function rootJail($service_id, $username)
{
global $config;
//get the identifier
$id = stripAlphaNumeric(getServiceParam($service_id, "id"));
if ($id === false) {
die("Error: identifier for this service has not been set!\n");
}
//make sure it hasn't been jailed yet
if (getServiceParam($service_id, "jail") !== false || getServiceParam($service_id, "jail_user") !== false || getServiceParam($service_id, "jail_path") !== false) {
die("Error: target service already has jail settings!\n");
}
//get service type
$type = getServiceType($service_id);
if ($type !== "ghost" && $type !== "minecraft" && $type !== "garena" && $type !== "channel") {
//not a process-based service, seems like it can't be jailed?
die("Error: service doesn't seem to be process-based (type={$type})!\n");
}
//add the system user if not exists
if (!file_exists("/home/{$username}/")) {
rexec('adduser --disabled-password --gecos "" ' . escapeshellarg($username));
}
//copy to own directory, and set permissions of result so that username is owner
//we use cp to ensure proper handling of symlinks (PHP documentation doesn't guarantee this)
$source_path = $config[$type . "_path"] . $id . "/";
$target_path = "/home/{$username}/{$id}/";
rexec("cp -r " . escapeshellarg($source_path) . " " . escapeshellarg($target_path));
rexec("chown -R " . escapeshellarg($username . ":" . $username) . " " . escapeshellarg($target_path));
//also, depending on the service, user might need to access files in the service_path directory
//so set permissions on that as well
rexec("chown -R " . escapeshellarg(":" . $username) . " " . escapeshellarg($source_path));
rexec("chmod -R 770 " . escapeshellarg($source_path));
//depending on the service type, we may wish to rewrite some configuration files
if ($type == "ghost") {
//the "maps" and "replays" directory should be changed over to use absolute path to the subdirectory of source
// (since this is how include/ghost.php handles it)
$escaped_source_path = str_replace(array('$', '/', '['), array('\\$', '\\/', '\\['), $source_path);
rexec("sed -i " . escapeshellarg("s/bot_mappath = maps/bot_mappath = {$escaped_source_path}maps/") . " " . escapeshellarg($target_path . "default.cfg"));
rexec("sed -i " . escapeshellarg("s/bot_replaypath = replays/bot_replaypath = {$escaped_source_path}replays/") . " " . escapeshellarg($target_path . "default.cfg"));
}
//update the jail settings
setServiceParam($service_id, "jail", "1");
setServiceParam($service_id, "jail_user", $username);
setServiceParam($service_id, "jail_path", $target_path);
}
function installGarena()
{
global $config;
if (isInstalled("garena")) {
return;
}
chdir($config['root_path']);
rexec("svn co http://gcb.googlecode.com/svn/trunk/bin gcb-bin");
mkdir($config['garena_path']);
chmod($config['garena_path'], 0755);
mkdir($config['garena_path'] . "lib");
chmod($config['garena_path'] . "lib", 0755);
copy($config['root_path'] . "gcb-bin/gcb.jar", $config['garena_path'] . "gcb.jar");
copy($config['root_path'] . "gcb-bin/gcbrooms.txt", $config['garena_path'] . "gcbrooms.txt");
copy($config['root_path'] . "gcb-bin/gkey.pem", $config['garena_path'] . "gkey.pem");
copy($config['root_path'] . "gcb-bin/gcb.cfg", $config['garena_path'] . "gcb.cfg");
recursiveCopy($config['root_path'] . "gcb-bin/lib", $config['garena_path'] . "lib");
installFinish("garena");
}
