function verify_group($group) { if (!is_group($group)) { toshout_error('[TOP SECRET] You cannot access that property'); redirect('dashboard'); } }
function render_item($name) { global $mtdata; if ($name) { if ($groupname = is_group($name)) { $description = 'Group ' . $groupname; $url = url_group($groupname); } else { $description = $mtdata['items'][$name]['description']; $url = url_item($name); } $ret = '<div class="item"> ' . render_item_icon($name) . ' <div class="itemdesc"><a href="' . $url . '">' . $description . '</a></div> </div>'; } return $ret; }
} else { $ThemeSel = get_theme(); if (file_exists("themes/{$ThemeSel}/modules/{$name}/" . $file . ".php")) { $modpath = "themes/{$ThemeSel}/"; } else { $modpath = ""; } if ($view == 0) { $modpath .= "modules/{$name}/" . $file . ".php"; if (file_exists($modpath)) { include $modpath; } else { die("Sorry, such file doesn't exist..."); } } else { if ($view == 1 and (is_user($user) or is_group($user, $name)) or is_admin($admin)) { $modpath .= "modules/{$name}/" . $file . ".php"; if (file_exists($modpath)) { include $modpath; } else { die("Sorry, such file doesn't exist..."); } } elseif ($view == 1 and !is_user($user) and !is_admin($admin)) { $pagetitle = "- " . _ACCESSDENIED . ""; include "header.php"; title("{$sitename}: " . _ACCESSDENIED . ""); OpenTable(); echo "<center><b>" . _RESTRICTEDAREA . "</b><br><br>" . "" . _MODULEUSERS . ""; $result2 = $db->sql_query("SELECT mod_group FROM " . $prefix . "_modules WHERE title='{$name}'"); $row2 = $db->sql_fetchrow($result2); if ($row2[mod_group] != 0) {
public function install_ispconfig() { global $conf; $install_dir = $conf['ispconfig_install_dir']; //* Create the ISPConfig installation directory if (!is_dir($install_dir)) { $command = "mkdir {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } //* Create a ISPConfig user and group if (!is_group('ispconfig')) { $command = 'groupadd ispconfig'; caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } if (!is_user('ispconfig')) { $command = "useradd -g ispconfig -d {$install_dir} ispconfig"; caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } //* copy the ISPConfig interface part $command = "cp -rf ../interface {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* copy the ISPConfig server part $command = "cp -rf ../server {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Create the config file for ISPConfig interface $configfile = 'config.inc.php'; $content = $this->get_template_file($configfile, true, true); //* get contents & insert db cred $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); $content = str_replace('{language}', $conf['language'], $content); $this->write_config_file("{$install_dir}/interface/lib/{$configfile}", $content); //* Create the config file for ISPConfig server $this->write_config_file("{$install_dir}/server/lib/{$configfile}", $content); //* Create the config file for remote-actions (but only, if it does not exist, because // the value is a autoinc-value and so changed by the remoteaction_core_module if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) { $content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>'; wf($install_dir . '/server/lib/remote_action.inc.php', $content); } // Enable the server modules and plugins. // TODO: Implement a selector which modules and plugins shall be enabled. $dir = $install_dir . '/server/mods-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') { include_once $install_dir . '/server/mods-available/' . $file; $module_name = substr($file, 0, -8); $tmp = new $module_name(); if ($tmp->onInstall()) { if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) { @symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file); // @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file); } if (strpos($file, '_core_module') !== false) { if (!@is_link($install_dir . '/server/mods-core/' . $file)) { @symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file); // @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file); } } } unset($tmp); } } closedir($dh); } } $dir = $install_dir . '/server/plugins-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') { continue; } if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') { continue; } if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') { include_once $install_dir . '/server/plugins-available/' . $file; $plugin_name = substr($file, 0, -8); $tmp = new $plugin_name(); if (method_exists($tmp, 'onInstall') && $tmp->onInstall()) { if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) { @symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file); } if (strpos($file, '_core_plugin') !== false) { if (!@is_link($install_dir . '/server/plugins-core/' . $file)) { @symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file); } } } unset($tmp); } } closedir($dh); } } //* Update the server config $mail_server_enabled = $conf['services']['mail'] ? 1 : 0; $web_server_enabled = $conf['services']['web'] ? 1 : 0; $dns_server_enabled = $conf['services']['dns'] ? 1 : 0; $file_server_enabled = $conf['services']['file'] ? 1 : 0; $db_server_enabled = $conf['services']['db'] ? 1 : 0; $vserver_server_enabled = $conf['services']['vserver'] ? 1 : 0; $sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}' WHERE server_id = " . intval($conf['server_id']); if ($conf['mysql']['master_slave_setup'] == 'y') { $this->dbmaster->query($sql); $this->db->query($sql); } else { $this->db->query($sql); } //* Chmod the files $command = "chmod -R 750 {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the files to the ispconfig user and group $command = "chown -R ispconfig:ispconfig {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Make the global language file directory group writable exec("chmod -R 770 {$install_dir}/interface/lib/lang"); //* Make the temp directory for language file exports writable if (is_dir($install_dir . '/interface/web/temp')) { exec("chmod -R 770 {$install_dir}/interface/web/temp"); } //* Make all interface language file directories group writable $handle = @opendir($install_dir . '/interface/web'); while ($file = @readdir($handle)) { if ($file != '.' && $file != '..') { if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) { $handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang'); chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770); while ($lang_file = @readdir($handle2)) { if ($lang_file != '.' && $lang_file != '..') { chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770); } } } } } //* make sure that the server config file (not the interface one) is only readable by the root user chmod($install_dir . '/server/lib/' . $configfile, 0600); chown($install_dir . '/server/lib/' . $configfile, 'root'); chgrp($install_dir . '/server/lib/' . $configfile, 'root'); chmod($install_dir . '/server/lib/remote_action.inc.php', 0600); chown($install_dir . '/server/lib/remote_action.inc.php', 'root'); chgrp($install_dir . '/server/lib/remote_action.inc.php', 'root'); if (@is_file($install_dir . '/server/lib/mysql_clientdb.conf')) { chmod($install_dir . '/server/lib/mysql_clientdb.conf', 0600); chown($install_dir . '/server/lib/mysql_clientdb.conf', 'root'); chgrp($install_dir . '/server/lib/mysql_clientdb.conf', 'root'); } // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing // and must be fixed as this will allow the apache user to read the ispconfig files. // Later this must run as own apache server or via suexec! if ($conf['apache']['installed'] == true) { $command = 'usermod -a -G ispconfig ' . $conf['apache']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if (is_group('ispapps')) { $command = 'usermod -a -G ispapps ' . $conf['apache']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } } if ($conf['nginx']['installed'] == true) { $command = 'usermod -a -G ispconfig ' . $conf['nginx']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if (is_group('ispapps')) { $command = 'usermod -a -G ispapps ' . $conf['nginx']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } } //* Make the shell scripts executable $command = "chmod +x {$install_dir}/server/scripts/*.sh"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if ($conf['apache']['installed'] == true) { //* Copy the ISPConfig vhost for the controlpanel $content = $this->get_template_file("apache_ispconfig.vhost", true); $content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content); //* comment out the listen directive if port is 80 or 443 if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) { $content = str_replace('{vhost_port_listen}', '#', $content); } else { $content = str_replace('{vhost_port_listen}', '', $content); } if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) { $content = str_replace('{ssl_comment}', '', $content); } else { $content = str_replace('{ssl_comment}', '#', $content); } $vhost_path = $conf['apache']['vhost_conf_dir'] . '/ispconfig.vhost'; $this->write_config_file($vhost_path, $content); if (!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) { mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true); copy('tpl/apache_ispconfig_fcgi_starter.master', '/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); chmod('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', 0755); symlink($install_dir . '/interface/web', '/var/www/ispconfig'); exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig'); } } if ($conf['nginx']['installed'] == true) { //* Copy the ISPConfig vhost for the controlpanel $vhost_conf_dir = $conf['nginx']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir']; // Dont just copy over the virtualhost template but add some custom settings $content = rf('tpl/nginx_ispconfig.vhost.master'); $content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content); if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) { $content = str_replace('{ssl_on}', ' ssl', $content); $content = str_replace('{ssl_comment}', '', $content); $content = str_replace('{fastcgi_ssl}', 'on', $content); } else { $content = str_replace('{ssl_on}', '', $content); $content = str_replace('{ssl_comment}', '#', $content); $content = str_replace('{fastcgi_ssl}', 'off', $content); } $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']); if (substr($socket_dir, -1) != '/') { $socket_dir .= '/'; } if (!is_dir($socket_dir)) { exec('mkdir -p ' . $socket_dir); } $fpm_socket = $socket_dir . 'ispconfig.sock'; //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content); $content = str_replace('{fpm_socket}', $fpm_socket, $content); wf($vhost_conf_dir . '/ispconfig.vhost', $content); unset($content); // PHP-FPM // Dont just copy over the php-fpm pool template but add some custom settings $content = rf('tpl/php_fpm_pool.conf.master'); $content = str_replace('{fpm_pool}', 'ispconfig', $content); //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content); $content = str_replace('{fpm_socket}', $fpm_socket, $content); $content = str_replace('{fpm_user}', 'ispconfig', $content); $content = str_replace('{fpm_group}', 'ispconfig', $content); wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content); //copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost'); //* and create the symlink if ($this->install_ispconfig_interface == true && $this->is_update == false) { if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) { unlink($vhost_conf_enabled_dir . '/ispconfig.vhost'); } if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) { symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost'); } } } //* Install the update script if (is_file('/usr/local/bin/ispconfig_update_from_svn.sh')) { unlink('/usr/local/bin/ispconfig_update_from_svn.sh'); } chown($install_dir . '/server/scripts/update_from_svn.sh', 'root'); chmod($install_dir . '/server/scripts/update_from_svn.sh', 0700); chown($install_dir . '/server/scripts/update_from_tgz.sh', 'root'); chmod($install_dir . '/server/scripts/update_from_tgz.sh', 0700); chown($install_dir . '/server/scripts/ispconfig_update.sh', 'root'); chmod($install_dir . '/server/scripts/ispconfig_update.sh', 0700); if (!is_link('/usr/local/bin/ispconfig_update_from_svn.sh')) { symlink($install_dir . '/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_svn.sh'); } if (!is_link('/usr/local/bin/ispconfig_update.sh')) { symlink($install_dir . '/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh'); } //* Make the logs readable for the ispconfig user if (is_file('/var/log/maillog')) { exec('chmod +r /var/log/maillog'); } if (is_file('/var/log/messages')) { exec('chmod +r /var/log/messages'); } if (is_file('/var/log/clamav/clamav.log')) { exec('chmod +r /var/log/clamav/clamav.log'); } if (is_file('/var/log/clamav/freshclam.log')) { exec('chmod +r /var/log/clamav/freshclam.log'); } //* Create the ispconfig log directory if (!is_dir($conf['ispconfig_log_dir'])) { mkdir($conf['ispconfig_log_dir']); } if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) { touch($conf['ispconfig_log_dir'] . '/ispconfig.log'); } rename($install_dir . '/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh'); if (is_user('getmail')) { chown('/usr/local/bin/run-getmail.sh', 'getmail'); } chmod('/usr/local/bin/run-getmail.sh', 0744); }
public function install_ispconfig() { global $conf; $install_dir = $conf['ispconfig_install_dir']; //* Create the ISPConfig installation directory if (!@is_dir("{$install_dir}")) { $command = "mkdir {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } //* Create a ISPConfig user and group $command = 'groupadd ispconfig'; if (!is_group('ispconfig')) { caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } $command = "useradd -g ispconfig -d {$install_dir} ispconfig"; if (!is_user('ispconfig')) { caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } //* copy the ISPConfig interface part $command = "cp -rf ../interface {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* copy the ISPConfig server part $command = "cp -rf ../server {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Create a symlink, so ISPConfig is accessible via web // Replaced by a separate vhost definition for port 8080 // $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig"; // caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Create the config file for ISPConfig interface $configfile = 'config.inc.php'; if (is_file($install_dir . '/interface/lib/' . $configfile)) { copy("{$install_dir}/interface/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~"); } $content = rf("tpl/{$configfile}.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); $content = str_replace('{language}', $conf['language'], $content); wf("{$install_dir}/interface/lib/{$configfile}", $content); //* Create the config file for ISPConfig server $configfile = 'config.inc.php'; if (is_file($install_dir . '/server/lib/' . $configfile)) { copy("{$install_dir}/server/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~"); } $content = rf("tpl/{$configfile}.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); $content = str_replace('{language}', $conf['language'], $content); wf("{$install_dir}/server/lib/{$configfile}", $content); //* Create the config file for remote-actions (but only, if it does not exist, because // the value is a autoinc-value and so changed by the remoteaction_core_module if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) { $content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>'; wf($install_dir . '/server/lib/remote_action.inc.php', $content); } //* Enable the server modules and plugins. // TODO: Implement a selector which modules and plugins shall be enabled. $dir = $install_dir . '/server/mods-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') { include_once $install_dir . '/server/mods-available/' . $file; $module_name = substr($file, 0, -8); $tmp = new $module_name(); if ($tmp->onInstall()) { if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) { @symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file); } if (strpos($file, '_core_module') !== false) { if (!@is_link($install_dir . '/server/mods-core/' . $file)) { @symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file); } } } unset($tmp); } } closedir($dh); } } $dir = $install_dir . '/server/plugins-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') { continue; } if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') { continue; } if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') { include_once $install_dir . '/server/plugins-available/' . $file; $plugin_name = substr($file, 0, -8); $tmp = new $plugin_name(); if ($tmp->onInstall()) { if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) { @symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file); } if (strpos($file, '_core_plugin') !== false) { if (!@is_link($install_dir . '/server/plugins-core/' . $file)) { @symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file); } } } unset($tmp); } } closedir($dh); } } // Update the server config $mail_server_enabled = $conf['services']['mail'] ? 1 : 0; $web_server_enabled = $conf['services']['web'] ? 1 : 0; $dns_server_enabled = $conf['services']['dns'] ? 1 : 0; $file_server_enabled = $conf['services']['file'] ? 1 : 0; $db_server_enabled = $conf['services']['db'] ? 1 : 0; $vserver_server_enabled = $conf['services']['vserver'] ? 1 : 0; $sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}' WHERE server_id = " . intval($conf['server_id']); if ($conf['mysql']['master_slave_setup'] == 'y') { $this->dbmaster->query($sql); $this->db->query($sql); } else { $this->db->query($sql); } //* Chmod the files $command = "chmod -R 750 {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the files to the ispconfig user and group $command = "chown -R ispconfig:ispconfig {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Make the global language file directory group writable exec("chmod -R 770 {$install_dir}/interface/lib/lang"); //* Make the temp directory for language file exports writable exec("chmod -R 770 {$install_dir}/interface/web/temp"); //* Make all interface language file directories group writable $handle = @opendir($install_dir . '/interface/web'); while ($file = @readdir($handle)) { if ($file != '.' && $file != '..') { if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) { $handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang'); chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770); while ($lang_file = @readdir($handle2)) { if ($lang_file != '.' && $lang_file != '..') { chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770); } } } } } //* make sure that the server config file (not the interface one) is only readable by the root user exec("chmod 600 {$install_dir}/server/lib/{$configfile}"); exec("chown root:root {$install_dir}/server/lib/{$configfile}"); if (@is_file("{$install_dir}/server/lib/mysql_clientdb.conf")) { exec("chmod 600 {$install_dir}/server/lib/mysql_clientdb.conf"); exec("chown root:root {$install_dir}/server/lib/mysql_clientdb.conf"); } // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing // and must be fixed as this will allow the apache user to read the ispconfig files. // Later this must run as own apache server or via suexec! if ($conf['apache']['installed'] == true) { $command = 'groupmod --add-user ' . $conf['apache']['user'] . ' ispconfig'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if (is_group('ispapps')) { $command = 'groupmod --add-user ' . $conf['apache']['user'] . ' ispapps'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } } if ($conf['nginx']['installed'] == true) { $command = 'groupmod --add-user ' . $conf['nginx']['user'] . ' ispconfig'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if (is_group('ispapps')) { $command = 'groupmod --add-user ' . $conf['nginx']['user'] . ' ispapps'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } } //* Make the shell scripts executable $command = "chmod +x {$install_dir}/server/scripts/*.sh"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if ($conf['apache']['installed'] == true) { //* Copy the ISPConfig vhost for the controlpanel // TODO: These are missing! should they be "vhost_dist_*_dir" ? $vhost_conf_dir = $conf['apache']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir']; // Dont just copy over the virtualhost template but add some custom settings $content = rf("tpl/apache_ispconfig.vhost.master"); $content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content); // comment out the listen directive if port is 80 or 443 if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) { $content = str_replace('{vhost_port_listen}', '#', $content); } else { $content = str_replace('{vhost_port_listen}', '', $content); } if (is_file('/usr/local/ispconfig/interface/ssl/ispserver.crt') && is_file('/usr/local/ispconfig/interface/ssl/ispserver.key')) { $content = str_replace('{ssl_comment}', '', $content); } else { $content = str_replace('{ssl_comment}', '#', $content); } $content = str_replace('/var/www/', '/srv/www/', $content); wf("{$vhost_conf_dir}/ispconfig.vhost", $content); if (!is_file('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) { exec('mkdir -p /srv/www/php-fcgi-scripts/ispconfig'); exec('cp tpl/apache_ispconfig_fcgi_starter.master /srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); exec('chmod +x /srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); exec('ln -s /usr/local/ispconfig/interface/web /srv/www/ispconfig'); exec('chown -R ispconfig:ispconfig /srv/www/php-fcgi-scripts/ispconfig'); } //copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost"); //* and create the symlink if ($this->install_ispconfig_interface == true && $this->is_update == false) { if (@is_link("{$vhost_conf_enabled_dir}/ispconfig.vhost")) { unlink("{$vhost_conf_enabled_dir}/ispconfig.vhost"); } if (!@is_link("{$vhost_conf_enabled_dir}/000-ispconfig.vhost")) { exec("ln -s {$vhost_conf_dir}/ispconfig.vhost {$vhost_conf_enabled_dir}/000-ispconfig.vhost"); } } // Fix a setting in vhost master file for suse replaceLine('/usr/local/ispconfig/server/conf/vhost.conf.master', "suPHP_UserGroup", " suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>", 0); } if ($conf['nginx']['installed'] == true) { //* Copy the ISPConfig vhost for the controlpanel $vhost_conf_dir = $conf['nginx']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir']; // Dont just copy over the virtualhost template but add some custom settings $content = rf('tpl/nginx_ispconfig.vhost.master'); $content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content); if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) { $content = str_replace('{ssl_on}', ' ssl', $content); $content = str_replace('{ssl_comment}', '', $content); $content = str_replace('{fastcgi_ssl}', 'on', $content); } else { $content = str_replace('{ssl_on}', '', $content); $content = str_replace('{ssl_comment}', '#', $content); $content = str_replace('{fastcgi_ssl}', 'off', $content); } $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']); if (substr($socket_dir, -1) != '/') { $socket_dir .= '/'; } if (!is_dir($socket_dir)) { exec('mkdir -p ' . $socket_dir); } $fpm_socket = $socket_dir . 'ispconfig.sock'; //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content); $content = str_replace('{fpm_socket}', $fpm_socket, $content); wf($vhost_conf_dir . '/ispconfig.vhost', $content); unset($content); // PHP-FPM // Dont just copy over the php-fpm pool template but add some custom settings $content = rf('tpl/php_fpm_pool.conf.master'); $content = str_replace('{fpm_pool}', 'ispconfig', $content); //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content); $content = str_replace('{fpm_socket}', $fpm_socket, $content); $content = str_replace('{fpm_user}', 'ispconfig', $content); $content = str_replace('{fpm_group}', 'ispconfig', $content); wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content); //copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost'); //* and create the symlink if ($this->install_ispconfig_interface == true && $this->is_update == false) { if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) { unlink($vhost_conf_enabled_dir . '/ispconfig.vhost'); } if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) { symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost'); } } // create symlinks from /usr/share to phpMyAdmin and SquirrelMail, if they are installed if (!@file_exists('/usr/share/phpmyadmin') && @is_dir('/srv/www/htdocs/phpMyAdmin')) { symlink('/srv/www/htdocs/phpMyAdmin/', '/usr/share/phpmyadmin'); } if (!@file_exists('/usr/share/squirrelmail') && @is_dir('/srv/www/htdocs/squirrelmail')) { symlink('/srv/www/htdocs/squirrelmail/', '/usr/share/squirrelmail'); } } // Make the Clamav log files readable by ISPConfig //exec('chmod +r /var/log/clamav/clamav.log'); //exec('chmod +r /var/log/clamav/freshclam.log'); //* Install the update script if (is_file('/usr/local/bin/ispconfig_update_from_svn.sh')) { unlink('/usr/local/bin/ispconfig_update_from_svn.sh'); } exec('chown root /usr/local/ispconfig/server/scripts/update_from_svn.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_svn.sh'); exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh'); exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh'); if (!is_link('/usr/local/bin/ispconfig_update_from_svn.sh')) { exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_svn.sh'); } if (!is_link('/usr/local/bin/ispconfig_update.sh')) { exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh'); } //set the fast cgi starter script to executable //exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi'); //* Make the logs readable for the ispconfig user if (@is_file('/var/log/mail.log')) { exec('chmod +r /var/log/mail.log'); } if (@is_file('/var/log/mail.warn')) { exec('chmod +r /var/log/mail.warn'); } if (@is_file('/var/log/mail.err')) { exec('chmod +r /var/log/mail.err'); } if (@is_file('/var/log/messages')) { exec('chmod +r /var/log/messages'); } //To enable apache to read the directories exec('chmod a+rx /usr/local/ispconfig'); exec('chmod -R 751 /usr/local/ispconfig/interface'); exec('chmod a+rx /usr/local/ispconfig/interface/web'); //* Create the ispconfig log directory if (!is_dir($conf['ispconfig_log_dir'])) { mkdir($conf['ispconfig_log_dir']); } if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) { exec('touch ' . $conf['ispconfig_log_dir'] . '/ispconfig.log'); } if (is_user('getmail')) { exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh'); exec('chown getmail /usr/local/bin/run-getmail.sh'); exec('chmod 744 /usr/local/bin/run-getmail.sh'); } }
public function install_ispconfig() { global $conf; $install_dir = $conf['ispconfig_install_dir']; //* Create the ISPConfig installation directory if (!@is_dir("{$install_dir}")) { $command = "mkdir {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } //* Create a ISPConfig user and group $command = 'groupadd ispconfig'; if (!is_group('ispconfig')) { caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } $command = "useradd -g ispconfig -d {$install_dir} ispconfig"; if (!is_user('ispconfig')) { caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } //* copy the ISPConfig interface part $command = "cp -rf ../interface {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* copy the ISPConfig server part $command = "cp -rf ../server {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Make a backup of the security settings if (is_file('/usr/local/ispconfig/security/security_settings.ini')) { copy('/usr/local/ispconfig/security/security_settings.ini', '/usr/local/ispconfig/security/security_settings.ini~'); } //* copy the ISPConfig security part $command = 'cp -rf ../security ' . $install_dir; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Apply changed security_settings.ini values to new security_settings.ini file if (is_file('/usr/local/ispconfig/security/security_settings.ini~')) { $security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~')); $security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini')); if (is_array($security_settings_new) && is_array($security_settings_old)) { foreach ($security_settings_new as $section => $sval) { if (is_array($sval)) { foreach ($sval as $key => $val) { if (isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) { $security_settings_new[$section][$key] = $security_settings_old[$section][$key]; } } } } file_put_contents('/usr/local/ispconfig/security/security_settings.ini', array_to_ini($security_settings_new)); } } //* Create a symlink, so ISPConfig is accessible via web // Replaced by a separate vhost definition for port 8080 // $command = "ln -s $install_dir/interface/web/ /home/www/ispconfig"; // caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Create the config file for ISPConfig interface $configfile = 'config.inc.php'; if (is_file($install_dir . '/interface/lib/' . $configfile)) { copy("{$install_dir}/interface/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~"); } $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', "tpl/{$configfile}.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); $content = str_replace('{language}', $conf['language'], $content); $content = str_replace('{timezone}', $conf['timezone'], $content); $content = str_replace('{theme}', $conf['theme'], $content); $content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content); wf("{$install_dir}/interface/lib/{$configfile}", $content); //* Create the config file for ISPConfig server $configfile = 'config.inc.php'; if (is_file($install_dir . '/server/lib/' . $configfile)) { copy("{$install_dir}/server/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~"); } $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', "tpl/{$configfile}.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); $content = str_replace('{language}', $conf['language'], $content); $content = str_replace('{timezone}', $conf['timezone'], $content); $content = str_replace('{theme}', $conf['theme'], $content); $content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content); wf("{$install_dir}/server/lib/{$configfile}", $content); //* Create the config file for remote-actions (but only, if it does not exist, because // the value is a autoinc-value and so changed by the remoteaction_core_module if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) { $content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>'; wf($install_dir . '/server/lib/remote_action.inc.php', $content); } //* Enable the server modules and plugins. // TODO: Implement a selector which modules and plugins shall be enabled. $dir = $install_dir . '/server/mods-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') { include_once $install_dir . '/server/mods-available/' . $file; $module_name = substr($file, 0, -8); $tmp = new $module_name(); if ($tmp->onInstall()) { if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) { @symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file); } if (strpos($file, '_core_module') !== false) { if (!@is_link($install_dir . '/server/mods-core/' . $file)) { @symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file); } } } unset($tmp); } } closedir($dh); } } $dir = $install_dir . '/server/plugins-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') { continue; } if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') { continue; } if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') { include_once $install_dir . '/server/plugins-available/' . $file; $plugin_name = substr($file, 0, -8); $tmp = new $plugin_name(); if ($tmp->onInstall()) { if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) { @symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file); } if (strpos($file, '_core_plugin') !== false) { if (!@is_link($install_dir . '/server/plugins-core/' . $file)) { @symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file); } } } unset($tmp); } } closedir($dh); } } // Update the server config $mail_server_enabled = $conf['services']['mail'] ? 1 : 0; $web_server_enabled = $conf['services']['web'] ? 1 : 0; $dns_server_enabled = $conf['services']['dns'] ? 1 : 0; $file_server_enabled = $conf['services']['file'] ? 1 : 0; $db_server_enabled = $conf['services']['db'] ? 1 : 0; $vserver_server_enabled = $conf['services']['vserver'] ? 1 : 0; $sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}' WHERE server_id = " . intval($conf['server_id']); if ($conf['mysql']['master_slave_setup'] == 'y') { $this->dbmaster->query($sql); $this->db->query($sql); } else { $this->db->query($sql); } // chown install dir to root and chmod 755 $command = 'chown root:root ' . $install_dir; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chmod 755 ' . $install_dir; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Chmod the files and directories in the install dir $command = 'chmod -R 750 ' . $install_dir . '/*'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the interface files to the ispconfig user and group $command = 'chown -R ispconfig:ispconfig ' . $install_dir . '/interface'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the server files to the root user and group $command = 'chown -R root:root ' . $install_dir . '/server'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the security files to the root user and group $command = 'chown -R root:root ' . $install_dir . '/security'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the security directory and security_settings.ini to root:ispconfig $command = 'chown root:ispconfig ' . $install_dir . '/security/security_settings.ini'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security/ids.whitelist'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security/ids.htmlfield'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security/apache_directives.blacklist'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Make the global language file directory group writable exec("chmod -R 770 {$install_dir}/interface/lib/lang"); //* Make the temp directory for language file exports writable exec("chmod -R 770 {$install_dir}/interface/web/temp"); //* Make all interface language file directories group writable $handle = @opendir($install_dir . '/interface/web'); while ($file = @readdir($handle)) { if ($file != '.' && $file != '..') { if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) { $handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang'); chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770); while ($lang_file = @readdir($handle2)) { if ($lang_file != '.' && $lang_file != '..') { chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770); } } } } } //* Make the APS directories group writable exec("chmod -R 770 {$install_dir}/interface/web/sites/aps_meta_packages"); exec("chmod -R 770 {$install_dir}/server/aps_packages"); //* make sure that the server config file (not the interface one) is only readable by the root user chmod($install_dir . '/server/lib/config.inc.php', 0600); chown($install_dir . '/server/lib/config.inc.php', 'root'); chgrp($install_dir . '/server/lib/config.inc.php', 'root'); //* Make sure thet the interface config file is readable by user ispconfig only chmod($install_dir . '/interface/lib/config.inc.php', 0600); chown($install_dir . '/interface/lib/config.inc.php', 'ispconfig'); chgrp($install_dir . '/interface/lib/config.inc.php', 'ispconfig'); if (@is_file("{$install_dir}/server/lib/mysql_clientdb.conf")) { exec("chmod 600 {$install_dir}/server/lib/mysql_clientdb.conf"); exec("chown root:root {$install_dir}/server/lib/mysql_clientdb.conf"); } if (is_dir($install_dir . '/interface/invoices')) { exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices')); exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices')); } exec('chown -R root:root /usr/local/ispconfig/interface/ssl'); // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing // and must be fixed as this will allow the apache user to read the ispconfig files. // Later this must run as own apache server or via suexec! if ($conf['apache']['installed'] == true) { $command = 'usermod -a -G ispconfig ' . $conf['apache']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if (is_group('ispapps')) { $command = 'usermod -a -G ispapps ' . $conf['apache']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } } if ($conf['nginx']['installed'] == true) { $command = 'usermod -a -G ispconfig ' . $conf['nginx']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //if(is_user('ispapps')){ // Allow the ispapps vhost access to /etc/squirrelmail //$command = 'usermod -a -G '.$conf['apache']['group'].' ispapps'; //caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //} if (is_group('ispapps')) { $command = 'usermod -a -G ispapps ' . $conf['nginx']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } } //* Make the shell scripts executable $command = "chmod +x {$install_dir}/server/scripts/*.sh"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if ($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true) { //* Copy the ISPConfig vhost for the controlpanel // TODO: These are missing! should they be "vhost_dist_*_dir" ? $vhost_conf_dir = $conf['apache']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir']; // Dont just copy over the virtualhost template but add some custom settings $tpl = new tpl('apache_ispconfig.vhost.master'); $tpl->setVar('vhost_port', $conf['apache']['vhost_port']); // comment out the listen directive if port is 80 or 8443 if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 8443) { $tpl->setVar('vhost_port_listen', '#'); } else { $tpl->setVar('vhost_port_listen', ''); } if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) { $tpl->setVar('ssl_comment', ''); } else { $tpl->setVar('ssl_comment', '#'); } if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key') && is_file($install_dir . '/interface/ssl/ispserver.bundle')) { $tpl->setVar('ssl_bundle_comment', ''); } else { $tpl->setVar('ssl_bundle_comment', '#'); } $tpl->setVar('apache_version', getapacheversion()); wf($vhost_conf_dir . '/ispconfig.vhost', $tpl->grab()); //copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost"); //* and create the symlink //if($this->is_update == false) { if (@is_link("{$vhost_conf_enabled_dir}/ispconfig.vhost")) { unlink("{$vhost_conf_enabled_dir}/ispconfig.vhost"); } if (!@is_link("{$vhost_conf_enabled_dir}/000-ispconfig.vhost")) { exec("ln -s {$vhost_conf_dir}/ispconfig.vhost {$vhost_conf_enabled_dir}/000-ispconfig.vhost"); } /* exec('mkdir -p /home/www/php-fcgi-scripts/ispconfig'); exec('cp tpl/apache_ispconfig_fcgi_starter.master /home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); exec('chmod +x /home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); exec('ln -s /usr/local/ispconfig/interface/web /home/www/ispconfig'); exec('chown -R ispconfig:ispconfig /home/www/php-fcgi-scripts/ispconfig'); replaceLine('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter','PHPRC=','PHPRC=/etc/',0,0); */ //if(!is_file('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) { $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master'); $content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content); $content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content); if (!is_dir('/home/www/php-fcgi-scripts/ispconfig')) { exec('mkdir -p /home/www/php-fcgi-scripts/ispconfig'); } wf('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content); exec('chmod +x /home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); if (!is_link('/home/www/ispconfig')) { exec('ln -s /usr/local/ispconfig/interface/web /home/www/ispconfig'); } exec('chown -R ispconfig:ispconfig /home/www/php-fcgi-scripts/ispconfig'); //} //} } if ($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true) { //* Copy the ISPConfig vhost for the controlpanel $vhost_conf_dir = $conf['nginx']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir']; // Dont just copy over the virtualhost template but add some custom settings $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master'); $content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content); if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) { $content = str_replace('{ssl_on}', ' on', $content); $content = str_replace('{ssl_comment}', '', $content); $content = str_replace('{fastcgi_ssl}', 'on', $content); } else { $content = str_replace('{ssl_on}', ' off', $content); $content = str_replace('{ssl_comment}', '#', $content); $content = str_replace('{fastcgi_ssl}', 'off', $content); } $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']); if (substr($socket_dir, -1) != '/') { $socket_dir .= '/'; } if (!is_dir($socket_dir)) { exec('mkdir -p ' . $socket_dir); } $fpm_socket = $socket_dir . 'ispconfig.sock'; //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content); $content = str_replace('{fpm_socket}', $fpm_socket, $content); wf($vhost_conf_dir . '/ispconfig.vhost', $content); unset($content); // PHP-FPM // Dont just copy over the php-fpm pool template but add some custom settings $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master'); $content = str_replace('{fpm_pool}', 'ispconfig', $content); //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content); $content = str_replace('{fpm_socket}', $fpm_socket, $content); $content = str_replace('{fpm_user}', 'ispconfig', $content); $content = str_replace('{fpm_group}', 'ispconfig', $content); wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content); //copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost'); //* and create the symlink if ($this->is_update == false) { if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) { unlink($vhost_conf_enabled_dir . '/ispconfig.vhost'); } if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) { symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost'); } } // create symlink from /usr/share/phpmyadmin to /usr/share/phpMyAdmin, if it is installed if (!@file_exists('/usr/share/phpmyadmin') && @is_dir('/usr/share/phpMyAdmin')) { symlink('/usr/share/phpMyAdmin/', '/usr/share/phpmyadmin'); } } // Make the Clamav log files readable by ISPConfig //exec('chmod +r /var/log/clamav/clamav.log'); //exec('chmod +r /var/log/clamav/freshclam.log'); //* Install the update script if (is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) { unlink('/usr/local/bin/ispconfig_update_from_dev.sh'); } exec('chown root /usr/local/ispconfig/server/scripts/update_from_dev.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_dev.sh'); exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh'); exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh'); if (!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) { exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_dev.sh'); } if (!is_link('/usr/local/bin/ispconfig_update.sh')) { exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh'); } // set the fast cgi starter script to executable // exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi'); //* Make the logs readable for the ispconfig user if (@is_file('/var/log/maillog')) { exec('chmod +r /var/log/maillog'); } //if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn'); //if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err'); if (@is_file('/var/log/messages')) { exec('chmod +r /var/log/messages'); } //To enable apache to read the directories // exec('chmod a+rx /usr/local/ispconfig'); // exec('chmod -R 751 /usr/local/ispconfig/interface'); // exec('chmod a+rx /usr/local/ispconfig/interface/web'); //* Create the ispconfig log directory if (!is_dir($conf['ispconfig_log_dir'])) { mkdir($conf['ispconfig_log_dir']); } if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) { exec('touch ' . $conf['ispconfig_log_dir'] . '/ispconfig.log'); } if (is_user('getmail')) { exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh'); exec('chown getmail /usr/local/bin/run-getmail.sh'); exec('chmod 744 /usr/local/bin/run-getmail.sh'); } // Edit the file Edit the file /etc/sudoers and comment out the requiregetty line, otherwise the backup function will fail replaceLine('/etc/sudoers', 'Defaults requiretty', '#Defaults requiretty', 0, 0); if (is_dir($install_dir . '/interface/invoices')) { exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices')); exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices')); } //* Create the ispconfig auth log file and set uid/gid if (!is_file($conf['ispconfig_log_dir'] . '/auth.log')) { touch($conf['ispconfig_log_dir'] . '/auth.log'); } exec('chown ispconfig:ispconfig ' . $conf['ispconfig_log_dir'] . '/auth.log'); exec('chmod 660 ' . $conf['ispconfig_log_dir'] . '/auth.log'); //* Remove Domain module as its functions are available in the client module now if (@is_dir('/usr/local/ispconfig/interface/web/domain')) { exec('rm -rf /usr/local/ispconfig/interface/web/domain'); } // Add symlink for patch tool if (!is_link('/usr/local/bin/ispconfig_patch')) { exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch'); } // Change mode of a few files from amavisd if (is_file($conf['amavis']['config_dir'] . '/conf.d/50-user')) { chmod($conf['amavis']['config_dir'] . '/conf.d/50-user', 0640); } if (is_file($conf['amavis']['config_dir'] . '/50-user~')) { chmod($conf['amavis']['config_dir'] . '/50-user~', 0400); } if (is_file($conf['amavis']['config_dir'] . '/amavisd.conf')) { chmod($conf['amavis']['config_dir'] . '/amavisd.conf', 0640); } if (is_file($conf['amavis']['config_dir'] . '/amavisd.conf~')) { chmod($conf['amavis']['config_dir'] . '/amavisd.conf~', 0400); } }
<?php } elseif (is_group('developer')) { ?> <a href="<?php echo site_url('page/create'); ?> " class="list-group-item">Page Baru</a> <a href="<?php echo site_url('page/list'); ?> " class="list-group-item">Senarai Page</a> <?php } elseif (is_group('affiliate')) { ?> <a href="<?php echo site_url('dashboard/aff_products'); ?> " class="list-group-item">Senarai Produk</a> <a href="<?php echo site_url('dashboard/aff_sales'); ?> " class="list-group-item">Sales</a> <?php } ?> </div>
/** * Helper function - writes the contents to a config file * and performs a backup if the file exist. Additionally * if the file exists the new file will be given the * same rights and ownership as the original. Optionally the * rights and/or ownership can be overriden by appending umask, * user and group to the parameters. Providing only uid and gid * values will result in only a chown. * * @param $tConf * @param $tContents * @return bool */ protected function write_config_file($tConf, $tContents) { // Backup config file before writing new contents and stat file if (is_file($tConf)) { $stat = exec('stat -c \'%a %U %G\' ' . escapeshellarg($tConf), $output, $res); if ($res == 0) { // stat successfull list($access, $user, $group) = explode(" ", $stat); } if (copy($tConf, $tConf . '~')) { chmod($tConf . '~', 0400); } } wf($tConf, $tContents); // write file if (func_num_args() >= 4) { $args = func_get_args(); $output = array_slice($args, 2); switch (sizeof($output)) { case 3: $umask = array_shift($output); if (is_numeric($umask) && preg_match('/^0?[0-7]{3}$/', $umask)) { $access = $umask; } case 2: if (is_user($output[0]) && is_group($output[1])) { list($user, $group) = $output; } break; } } if (!empty($user) && !empty($group)) { chown($tConf, $user); chgrp($tConf, $group); } if (!empty($access)) { exec("chmod {$access} {$tConf}"); } }
<?php // show_sess(); ?> <div class="list-group"> <?php if (is_group('developer')) { ?> <a href="<?php echo site_url('customer'); ?> " class="list-group-item">Urus Pelanggan</a> <?php } elseif (is_group('user')) { $user = $this->session->userdata('user'); ?> <a href="<?php echo site_url('dashboard/data'); ?> " class="list-group-item">Data</a> <a href="<?php echo site_url('dashboard/report'); ?> " class="list-group-item">Report</a> <a href="<?php echo site_url('dashboard/setting'); ?> " class="list-group-item">Settings</a>