function buildServerConfig($serial_no)
{
global $fmdb, $__FM_CONFIG, $fm_name;
/** Check serial number */
basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'servers', sanitize($serial_no), 'server_', 'server_serial_no');
if (!$fmdb->num_rows) {
return sprintf('<p class="error">%s</p>', __('This server is not found.'));
}
$server_details = $fmdb->last_result;
extract(get_object_vars($server_details[0]), EXTR_SKIP);
$response = null;
switch ($server_update_method) {
case 'cron':
if ($action == 'buildconf') {
/* set the server_update_config flag */
setBuildUpdateConfigFlag($serial_no, 'conf', 'update');
$response = sprintf('<p>%s</p>' . "\n", __('This server will be updated on the next cron run.'));
} else {
$response = sprintf('<p>%s</p>' . "\n", __('This server receives updates via cron - please manage the server manually.'));
}
break;
case 'http':
case 'https':
/** Test the port first */
if (!socketTest($server_name, $server_update_port, 10)) {
return sprintf('<p class="error">%s</p>' . "\n", sprintf(__('Failed: could not access %s using %s (tcp/%d).'), $server_name, $server_update_method, $server_update_port));
}
/** Remote URL to use */
$url = $server_update_method . '://' . $server_name . ':' . $server_update_port . '/' . $_SESSION['module'] . '/reload.php';
/** Data to post to $url */
$post_data = array('action' => 'buildconf', 'serial_no' => $server_serial_no);
$post_result = @unserialize(getPostData($url, $post_data));
if (!is_array($post_result)) {
/** Something went wrong */
if (empty($post_result)) {
return sprintf('<p class="error">%s</p>', sprintf(__('It appears %s does not have php configured properly within httpd or httpd is not running.'), $server_name));
}
return $response . '<p class="error">' . $post_result . '</p>' . "\n";
} else {
if (count($post_result) > 1) {
$response .= '<textarea rows="7" cols="100">';
/** Loop through and format the output */
foreach ($post_result as $line) {
$response .= "[{$server_name}] {$line}\n";
}
$response .= "</textarea>\n";
} else {
$response .= "<p>[{$server_name}] " . $post_result[0] . '</p>';
}
}
break;
case 'ssh':
/** Test the port first */
if (!socketTest($server_name, $server_update_port, 10)) {
return sprintf('<p class="error">%s</p>' . "\n", sprintf(__('Failed: could not access %s using %s (tcp/%d).'), $server_name, $server_update_method, $server_update_port));
}
/** Get SSH key */
$ssh_key = getOption('ssh_key_priv', $_SESSION['user']['account_id']);
if (!$ssh_key) {
return sprintf('<p class="error">%s</p>' . "\n", sprintf(__('Failed: SSH key is not <a href="%s">defined</a>.'), getMenuURL(_('General'))));
}
$temp_ssh_key = sys_get_temp_dir() . '/fm_id_rsa';
if (file_exists($temp_ssh_key)) {
@unlink($temp_ssh_key);
}
if (@file_put_contents($temp_ssh_key, $ssh_key) === false) {
return sprintf('<p class="error">%s</p>' . "\n", sprintf(__('Failed: could not load SSH key into %s.'), $temp_ssh_key));
}
@chmod($temp_ssh_key, 0400);
$ssh_user = getOption('ssh_user', $_SESSION['user']['account_id']);
if (!$ssh_user) {
return sprintf('<p class="error">%s</p>' . "\n", sprintf(__('Failed: SSH user is not <a href="%s">defined</a>.'), getMenuURL(_('General'))));
}
/** Test SSH authentication */
exec(findProgram('ssh') . " -t -i {$temp_ssh_key} -o 'StrictHostKeyChecking no' -p {$server_update_port} -l {$ssh_user} {$server_name} 'ls /usr/local/{$fm_name}/{$_SESSION['module']}/fw.php'", $post_result, $retval);
if ($retval) {
/** Something went wrong */
@unlink($temp_ssh_key);
return sprintf('<p class="error">%s</p>' . "\n", __('Could not login via SSH.'));
}
unset($post_result);
/** Run build */
exec(findProgram('ssh') . " -t -i {$temp_ssh_key} -o 'StrictHostKeyChecking no' -p {$server_update_port} -l {$ssh_user} {$server_name} 'sudo php /usr/local/{$fm_name}/{$_SESSION['module']}/fw.php {$action} " . implode(' ', $options) . "'", $post_result, $retval);
@unlink($temp_ssh_key);
if ($retval) {
/** Something went wrong */
return '<p class="error">' . ucfirst($friendly_action) . ' failed.</p>' . "\n";
} else {
if (!count($post_result)) {
$post_result[] = ucfirst($friendly_action) . ' was successful.';
}
if (count($post_result) > 1) {
$response .= '<textarea rows="4" cols="100">';
/** Loop through and format the output */
foreach ($post_result as $line) {
$response .= "[{$server_name}] {$line}\n";
}
$response .= "</textarea>\n";
} else {
$response .= "<p>[{$server_name}] " . $post_result[0] . '</p>';
}
}
break;
}
/* reset the server_build_config flag */
if (!strpos($response, strtolower('failed'))) {
setBuildUpdateConfigFlag($serial_no, 'no', 'build');
}
$tmp_name = getNameFromID($serial_no, 'fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'servers', 'server_', 'server_serial_no', 'server_name');
addLogEntry(ucfirst($friendly_action) . " was performed on server '{$tmp_name}'.");
return $response;
}
+-------------------------------------------------------------------------+
| http://www.facilemanager.com/modules/fmfirewall/ |
+-------------------------------------------------------------------------+
*/
/**
* fmFirewall Client Utility HTTPD Handler
*
* @package fmFirewall
* @subpackage Client
*
*/
require_once dirname(dirname(dirname(__FILE__))) . '/functions.php';
initWebRequest();
/** Process $_POST for buildconf or zone reload */
if (isset($_POST['action'])) {
switch ($_POST['action']) {
case 'buildconf':
exec(findProgram('sudo') . ' ' . findProgram('php') . ' ' . dirname(dirname(__FILE__)) . '/fw.php buildconf 2>&1', $output, $retval);
if ($retval) {
/** Something went wrong */
$output[] = 'Config build failed.';
} else {
$output[] = 'Config build was successful.';
}
break;
case 'upgrade':
exec(findProgram('sudo') . ' ' . findProgram('php') . ' ' . dirname(dirname(__FILE__)) . '/dns.php upgrade 2>&1', $output);
break;
}
}
echo serialize($output);
/**
* Pings the $server to check if it's alive
*
* @since 1.0
* @package facileManager
*/
function pingTest($server)
{
$program = findProgram('ping');
if (PHP_OS == 'FreeBSD' || PHP_OS == 'Darwin') {
$ping = shell_exec("{$program} -t 2 -c 3 {$server} 2>/dev/null");
} elseif (PHP_OS == 'Linux') {
$ping = shell_exec("{$program} -W 2 -c 3 {$server} 2>/dev/null");
} else {
$ping = shell_exec("{$program} -c 3 {$server} 2>/dev/null");
}
if (preg_match('/64 bytes from/', $ping)) {
return true;
}
return false;
}
/**
* Performs syntax checks with named-check* utilities
*
* @since 1.0
* @package fmDNS
*
* @param array $files_array Array containing named files and contents
* @return string
*/
function namedSyntaxChecks($files_array)
{
global $__FM_CONFIG;
if (!array_key_exists('server_serial_no', $files_array)) {
return;
}
if (getOption('enable_named_checks', $_SESSION['user']['account_id'], 'fmDNS') != 'yes') {
return;
}
$die = false;
$named_checkconf = findProgram('named-checkconf');
$uname = php_uname('n');
if (!$named_checkconf) {
return sprintf('<div id="named_check" class="info"><p>%s</p></div>', sprintf(__('The named utilities (specifically named-checkconf and named-checkzone) cannot be found on %s. If they were installed, these configs and zones could be checked for syntax.'), $uname));
}
$fm_temp_directory = '/' . ltrim(getOption('fm_temp_directory'), '/');
$tmp_dir = rtrim($fm_temp_directory, '/') . '/' . $_SESSION['module'] . '_' . date("YmdHis") . '/';
system('rm -rf ' . $tmp_dir);
$debian_system = isDebianSystem($files_array['server_os_distro']);
$named_conf_contents = null;
/** Create temporary directory structure */
foreach ($files_array['files'] as $file => $contents) {
if (!is_dir(dirname($tmp_dir . $file))) {
if (!@mkdir(dirname($tmp_dir . $file), 0777, true)) {
$class = 'class="info"';
$message = sprintf(__('%s is not writeable by %s so the named checks cannot be performed.'), $fm_temp_directory, $__FM_CONFIG['webserver']['user_info']['name']);
$die = true;
break;
}
}
file_put_contents($tmp_dir . $file, $contents);
if ($debian_system && (strpos($file, 'named.conf.options') || strpos($file, 'named.conf.local'))) {
$named_conf_contents .= $contents;
}
/** Create temporary directory from named.conf's 'directory' line */
if (strpos($contents, 'directory')) {
preg_match('/directory(.+?)+/', $contents, $directory_line);
if (count($directory_line)) {
$line_array = explode('"', $directory_line[0]);
@mkdir($tmp_dir . $line_array[1], 0777, true);
$named_conf = $file;
}
}
/** Build array of zone files to check */
if (preg_match('/\\/zones\\.conf\\.(.+?)/', $file)) {
$view = preg_replace('/(.+?)zones\\.conf\\.+/', '', $file);
$tmp_contents = preg_replace('/^\\/\\/(.+?)+/', '', $contents);
$tmp_contents = explode("};\n", trim($tmp_contents));
foreach ($tmp_contents as $zone_def) {
if (strpos($zone_def, 'type master;') !== false) {
preg_match('/^zone "(.+?)+/', $zone_def, $tmp_zone_def);
$tmp_zone_def = explode('"', $tmp_zone_def[0]);
preg_match('/file "(.+?)+/', trim($zone_def), $tmp_zone_def_file);
$tmp_zone_def_file = explode('"', $tmp_zone_def_file[0]);
if (!empty($tmp_zone_def_file[1])) {
$zone_files[$view][$tmp_zone_def[1]] = $tmp_zone_def_file[1];
}
}
}
}
}
if ($debian_system) {
file_put_contents($tmp_dir . $named_conf, $named_conf_contents);
}
if (!$die) {
/** Run named-checkconf */
$named_checkconf_cmd = findProgram('sudo') . ' ' . findProgram('named-checkconf') . ' -t ' . $tmp_dir . ' ' . $named_conf . ' 2>&1';
exec($named_checkconf_cmd, $named_checkconf_results, $retval);
if ($retval) {
$class = 'class="error"';
$named_checkconf_results = implode("\n", $named_checkconf_results);
if (strpos($named_checkconf_results, 'sudo') !== false) {
$class = 'class="info"';
$message = sprintf(__('The webserver user (%s) on %s does not have permission to run the following command:%sThe following error ocurred:%s'), $__FM_CONFIG['webserver']['user_info']['name'], $uname, '<br /><pre>' . $named_checkconf_cmd . '</pre><p>', '<pre>' . $named_checkconf_results . '</pre>');
} else {
$message = __('Your named configuration contains one or more errors:') . '<br /><pre>' . $named_checkconf_results . '</pre>';
}
/** Run named-checkzone */
} else {
$named_checkzone_results = null;
if (array($zone_files)) {
foreach ($zone_files as $view => $zones) {
foreach ($zones as $zone_name => $zone_file) {
$named_checkzone_cmd = findProgram('sudo') . ' ' . findProgram('named-checkzone') . ' -t ' . $tmp_dir . ' ' . $zone_name . ' ' . $zone_file . ' 2>&1';
exec($named_checkzone_cmd, $results, $retval);
if ($retval) {
$class = 'class="error"';
$named_checkzone_results .= implode("\n", $results);
if (strpos($named_checkzone_results, 'sudo') !== false) {
$class = 'class="info"';
$message = sprintf(__('The webserver user (%s) on %s does not have permission to run the following command:%sThe following error ocurred:%s'), $__FM_CONFIG['webserver']['user_info']['name'], $uname, '<br /><pre>' . $named_checkzone_cmd . '</pre><p>', '<pre>' . $named_checkzone_results . '</pre>');
break 2;
}
}
}
}
}
if ($named_checkzone_results) {
if (empty($message)) {
$message = __('Your zone configuration files contain one or more errors:') . '<br /><pre>' . $named_checkzone_results . '</pre>';
}
} else {
$class = null;
$message = __('Your named configuration and zone files are loadable.');
}
}
}
/** Remove temporary directory */
system('rm -rf ' . $tmp_dir);
return <<<HTML
\t\t\t<div id="named_check" {$class}>
\t\t\t\t<p>{$message}</p>
\t\t\t</div>
HTML;
}
}
$fm_tools->backupDatabase();
header('Location: ' . $GLOBALS['basename']);
}
$branding_logo = $GLOBALS['RELPATH'] . 'fm-modules/' . $fm_name . '/images/fm.png';
printHeader(_('Upgrade'), 'install');
switch ($step) {
case 0:
case 1:
if (!file_exists(ABSPATH . 'config.inc.php') || !file_get_contents(ABSPATH . 'config.inc.php')) {
header('Location: /fm-install.php');
}
printf('<div id="fm-branding">
<img src="%s" /><span>%s</span>
</div>
<div id="window"><p>', $branding_logo, _('Upgrade'));
$backup_button = findProgram('mysqldump') ? sprintf('<a href="?backup" class="button">%s</a>', _('Backup Database')) : null;
printf(_("I have detected you recently upgraded %s and its modules, but have not upgraded the database. Click 'Upgrade' to start the upgrade process."), $fm_name);
printf('</p><p class="step"><a href="?step=2" class="button click_once">%s</a> %s</p></div>', _('Upgrade'), $backup_button);
break;
case 2:
if (!file_exists(ABSPATH . 'config.inc.php') || !file_get_contents(ABSPATH . 'config.inc.php')) {
header('Location: /fm-install.php');
}
require_once ABSPATH . 'fm-modules/facileManager/upgrade.php';
include ABSPATH . 'config.inc.php';
include_once ABSPATH . 'fm-includes/fm-db.php';
fmUpgrade($__FM_CONFIG['db']['name']);
break;
}
printFooter();
/**
* Backs up the database
*
* @since 1.0
* @package facileManager
*/
function backupDatabase()
{
global $__FM_CONFIG, $fm_name;
if (!currentUserCan('run_tools')) {
return sprintf('<p class="error">%s</p>', _('You are not authorized to run these tools.'));
}
/** Temporary fix for MySQL 5.6 warnings */
$exclude_warnings = array('Warning: Using a password on the command line interface can be insecure.' . "\n");
$curdate = date("Y-m-d_H.i.s");
$sql_file = sys_get_temp_dir() . '/' . $__FM_CONFIG['db']['name'] . '_' . $curdate . '.sql';
$error_log = str_replace('.sql', '.err', $sql_file);
$mysqldump = findProgram('mysqldump');
if (!$mysqldump) {
return sprintf('<p class="error">' . _('mysqldump is not found on %s.') . '</p>', php_uname('n'));
}
$command_string = "{$mysqldump} --opt -Q -h {$__FM_CONFIG['db']['host']} -u {$__FM_CONFIG['db']['user']} -p{$__FM_CONFIG['db']['pass']} {$__FM_CONFIG['db']['name']} > " . sys_get_temp_dir() . "/{$__FM_CONFIG['db']['name']}_{$curdate}.sql 2>{$error_log}";
@system($command_string, $retval);
$retarr = @file_get_contents($error_log);
if ($retval) {
@unlink($error_log);
@unlink($sql_file);
return '<p class="error">' . nl2br(str_replace($exclude_warnings, '', $retarr)) . '</p>';
}
compressFile($sql_file, @file_get_contents($sql_file));
@unlink($error_log);
@unlink($sql_file);
addLogEntry(_('Backed up the database.'), $fm_name);
sendFileToBrowser($sql_file . '.gz');
}
$whoami = 'root';
$url = null;
/** Check for options */
$dryrun = in_array('-n', $argv) || in_array('dryrun', $argv) ? true : false;
$buildconf = in_array('-b', $argv) || in_array('buildconf', $argv) ? true : false;
$cron = in_array('-c', $argv) || in_array('cron', $argv) ? true : false;
/** Include shared client functions */
$fm_client_functions = dirname(dirname(__FILE__)) . '/functions.php';
if (file_exists($fm_client_functions)) {
include_once $fm_client_functions;
} else {
echo fM("The facileManager client scripts are not installed.\n");
exit(1);
}
/** Check running user */
if (exec(findProgram('whoami')) != $whoami && !$dryrun) {
echo fM("This script must run as {$whoami}.\n");
exit(1);
}
/** Check if running supported version */
$data['server_version'] = detectFWVersion();
/** Build everything required via cron */
if ($cron) {
$data['action'] = 'cron';
}
/** Build the server config */
if ($buildconf) {
$data['action'] = 'buildconf';
}
/** Build the zone files */
if ($zones) {
if (array_key_exists('submit', $_POST)) {
switch ($_POST['submit']) {
case _('Clean Up Database'):
$response = $fm_tools->cleanupDatabase();
break;
case _('Backup Database'):
$response = $fm_tools->backupDatabase();
if (!$response) {
header('Location: ' . $GLOBALS['basename']);
}
break;
}
}
printHeader();
@printMenu();
$backup_button = findProgram('mysqldump') ? sprintf('<p class="step"><input id="db-backup" name="submit" type="submit" value="%s" class="button" /></p>', _('Backup Database')) : sprintf(_('<p>The required mysqldump utility is not found on %s.</p>'), php_uname('n'));
$tools_option[] = '<h2>' . _('Backup Database') . '</h2>
<p>' . _('Run an ad hoc backup of your database.') . "</p>\n\t\t\t{$backup_button}\n\t\t\t<br />";
$purge_logs = currentUserCan('do_everything') ? ' <input id="purge-logs" name="submit" type="submit" value="' . _('Purge Logs') . '" class="button double-click" />' : null;
$tools_option[] = '<h2>' . _('Clean Up Database') . '</h2>
<p>' . _('You should periodically clean up your database to permanently remove deleted items. Make sure you backup your database first!') . '</p>
<p class="step"><input id="db-cleanup" name="submit" type="submit" value="' . _('Clean Up Database') . '" class="button" />' . $purge_logs . '</p>
<br />';
/** Get available module tools */
$module_var_file = ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . $_SESSION['module'] . DIRECTORY_SEPARATOR . 'variables.inc.php';
if (file_exists($module_var_file)) {
include $module_var_file;
}
$shared_tools_file = ABSPATH . 'fm-modules' . DIRECTORY_SEPARATOR . 'shared' . DIRECTORY_SEPARATOR . 'pages' . DIRECTORY_SEPARATOR . 'admin-tools.inc.php';
if (file_exists($shared_tools_file)) {
include $shared_tools_file;
$__FM_CONFIG['soa']['soa_ttl'] = '5m';
$__FM_CONFIG['soa']['soa_refresh'] = '15m';
$__FM_CONFIG['soa']['soa_retry'] = '1h';
$__FM_CONFIG['soa']['soa_expire'] = '1w';
/** Name Server Default Values */
$__FM_CONFIG['ns']['named_root_dir'] = '/var/named';
$__FM_CONFIG['ns']['named_chroot_dir'] = '/var/named/chroot';
$__FM_CONFIG['ns']['named_zones_dir'] = '/etc/named/zones';
$__FM_CONFIG['ns']['named_config_file'] = '/etc/named.conf';
/** Logging Channel Options */
$__FM_CONFIG['logging']['options']['destinations'] = array('file', 'syslog', 'stderr', 'null');
$__FM_CONFIG['logging']['options']['file'] = array('versions', 'size');
$__FM_CONFIG['logging']['options']['file_versions'] = array_merge(array('', 'unlimited'), range(1, 10));
$__FM_CONFIG['logging']['options']['file_sizes'] = array('K', 'M', 'G');
$__FM_CONFIG['logging']['options']['syslog'] = array('kern', 'user', 'mail', 'daemon', 'auth', 'syslog', 'lpr', 'news', 'uucp', 'cron', 'authpriv', 'ftp', 'local0', 'local1', 'local2', 'local3', 'local4', 'local5', 'local6', 'local7');
$__FM_CONFIG['logging']['options']['severity'] = array('critical', 'error', 'warning', 'notice', 'info', 'debug 0', 'debug 1', 'debug 2', 'debug 3', 'debug 4', 'debug 5', 'debug 6', 'debug 7', 'debug 8', 'debug 10', 'debug 50', 'debug 90', 'dynamic');
$__FM_CONFIG['logging']['options']['print-category'] = array('', 'yes', 'no');
$__FM_CONFIG['logging']['options']['print-severity'] = array('', 'yes', 'no');
$__FM_CONFIG['logging']['options']['print-time'] = array('', 'yes', 'no');
$__FM_CONFIG['logging']['categories'] = array('client', 'config', 'database', 'default', 'delegation-only', 'dispatch', 'dnssec', 'general', 'lame-servers', 'network', 'notify', 'queries', 'resolver', 'rpz', 'rate-limit', 'security', 'unmatched', 'update', 'update-security', 'xfer-in', 'xfer-out');
$__FM_CONFIG['logging']['channels']['reserved'] = array('null', 'default_syslog', 'default_debug', 'default_stderr');
/** Cleanup options */
$__FM_CONFIG['module']['clean']['prefixes'] = array('fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'acls' => 'acl', 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'config' => 'cfg', 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'domains' => 'domain', 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'keys' => 'key', 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'records' => 'record', 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'servers' => 'server', 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'soa' => 'soa', 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'views' => 'view', 'fm_' . $__FM_CONFIG['fmDNS']['prefix'] . 'records_skipped' => 'record');
$__FM_CONFIG['clean']['prefixes'] = @array_merge($__FM_CONFIG['clean']['prefixes'], $__FM_CONFIG['module']['clean']['prefixes']);
/** Default values */
$named_check_utils = findProgram('named-checkconf') ? findProgram('named-checkconf') . ', ' . findProgram('named-checkzone') : '/path/to/named-checkconf, /path/to/named-checkzone';
$__FM_CONFIG['fmDNS']['default']['options'] = @array('enable_named_checks' => array('description' => array(__('Enable named Checks'), __('Enable or disable named-checkconf and named-checkzone utilities.') . '</p>
<p>' . sprintf(__('sudo must be installed on %s with the following in sudoers:'), php_uname('n')) . '</p>
<pre>' . $__FM_CONFIG['webserver']['user_info']['name'] . ' ALL=(root) NOPASSWD: ' . $named_check_utils . '</pre>'), 'default_value' => 'no', 'type' => 'checkbox'), 'purge_config_files' => array('description' => array(__('Purge Configuration Files'), __('When enabled, configuration files will be deleted on the DNS servers before building the server config. This can be handy if you want to remove unused files.')), 'default_value' => 'no', 'type' => 'checkbox'), 'auto_create_ptr_zones' => array('description' => array(__('Create Reverse Zones Automatically'), __('While creating A records and choosing to create the associated PTR record, reverse zones can be automatically created if they are missing.')), 'default_value' => 'no', 'type' => 'checkbox'), 'clones_use_dnames' => array('description' => array(__('Use DNAME Resource Records for Clones'), __('When creating cloned zones, use the DNAME resource record rather than a full clone (when available).')), 'default_value' => 'yes', 'type' => 'checkbox'));
/** Array sorts */
sort($__FM_CONFIG['logging']['categories']);
/**
* Tests server connectivity
*/
function connectTests()
{
global $fmdb, $__FM_CONFIG;
$return = null;
/** Load ssh key for use */
$ssh_key = getOption('ssh_key_priv', $_SESSION['user']['account_id']);
$temp_ssh_key = sys_get_temp_dir() . '/fm_id_rsa';
if ($ssh_key) {
if (file_exists($temp_ssh_key)) {
@unlink($temp_ssh_key);
}
$ssh_key_loaded = @file_put_contents($temp_ssh_key, $ssh_key);
@chmod($temp_ssh_key, 0400);
}
$ssh_user = getOption('ssh_user', $_SESSION['user']['account_id']);
/** Get server list */
$result = basicGetList('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'servers', 'server_name', 'server_');
/** Process server list */
$num_rows = $fmdb->num_rows;
$results = $fmdb->last_result;
for ($x = 0; $x < $num_rows; $x++) {
$return .= sprintf(__("Running tests for %s\n"), $results[$x]->server_name);
/** ping tests */
$return .= "\t" . str_pad(__('Ping:'), 15);
if (pingTest($results[$x]->server_name)) {
$return .= __('success');
} else {
$return .= __('failed');
}
$return .= "\n";
/** remote port tests */
$return .= "\t" . str_pad(__('Remote Port:'), 15);
if ($results[$x]->server_update_method != 'cron') {
if (socketTest($results[$x]->server_name, $results[$x]->server_update_port, 10)) {
$return .= __('success') . ' (tcp/' . $results[$x]->server_update_port . ")\n";
if ($results[$x]->server_update_method == 'ssh') {
$return .= "\t" . str_pad(__('SSH Login:'******'no SSH key defined');
} elseif ($ssh_key_loaded === false) {
$return .= sprintf(__('could not load SSH key into %s'), $temp_ssh_key);
} elseif (!$ssh_user) {
$return .= __('no SSH user defined');
} else {
exec(findProgram('ssh') . " -t -i {$temp_ssh_key} -o 'StrictHostKeyChecking no' -p {$results[$x]->server_update_port} -l {$ssh_user} {$results[$x]->server_name} uptime", $post_result, $retval);
if ($retval) {
$return .= __('ssh key login failed');
} else {
$return .= __('success');
}
}
} else {
/** php tests */
$return .= "\t" . str_pad(__('http page:'), 15);
$php_result = getPostData($results[$x]->server_update_method . '://' . $results[$x]->server_name . '/' . $_SESSION['module'] . '/reload.php', null);
if ($php_result == 'Incorrect parameters defined.') {
$return .= __('success');
} else {
$return .= __('failed');
}
}
} else {
$return .= __('failed') . ' (tcp/' . $results[$x]->server_update_port . ')';
}
} else {
$return .= __('skipping (host updates via cron)');
}
$return .= "\n";
/** dns tests */
$return .= "\t" . str_pad(__('DNS:'), 15);
$port = 53;
if (socketTest($results[$x]->server_name, $port, 10)) {
$return .= __('success') . ' (tcp/' . $port . ')';
} else {
$return .= __('failed') . ' (tcp/' . $port . ')';
}
$return .= "\n";
$return .= "\n";
}
@unlink($temp_ssh_key);
return $return;
}
/**
* Upgrades the client sotware
*
* @since 1.1
* @package facileManager
*/
function doClientUpgrade($serial_no)
{
global $fmdb, $__FM_CONFIG, $fm_name;
/** Check permissions */
if (!currentUserCan('manage_servers', $_SESSION['module'])) {
echo buildPopup('header', _('Error'));
printf('<p>%s</p>', _('You do not have permission to manage servers.'));
echo buildPopup('footer', _('OK'), array('cancel_button' => 'cancel'));
exit;
}
/** Process server group */
if ($serial_no[0] == 'g') {
$group_servers = $this->getGroupServers(substr($serial_no, 1));
if (!is_array($group_servers)) {
return $group_servers;
}
$response = null;
foreach ($group_servers as $serial_no) {
if (is_numeric($serial_no)) {
$response .= $this->doClientUpgrade($serial_no) . "\n";
}
}
return $response;
}
/** Check serial number */
basicGet('fm_' . $__FM_CONFIG[$_SESSION['module']]['prefix'] . 'servers', sanitize($serial_no), 'server_', 'server_serial_no');
if (!$fmdb->num_rows) {
return sprintf(_('%d is not a valid serial number.'), $serial_no);
}
$server_details = $fmdb->last_result;
extract(get_object_vars($server_details[0]), EXTR_SKIP);
$response[] = $server_name;
if ($server_installed != 'yes') {
$response[] = ' --> ' . _('Failed: Client is not installed.') . "\n";
}
if (count($response) == 1) {
switch ($server_update_method) {
case 'cron':
/* Servers updated via cron require manual upgrades */
$response[] = ' --> ' . _('This server needs to be upgraded manually with the following command:');
$response[] = " --> sudo php /usr/local/{$fm_name}/{$_SESSION['module']}/\$(ls /usr/local/{$fm_name}/{$_SESSION['module']} | grep php | grep -v functions) upgrade";
addLogEntry(sprintf(_('Upgraded client scripts on %s.'), $server_name));
break;
case 'http':
case 'https':
/** Test the port first */
if (!socketTest($server_name, $server_update_port, 10)) {
$response[] = ' --> ' . sprintf(_('Failed: could not access %s using %s (tcp/%d).'), $server_name, $server_update_method, $server_update_port);
break;
}
/** Remote URL to use */
$url = $server_update_method . '://' . $server_name . ':' . $server_update_port . '/' . $_SESSION['module'] . '/reload.php';
/** Data to post to $url */
$post_data = array('action' => 'upgrade', 'serial_no' => $server_serial_no);
$post_result = @unserialize(getPostData($url, $post_data));
if (!is_array($post_result)) {
/** Something went wrong */
if (empty($post_result)) {
$response[] = ' --> ' . sprintf(_('It appears %s does not have php configured properly within httpd or httpd is not running.'), $server_name);
break;
}
} else {
if (count($post_result) > 1) {
/** Loop through and format the output */
foreach ($post_result as $line) {
if (strlen(trim($line))) {
$response[] = " --> {$line}";
}
}
} else {
$response[] = " --> " . $post_result[0];
}
addLogEntry(sprintf(_('Upgraded client scripts on %s.'), $server_name));
}
break;
case 'ssh':
/** Test the port first */
if (!socketTest($server_name, $server_update_port, 10)) {
$response[] = ' --> ' . sprintf(_('Failed: could not access %s using %s (tcp/%d).'), $server_name, $server_update_method, $server_update_port);
break;
}
/** Get SSH key */
$ssh_key = getOption('ssh_key_priv', $_SESSION['user']['account_id']);
if (!$ssh_key) {
$response[] = ' --> ' . sprintf(_('Failed: SSH key is not %sdefined</a>.'), '<a href="' . getMenuURL(_('General')) . '">');
break;
}
$temp_ssh_key = sys_get_temp_dir() . '/fm_id_rsa';
if (file_exists($temp_ssh_key)) {
@unlink($temp_ssh_key);
}
if (@file_put_contents($temp_ssh_key, $ssh_key) === false) {
$response[] = ' --> ' . sprintf(_('Failed: could not load SSH key into %s.'), $temp_ssh_key);
break;
}
@chmod($temp_ssh_key, 0400);
$ssh_user = getOption('ssh_user', $_SESSION['user']['account_id']);
if (!$ssh_user) {
return sprintf('<p class="error">%s</p>' . "\n", sprintf(_('Failed: SSH user is not <a href="%s">defined</a>.'), getMenuURL(_('General'))));
}
unset($post_result);
exec(findProgram('ssh') . " -t -i {$temp_ssh_key} -o 'StrictHostKeyChecking no' -p {$server_update_port} -l {$ssh_user} {$server_name} 'sudo php /usr/local/{$fm_name}/{$_SESSION['module']}/\$(ls /usr/local/{$fm_name}/{$_SESSION['module']} | grep php | grep -v functions) upgrade 2>&1'", $post_result, $retval);
@unlink($temp_ssh_key);
if ($retval) {
/** Something went wrong */
$post_result[] = _('Client upgrade failed.');
} else {
if (!count($post_result)) {
$post_result[] = _('Config build was successful.');
addLogEntry(sprintf(_('Upgraded client scripts on %s.'), $server_name));
}
}
if (count($post_result) > 1) {
/** Loop through and format the output */
foreach ($post_result as $line) {
if (strlen(trim($line))) {
$response[] = " --> {$line}";
}
}
} else {
$response[] = " --> " . $post_result[0];
}
break;
}
$response[] = null;
}
return implode("\n", $response);
}
function manageCache($action, $message)
{
addLogEntry($message);
if (shell_exec('ps -A | grep named | grep -vc grep') > 0) {
$last_line = system(findProgram('rndc') . ' ' . $action . ' 2>&1', $retval);
if ($last_line) {
addLogEntry($last_line);
}
if ($action == 'dumpdb -cache') {
/** Get dump-file location */
$dump_file = system('grep dump-file /etc/named.conf* | awk \'{print $NF}\'', $retval);
$dump_file = str_replace(array('"', ';'), '', $dump_file);
if (file_exists($dump_file)) {
echo file_get_contents($dump_file);
}
}
$message = $retval ? $message . ' failed' : $message . ' completed successfully';
echo fM($message);
addLogEntry($message);
} else {
$error_msg = "The server is not running\n";
if ($debug) {
echo fM($error_msg);
}
addLogEntry($error_msg);
}
if ($retval) {
addLogEntry($last_line);
$message = "There was an error " . strtolower($message) . " - please check the logs for details\n";
if ($debug) {
echo fM($message);
}
addLogEntry($message);
exit(1);
}
exit;
}
/**
* Extracts files
*
* @since 1.1
* @package facileManager
*
* @param array $files Files to extract
*/
function extractFiles($files = array())
{
$tmp_dir = sys_get_temp_dir() . '/fM_files';
if (!is_dir($tmp_dir)) {
mkdir($tmp_dir);
}
foreach ($files as $filename) {
$path_parts = pathinfo($filename);
$untar_opt = '-C ' . $tmp_dir . ' -x';
switch ($path_parts['extension']) {
case 'bz2':
$untar_opt .= 'j';
break;
case 'tgz':
case 'gz':
$untar_opt .= 'z';
break;
}
$untar_opt .= 'f';
$command = findProgram('tar') . " {$untar_opt} {$filename}";
@system($command, $retval);
if ($retval) {
$message = "Failed to extract {$filename}. Exiting.\n";
echo fM($message);
addLogEntry($message);
exit(1);
}
}
/** Move files */
$command = findProgram('cp') . " -r {$tmp_dir}/facileManager/client/facileManager " . dirname(dirname(__FILE__));
@system($command, $retval);
if ($retval) {
$message = "Failed to save files. Exiting.\n";
echo fM($message);
addLogEntry($message);
exit(1);
}
if ($tmp_dir != '/') {
@system(findProgram('rm') . " -rf {$tmp_dir}");
}
}
function getInterfaceNames($os)
{
$interfaces = null;
switch (PHP_OS) {
case 'Linux':
$command = findProgram('ifconfig') . ' | grep Link';
break;
case 'Darwin':
case 'FreeBSD':
case 'OpenBSD':
case 'NetBSD':
$command = findProgram('netstat') . ' -i | grep Link';
break;
case 'SunOS':
$command = findProgram('ifconfig') . ' -a | grep flags | sed -e \'s/://g\'';
break;
default:
return null;
break;
}
exec($command . ' | awk "{print \\$1}" | sort | uniq', $interfaces);
return $interfaces;
}
function buildZoneConfig($domain_id)
{
global $fmdb, $__FM_CONFIG, $fm_name;
/** Check domain_id and soa */
$parent_domain_ids = getZoneParentID($domain_id);
if (!isset($parent_domain_ids[2])) {
$query = "SELECT * FROM fm_{$__FM_CONFIG['fmDNS']['prefix']}domains d, fm_{$__FM_CONFIG['fmDNS']['prefix']}soa s WHERE domain_status='active' AND d.account_id='{$_SESSION['user']['account_id']}' AND s.soa_id=d.soa_id AND d.domain_id IN (" . join(',', $parent_domain_ids) . ")";
} else {
$query = "SELECT * FROM fm_{$__FM_CONFIG['fmDNS']['prefix']}domains d, fm_{$__FM_CONFIG['fmDNS']['prefix']}soa s WHERE domain_status='active' AND d.account_id='{$_SESSION['user']['account_id']}' AND\n\t\t\t\ts.soa_id=(SELECT soa_id FROM fm_dns_domains WHERE domain_id={$parent_domain_ids[2]})";
}
$result = $fmdb->query($query);
if (!$fmdb->num_rows) {
return sprintf('<p class="error">%s</p>' . "\n", __('Failed: There was no SOA record found for this zone.'));
}
$domain_details = $fmdb->last_result;
extract(get_object_vars($domain_details[0]), EXTR_SKIP);
$name_servers = $this->getNameServers($domain_name_servers, array('masters'));
/** No name servers so return */
if (!$name_servers) {
return sprintf('<p class="error">%s</p>' . "\n", __('There are no DNS servers hosting this zone.'));
}
/** Loop through name servers */
$name_server_count = $fmdb->num_rows;
$response = '<textarea rows="12" cols="85">';
$failures = false;
for ($i = 0; $i < $name_server_count; $i++) {
switch ($name_servers[$i]->server_update_method) {
case 'cron':
/** Add records to fm_{$__FM_CONFIG['fmDNS']['prefix']}track_reloads */
foreach ($this->getZoneCloneChildren($domain_id) as $child_id) {
$this->addZoneReload($name_servers[$i]->server_serial_no, $child_id);
}
/** Set the server_update_config flag */
setBuildUpdateConfigFlag($name_servers[$i]->server_serial_no, 'yes', 'update');
$response .= '[' . $name_servers[$i]->server_name . '] ' . __('This zone will be updated on the next cron run.') . "\n";
break;
case 'http':
case 'https':
/** Test the port first */
if (!socketTest($name_servers[$i]->server_name, $name_servers[$i]->server_update_port, 10)) {
$response .= '[' . $name_servers[$i]->server_name . '] ' . sprintf(__('Failed: could not access %s (tcp/%d).'), $name_servers[$i]->server_update_method, $name_servers[$i]->server_update_port) . "\n";
$failures = true;
break;
}
/** Remote URL to use */
$url = $name_servers[$i]->server_update_method . '://' . $name_servers[$i]->server_name . ':' . $name_servers[$i]->server_update_port . '/' . $_SESSION['module'] . '/reload.php';
/** Data to post to $url */
$post_data = array('action' => 'reload', 'serial_no' => $name_servers[$i]->server_serial_no, 'domain_id' => $domain_id);
$post_result = unserialize(getPostData($url, $post_data));
if (!is_array($post_result)) {
/** Something went wrong */
return '<div class="error"><p>' . $post_result . '</p></div>' . "\n";
} else {
if (count($post_result) > 1) {
/** Loop through and format the output */
foreach ($post_result as $line) {
$response .= '[' . $name_servers[$i]->server_name . "] {$line}\n";
if (strpos(strtolower($line), 'fail')) {
$failures = true;
}
}
} else {
$response .= "[{$name_servers[$i]->server_name}] " . $post_result[0] . "\n";
if (strpos(strtolower($post_result[0]), 'fail')) {
$failures = true;
}
}
}
/** Set the server_update_config flag */
setBuildUpdateConfigFlag($name_servers[$i]->server_serial_no, 'yes', 'update');
break;
case 'ssh':
/** Test the port first */
if (!socketTest($name_servers[$i]->server_name, $name_servers[$i]->server_update_port, 10)) {
$response .= '[' . $name_servers[$i]->server_name . '] ' . sprintf(__('Failed: could not access %s (tcp/%d).'), $name_servers[$i]->server_update_method, $name_servers[$i]->server_update_port) . "\n";
$failures = true;
break;
}
/** Get SSH key */
$ssh_key = getOption('ssh_key_priv', $_SESSION['user']['account_id']);
if (!$ssh_key) {
return '<p class="error">' . sprintf(__('Failed: SSH key is not <a href="%s">defined</a>.'), getMenuURL(_('Settings'))) . '</p>' . "\n";
}
$temp_ssh_key = sys_get_temp_dir() . '/fm_id_rsa';
if (file_exists($temp_ssh_key)) {
@unlink($temp_ssh_key);
}
if (@file_put_contents($temp_ssh_key, $ssh_key) === false) {
return '<p class="error">' . sprintf(__('Failed: could not load SSH key into %s.'), $temp_ssh_key) . '</p>' . "\n";
}
@chmod($temp_ssh_key, 0400);
$ssh_user = getOption('ssh_user', $_SESSION['user']['account_id']);
if (!$ssh_user) {
return '<p class="error">' . sprintf(__('Failed: SSH user is not <a href="%s">defined</a>.'), getMenuURL(_('Settings'))) . '</p>' . "\n";
}
unset($post_result);
exec(findProgram('ssh') . " -t -i {$temp_ssh_key} -o 'StrictHostKeyChecking no' -p {$name_servers[$i]->server_update_port} -l {$ssh_user} {$name_servers[$i]->server_name} 'sudo php /usr/local/{$fm_name}/{$_SESSION['module']}/dns.php zones id={$domain_id}'", $post_result, $retval);
@unlink($temp_ssh_key);
if (!is_array($post_result)) {
/** Something went wrong */
return sprintf('<p class="error">%s</p>' . "\n", $post_result);
} else {
if (!count($post_result)) {
$post_result[] = __('Zone reload was successful.');
}
if (count($post_result) > 1) {
/** Loop through and format the output */
foreach ($post_result as $line) {
$response .= '[' . $name_servers[$i]->server_name . "] {$line}\n";
if (strpos(strtolower($line), 'fail')) {
$failures = true;
}
}
} else {
$response .= "[{$name_servers[$i]->server_name}] " . $post_result[0] . "\n";
if (strpos(strtolower($post_result[0]), 'fail')) {
$failures = true;
}
}
}
/** Set the server_update_config flag */
setBuildUpdateConfigFlag($name_servers[$i]->server_serial_no, 'yes', 'update');
break;
}
}
$response .= "</textarea>\n";
/** Reset the domain_reload flag */
if (!$failures) {
global $fm_dns_records;
if (!isset($fm_dns_records)) {
include ABSPATH . 'fm-modules/fmDNS/classes/class_records.php';
}
$fm_dns_records->updateSOAReload($domain_id, 'no');
}
addLogEntry(sprintf(__("Reloaded zone '%s'."), displayFriendlyDomainName($domain_name)));
return $response;
}
/**
* Generates a SSH key pair
*
* @since 1.0
* @package facileManager
*/
function generateSSHKeyPair()
{
global $fmdb, $__FM_CONFIG, $fm_name;
$tmp = sys_get_temp_dir();
/** Create the ssh key pair */
exec(findProgram('ssh-keygen') . " -t rsa -b 2048 -f {$tmp}/fm_id_rsa -N ''", $exec_array, $retval);
$array['ssh_key_priv'] = @file_get_contents($tmp . '/fm_id_rsa');
$array['ssh_key_pub'] = @file_get_contents($tmp . '/fm_id_rsa.pub');
@unlink($tmp . '/fm_id_rsa');
@unlink($tmp . '/fm_id_rsa.pub');
if ($retval) {
return _('SSH key generation failed.');
}
foreach ($array as $key => $data) {
/** Check if the option has changed */
$current_value = getOption($key);
if ($current_value == $data) {
continue;
}
$new_array[$key] = $current_value === false ? array($data, 'insert') : array($data, 'update');
}
if (isset($new_array) && is_array($new_array)) {
foreach ($new_array as $option => $value) {
list($option_value, $command) = $value;
/** Update with the new value */
$result = setOption($option, $option_value, $command, false, $_SESSION['user']['account_id']);
if (!$result) {
return _('Could not save settings because a database error occurred.');
}
}
addLogEntry(_('Generated system SSH key pair.'), $fm_name);
}
return true;
}