManager_deny_cache.conf";
$MustHave[] = "/etc/squid3/GlobalAccessManager_deny.conf";
$MustHave[] = "/etc/squid3/squid-block.acl";
$MustHave[] = "/etc/squid3/clients_ftp.acl";
$MustHave[] = "/etc/squid3/allowed-user-agents.acl";
$MustHave[] = "/etc/squid3/whitelisted-computers-by-mac.acl";
while (list($none, $path) = each($MustHave)) {
echo "Starting......: " . date("H:i:s") . " [SYS]: checking {$path}\n";
if (!is_file($path)) {
@touch($path);
}
@chown($path, "squid");
@chgrp($path, "squid");
}
if ($GLOBALS["FORCE"]) {
$forceCMD = " --force";
}
$squidbin = $unix->LOCATE_SQUID_BIN();
if (!is_file($squidbin)) {
build_progress("{squid_binary_not_found}", 110);
echo "Starting......: " . date("H:i:s") . " [SERV]: Unable to stat squid binary, aborting..\n";
die;
}
$EXEC_TIME_FILE = "/etc/artica-postfix/" . basename(__FILE__) . ".build.time";
if (!$GLOBALS["FORCE"]) {
$time = $unix->file_time_min($EXEC_TIME_FILE);
if ($time == 0) {
build_progress("Failed! Only one config per minute !!!", 110);
echo "Starting......: " . date("H:i:s") . " [SERV]: Only one config per minute...\n";
die;
}
}
@unlink($EXEC_TIME_FILE);
@file_put_contents($EXEC_TIME_FILE, time());
if ($GLOBALS["EMERGENCY"]) {
squid_admin_mysql(0, "Reconfiguring Proxy service after Emergency enabled", null, __FILE__, __LINE__);
}
$TimeStart = time();
$EXEC_PID_FILE = "/etc/artica-postfix/" . basename(__FILE__) . ".build.pid";
$kill = $unix->find_program("kill");
$pid = @file_get_contents($EXEC_PID_FILE);
if ($unix->process_exists($pid, basename(__FILE__))) {
$TimePid = $unix->PROCCESS_TIME_MIN($pid);
if ($TimePid > 30) {
posix_kill(intval($pid), 9);
} else {
if (!$GLOBALS["FORCE"]) {
print "Starting......: " . date("H:i:s") . " Checking (L." . __LINE__ . ") Squid Already executed pid {$pid} since {$TimePid}mn ...\n";
die;
}
}
}
echo "Starting......: " . date("H:i:s") . " [SERV]: is connected to remote appliance ? `{$EnableRemoteStatisticsAppliance}`\n";
if ($EnableRemoteStatisticsAppliance == 1) {
$r = new squid_stats_appliance();
echo "Starting......: " . date("H:i:s") . " [SERV]: ################################\n";
echo "Starting......: " . date("H:i:s") . " [SERV]: # This server is connected to: #\n";
echo "Starting......: " . date("H:i:s") . " [SERV]: # {$r->URI} #\n";
echo "Starting......: " . date("H:i:s") . " [SERV]: ################################\n";
remote_appliance_restore_tables();
}
build_progress("{reconfigure} (1)", 5);
if (!PortsConversion()) {
build_progress("{reconfigure} {failed} !PortsConversion", 110);
return;
}
squid_reconfigure_build_tool();
build_progress("{reconfigure}", 10);
squid_pactester();
build_progress("{reconfigure}", 15);
$childpid = posix_getpid();
$sock = new sockets();
$squid_user = SquidUser();
$SQUID_CONFIG_PATH = $unix->SQUID_CONFIG_PATH();
$PHP = LOCATE_PHP5_BIN2();
$NOHUP = $unix->find_program("nohup");
build_progress("{reconfigure}", 20);
@file_put_contents($EXEC_PID_FILE, $childpid);
if (is_file("/etc/squid3/mime.conf")) {
shell_exec("/bin/chown squid:squid /etc/squid3/mime.conf");
}
$EnableKerbAuth = $sock->GET_INFO("EnableKerbAuth");
if (!is_numeric("{$EnableKerbAuth}")) {
$EnableKerbAuth = 0;
}
if (!is_dir("/usr/share/squid-langpack")) {
TemplatesInMysql(true);
exit;
}
echo "Starting......: " . date("H:i:s") . " Checking squid kerberos authentification is set to {$EnableKerbAuth}\n";
echo "Starting......: " . date("H:i:s") . " Checking squid certificate\n";
build_progress("{reconfigure} Check database", 25);
checkdatabase();
build_progress("{reconfigure} certificates", 30);
certificate_generate();
build_progress("{reconfigure}", 35);
remote_appliance_restore_tables();
build_progress("{reconfigure}", 40);
echo "Starting......: " . date("H:i:s") . " Instanciate squid library..\n";
$squid = new squidbee();
$squidbin = $unix->find_program("squid3");
echo "Starting......: " . date("H:i:s") . " checking squid binaries..\n";
if (!is_file($squidbin)) {
$squidbin = $unix->find_program("squid");
}
echo "Starting......: " . date("H:i:s") . " Binary: {$squidbin}\n";
echo "Starting......: " . date("H:i:s") . " Config: {$SQUID_CONFIG_PATH}\n";
echo "Starting......: " . date("H:i:s") . " User..: {$squid_user}\n";
echo "Starting......: " . date("H:i:s") . " Checking blocked sites\n";
build_progress("{reconfigure} {building} NET ADS", 45);
shell_exec("{$NOHUP} {$PHP} " . basename(__FILE__) . "/exec.squid.netads.php >/dev/null 2>&1 &");
echo "Starting......: " . date("H:i:s") . " Building master configuration\n";
$squid->ASROOT = true;
echo "Starting......: " . date("H:i:s") . " Checking Watchdog\n";
build_progress("{reconfigure} checking Watchdog settings", 46);
watchdog_config();
build_progress("{reconfigure} build errors", 47);
errors_details_txt();
build_progress("{reconfigure} Checking caches", 48);
BuildCaches(true);
build_progress("{reconfigure} Check files and security", 49);
CheckFilesAndSecurity();
build_progress("{reconfigure} Building schedules", 50);
build_schedules(true);
build_progress("{reconfigure} Building SSL passwords", 89);
build_sslpasswords();
build_progress("{reconfigure} Building blacklists", 90);
build_blacklists();
build_progress("{reconfigure} Building No caches list", 91);
build_denycaches();
build_progress("{reconfigure} Building {GLOBAL_ACCESS_CENTER}", 93);
system("{$PHP} /usr/share/artica-postfix/exec.squid.global.access.php --nochek");
build_progress("{reconfigure} Building main configuration", 94);
if (!ApplyConfig()) {
build_progress("Apply configuration failed", 110);
echo "Starting......: " . date("H:i:s") . " Apply configuration failed....\n";
return;
}
build_progress("{reconfigure} FTP Proxy service", 95);
system("{$NOHUP} {$PHP} /usr/share/artica-postfix/exec.ftpproxy-multi.php --build >/dev/null 2>&1 &");
build_progress("{reconfigure} Wan Compressor Proxy service", 95);
system("{$NOHUP} {$PHP} /usr/share/artica-postfix/exec.wanproxy.php --build-squid >/dev/null 2>&1 &");
build_progress("{checking_transparent_mode}", 95);
if ($unix->IS_FIREHOLE_ACTIVE()) {
build_progress("{restarting_firewall}", 95);
system("{$PHP} /usr/share/artica-postfix/exec.firehol.php");
system("/etc/init.d/firehol restart");
} else {
system("{$PHP} /usr/share/artica-postfix/exec.squid.transparent.php");
system("{$PHP} /usr/share/artica-postfix/exec.secure.gateway.php");
if (is_file("/etc/init.d/iptables-transparent")) {
build_progress("{restarting_firewall}", 95);
system("/etc/init.d/iptables-transparent restart");
}
if (is_file("/bin/iptables-parents.sh")) {
build_progress("{restarting_firewall} (parent)", 95);
system("/bin/iptables-parents.sh");
}
if (is_file("/bin/artica-secure-gateway.sh")) {
build_progress("{restarting_firewall} (Secure gateway)", 95);
shell_exec("/bin/artica-secure-gateway.sh");
}
}
build_progress("{checking_wccp_mode}", 95);
system("{$PHP} /usr/share/artica-postfix/exec.squid.wccp.php --reconfigure");
build_progress("{checking_mikrotik_mode}", 95);
system("{$PHP} /usr/share/artica-postfix/exec.mikrotik.php");
build_progress("{reconfigure}", 96);
$GLOBALS["OUTPUT"] = true;
if ($GLOBALS["NOAPPLY"]) {
build_progress("{reconfiguring_proxy_service} {success}", 100);
return;
}
if (!$GLOBALS["RESTART"]) {
build_progress("{reloading_service}", 91);
if (!$GLOBALS["NORELOAD"]) {
Reload_Squid();
}
}
if ($GLOBALS["RESTART"]) {
if (!$GLOBALS["NORELOAD"]) {
build_progress("{stopping_service}", 91);
system("{$PHP} /usr/share/artica-postfix/exec.squid.watchdog.php --stop {$forceCMD} --byForceReconfigure");
build_progress("{starting_service}", 93);
system("{$PHP} /usr/share/artica-postfix/exec.squid.watchdog.php --start {$forceCMD} --byForceReconfigure");
build_progress("{starting_service}", 95);
}
}
build_progress("{building} Cached Web frontend pages", 97);
shell_exec("{$NOHUP} {$PHP} " . basename(__FILE__) . "/exec.cache.pages.php --force >/dev/null 2>&1 &");
$BuildAllTemplatesDone = $sock->GET_INFO("BuildAllTemplatesDone");
if (!is_numeric($BuildAllTemplatesDone)) {
$BuildAllTemplatesDone = 0;
}
if ($BuildAllTemplatesDone == 0) {
build_progress("{building} Templates schedules", 97);
echo "Starting......: " . date("H:i:s") . " scheduling Building templates\n";
sys_THREAD_COMMAND_SET("{$PHP} " . __FILE__ . " --tpl-save");
$sock->SET_INFO("BuildAllTemplatesDone", 1);
}
build_progress("{building} Templates", 98);
sys_THREAD_COMMAND_SET("{$PHP} " . __FILE__ . " --mysql-tpl");
build_progress("{reconfiguring_proxy_service} {success}", 100);
echo "Starting......: " . date("H:i:s") . " Done (Took: " . $unix->distanceOfTimeInWords($TimeStart, time()) . ")\n";
die;
}
function import_single_file($filepath, $ID, $ou, $localdomain)
{
writelogs("{$ID}:: importing {$filepath} for {$ou}", __FUNCTION__, __FILE__, __LINE__);
if ($ou == null) {
writelogs("{$ID}:: OU IS NULL !!! ", __FUNCTION__, __FILE__, __LINE__);
return;
}
$GLOBALS["OU"] = $ou;
$f = explode("\n", @file_get_contents($filepath));
$ldap = new clladp();
$count = 0;
while (list($num, $line) = each($f)) {
if ($line == null) {
continue;
}
$tbl = explode(";", $line);
$account = $tbl[0];
$password = $tbl[1];
$imap_server = $tbl[2];
$new_uid = null;
$uid = null;
$usessl = 0;
$zmd5 = md5("{$account}{$imap_server}");
if (preg_match("#(.+?)@(.+?)\$#", trim($account), $re)) {
$new_uid = $re[1];
} else {
$new_uid = $account;
}
writelogs("{$ID}:: local user={$new_uid}@{$localdomain}", __FUNCTION__, __FILE__, __LINE__);
$uid = $ldap->uid_from_email("{$new_uid}@{$localdomain}");
if ($uid == null) {
if (preg_match("#(.+?)@(.+?)\$#", trim($new_uid), $re)) {
$new_uid = $re[1];
}
writelogs("{$ID}:: Add uid=\"{$new_uid}\" ou={$GLOBALS["OU"]} mail={$new_uid}@{$localdomain}", __FUNCTION__, __FILE__, __LINE__);
$user_uid = new user();
$user_uid->uid = $new_uid;
$user_uid->ou = $GLOBALS["OU"];
$user_uid->password = $password;
$user_uid->mail = "{$new_uid}@{$localdomain}";
$user_uid->domainname = $localdomain;
if (!$user_uid->add_user()) {
writelogs("{$ID}:: failed to add {$user_uid->uid} in LDAP database", __FUNCTION__, __FILE__, __LINE__);
continue;
} else {
$new_uid = $user_uid->uid;
}
} else {
$new_uid = $uid;
}
$count++;
writelogs("{$ID}:: local uid:{$uid}", __FUNCTION__, __FILE__, __LINE__);
if (preg_match("#ssl:(.+?)\$#", $imap_server, $re)) {
$usessl = 1;
$imap_server = $re[1];
}
$sql = "INSERT INTO mbx_migr_users (`zmd5`,`mbx_migr_id`,`ou`, `imap_server`,`usessl`,`username`,`password`,`uid`)\n\t\tVALUES('{$zmd5}','{$ID}','{$GLOBALS["OU"]}','{$imap_server}','{$usessl}','{$account}','{$password}','{$new_uid}')";
writelogs("{$ID}:: \"{$sql}\"", __FUNCTION__, __FILE__, __LINE__);
$q = new mysql();
$q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
writelogs("{$ID}:: {$q->mysql_error} \"{$sql}\"", __FUNCTION__, __FILE__, __LINE__);
}
}
$sql = "UPDATE mbx_migr SET imported=1,members_count={$count} WHERE ID={$ID}";
$q = new mysql();
$q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
writelogs("{$ID}:: {$q->mysql_error} \"{$sql}\"", __FUNCTION__, __FILE__, __LINE__);
return;
}
$users = new usersMenus();
if (!$users->offlineimap_installed) {
shell_exec("/usr/share/artica-postfix/bin/artica-make APP_OFFLINEIMAP");
}
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN2() . " " . __FILE__ . " --accounts");
}
function CleanAllDatabases()
{
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN2() . " " . __FILE__ . " --clean");
}
function OPENGOO_INSTALL($servername, $root, $hash = array())
{
$srcfolder = "/usr/local/share/artica/opengoo";
$GLOBALS["ADDLOG"] = "{$GLOBALS["ARTICALOGDIR"]}/{$servername}.log";
$sql_file = "/usr/share/artica-postfix/bin/install/opengoo/opengoo.sql";
if ($root == null) {
events("Starting install opengoo Unable to stat root dir");
return false;
}
if (!is_dir($srcfolder)) {
events("Starting install opengoo Unable to stat SRC");
return false;
}
$user = $hash["wwwmysqluser"][0];
$mysql_password = $hash[strtolower("WWWMysqlPassword")][0];
$appli_user = $hash["wwwappliuser"][0];
$appli_password = $hash["wwwapplipassword"][0];
$wwwsslmode = $hash["wwwsslmode"][0];
$server_database = str_replace(".", "_", $servername);
$server_database = str_replace(" ", "_", $server_database);
$server_database = str_replace("-", "_", $server_database);
events("Starting install opengoo sub-system mysql database {$server_database}...");
if ($user == null) {
events("Starting install opengoo Unable to stat Mysql username");
return false;
}
if ($mysql_password == null) {
events("Starting install opengoo Unable to stat Mysql password");
return false;
}
@mkdir($root, 0755, true);
events("Starting install opengoo sub-system mysql database {$server_database}...");
$q = new mysql();
if (!$q->DATABASE_EXISTS($server_database)) {
$q->CREATE_DATABASE($server_database);
}
if (!$q->DATABASE_EXISTS($server_database)) {
events("Starting install opengoo unable to create MYSQL Database");
return false;
}
events("Starting setting permissions on Database with user {$user}");
$q->PRIVILEGES($user, $mysql_password, $server_database);
if (!OPENGOO_TEST_FILES($root)) {
events("Starting install opengoo installing source code");
shell_exec("/bin/cp -rf {$srcfolder}/* {$root}/");
}
$opengoo = new opengoo(null, $server_database);
if (!OPENGOO_CHECK_TABLES($server_database)) {
if ($q->mysql_password != null) {
$password = "******";
} else {
events("Starting install opengoo installing tables datas with null password");
}
$cmd = "mysql --port={$q->mysql_port} --skip-column-names --database={$server_database} --silent --xml ";
$cmd = $cmd . " --user={$q->mysql_admin}{$password} <{$sql_file}";
shell_exec($cmd);
} else {
events("Starting install opengo Mysql tables are already installed");
}
$sock = new sockets();
$ApacheGroupWarePort = $sock->GET_INFO("ApacheGroupWarePort");
events("Starting install opengo SSL={$wwwsslmode}");
if ($wwwsslmode == "TRUE") {
$ROOT_URL = "https://{$servername}";
} else {
$ROOT_URL = "http://{$servername}:{$ApacheGroupWarePort}";
}
$conf = "<?php\n";
$conf = $conf . "define('DB_ADAPTER', 'mysql');\n";
$conf = $conf . "define('DB_HOST', '127.0.0.1');\n";
$conf = $conf . "define('DB_USER', '{$q->mysql_admin}');\n";
$conf = $conf . "define('DB_PASS', '{$q->mysql_password}');\n";
$conf = $conf . "define('DB_NAME', '{$server_database}');\n";
$conf = $conf . "define('DB_PERSIST', true);\n";
$conf = $conf . "define('TABLE_PREFIX', 'og_');\n";
$conf = $conf . "define('DB_ENGINE', 'InnoDB');\n";
$conf = $conf . "define('ROOT_URL', '{$ROOT_URL}');\n";
$conf = $conf . "define('DEFAULT_LOCALIZATION', 'en_us');\n";
$conf = $conf . "define('COOKIE_PATH', '/');\n";
$conf = $conf . "define('DEBUG', false);\n";
$conf = $conf . "define('SEED', '6eb2551152da5a57576754716397703c');\n";
$conf = $conf . "define('DB_CHARSET', 'utf8');\n";
$conf = $conf . "return true;\n";
$conf = $conf . "?>";
@file_put_contents("{$root}/config/config.php", $conf);
$opengoo->DefaultsValues();
events("updating administrator credentials");
$opengoo->www_servername = $servername;
$opengoo->UpdateAdmin($appli_user, $appli_password);
events("updating company name");
$ou = $opengoo->get_Organization($servername);
$opengoo->UpdateCompany($ou);
$unix = new unix();
$sock = new sockets();
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.opengoo.php");
}
function build()
{
$unix = new unix();
if (is_file("/etc/artica-postfix/FROM_ISO")) {
if ($unix->file_time_min("/etc/artica-postfix/FROM_ISO") < 1) {
return;
}
}
$mef = basename(__FILE__);
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = @file_get_contents($pidfile);
if ($unix->process_exists($pid, $mef)) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache building : Process Already exist pid {$pid} line:" . __LINE__ . "\n";
return;
}
@file_put_contents($pidfile, getmypid());
if ($GLOBALS["VERBOSE"]) {
echo "Starting......: " . date("H:i:s") . " [DEBUG]: Apache -> CheckHttpdConf();\n";
}
CheckHttpdConf();
if ($GLOBALS["VERBOSE"]) {
echo "Starting......: " . date("H:i:s") . " [DEBUG]: Apache -> RemoveAllSites();\n";
}
RemoveAllSites();
if ($GLOBALS["VERBOSE"]) {
echo "Starting......: " . date("H:i:s") . " [DEBUG]: Apache -> create_cron_task();\n";
}
create_cron_task();
sync_squid();
$sock = new sockets();
$FreeWebDisableSSL = intval(trim($sock->GET_INFO("FreeWebDisableSSL")));
$php5 = $unix->LOCATE_PHP5_BIN();
$varWwwPerms = $sock->GET_INFO("varWwwPerms");
if ($varWwwPerms == null) {
$varWwwPerms = 755;
}
if ($GLOBALS["VERBOSE"]) {
echo "Starting......: " . date("H:i:s") . " [DEBUG]: Apache -> remove_files();\n";
}
remove_files();
$sql = "SELECT * FROM freeweb ORDER BY servername";
$httpdconf = $unix->LOCATE_APACHE_CONF_PATH();
$apacheusername = $unix->APACHE_SRC_ACCOUNT();
$GLOBALS["apacheusername"] = $apacheusername;
$DAEMON_PATH = $unix->getmodpathfromconf($httpdconf);
if ($GLOBALS["VERBOSE"]) {
echo "Starting......: " . date("H:i:s") . " [DEBUG]: Apache -> sql();\n";
}
$q = new mysql();
$results = $q->QUERY_SQL($sql, 'artica_backup');
if (!$q->ok) {
if ($GLOBALS["VERBOSE"]) {
echo "Starting......: " . date("H:i:s") . " [DEBUG]: Apache {$q->mysql_error}\n";
return;
}
}
$d_path = $unix->APACHE_DIR_SITES_ENABLED();
$mods_enabled = $DAEMON_PATH . "/mods-enabled";
if ($FreeWebDisableSSL == 0) {
SSL_DEFAULT_VIRTUAL_HOST();
}
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache daemon path: {$d_path}\n";
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache mods path..: {$mods_enabled}\n";
if (!is_dir($d_path)) {
@mkdir($d_path, 666, true);
}
if (!is_dir($mods_enabled)) {
@mkdir($mods_enabled, 666, true);
}
$count = mysql_num_rows($results);
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache checking virtual web sites count:{$count}\n";
if ($count == 0) {
$users = new usersMenus();
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache building default {$users->hostname}...\n";
buildHost($unix->LIGHTTPD_USER(), $users->hostname, 0, $d_path);
}
if ($GLOBALS["VERBOSE"]) {
$add_plus = " --verbose";
}
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$uid = $ligne["uid"];
$hostname = $ligne["servername"];
$ssl = $ligne["useSSL"];
if ($FreeWebDisableSSL == 1) {
$ssl = 0;
}
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache \"{$hostname}\" starting\n";
$cmd = "{$php5} " . __FILE__ . " --sitename \"{$hostname}\" --no-httpd-conf --noreload{$add_plus}";
if ($GLOBALS["VERBOSE"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache \"{$cmd}\"\n";
}
shell_exec($cmd);
}
$users = $GLOBALS["CLASS_USERS_MENUS"];
$APACHE_MOD_AUTHNZ_LDAP = $users->APACHE_MOD_AUTHNZ_LDAP;
if (is_file($GLOBALS["a2enmod"])) {
if ($APACHE_MOD_AUTHNZ_LDAP) {
if ($GLOBALS["VERBOSE"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache {$GLOBALS["a2enmod"]} authnz_ldap\n";
}
shell_exec("{$GLOBALS["a2enmod"]} authnz_ldap >/dev/null 2>&1");
}
}
$sock = $GLOBALS["CLASS_SOCKETS"];
if ($sock->GET_INFO("ArticaMetaEnabled") == 1) {
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN() . " " . dirname(__FILE__) . "/exec.artica.meta.users.php --export-freewebs");
}
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN() . " " . __FILE__ . " --monit");
}
function TASK_SETTINGS_SOCKETS($key)
{
$EXEC_NICE = EXEC_NICE();
$meta = new artica_meta(true);
events("Get key informations from {$key}", __FUNCTION__, __FILE__, __LINE__);
$http = new httpget();
$datasToSend = base64_encode(serialize($meta->GLOBAL_ARRAY));
$body = $http->send("{$meta->ArticaMetaHostname}/lic.query.server.php", "post", array("DATAS" => $datasToSend, "GET_SOCKETS_INFO" => $key));
if (!preg_match("#<RESULTS>(.+?)</RESULTS>#", $body, $re)) {
events("Get key informations from {$key} FAILED", __FUNCTION__, __FILE__, __LINE__);
return false;
}
$value = base64_decode($re[1]);
$sock = new sockets();
events("Saving key {$key}", __FUNCTION__, __FILE__, __LINE__);
$filewrite = @file_put_contents("/etc/artica-postfix/settings/Daemons/{$key}", $value, LOCK_EX);
if (!$filewrite) {
events("Save configuration settings [{$key}] = " . strlen($value) . " Failed", __FUNCTION__, __FILE__, __LINE__);
send_email_events("failed to modify settings \"{$key}\"", null, "CLOUD");
}
events("Save configuration settings [{$key}] ={$filewrite} bytes SUCCESS", __FUNCTION__, __FILE__, __LINE__);
switch ($key) {
case "NetworkScannerMasks":
$sock->getFrameWork("cmd.php?squid-rebuild=yes");
$sock->getFrameWork("cmd.php?postfix-networks=yes");
send_email_events("Success to modify settings \"{$key}\"", "Postfix or Squid was scheduled to be reloaded.\n", "CLOUD");
break;
case "DDClientConfig":
$sock->getFrameWork("cmd.php?squid-rebuild=yes");
$sock->getFrameWork("cmd.php?ddclient=yes");
send_email_events("Success to modify settings \"{$key}\"", "DDClient And Squid was scheduled to be reloaded.\n", "CLOUD");
break;
case "EnableDDClient":
$sock->getFrameWork("cmd.php?ddclient=yes");
send_email_events("Success to modify settings \"{$key}\"", "DDClient was scheduled to be reloaded.\n", "CLOUD");
break;
}
$SQUID["SQUIDEnable"] = true;
$SQUID["ArticaSquidParameters"] = true;
$SQUID["hasProxyTransparent"] = true;
$SQUID["EnableClamavInCiCap"] = true;
$SQUID["EnableUfdbGuard"] = true;
$SQUID["EnableAdZapper"] = true;
$SQUID["EnableSquidClamav"] = true;
$SQUID["SquidBlockSites"] = true;
$SQUID["ArticaEnableKav4ProxyInSquid"] = true;
$SQUID["DansGuardianEnabled"] = true;
$SQUID["SquidExternalAuth"] = true;
$SQUID["SquidFTPParams"] = true;
$SAMBA["SambaSMBConf"] = true;
$COMMAND["PostfixBinInterfaces"] = "cmd.php?postfix-interfaces=yes";
$COMMAND["PostfixMynetworks"] = "cmd.php?postfix-networks=yes";
$COMMAND["myhostname"] = "cmd.php?postfix-others-values=yes";
$COMMAND["HashMainCf"] = "cmd.php?postfix-others-values=yes";
$COMMAND["smtp_bind_address6"] = "cmd.php?postfix-interfaces=yes";
$COMMAND["PostfixEnableIpv6"] = "cmd.php?postfix-interfaces=yes";
$COMMAND["EnableCluebringer"] = "cmd.php?cluebringer-restart=yes";
$COMMAND["EnableASSP"] = "cmd.php?restart-assp=yes";
$COMMAND["KasxFilterEnabled"] = "cmd.php?SaveMaincf=yes";
$COMMAND["EnableArticaSMTPFilter"] = "cmd.php?artica-filter-reload=yes";
$COMMAND["EnableAmavisDaemon"] = "cmd.php?SaveMaincf=yes";
$COMMAND["SpamAssMilterEnabled"] = "cmd.php?SaveMaincf=yess";
$COMMAND["kavmilterEnable"] = "cmd.php?SaveMaincf=yes";
$COMMAND["SpamAssMilterEnabled"] = "cmd.php?SaveMaincf=yes";
$COMMAND["EnableArticaPolicyFilter"] = "cmd.php?artica-policy-restart=yes";
$COMMAND["ArticaOpenVPNSettings"] = "cmd.php?restart-openvpn-server=yes";
$COMMAND["EnableOPenVPNServerMode"] = "cmd.php?restart-openvpn-server=yes";
$COMMAND["OpenVPNRoutes"] = "cmd.php?restart-openvpn-server=yes";
$RESTART_STATUS["ArticaOpenVPNSettings"] = true;
$RESTART_STATUS["EnableOPenVPNServerMode"] = true;
$REBUILD_OPENVPN_CERTS["ArticaOpenVPNSettings"] = true;
$REBUILD_OPENVPN_CERTS["EnableOPenVPNServerMode"] = true;
if ($REBUILD_OPENVPN_CERTS[$key]) {
shell_exec("/bin/rm -rf /etc/artica-postfix/openvpn/keys/*");
exec("/etc/init.d/artica-postfix restart openvpns", $results);
send_email_events("OpenVPN certificate was rebuilded", @implode("\n", $results), "VPN");
shell_exec(LOCATE_PHP5_BIN2() . " " . dirname(__FILE__) . "/exec.artica.meta.users.php --export-openvpn-users &");
}
if ($SQUID[$key]) {
$sock->getFrameWork("cmd.php?squid-rebuild=yes");
$sock->getFrameWork("cmd.php?squidnewbee=yes");
send_email_events("Success to modify settings \"{$key}\"", "Squid was scheduled to be reloaded.\n", "CLOUD");
}
if ($SAMBA[$key]) {
include_once dirname(__FILE__) . "/ressources/class.samba.inc";
events("Loading samba class and save new samba configuration....", __FUNCTION__, __FILE__, __LINE__);
$smb = new samba();
$smb->SaveToLdap();
}
if ($COMMAND[$key] != null) {
$sock->getFrameWork($COMMAND[$key]);
events("Execute {$COMMAND[$key]}", __FUNCTION__, __FILE__, __LINE__);
} else {
events("No command for \"{$key}\"", __FUNCTION__, __FILE__, __LINE__);
}
if ($RESTART_STATUS[$key]) {
events("restarting artica status....", __FUNCTION__, __FILE__, __LINE__);
@unlink("/usr/share/artica-postfix/ressources/logs/global.status.ini");
$sock->getFrameWork("cmd.php?restart-artica-status=yes");
} else {
events("No need to restart artica-status....", __FUNCTION__, __FILE__, __LINE__);
}
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN2() . " " . dirname(__FILE__) . "/exec.artica.meta.users.php --export-all-settings");
events("FINISH, Return true", __FUNCTION__, __FILE__, __LINE__);
return true;
}
function group300()
{
if (!isset($GLOBALS["CLASS_UNIX"])) {
$GLOBALS["CLASS_UNIX"] = new unix();
}
$filetime = "/etc/artica-postfix/pids/" . md5(__FILE__ . __FUNCTION__) . ".time";
$time = $GLOBALS["CLASS_UNIX"]->file_time_min($filetime);
if ($time < 121) {
return;
}
@unlink($filetime);
@file_put_contents($filetime, time());
if (!is_file("/etc/artica-postfix/settings/Daemons/HdparmInfos")) {
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.hdparm.php");
}
$array[] = "exec.mysql.build.php --tables";
if ($GLOBALS["POSTFIX_INSTALLED"]) {
$array[] = "exec.organization.statistics.php";
$array[] = "exec.quarantine-clean.php";
$array[] = "exec.smtp-hack.export.php --export";
$array[] = "exec.smtp.events.clean.php";
$array[] = "exec.roundcube.php --verifyTables";
}
$array2[] = "artica-install -geoip-updates";
while (list($index, $file) = each($array)) {
$cmd = "{$GLOBALS["PHP5"]} /usr/share/artica-postfix/{$file}";
events("schedule {$cmd}", __FUNCTION__, __LINE__);
$GLOBALS["CMDS"][] = $cmd;
}
while (list($index, $file) = each($array2)) {
$cmd = "/usr/share/artica-postfix/bin/{$file}";
events("schedule {$cmd}", __FUNCTION__, __LINE__);
$GLOBALS["CMDS"][] = $cmd;
}
@file_put_contents("/etc/artica-postfix/pids/" . basename(__FILE__) . ".GLOBALS", serialize($GLOBALS["TIME"]));
}
function EnableEmergingThreats()
{
$cmd = LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.emerging.threats.php";
sys_THREAD_COMMAND_SET($cmd);
}
function build(){
CheckHttpdConf();
RemoveAllSites();
create_cron_task();
$sock=new sockets();
$unix=new unix();
$varWwwPerms=$sock->GET_INFO("varWwwPerms");
if($varWwwPerms==null){$varWwwPerms=755;}
remove_files();
$sql="SELECT * FROM freeweb ORDER BY servername";
$httpdconf=$unix->LOCATE_APACHE_CONF_PATH();
$apacheusername=$unix->APACHE_SRC_ACCOUNT();
$GLOBALS["apacheusername"]=$apacheusername;
$DAEMON_PATH=$unix->getmodpathfromconf($httpdconf);
$q=new mysql();
$results=$q->QUERY_SQL($sql,'artica_backup');
if(!$q->ok){if($GLOBALS["VERBOSE"]){echo $q->mysql_error."\n";return;}}
$d_path=$unix->APACHE_DIR_SITES_ENABLED();
$mods_enabled=$DAEMON_PATH."/mods-enabled";
echo "Starting......: Apache daemon path: $d_path\n";
echo "Starting......: Apache mods path..: $mods_enabled\n";
if(!is_dir($d_path)){@mkdir($d_path,666,true);}
if(!is_dir($mods_enabled)){@mkdir($mods_enabled,666,true);}
$count=mysql_num_rows($results);
echo "Starting......: Apache checking virtual web sites count:$count\n";
if($count==0){
$users=new usersMenus();
echo "Starting......: Apache building default $users->hostname...\n";
buildHost($unix->LIGHTTPD_USER(),$users->hostname,0,$d_path);
}
while($ligne=mysql_fetch_array($results,MYSQL_ASSOC)){
$uid=$ligne["uid"];
$hostname=$ligne["servername"];
$ssl=$ligne["useSSL"];
echo "Starting......: Apache \"$hostname\" starting
\n";
buildHost($uid,$hostname,$ssl,$d_path);
}
$users=$GLOBALS["CLASS_USERS_MENUS"];
$APACHE_MOD_AUTHNZ_LDAP=$users->APACHE_MOD_AUTHNZ_LDAP;
if(is_file($GLOBALS["a2enmod"])){
if($APACHE_MOD_AUTHNZ_LDAP){
if($GLOBALS["VERBOSE"]){echo "Starting......: Apache {$GLOBALS["a2enmod"]} authnz_ldap\n";}
shell_exec("{$GLOBALS["a2enmod"]} authnz_ldap >/dev/null 2>&1");
}
}
$sock=$GLOBALS["CLASS_SOCKETS"];
if($sock->GET_INFO("ArticaMetaEnabled")==1){
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN()." ".dirname(__FILE__)."/exec.artica.meta.users.php --export-freewebs");
}
}
function group300()
{
if (!is_numeric($GLOBALS["TIME"]["GROUP300"])) {
$GLOBALS["TIME"]["GROUP300"] = time();
return;
}
if ($GLOBALS["TIME"]["GROUP300"] == 0) {
$GLOBALS["TIME"]["GROUP300"] = time();
return;
}
$mins = calc_time_min($GLOBALS["TIME"]["GROUP300"]);
if ($mins < 120) {
return;
}
$GLOBALS["TIME"]["GROUP300"] = time();
if (!is_file("/etc/artica-postfix/settings/Daemons/HdparmInfos")) {
sys_THREAD_COMMAND_SET(LOCATE_PHP5_BIN2() . " /usr/share/artica-postfix/exec.hdparm.php");
}
$array[] = "exec.mysql.build.php --tables";
$array[] = "exec.mysql.build.php --maintenance";
if ($GLOBALS["POSTFIX_INSTALLED"]) {
$array[] = "exec.organization.statistics.php";
$array[] = "exec.quarantine-clean.php";
$array[] = "exec.smtp-hack.export.php --export";
$array[] = "exec.postfix-logger.php --cnx-stats";
$array[] = "exec.smtp.events.clean.php";
$array[] = "exec.roundcube.php --verifyTables";
}
$array[] = "exec.squid.stats.php --visited-sites";
$array2[] = "artica-install -geoip-updates";
while (list($index, $file) = each($array)) {
$cmd = "{$GLOBALS["PHP5"]} /usr/share/artica-postfix/{$file}";
events("schedule {$cmd}", __FUNCTION__, __LINE__);
$GLOBALS["CMDS"][] = $cmd;
}
while (list($index, $file) = each($array2)) {
$cmd = "/usr/share/artica-postfix/bin/{$file}";
events("schedule {$cmd}", __FUNCTION__, __LINE__);
$GLOBALS["CMDS"][] = $cmd;
}
@file_put_contents("/etc/artica-postfix/pids/" . basename(__FILE__) . ".GLOBALS", serialize($GLOBALS["TIME"]));
}
function dbMaintenance()
{
$sock = new sockets();
$unix = new unix();
$users = new usersMenus();
$verbose = $GLOBALS["VERBOSE"];
$EnableUfdbGuard = $sock->GET_INFO("EnableUfdbGuard");
if (!$users->SQUIDGUARD_INSTALLED) {
if (!$users->APP_UFDBGUARD_INSTALLED) {
if ($verbose) {
echo "SQUIDGUARD_INSTALLED = FALSE\n";
}
}
return;
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
if ($unix->process_exists(@file_get_contents($pidfile))) {
echo "Already instance " . @file_get_contents($pidfile) . " exists\n";
return;
}
@file_put_contents($pidfile, getmypid());
$db_recover = $unix->LOCATE_DB_RECOVER();
$db_stat = $unix->LOCATE_DB_STAT();
if (strlen($db_recover) < 3) {
echo "db_recover no such file\n";
return;
}
if ($verbose) {
echo "db_recover:{$db_recover}\n";
}
if ($verbose) {
echo "db_stat:{$db_stat}\n";
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
echo "Stopping c-icap\n";
shell_exec("/etc/init.d/artica-postfix stop cicap");
echo "Checking databases used\n";
$datas = explode("\n", @file_get_contents("/etc/c-icap.conf"));
while (list($num, $line) = each($datas)) {
if (preg_match("#url_check\\.LoadSquidGuardDB\\s+(.+?)\\s+(.+)#", $line, $re)) {
$dir = trim($re[2]);
if (substr($dir, strlen($dir) - 1, 1) == '/') {
$dir = substr($dir, 0, strlen($dir) - 1);
}
$array[$dir] = $re[1];
}
}
$datas = explode("\n", @file_get_contents("/etc/squid/squidGuard.conf"));
while (list($num, $line) = each($datas)) {
if (preg_match("#domainlist\\s+(.+)#", $line, $re)) {
$re[1] = trim($re[1]);
$re[1] = dirname($re[1]);
$dir = "/var/lib/squidguard/" . trim($re[1]);
if (substr($dir, strlen($dir) - 1, 1) == '/') {
$dir = substr($dir, 0, strlen($dir) - 1);
}
$array[$dir] = "SquidGuard DB {$re[1]}";
}
}
if (!is_array($array)) {
echo "No databases, aborting\n";
return;
}
while (list($directory, $dbname) = each($array)) {
echo "\nChecking DB {$dbname} in {$directory}\n==============================\n";
$cmd = "{$db_recover} -h {$directory}/ -v 2>&1";
if ($verbose) {
echo "{$cmd}\n";
}
exec($cmd, $results);
if ($verbose) {
$LOGS[] = $cmd;
}
$LOGS[] = "\nmaintenance on {$dbname}\n==============================\n" . @implode("\n", $results);
unset($results);
if (is_file("{$directory}/urls.db")) {
$cmd = "{$db_stat} -d {$directory}/urls.db 2>&1";
if ($verbose) {
echo "{$cmd}\n";
}
if ($verbose) {
$LOGS[] = $cmd;
}
exec($cmd, $results);
$LOGS[] = "\nstatistics on {$directory}/urls.db\n============================================================\n" . @implode("\n", $results);
unset($results);
} else {
$LOGS[] = "\nstatistics on {$directory}/urls.db no such file";
}
if (is_file("{$directory}/domains.db")) {
$cmd = "{$db_stat} -d {$directory}/domains.db 2>&1";
if ($verbose) {
echo "{$cmd}\n";
}
if ($verbose) {
$LOGS[] = $cmd;
}
exec($cmd, $results);
$LOGS[] = "\nstatistics on {$directory}/domains.db\n============================================================\n" . @implode("\n", $results);
unset($results);
} else {
$LOGS[] = "\nstatistics on {$directory}/domains.db no such file";
}
if (is_file("{$directory}/expressions.db")) {
$cmd = "{$db_stat} -d {$directory}/expressions.db 2>&1";
if ($verbose) {
echo "{$cmd}\n";
}
if ($verbose) {
$LOGS[] = $cmd;
}
exec($cmd, $results);
$LOGS[] = "\nstatistics on {$directory}/expressions.db\n============================================================\n" . @implode("\n", $results);
unset($results);
} else {
}
}
sys_THREAD_COMMAND_SET("/etc/init.d/artica-postfix restart cicap");
send_email_events("Maintenance on Web Proxy urls Databases: " . count($array) . " database(s)", @implode("\n", $LOGS) . "\n", "system");
if ($verbose) {
echo @implode("\n", $LOGS) . "\n";
}
}
