#!/bin/sh if [ -z "$MKTEMP" ] ; then MKTEMP="mktemp -t" fi echoIfVerbose () { if [ ""$VERBOSE_INSTALL = "yes" ] ;then echo $1 fi } createDTCuserAndGroup () { echoIfVerbose "===> Create DTC user and group" # This is for OXS if [ -x /usr/bin/niutil ] ; then NIUTIL=/usr/bin/niutil if [ ! $NIUTIL -list . /groups | grep ""${CONF_DTC_SYSTEM_GROUPNAME} ] ; then $NIUTIL -create . /groups/${CONF_DTC_SYSTEM_GROUPNAME} fi CONF_DTC_SYSTEM_GID=`$NIUTIL -list . /groups | grep ${CONF_DTC_SYSTEM_GROUPNAME} | cut -d" " -f1` if [ ! $NIUTIL -list . /users | grep ""${CONF_DTC_SYSTEM_USERNAME} ] ; then $NIUTIL -create . /users/${CONF_DTC_SYSTEM_USERNAME} gid ${CONF_DTC_SYSTEM_GID} fi CONF_DTC_SYSTEM_UID=`$NIUTIL -list . /users | grep ${CONF_DTC_SYSTEM_USERNAME} | cut -d" " -f1` $NIUTIL -createprop . /groups/${CONF_DTC_SYSTEM_GROUPNAME} gid ${CONF_DTC_SYSTEM_GID} $NIUTIL -createprop . /users/${CONF_DTC_SYSTEM_USERNAME} gid ${CONF_DTC_SYSTEM_GID} $NIUTIL -createprop . /users/${CONF_DTC_SYSTEM_USERNAME} uid ${CONF_DTC_SYSTEM_UID} else if [ -x /usr/compat/linux/usr/bin/getent ] ; then GETENT=/usr/compat/linux/usr/bin/getent else GETENT=getent fi if ${GETENT} group ${CONF_DTC_SYSTEM_GROUPNAME} >/dev/null ; then echoIfVerbose "-> Group ${CONF_DTC_SYSTEM_GROUPNAME} already exists: skipping creation!" else if [ -x /usr/sbin/groupadd ] ; then /usr/sbin/groupadd ${CONF_DTC_SYSTEM_GROUPNAME} else # This is for freebsd pw groupadd ${CONF_DTC_SYSTEM_GROUPNAME} fi fi CONF_DTC_SYSTEM_GID=`${GETENT} group ${CONF_DTC_SYSTEM_GROUPNAME} | cut -d':' -f3` if ${GETENT} passwd ${CONF_DTC_SYSTEM_USERNAME} >/dev/null ; then echoIfVerbose "-> User ${CONF_DTC_SYSTEM_USERNAME} already exists: skipping creation!" else if [ -x /usr/sbin/useradd ] ; then if [ -x /bin/bash ] ; then /usr/sbin/useradd -m -s /bin/bash -g ${CONF_DTC_SYSTEM_GROUPNAME} ${CONF_DTC_SYSTEM_USERNAME} else echo "Could not find a shell, please fix me here!!!" fi # This one is for freebsd else if [ -x /bin/sh ] ; then pw useradd ${CONF_DTC_SYSTEM_USERNAME} -g ${CONF_DTC_SYSTEM_GROUPNAME} -s /bin/sh else echo "Could not find a shell, please fix me here!!!" fi fi fi CONF_DTC_SYSTEM_UID=`${GETENT} passwd ${CONF_DTC_SYSTEM_USERNAME} | cut -d':' -f3` fi if [ -z ""$CONF_DTC_SYSTEM_UID ] ; then echo "No dtc system user: exiting" exit 1 fi if [ -z ""$CONF_DTC_SYSTEM_GID ] ; then echo "No dtc system group: exiting" exit 1 fi } searchPATH_PHP_CGI () { echoIfVerbose "===> Seaching for php binary" if [ -e /usr/bin/php ] ; then PATH_PHP_CGI="/usr/bin/php" else if [ -e /usr/bin/php4 ] ; then PATH_PHP_CGI="/usr/bin/php4" else if [ -e /usr/bin/php5 ] ; then PATH_PHP_CGI="/usr/bin/php5" else if [ -e "/usr/local/bin/php" ] ; then PATH_PHP_CGI="/usr/local/bin/php" else echo "Could not found the php cli binary!!!" exit 0 fi fi fi fi } # Do a test to check php version. Those fucking PHP guys had # made things so simple that this test is not very short... :( searchPHPversion () { echoIfVerbose "-> Searching for PATH_PHP_CGI" CNT=`${PATH_PHP_CGI} -v | wc -l` if [ $CNT -ge 2 ] then PHPVE=`${PATH_PHP_CGI} -v | head -n 1 | cut -f2 -d" "` else PHPVE=`${PATH_PHP_CGI} -v || true` fi PHPMAJOR=`echo $PHPVE | cut -f1 -d"."` PHPMINOR=`echo $PHPVE | cut -f2 -d"."` echoIfVerbose "The DTC installer has detected PHP version $PHPMAJOR release $PHPMINOR" } searchPATH_PHP_INI_CLI () { echoIfVerbose "-> Searching for PATH_PHP_INI_CLI" # This one is for FreeBSD if [ -f /usr/local/etc/php.ini ] ; then PATH_PHP_INI_CLI=/usr/local/etc/php.ini # This one for RedHat / CentOS elif [ -f /etc/php.ini ] ; then PATH_PHP_INI_CLI=/etc/php.ini # This one for Gentoo elif [ -f /etc/php/apache2-php5/php.ini ] ; then echo "FIX ME!!! Is gentoo path for php cli really in /etc/php/apache2-php5/php.ini ??? FIX ME!!!" PATH_PHP_INI_CLI=/etc/php/apache2-php5/php.ini elif [ ""${PHPMAJOR} -lt 5 ] ; then if [ -f /etc/php4/cli/php.ini ] ; then PATH_PHP_INI_CLI=/etc/php4/cli/php.ini else echo "Cannot find php.ini path!" exit 1 fi else if [ -f /etc/php5/cli/php.ini ] ; then PATH_PHP_INI_CLI=/etc/php5/cli/php.ini else echo "Cannot find php.ini path!" exit 1 fi fi } searchDebianVersion () { if [ -f /etc/debian_version ] ; then echoIfVerbose "-> Searching for debian version" DEBIAN_VERSION=`cat /etc/debian_version` DEBIAN_VERSION_MINOR=`echo ${DEBIAN_VERSION} | cut -f2 -d"."` DEBIAN_VERSION_MAJOR=`echo ${DEBIAN_VERSION} | cut -f1 -d"."` fi } searchPATH_PHP_INI_APACHE () { echoIfVerbose "-> Searching for php.ini for the apache $conf_apache_version module and php ${PHPMAJOR}" # This one is for FreeBSD if [ -f /usr/local/etc/php.ini ] ; then PATH_PHP_INI_APACHE=/usr/local/etc/php.ini # This one for RedHat and Centos, and osx ! elif [ -f /etc/php.ini -o -f /etc/php.ini.default ] ; then if [ ! -f /etc/php.ini ] ; then cp /etc/php.ini.default /etc/php.ini fi PATH_PHP_INI_APACHE=/etc/php.ini # This one for Gentoo elif [ -f /etc/php/apache2-php5/php.ini ] ; then PATH_PHP_INI_APACHE=/etc/php/apache2-php5/php.ini elif [ ""$conf_apache_version = "2" ] ; then if [ ""${PHPMAJOR} -lt 5 ] ; then if [ -f /etc/php4/apache2/php.ini ] ; then PATH_PHP_INI_APACHE=/etc/php4/apache2/php.ini else echo "Problem in your setup. You asked to setup apache2, the PHP cli version is 4 but there is no /etc/php4/apache2/php.ini"; exit 1 fi else if [ -f /etc/php5/apache2/php.ini ] ; then PATH_PHP_INI_APACHE=/etc/php5/apache2/php.ini else echo "Problem in your setup. You asked to setup apache2, the PHP cli version is 5 but there is no /etc/php5/apache2/php.ini"; exit 1 fi fi elif [ ""${PHPMAJOR} -lt 5 ] ; then if [ -f /etc/php4/apache/php.ini ] ; then PATH_PHP_INI_APACHE=/etc/php4/apache/php.ini else echo "Problem in your setup. You asked to setup apache 1.3, the PHP cli version is 4 but there is no /etc/php4/apache/php.ini"; exit 1 fi else if [ -f /etc/php5/apache/php.ini ] ; then PATH_PHP_INI_APACHE=/etc/php5/apache/php.ini else echo "Problem in your setup. You asked to setup apache 1.3, the PHP cli version is 5 but there is no /etc/php5/apache/php.ini"; exit 1 fi fi } searchPATH_SUDO () { echoIfVerbose "-> Searching for sudo path" # if we have a sudo binary around, then use it to create our chroot shell # check for some path defaults... if [ -z "$PATH_SUDO" ]; then PATH_SUDO=`which sudo` fi if [ -z "$PATH_CHROOT" ]; then PATH_CHROOT=`which chrootuid` fi if [ -z "$PATH_SHELLS_CONF" ]; then PATH_SHELLS_CONF=/etc/shells fi if [ -z "$PATH_SUDOERS_CONF" ]; then PATH_SUDOERS_CONF=/etc/sudoers fi } # This part is debian specific because of a confirmed debian bug in sarge with php4-mysql # leak in distribution. Whis is that not made by default ? # Adding support for mysql for phpX-cgi modifyPHP_INI_EXTENSIONS () { # Unactived in new debian (eg newer than sarge) if [ $DEBIAN_VERSION_MAJOR -lt 4 ] ; then echoIfVerbose "===> Modifying php.ini extensions" # The following is a code for sarge. Will be removed when Etch is out, not before. if [ -f ${PATH_PHP_INI_CLI} ] ; then if grep mysql.so ${PATH_PHP_INI_CLI} | grep extension= >/dev/null then echo -n "" else echo "extension=mysql.so" >>${PATH_PHP_INI_CLI} fi fi if [ -f /etc/php4/apache/php.ini ] ; then if grep mysql.so /etc/php4/apache/php.ini | grep extension= >/dev/null then echo -n "" else echo "extension=mysql.so" >>/etc/php4/cli/php.ini fi fi if [ -f /etc/php5/apache/php.ini ] ; then if grep mysql.so /etc/php5/apache/php.ini | grep extension= >/dev/null then echo -n "" else echo "extension=mysql.so" >>/etc/php5/cli/php.ini fi fi fi } changeMySQLPassword () { # Changing root password of mysql if [ "$conf_mysql_change_root" = "true" ] ; then echo "===> Changing MySQL root password" echo "MySQL will now prompt your for the password to connect to" echo "the database. This is the OLD password that was there before" echo "you launched this script. If you didn't setup a root pass for" echo "mysqld, just hit ENTER to use empty pass." mysql -u$conf_mysql_login -p -h$conf_mysql_host -Dmysql --execute="UPDATE user SET Password=PASSWORD('"$conf_mysql_pass"') WHERE User='root'; FLUSH PRIVILEGES;" fi } modifyResolvConf () { echoIfVerbose "===> Checking \"nameserver 127.0.0.1\" in /etc/resolv.conf" if grep "nameserver 127.0.0.1" /etc/resolv.conf >/dev/null then echoIfVerbose "/etc/resolv.conf seems to be OK !" else echoIfVerbose "Adding nameserver 127.0.0.1 to /etc/resolv.conf" TMP_FILE=`mktemp -t DTC_resolv.conf.XXXXXX` || exit 1 if grep "search" /etc/resolv.conf >/dev/null ; then grep "search" /etc/resolv.conf > $TMP_FILE fi echo "nameserver 127.0.0.1" >> $TMP_FILE if grep "nameserver" /etc/resolv.conf ; then grep "nameserver" /etc/resolv.conf >> $TMP_FILE fi cat < $TMP_FILE >/etc/resolv.conf rm $TMP_FILE fi } chownSquirrelAndFastcgiToDtcUserAndGroup () { echoIfVerbose "===> Chgrp /var/lib/squirrelmail/data/ /var/spool/squirrelmail/attach and /var/lib/apache2/fastcgi" # Search for Squirrelmail folder to change it's GID so it works directly if [ -e /var/lib/squirrelmail/data/ ]; then chgrp nogroup /var/lib/squirrelmail/data/ fi if [ -e /var/spool/squirrelmail/attach ] ; then chgrp nogroup /var/spool/squirrelmail/attach fi if [ -e /var/lib/apache2/fastcgi ] ; then chown -R ${CONF_DTC_SYSTEM_USERNAME}:nogroup /var/lib/apache2/fastcgi fi } # Do a search and replace in a file using sh # Params: # $1 - File where to search # $2 - String to search # $3 - String to replace # $4 - MKTEMP binary and params searchAndReplace () { if ! grep ${2} ${1} >/dev/null 2>&1 ; then TMP_FILE=`${MKTEMP} DTC_SAR_TEMP.XXXXXX` || exit 1 sed "s/${2}/${3}/" ${1} >${TMP_FILE} cat ${TMP_FILE} >${1} rm -f ${TMP_FILE} fi } searchMYSQL_DB_SOCKET_PATH () { echoIfVerbose "-> Searching for mysql.sock" if [ -z ""$MYSQL_DB_SOCKET_PATH ] ;then if [ $UNIX_TYPE"" = "freebsd" -o $UNIX_TYPE"" = "osx" ] ; then MYSQL_DB_SOCKET_PATH="/tmp/mysql.sock" else MYSQL_DB_SOCKET_PATH="/var/run/mysqld/mysqld.sock" fi fi } # Param: # $1 = subdomain to create createSubdomainDirAndFiles () { # Copy newly created chroot tree to the 3 vhosts created with this installer (mx and ns don't have apache vhosts generated) echoIfVerbose "===> Installing chroot file environment for "$1"."$main_domain_name TMP_PATH=$conf_hosting_path"/"$conf_adm_login"/"$main_domain_name"/subdomains/"$1 mkdir -p $TMP_PATH"/html" mkdir -p $TMP_PATH"/logs" mkdir -p $TMP_PATH"/cgi-bin" if [ $UNIX_TYPE"" = "freebsd" -o $UNIX_TYPE"" = "osx" ] ; then cp -fpR $conf_chroot_path/* $TMP_PATH"/" else cp -fupR $conf_chroot_path/* $TMP_PATH"/" fi } createHostingDirAndFiles () { # Create hosting directories for main site echoIfVerbose "===> Creating directory for hosting "$main_domain_name DOMAIN_FOLDER=$conf_hosting_path"/"$conf_adm_login"/"$main_domain_name mkdir -p $DOMAIN_FOLDER"/Mailboxs" mkdir -p $DOMAIN_FOLDER"/mysql" createSubdomainDirAndFiles $dtc_admin_subdomain createSubdomainDirAndFiles www createSubdomainDirAndFiles 404 ADMIN_HOME=$DOMAIN_FOLDER"/subdomains/"$dtc_admin_subdomain"/html" if ! [ -e $ADMIN_HOME/index.* ] ;then cp $PATH_DTC_SHARED"/shared/default_admin_site.php" $ADMIN_HOME"/index.php" if ! [ -f $ADMIN_HOME"/dtc_logo.gif" ] ;then cp $PATH_DTC_SHARED"/shared/template/dtc_logo.gif" $ADMIN_HOME fi if ! [ -f $ADMIN_HOME"/favicon.ico" ] ;then cp $PATH_DTC_SHARED"/shared/template/favicon.ico" $ADMIN_HOME fi fi # Copy a template site to the new main site MAINSITE_HOME=$DOMAIN_FOLDER"/subdomains/www/html" if ! [ -e $MAINSITE_HOME/index.* ] ;then cp $PATH_DTC_SHARED"/shared/template/index.php" $MAINSITE_HOME if ! [ -e $MAINSITE_HOME"/dtc_logo.gif" ] ;then cp $PATH_DTC_SHARED"/shared/template/dtc_logo.gif" $MAINSITE_HOME fi fi # symlink directories so that users can login with ssh to the admin account directory if [ ! -e $conf_hosting_path/$conf_adm_login/bin ]; then ln -s $main_domain_name/subdomains/www/bin $conf_hosting_path/$conf_adm_login/bin; fi if [ ! -e $conf_hosting_path/$conf_adm_login/var ]; then ln -s $main_domain_name/subdomains/www/var $conf_hosting_path/$conf_adm_login/var; fi if [ ! -e $conf_hosting_path/$conf_adm_login/lib ]; then ln -s $main_domain_name/subdomains/www/lib $conf_hosting_path/$conf_adm_login/lib; fi if [ ! -e $conf_hosting_path/$conf_adm_login/sbin ]; then ln -s $main_domain_name/subdomains/www/sbin $conf_hosting_path/$conf_adm_login/sbin; fi if [ ! -e $conf_hosting_path/$conf_adm_login/tmp ]; then ln -s $main_domain_name/subdomains/www/tmp $conf_hosting_path/$conf_adm_login/tmp; fi if [ ! -e $conf_hosting_path/$conf_adm_login/usr ]; then ln -s $main_domain_name/subdomains/www/usr $conf_hosting_path/$conf_adm_login/usr; fi if [ ! -e $conf_hosting_path/$conf_adm_login/dev ]; then ln -s $main_domain_name/subdomains/www/dev $conf_hosting_path/$conf_adm_login/dev; fi if [ ! -e $conf_hosting_path/$conf_adm_login/etc ]; then ln -s $main_domain_name/subdomains/www/etc $conf_hosting_path/$conf_adm_login/etc; fi # also, so the user can login to the main domain names base directory if [ ! -e $conf_hosting_path/$conf_adm_login/$main_domain_name/bin ]; then ln -s subdomains/www/bin $conf_hosting_path/$conf_adm_login/$main_domain_name/bin; fi if [ ! -e $conf_hosting_path/$conf_adm_login/$main_domain_name/var ]; then ln -s subdomains/www/var $conf_hosting_path/$conf_adm_login/$main_domain_name/var; fi if [ ! -e $conf_hosting_path/$conf_adm_login/$main_domain_name/lib ]; then ln -s subdomains/www/lib $conf_hosting_path/$conf_adm_login/$main_domain_name/lib; fi if [ ! -e $conf_hosting_path/$conf_adm_login/$main_domain_name/sbin ]; then ln -s subdomains/www/sbin $conf_hosting_path/$conf_adm_login/$main_domain_name/sbin; fi if [ ! -e $conf_hosting_path/$conf_adm_login/$main_domain_name/tmp ]; then ln -s subdomains/www/tmp $conf_hosting_path/$conf_adm_login/$main_domain_name/tmp; fi if [ ! -e $conf_hosting_path/$conf_adm_login/$main_domain_name/usr ]; then ln -s subdomains/www/usr $conf_hosting_path/$conf_adm_login/$main_domain_name/usr; fi if [ ! -e $conf_hosting_path/$conf_adm_login/$main_domain_name/dev ]; then ln -s subdomains/www/dev $conf_hosting_path/$conf_adm_login/$main_domain_name/dev; fi if [ ! -e $conf_hosting_path/$conf_adm_login/$main_domain_name/etc ]; then ln -s subdomains/www/etc $conf_hosting_path/$conf_adm_login/$main_domain_name/etc; fi # copy the 404 index.php file if none is found. if ! [ -e $conf_hosting_path/$conf_adm_login/$main_domain_name/subdomains/404/html/index.* ]; then if [ -e $PATH_DTC_SHARED/shared/404_template/index.php ]; then cp $PATH_DTC_SHARED/shared/404_template/index.php $conf_hosting_path"/"$conf_adm_login"/"$main_domain_name"/subdomains/404/html/" fi fi # copy the Error 404 document if ! [ -e $conf_hosting_path/$conf_adm_login/$main_domain_name/subdomains/www/html/404.* ]; then if [ -e $PATH_DTC_SHARED/shared/404_template/404.php ]; then cp $PATH_DTC_SHARED/shared/404_template/404.php $conf_hosting_path"/"$conf_adm_login"/"$main_domain_name"/subdomains/www/html/" fi fi # copy the expired.php to the destination folder if ! [ -e $PATH_DTC_ETC/expired_site ] ; then mkdir -p $PATH_DTC_ETC/expired_site fi if ! [ -e $PATH_DTC_ETC/expired_site/index.* ] ; then cp $PATH_DTC_SHARED/shared/404_template/expired.php $PATH_DTC_ETC/expired_site/index.php fi # also copy it to the dtc404 directory if ! [ -e $PATH_DTC_ETC/dtc404/404.php ]; then mkdir -p $PATH_DTC_ETC/dtc404/ cp $PATH_DTC_SHARED/shared/404_template/404.php $PATH_DTC_ETC/dtc404/ fi # copy the template directory from shared to etc, so we can edit it without worry of being purged on each install # only copy the directory, if it doesn't already exist in the etc path if [ -e "$PATH_DTC_SHARED/shared/template" ]; then if [ ! -e "$PATH_DTC_ETC/template" ]; then cp -r $PATH_DTC_SHARED/shared/template $PATH_DTC_ETC fi chown -R ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $PATH_DTC_ETC/template chmod -R 775 $PATH_DTC_ETC/template fi # fix the perms for the gfx and imgcache chown -hR ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $PATH_DTC_SHARED/shared/imgcache chown -hR ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $PATH_DTC_SHARED/shared/gfx chown -hR ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $PATH_DTC_SHARED/client/imgcache chown -hR ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $PATH_DTC_SHARED/client/gfx chown -R ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} ${PATH_DTC_ETC} set +e echoIfVerbose "chown -R ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $conf_hosting_path" chown -R ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $conf_hosting_path set -e } setDtcdbPassword () { echoIfVerbose "-> Setting up dtcdaemons password" # Add a dtc user to the mysql db, generate a password randomly if no password is there already # Using a file to remember password... if [ $UNIX_TYPE"" = "freebsd" -o $UNIX_TYPE"" = "osx" ] ; then gen_pass=`mktemp -t "" | cut -d'.' -f2` gen_pass=${gen_pass}`mktemp -t "" | cut -d'.' -f2` else gen_pass=${RANDOM}${RANDOM} fi PATH_DB_PWD_FILE=${PATH_DTC_ETC}/dtcdb_passwd if ! [ -e ""${PATH_DB_PWD_FILE} ] ;then MYSQL_DTCDAEMONS_PASS=`echo ${gen_pass}` echo ${MYSQL_DTCDAEMONS_PASS} >${PATH_DB_PWD_FILE} else MYSQL_DTCDAEMONS_PASS=`cat <${PATH_DB_PWD_FILE}` fi if [ -z "${MYSQL_DTCDAEMONS_PASS}" ] ;then MYSQL_DTCDAEMONS_PASS=${gen_pass} echo ${MYSQL_DTC_PASS} >${PATH_DB_PWD_FILE} fi chmod 600 ${PATH_DB_PWD_FILE} } setupDTCDatabase () { echoIfVerbose "===> DTC is now creating it's database:" if [ ""$conf_mysql_cli_path = "" ] ; then echoIfVerbose "->mysql_cli_path is not set" conf_mysql_cli_path="mysql"; fi if [ ""$conf_mysqlshow_cli_path = "" ] ; then echoIfVerbose "mysqlshow_cli_path is not set" conf_mysqlshow_cli_path="mysqlshow"; fi if [ "$conf_mysql_pass" = "" ] ; then echoIfVerbose "Setting up mysql cli "$conf_mysql_cli_path" without password" MYSQL=""$conf_mysql_cli_path MYSQLSHOW=$conf_mysqlshow_cli_path else echoIfVerbose "Setting up mysql cli with password" MYSQL=$conf_mysql_cli_path" -p${conf_mysql_pass}" MYSQLSHOW=$conf_mysqlshow_cli_path" -p${conf_mysql_pass}" fi create_tables=${PATH_DTC_SHARED}"/admin/tables" # fix the group id for nobody group perl -i -p -e "s/65534/${CONF_DTC_SYSTEM_GID}/g" ${create_tables}/*.sql curdir=`pwd` echoIfVerbose "-> Installing or upgrading DTC database: dtc " $MYSQL -u$conf_mysql_login -h$conf_mysql_host --execute="CREATE DATABASE IF NOT EXISTS "$conf_mysql_db echoIfVerbose "-> Checking version of mysql installed..." # mysql Ver 14.7 Distrib 4.1.20, for pc-linux-gnu (i386) using readline 5.1 MYSQL_VERSION=`mysql -V` MYSQL_VER=30 case $MYSQL_VERSION in *Distrib\ 3.*) echoIfVerbose "Found version 3.x ..." MYSQL_VER=30 ;; *Distrib\ 4.0*) echoIfVerbose "Found version 4.0.x ..." MYSQL_VER=40 ;; *Distrib\ 4.1*) echoIfVerbose "Found version 4.1.x ..." MYSQL_VER=41 ;; *Distrib\ 5.*) echoIfVerbose "Found version 5.x ..." MYSQL_VER=50 ;; esac if [ ""$MYSQL_VER -gt 40 ]; then echoIfVerbose "Modifying character set to latin1..." $MYSQL -u$conf_mysql_login -h$conf_mysql_host --execute="ALTER DATABASE \`$conf_mysql_db\` DEFAULT CHARACTER SET latin1 COLLATE latin1_bin;" fi echoIfVerbose -n " apachelogs" $MYSQL -u$conf_mysql_login -h$conf_mysql_host --execute="CREATE DATABASE IF NOT EXISTS apachelogs" if [ ""$MYSQL_VER -gt 40 ]; then $MYSQL -u$conf_mysql_login -h$conf_mysql_host --execute="ALTER DATABASE apachelogs DEFAULT CHARACTER SET latin1 COLLATE latin1_bin;" fi cd $create_tables for i in $( ls *.sql ); do table_name=`echo $i | cut -f1 -d"."` echoIfVerbose -n $table_name" " table_create=`cat $i` $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db <$i done echoIfVerbose "done." # fix some tables for 4.1 if [ ""$MYSQL_VER -gt 40 ]; then $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="ALTER TABLE fetchmail DEFAULT CHARACTER SET latin1 COLLATE latin1_bin;" fi #echo $PATH_PHP_CGI $PATH_DTC_ADMIN/restor_db.php -u $conf_mysql_login -h $conf_mysql_host -d $conf_mysql_db $conf_mysql_pass if [ ""$VERBOSE_INSTALL = "yes" ] ;then cd $PATH_DTC_ADMIN; $PATH_PHP_CGI $PATH_DTC_ADMIN/restor_db.php -u $conf_mysql_login -h $conf_mysql_host -d $conf_mysql_db "$conf_mysql_pass" else cd $PATH_DTC_ADMIN; $PATH_PHP_CGI $PATH_DTC_ADMIN/restor_db.php -u $conf_mysql_login -h $conf_mysql_host -d $conf_mysql_db "$conf_mysql_pass" >/dev/null fi cd $curdir echoIfVerbose "===> Inserting values in mysql for hosting "$main_domain_name $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO groups (members) VALUES ('zigo')" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO admin (adm_login,adm_pass,path) VALUES ('"$conf_adm_login"','"$conf_adm_pass"','"$conf_hosting_path"/"$conf_adm_login"')" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO domain (name,owner,default_subdomain,generate_flag,ip_addr) VALUES ('"$main_domain_name"','"$conf_adm_login"','www','yes','"$conf_ip_addr"')" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO subdomain (domain_name,subdomain_name,path) VALUES ('"$main_domain_name"','www','www')" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO subdomain (domain_name,subdomain_name,path) VALUES ('"$main_domain_name"','404','404')" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO subdomain(domain_name,subdomain_name,ip) VALUES ('"$main_domain_name"','ns1','$conf_ip_addr')" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO subdomain(domain_name,subdomain_name,ip) VALUES ('"$main_domain_name"','mx','$conf_ip_addr')" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO subdomain (domain_name,subdomain_name,path) VALUES ('"$main_domain_name"','"$dtc_admin_subdomain"','www')" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO config (unicrow,demo_version,main_site_ip,site_addrs,addr_mail_server,webmaster_email_addr,addr_primary_dns,administrative_site,site_root_host_path,generated_file_path,dtcshared_path,dtcadmin_path,dtcclient_path,mta_type,main_domain,404_subdomain) VALUES('1','no','"$conf_ip_addr"','"$conf_ip_addr"','mx."$main_domain_name"','webmaster@"$main_domain_name"','ns1."$main_domain_name"','"$dtc_admin_subdomain"."$main_domain_name"','"$conf_hosting_path"','"$PATH_DTC_ETC"','"$PATH_DTC_SHARED"','"$PATH_DTC_ADMIN"','"$PATH_DTC_CLIENT"','"$conf_mta_type"','"$main_domain_name"','404')" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO cron_job (unicrow,reload_named,restart_apache,gen_vhosts,gen_named) VALUES ('1','yes','yes','yes','yes')" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO secpayconf (unicrow,use_paypal,paypal_rate,paypal_flat,paypal_autovalidate,paypal_email) VALUES ('1','yes','3.21','0.50','no','webmaster@"$main_domain_name"')" # Regenerate the "main" domain on each installs... $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE domain SET generate_flag='yes' WHERE name='"$main_domain_name"'" # This one is in case of reinstalltion, so the installer has prority to old values $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE config SET main_site_ip='"$conf_ip_addr"',administrative_site='"$dtc_admin_subdomain"."$main_domain_name"',site_root_host_path='"$conf_hosting_path"',generated_file_path='"$PATH_DTC_ETC"',mta_type='"$conf_mta_type"',main_domain='"$main_domain_name"',404_subdomain='404',apache_version='"$conf_apache_version"' WHERE 1" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE cron_job SET qmail_newu='yes',restart_qmail='yes',gen_qmail='yes',reload_named='yes',restart_apache='yes',gen_vhosts='yes',gen_named='yes' WHERE 1" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE config SET php_library_path='/usr/lib/php:/tmp:/usr/share/pear:$PATH_DTC_ETC/dtc404:/usr/share/php', dtc_system_uid='$CONF_DTC_SYSTEM_UID', dtc_system_username='$CONF_DTC_SYSTEM_USERNAME', dtc_system_gid='$CONF_DTC_SYSTEM_GID',dtc_system_groupname='$CONF_DTC_SYSTEM_GROUPNAME' WHERE 1" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE domain SET ip_addr='"$conf_ip_addr"', generate_flag='yes' WHERE name='"$main_domain_name"'" # Fix the rights for the UIDs in tables $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE ftp_access SET uid='$CONF_DTC_SYSTEM_UID',gid='$CONF_DTC_SYSTEM_GID' WHERE 1" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE pop_access SET uid='$CONF_DTC_SYSTEM_UID',gid='$CONF_DTC_SYSTEM_GID' WHERE 1" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE ssh_access SET uid='$CONF_DTC_SYSTEM_UID',gid='$CONF_DTC_SYSTEM_GID' WHERE 1" # Here are some DB maintainance for old DTC versions $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="ALTER TABLE subdomain CHANGE ip ip VARCHAR(255) DEFAULT 'default' NOT NULL" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="ALTER TABLE ftp_access CHANGE homedir homedir VARCHAR(255) DEFAULT '' NOT NULL" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="ALTER TABLE pop_access CHANGE crypt crypt VARCHAR(255) DEFAULT '' NOT NULL" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="ALTER TABLE pop_access CHANGE passwd passwd VARCHAR(255) DEFAULT '' NOT NULL" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="ALTER TABLE paiement CHANGE secpay_site secpay_site enum('none', 'paypal', 'worldpay','enets') DEFAULT 'none' NOT NULL" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE pop_access SET crypt=ENCRYPT(passwd,CONCAT(\"\$1\$\",SUBSTRING(crypt,4,8)))" # fix size of accounting variables to store more info $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="ALTER TABLE http_accounting CHANGE bytes_receive bytes_receive BIGINT(14) UNSIGNED NOT NULL DEFAULT '0'" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="ALTER TABLE http_accounting CHANGE bytes_sent bytes_sent BIGINT(14) UNSIGNED NOT NULL DEFAULT '0'" # Add dtc userspace info to mysql db if it's not there TMP_FILE=`${MKTEMP} dtc_downer_grep.XXXXXXXX` || exit 1 $MYSQL -u$conf_mysql_login -h$conf_mysql_host -Dmysql --execute="DESCRIBE user dtcowner" >${TMP_FILE} if ! grep dtcowner ${TMP_FILE} 2>&1 >/dev/null ;then echoIfVerbose "Adding dtcowner column to mysql.user" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="ALTER IGNORE TABLE mysql.user ADD dtcowner varchar (255) DEFAULT 'none' NOT NULL" fi if [ -e ${TMP_FILE} ] ;then rm ${TMP_FILE} fi # Add a fullemail field to the pop table if not exists. TMP_FILE=`${MKTEMP} dtc_pop_access_grep.XXXXXXXX` || exit 1 $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="DESCRIBE pop_access fullemail" >${TMP_FILE} if ! grep fullemail ${TMP_FILE} 2>&1 >/dev/null ;then echoIfVerbose "Adding fullemail column to dtc.pop_access and updating id@mbox_host field." if $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="ALTER IGNORE TABLE pop_access ADD fullemail varchar (255) DEFAULT 'none' NOT NULL" ; then echo -n "" fi $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE pop_access SET fullemail = concat( \`id\`, '@', \`mbox_host\` )" fi if [ -e ${TMP_FILE} ] ;then rm ${TMP_FILE} fi # Inserting the user $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.user (Host, User, Password, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv) VALUES ('localhost', 'dtcdaemons', PASSWORD('"${MYSQL_DTCDAEMONS_PASS}"'), 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N')" # Update the password in case of (bad) reinstallation case $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE mysql.user SET Password=PASSWORD('"${MYSQL_DTCDAEMONS_PASS}"') WHERE User='dtcdaemons'" # grant Select,Insert,Update,Delete,References,Index to ftp_access $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'ftp_access', '', NOW(NULL), 'Select,Insert,Update,Delete,References,Index', 'Select')" # grant Select,Insert,Update,Delete,References,Index to ftp_access $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'groups', '', NOW(NULL), 'Select,Insert,Update,Delete,References,Index', 'Select')" # grant Select,Insert,Update,Delete,References,Index to ftp_logs $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'ftp_logs', '', NOW(NULL), 'Select,Insert,Update,Delete,References,Index', '')" # grant Select,Insert,Update,Delete,References,Index to ftp_accounting $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'ftp_accounting', '', NOW(NULL), 'Select,Insert,Update,Delete,References,Index', '')" # grant Select,Insert,Update,Delete,References,Index to http_accounting $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'http_accounting', '', NOW(NULL), 'Select,Insert,Update,Delete,References,Index', '')" # grant all to apachelogs $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Grant_priv, References_priv, Index_priv, Alter_priv) VALUES ('localhost', 'apachelogs', 'dtcdaemons', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'N', 'Y', 'Y', 'Y')" # grant select to pop_access $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'pop_access', '', NOW(NULL), 'Select,Update', 'Select,Update')" # update in case of old installations $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE IGNORE mysql.tables_priv SET Timestamp = NOW(NULL) , Table_priv = 'Select,Update', Column_priv = 'Select,Update' WHERE Host = 'localhost' AND Db = '"$conf_mysql_db"' AND User = 'dtcdaemons' AND Table_name = 'pop_access' LIMIT 1 " #$MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="GRANT SELECT , UPDATE ( crypt , passwd ) ON dtc.pop_access TO 'dtcdaemons'@'localhost'" # grant select to ssh_access $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'ssh_access', '', NOW(NULL), 'Select,Update', 'Select,Update')" # grant select to ssh_groups $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'ssh_groups', '', NOW(NULL), 'Select,Update', 'Select,Update')" # grant select to ssh_user_group $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'ssh_user_group', '', NOW(NULL), 'Select,Update', 'Select,Update')" # populate some data into the ssh_groups table, so that it works correctly $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO ssh_groups (group_id, group_name, status, group_password, gid) VALUES (NULL, 'root', 'A', 'x', 0), (NULL, 'nobody', 'A', 'x', 99), (NULL, 'nobody', 'A', 'x', 65534);" # grant Select,Insert,Update,Delete,References,Index to smtp_logs $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'smtp_logs', '', NOW(NULL), 'Select,Insert,Update,Delete,References,Index', '')" # grant select to whitelist $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'whitelist', '', NOW(NULL), 'Select', 'Select')" # grant select to fetchmail $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO mysql.tables_priv (Host, Db, User, Table_name, Grantor, Timestamp, Table_priv, Column_priv) VALUES ('localhost', '"$conf_mysql_db"', 'dtcdaemons', 'fetchmail', '', NOW(NULL), 'Select', 'Select')" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="FLUSH PRIVILEGES" # Setup good values depending on Unix distribution $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE config SET dtcadmin_path='${PATH_DTC_ADMIN}', dtcclient_path='${PATH_DTC_CLIENT}', dtcdoc_path='${PATH_DTC_SHARED}/doc', dtcemail_path='${PATH_DTC_SHARED}/email' WHERE 1" # Add the config for nated vhosts if needed if [ ""$conf_use_nated_vhosts = "true" ] ; then echoIfVerbose "Setting-up values in MySQL for using NAT" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE config SET use_nated_vhost='yes'" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE config SET nated_vhost_ip='"${conf_nated_vhosts_ip}"'" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE config SET use_multiple_ip='no'" else echoIfVerbose "Setting-up values in MySQL NOT using NAT" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE config SET use_nated_vhost='no'" fi # Set the value to use SSL directly... if [ ""$conf_gen_ssl_cert = "true" ] ; then echoIfVerbose "Adding the use of SSL directly!" $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="UPDATE config SET use_ssl='yes'" fi # Insert the cyrus user so we can use cyradm if [ ""$UNIX_TYPE = "freebsd" ] ; then $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO pop_access (id,fullemail,passwd,crypt) VALUES('cyrus','cyrus@"${main_domain_name}"','"${conf_cyrus_pass}"',ENCRYPT('"${conf_cyrus_pass}"'))" else $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO pop_access (id,fullemail,passwd,crypt) VALUES('cyrus','cyrus','"${conf_cyrus_pass}"',ENCRYPT('"${conf_cyrus_pass}"'))" fi } generateMySQLConfigPHPfile () { echoIfVerbose "-> Generating mysql_config.php" # The panel needs root access (it does database management) echo " $PATH_DTC_SHARED"/shared/mysql_config.php" echo "\$conf_mysql_host=\""$conf_mysql_host"\";" >> $PATH_DTC_SHARED"/shared/mysql_config.php" echo "\$conf_mysql_login=\""$conf_mysql_login"\";" >> $PATH_DTC_SHARED"/shared/mysql_config.php" echo "\$conf_mysql_pass=\""$conf_mysql_pass"\";" >> $PATH_DTC_SHARED"/shared/mysql_config.php" echo "\$conf_mysql_db=\""$conf_mysql_db"\";" >> $PATH_DTC_SHARED"/shared/mysql_config.php" echo "\$conf_mysql_conf_ok=\"yes\";" >> $PATH_DTC_SHARED"/shared/mysql_config.php" echo "?>" >> $PATH_DTC_SHARED"/shared/mysql_config.php" } createDTCRootShellScript () { echoIfVerbose "-> Creating dtc-chroot-shell script" if [ -n "$PATH_SUDO" ] ; then echoIfVerbose "Creating chroot shell..." # create a chroot shell script CHROOT_SHELL=/bin/dtc-chroot-shell echo '#!/bin/sh' > $CHROOT_SHELL echo "# This shell script is used by DTC, please do not remove" >> $CHROOT_SHELL echo "$PATH_SUDO -H $PATH_CHROOT \$HOME \$USER" /bin/bash \"\$@\" >> $CHROOT_SHELL chmod 755 $CHROOT_SHELL fi } modifySUODERS_DOT_CONF () { echoIfVerbose "===> Modifying /etc/sudoers" if [ -n "$PATH_SUDO" ] ; then # fix sudoers if grep "Configured by DTC" $PATH_SUDOERS_CONF >/dev/null then echoIfVerbose "$PATH_SUDOERS_CONF has been configured before..." else if ! [ -f $PATH_SUDOERS_CONF.DTC.backup ] then echoIfVerbose "===> Backuping "$PATH_SUDOERS_CONF cp -f "$PATH_SUDOERS_CONF" "$PATH_SUDOERS_CONF.DTC.backup" fi TMP_FILE=`${MKTEMP} DTC_install.sudoers.XXXXXX` || exit 1 echo "# Configured by DTC 0.21 : please do not touch this line !" >> $TMP_FILE echo "Defaults:${CONF_DTC_SYSTEM_USERNAME} !set_logname" >> $TMP_FILE echo "${CONF_DTC_SYSTEM_USERNAME} ALL= NOPASSWD: $PATH_CHROOT *" >> $TMP_FILE echo "# End of DTC configuration : please don't touch this line !" >> $TMP_FILE cat <$TMP_FILE >>$PATH_SUDOERS_CONF rm -r $TMP_FILE fi # fix /etc/shells if grep "Configured by DTC" $PATH_SHELLS_CONF >/dev/null then echoIfVerbose "$PATH_SHELLS_CONF has been configured before..." else if ! [ -f $PATH_SHELLS_CONF.DTC.backup ] then echoIfVerbose "===> Backuping "$PATH_SHELLS_CONF cp -f "$PATH_SHELLS_CONF" "$PATH_SHELLS_CONF.DTC.backup" fi TMP_FILE=`${MKTEMP} DTC_install.shells.XXXXXX` || exit 1 echo "# Configured by DTC 0.21 : please do not touch this line !" >> $TMP_FILE echo "/bin/dtc-chroot-shell" >> $TMP_FILE echo "# End of DTC configuration : please don't touch this line !" >> $TMP_FILE cat <$TMP_FILE >>$PATH_SHELLS_CONF rm $TMP_FILE fi fi } increasePhpIniMemAndExecTime () { echoIfVerbose "===> Customizing php.ini" if ! [ -z ""$PATH_PHP_INI_APACHE ] ; then searchAndReplace $PATH_PHP_INI_APACHE memory_limit\ =\ 8M memory_limit\ =\ 64M searchAndReplace $PATH_PHP_INI_APACHE memory_limit\ =\ 16M memory_limit\ =\ 64M fi if ! [ -z ""$PATH_PHP_INI_CLI ] ; then searchAndReplace $PATH_PHP_INI_CLI max_execution_time\ =\ 30 max_execution_time\ =\ 1200 searchAndReplace $PATH_PHP_INI_CLI memory_limit\ =\ 8M memory_limit\ =\ 64M searchAndReplace $PATH_PHP_INI_CLI memory_limit\ =\ 16M memory_limit\ =\ 64M fi } changeApacheUserAndGroup () { echoIfVerbose "===> Verifying User and Group directive" # This is from upgrades from older versions using nobody if grep "User nobody" $PATH_HTTPD_CONF >/dev/null 2>&1 then echo "User nobody -> User ${CONF_DTC_SYSTEM_USERNAME}" sed "s/User nobody/User ${CONF_DTC_SYSTEM_USERNAME}/" $PATH_HTTPD_CONF >$TMP_FILE cat <$TMP_FILE >$PATH_HTTPD_CONF fi if grep "Group nogroup" $PATH_HTTPD_CONF >/dev/null 2>&1 then echo "Group nobody -> User ${CONF_DTC_SYSTEM_GROUPNAME}" sed "s/Group nogroup/Group ${CONF_DTC_SYSTEM_GROUPNAME}/" $PATH_HTTPD_CONF >$TMP_FILE cat <$TMP_FILE >$PATH_HTTPD_CONF fi # Those 2 are for debian if grep "User www-data" $PATH_HTTPD_CONF >/dev/null 2>&1 then echo "User www-data -> User ${CONF_DTC_SYSTEM_USERNAME}" sed "s/User www-data/User ${CONF_DTC_SYSTEM_USERNAME}/" $PATH_HTTPD_CONF >$TMP_FILE cat <$TMP_FILE >$PATH_HTTPD_CONF fi if grep "Group www-data" $PATH_HTTPD_CONF >/dev/null 2>&1 then echo "Group www-data -> Group ${CONF_DTC_SYSTEM_GROUPNAME}" sed "s/Group www-data/Group ${CONF_DTC_SYSTEM_GROUPNAME}/" $PATH_HTTPD_CONF >$TMP_FILE cat <$TMP_FILE >$PATH_HTTPD_CONF fi # Those 2 are for BSD if grep "User www" $PATH_HTTPD_CONF >/dev/null 2>&1 then echo "User www -> User ${CONF_DTC_SYSTEM_USERNAME}" sed "s/User www/User ${CONF_DTC_SYSTEM_USERNAME}/" $PATH_HTTPD_CONF >$TMP_FILE cat <$TMP_FILE >$PATH_HTTPD_CONF fi if grep "Group www" $PATH_HTTPD_CONF >/dev/null 2>&1 then echo "Group www -> Group ${CONF_DTC_SYSTEM_GROUPNAME}" sed "s/Group www/Group ${CONF_DTC_SYSTEM_GROUPNAME}/" $PATH_HTTPD_CONF >$TMP_FILE cat <$TMP_FILE >$PATH_HTTPD_CONF fi # Those 2 are for RedHat if grep "User apache" $PATH_HTTPD_CONF >/dev/null 2>&1 then echo "User apache -> User ${CONF_DTC_SYSTEM_USERNAME}" sed "s/User apache/User ${CONF_DTC_SYSTEM_USERNAME}/" $PATH_HTTPD_CONF >$TMP_FILE cat <$TMP_FILE >$PATH_HTTPD_CONF fi if grep "Group apache" $PATH_HTTPD_CONF >/dev/null 2>&1 then echo "Group apache -> Group ${CONF_DTC_SYSTEM_GROUPNAME}" sed "s/Group apache/Group ${CONF_DTC_SYSTEM_GROUPNAME}/" $PATH_HTTPD_CONF >$TMP_FILE cat <$TMP_FILE >$PATH_HTTPD_CONF fi } createApachePIDSymLink () { echoIfVerbose "===> Searching and symlinking to apache.pid file" # If the variable is not set prior to calling this sript, then search for it! if [ -z "$PATH_APACHE_PID_FILE" ] ; then # symlink the PidFile to our dtc location, so we can check it in our scripts PATH_APACHE_PID_FILE=`grep ^PidFile $PATH_HTTPD_CONF | cut -f2 -d' '` ## strip the pid of " characters if they exist PATH_APACHE_PID_FILE=${PATH_APACHE_PID_FILE##\"} PATH_APACHE_PID_FILE=${PATH_APACHE_PID_FILE%%\"} # in case the specified pid file doesn't exist, try and find it if [ ! -e $PATH_APACHE_PID_FILE ]; then if [ -e /etc/httpd/$PATH_APACHE_PID_FILE ]; then PATH_APACHE_PID_FILE=/etc/httpd/$PATH_APACHE_PID_FILE fi if [ -e /var/$PATH_APACHE_PID_FILE ]; then PATH_APACHE_PID_FILE=/var/$PATH_APACHE_PID_FILE fi if [ -e /var/run/$PATH_APACHE_PID_FILE ]; then PATH_APACHE_PID_FILE=/var/run/$PATH_APACHE_PID_FILE fi fi fi rm -f $PATH_DTC_ETC/apache.pid ln -s $PATH_APACHE_PID_FILE $PATH_DTC_ETC/apache.pid if [ ! -f $PATH_APACHE_PID_FILE ]; then if ps -e | grep apache$ > /dev/null; then ps -e | grep apache$ | head -n 1 | cut -f1 -d' ' >> $PATH_APACHE_PID_FILE fi fi } enableApache2Modules () { if [ ""$conf_apache_version = "2" ] ; then echoIfVerbose "-> Enabling mod rewrite and modssl for apache 2" # Activate mod_rewrite if [ -f /etc/apache2/mods-available/rewrite.load ] ; then if [ -d /etc/apache2/mods-enabled ] ; then if ! [ -e /etc/apache2/mods-enabled/rewrite.load ] ; then if [ -x /usr/sbin/a2enmod ] ; then a2enmod rewrite || /bin/true else ln -s /etc/apache2/mods-available/rewrite.load /etc/apache2/mods-enabled/rewrite.load fi fi fi fi # Activate mod_ssl if [ -f /etc/apache2/mods-available/ssl.load ] ; then if [ -d /etc/apache2/mods-enabled ] ; then if ! [ -e /etc/apache2/mods-enabled/ssl.load ] ; then if [ -x /usr/sbin/a2enmod ] ; then a2enmod ssl || /bin/true else ln -s ../mods-available/ssl.load /etc/apache2/mods-enabled/ssl.load fi fi fi fi fi } createApacheAdminProtectedDir () { echoIfVerbose "-> Creating htpasswd and htaccess" # add the default password to .htpasswd if it doesn't exist already if [ -e $conf_hosting_path/.htpasswd ]; then echoIfVerbose "OK, you have your "$conf_hosting_path"/.htpasswd setup already!" else echoIfVerbose "Creating "$conf_hosting_path"/.htpasswd with username '$conf_adm_login' and password '$conf_adm_pass'" if [ -e "/usr/local/bin/htpasswd" ] ;then HTPASSWD="/usr/local/bin/htpasswd" else if [ -e "/usr/bin/htpasswd" ] ;then HTPASSWD="/usr/bin/htpasswd" else if [ -e "/usr/sbin/htpasswd" ] ;then HTPASSWD="/usr/sbin/htpasswd" else if [ -e "/usr/sbin/htpasswd2" ] ;then HTPASSWD="/usr/sbin/htpasswd2" else HTPASSWD="htpasswd" fi fi fi fi $HTPASSWD -cb "$conf_hosting_path"/.htpasswd "$conf_adm_login" $conf_adm_pass fi if [ -e $PATH_DTC_ADMIN/.htaccess ]; then echoIfVerbose "OK, you have your "$PATH_DTC_ADMIN"/.htaccess setup already!" else echoIfVerbose "Creating "$PATH_DTC_ADMIN"/.htaccess file." echo "AuthName \"DTC root control panel login!\" AuthType Basic AuthUserFile "$conf_hosting_path"/.htpasswd require valid-user" >$PATH_DTC_ADMIN/.htaccess fi } modifyHTTPD_CONF () { # # Include $PATH_DTC_ETC/vhosts.conf in $PATH_HTTPD_CONF # echoIfVerbose "===> Modifying httpd.conf" if grep "Configured by DTC" $PATH_HTTPD_CONF >/dev/null then echoIfVerbose "httpd.conf has been configured before : skipping include inssertion !" else if ! [ -f $PATH_HTTPD_CONF.DTC.backup ] then echoIfVerbose "===> Backuping "$PATH_HTTPD_CONF cp -f "$PATH_HTTPD_CONF" "$PATH_HTTPD_CONF.DTC.backup" fi TMP_FILE=`${MKTEMP} DTC_install.httpd.conf.XXXXXX` || exit 1 echoIfVerbose -n "Checking for AllowOverride..." searchAndReplace $PATH_HTTPD_CONF AllowOverride\ None AllowOverride\ AuthConfig\ FileInfo\ Limit\ Indexes searchAndReplace $PATH_HTTPD_CONF Options\ None Options\ FollowSymLinks # It seems redhat has already the Listen directives... # detect whether we already have Listen directives, and comment them out # and replace with Listen 127.0.0.1:80 and 127.0.0.1:443 # the other IPs will be created in vhosts.conf if grep "^Listen" $PATH_HTTPD_CONF >/dev/null then perl -i -p -e 's/^Listen/#Listen/' $PATH_HTTPD_CONF fi if grep "^BindAddress" $PATH_HTTPD_CONF >/dev/null then perl -i -p -e 's/^BindAddress/#BindAddress/' $PATH_HTTPD_CONF fi # if we have a modules.d folder, we need to check to see if there are any Listen or BindAddress there too if [ -e /etc/apache*/modules.d/ ]; then # first Listen for i in `grep -l ^Listen /etc/apache*/modules.d/*`; do perl -i -p -e 's/^Listen/#Listen/' $i done # then BindAddress for i in `grep -l ^BindAddress /etc/apache*/modules.d/*`; do perl -i -p -e 's/^BindAddress/#BindAddress/' $i done fi # annoyingly redhat has a different Listen for the ssl.conf # comment that out too if [ ""$UNIX_TYPE = "redhat" ] ;then perl -i -p -e 's/^Listen/#Listen/' /etc/httpd/conf.d/ssl.conf fi echoIfVerbose "-> Adding DTC's directives to httpd.conf end" echo "# Configured by DTC v0.12 : please do not touch this line ! " >>$PATH_HTTPD_CONF if [ ""$UNIX_TYPE = "freebsd" ] ;then # Insert the missing things as per default in FreeBSD echo "LoadModule log_sql_module libexec/apache22/mod_log_sql.so LoadModule log_sql_mysql_module libexec/apache22/mod_log_sql_mysql.so MIMEMagicFile etc/apache22/magic AddType application/x-httpd-php .php" >>$PATH_HTTPD_CONF fi echo "Include $PATH_DTC_ETC/vhosts.conf " >>$PATH_HTTPD_CONF # There is something wrong in this logic !!! if ! [ ""$conf_omit_dev_mknod = "true" ] ; then echo "Listen 127.0.0.1:80 Listen 127.0.0.1:443" >>$PATH_HTTPD_CONF else echo "Listen ${conf_ip_addr}:80 Listen ${conf_ip_addr}:443" >>$PATH_HTTPD_CONF fi if [ -z ${MYSQL_DTCDAEMONS_PASS} ]; then echo "LogSQLLoginInfo mysql://dtcdaemons@${conf_mysql_host} " >>$PATH_HTTPD_CONF else echo "LogSQLLoginInfo mysql://dtcdaemons:${MYSQL_DTCDAEMONS_PASS}@${conf_mysql_host} " >>$PATH_HTTPD_CONF fi echo "LogSQLSocketFile ${MYSQL_DB_SOCKET_PATH}" >>$PATH_HTTPD_CONF echo "LogSQLDatabase apachelogs LogSQLCreateTables On LogSQLTransferLogFormat IAbhRrSsU Alias /dtc404/ $PATH_DTC_ETC/dtc404/ ErrorDocument 404 /dtc404/404.php # End of DTC configuration v0.12 : please don't touch this line !" >>$PATH_HTTPD_CONF if [ -f $TMP_FILE ] ; then rm -f $TMP_FILE fi fi if [ -e /etc/apache2/ports.conf ] ; then echoIfVerbose "Founded ports.conf: will remove it's directive" if [ -e /etc/apache2/ports.conf.DTC_backup ] ; then echo -n ""; else cp /etc/apache2/ports.conf /etc/apache2/ports.conf.DTC_backup fi echo "" >/etc/apache2/ports.conf fi } # need to make sure we are loading LOG_SQL in the /etc/conf.d/apache2 if that file exists # this is especially true for gentoo modifyETC_CONFD_APACHE2 () { APACHE2_CONFD="/etc/conf.d/apache2" if [ -e ${APACHE2_CONFD} ] ; then echoIfVerbose "Customizing ${APACHE2_CONFD}" if grep "Configured by DTC" $APACHE2_CONFD >/dev/null then echoIfVerbose "$APACHE2_CONFD has been configured before : skipping include inssertion !" else if ! [ -f $APACHE2_CONFD.DTC.backup ] then echoIfVerbose "===> Backing up "$APACHE2_CONFD if [ ! -e $APACHE2_CONFD".DTC.backup" ] ; then cp -f "$APACHE2_CONFD" "$APACHE2_CONFD.DTC.backup" fi fi TMP_FILE=`${MKTEMP} DTC_install_conf.d_apache2.XXXXXX` || exit 1 echo "# Configured by DTC $VERSION" >> $TMP_FILE echo "# This overrides all APACHE2_OPTS, if you wish to modify these options," >> $TMP_FILE echo "# please add the following line to the end of the file" >> $TMP_FILE echo "# and replace with the obvious" >> $TMP_FILE echo "# APACHE2_OPTS=\"\$APACHE2_OPTS \"" >> $TMP_FILE echo "APACHE2_OPTS=\"-D PHP5 -D SSL -D MOD_LOG -D LOG_SQL\"" >> $TMP_FILE echo "# End of DTC configuration $VERSION" >> $TMP_FILE # now to insert it at the end of the actual $APACHE2_CONFD cat < $TMP_FILE >>$APACHE2_CONFD rm ${TMP_FILE} fi fi } generateOpenSSLApacheCert () { echoIfVerbose "===> Generating SSL certificate" # Generate the OpenSSL test certificate if it does not exists if [ ""$conf_gen_ssl_cert = "true" ]; then if [ ! -e $PATH_DTC_ETC"/ssl" ]; then mkdir -p $PATH_DTC_ETC"/ssl" fi cwd=`pwd` cd $PATH_DTC_ETC"/ssl" if [ ! -e "./"new.cert.csr ]; then if [ ! -e "./"new.cert.cert ]; then if [ ! -e "./"new.cert.key ]; then CERTPASS_TMP_FILE=`${MKTEMP} certfilepass.XXXXXX` || exit 1 echo $conf_gen_ssl_cert"" >$CERTPASS_TMP_FILE ( echo $conf_cert_countrycode; echo "the state"; echo ""$conf_cert_locality; echo ""$conf_cert_organization; echo ""$conf_cert_unit; echo $dtc_admin_subdomain"."$main_domain_name; echo ""$conf_cert_email; echo ""$conf_cert_challenge_pass; echo ""$conf_cert_organization; ) | openssl req -passout file:$CERTPASS_TMP_FILE -new > new.cert.csr openssl rsa -passin file:$CERTPASS_TMP_FILE -in privkey.pem -out new.cert.key openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 3650 rm $CERTPASS_TMP_FILE # Copy the certificates to make them available for qmail if [ -d /var/qmail/control ] ; then if ! [ -e /var/qmail/control/servercert.pem ] ; then cat $PATH_DTC_ETC/ssl/new.cert.key $PATH_DTC_ETC/ssl/new.cert.cert >/var/qmail/control/servercert.pem chown qmaild:qmail /var/qmail/control/servercert.pem chmod 400 /var/qmail/control/servercert.pem fi fi fi fi fi cd $cwd fi } createCyrusAuthPhp () { echoIfVerbose "===> Creating cyrus.php" cyrus_auth_php="$PATH_DTC_SHARED/shared/cyrus.php" if [ ""$conf_cyrus_enable = "true" ] ; then echo " 'localhost', 'PORT' => 143, 'ADMIN' => 'cyrus@mx.${main_domain_name}', 'PASS' => '${conf_cyrus_pass}' ); \$cyrus_used=1; \$cyrus_default_quota=51200; ?>" > $cyrus_auth_php; else echo "" > $cyrus_auth_php; fi } modifyCyrusImapdConf () { if [ ""$conf_cyrus_enable = "true" ]; then if [ ""$UNIX_TYPE = "freebsd" ] ;then echo "configdirectory: /var/spool/imap partition-default: /var/spool/mail admins: cyrus defaultdomain: mx.${main_domain_name} duplicatesuppression: 1 sievedir: /var/spool/sieve sendmail: /usr/sbin/sendmail hashimapspool: yes quotawarn: 90 virtdomains: userid unixhierarchysep: yes sasl_pwcheck_method: auxprop auxprop_plugin: sql sasl_sql_engine: mysql sasl_sql_hostnames: localhost sasl_sql_database: ${conf_mysql_db} sasl_sql_user: dtcdaemons sasl_sql_select: SELECT passwd FROM pop_access WHERE fullemail = '%u@%r' " > /usr/local/etc/imapd.conf if [ ! -z ${MYSQL_DTCDAEMONS_PASS} ]; then echo "sasl_sql_passwd: ${MYSQL_DTCDAEMONS_PASS}" >> /usr/local/etc/imapd.conf fi /usr/local/cyrus/bin/mkimap named=`grep cyrus_imapd_enable /etc/rc.conf` if [ "$named" = "" ] || [ "$nonamed" != "" ]; then echo "===> FreeBSD: Backing up /etc/rc.conf and inserting cyrus_imapd_enable=YES" cp /etc/rc.conf /etc/rc.conf.old echo "/etc/rc.conf /etc/rc.conf.old saved" cat /etc/rc.conf | grep -v "cyrus_imapd_enable" >> /etc/rc.tmp echo 'cyrus_imapd_enable="YES"' mv /etc/rc.tmp /etc/rc.conf echo "cyrus imapd /etc/rc.conf injected" else echo "===> /etc/rc.conf is already configured: leaving..." fi if [ ! -d /var/imap/socket ]; then mkdir -p /var/imap/socket fi /usr/local/etc/rc.d/imapd restart $MYSQL -u$conf_mysql_login -h$conf_mysql_host -D$conf_mysql_db --execute="INSERT IGNORE INTO pop_access (id,mbox_host,fullemail,passwd,crypt) VALUES('root','"${main_domain_name}"','root@"${main_domain_name}"','"${conf_cyrus_pass}"',ENCRYPT('"${conf_cyrus_pass}"'))" sleep 10 php -f $PATH_DTC_ADMIN/install/mk_root_mailbox.php ${main_domain_name} fi if [ ""$UNIX_TYPE = "freebsd" -a -f /usr/local/lib/sasl2/libsql.so ] ;then PATH_AUTH_SMTP=/usr/local/lib/sasl2/smtpd.conf PATH_AUTH_SASLPASSWD=/usr/local/lib/sasl2/saslpasswd.conf echoIfVerbose "===> Adding configuration inside /usr/local/lib/sasl2" if [ -f $PATH_AUTH_SMTP ]; then if ! [ -f $PATH_AUTH_SMTP.DTC.backup ]; then cp -f $PATH_AUTH_SMTP $PATH_AUTH_SMTP.DTC.backup fi fi echo "pwcheck_method: auxprop auxprop_plugin: sql sql_engine: mysql sql_hostnames: localhost sql_user: dtcdaemons sql_pass: ${MYSQL_DTCDAEMONS_PASS} sql_database: ${conf_mysql_db} password_format: crypt sql_select: SELECT crypt FROM pop_access WHERE fullemail = '%u@%r' sql_update: UPDATE pop_access SET crypt = '%v' WHERE fullemail = '%u@%r' sql_verbose: yes" >${PATH_AUTH_SMTP} if [ -f $PATH_AUTH_SASLPASSWD ]; then if ! [ -f $PATH_AUTH_SASLPASSWD.DTC.backup ]; then cp -f $PATH_AUTH_SASLPASSWD $PATH_AUTH_SASLPASSWD.DTC.backup fi fi cp -f $PATH_AUTH_SMTP $PATH_AUTH_SASLPASSWD else PATH_PAMD_SMTP=/etc/pam.d/smtp PATH_PAMD_IMAP=/etc/pam.d/imap PATH_PAMD_SIEVE=/etc/pam.d/sieve PATH_PAMD_POP=/etc/pam.d/pop if [ -e /etc/pam.d/ ]; then echoIfVerbose "===> Adding configuration inside "$PATH_PAMD_SMTP if [ -f $PATH_PAMD_SMTP ]; then if ! [ -f $PATH_PAMD_SMTP.DTC.backup ]; then cp -f $PATH_PAMD_SMTP $PATH_PAMD_SMTP.DTC.backup fi fi touch $PATH_PAMD_SMTP echo "auth required pam_mysql.so user=dtcdaemons passwd="${MYSQL_DTCDAEMONS_PASS}" db="$conf_mysql_db" table=pop_access usercolumn=id passwdcolumn=password crypt=0" >$PATH_PAMD_SMTP if [ ""$conf_cyrus_enable = "true" ]; then echo "account sufficient pam_mysql.so user=dtcdaemons passwd="${MYSQL_DTCDAEMONS_PASS}" host=localhost db="$conf_mysql_db" table=pop_access usercolumn=fullemail passwdcolumn=crypt crypt=1 auth required pam_mysql.so user=dtcdaemons passwd="${MYSQL_DTCDAEMONS_PASS}" host=localhost db="$conf_mysql_db" table=pop_access usercolumn=fullemail passwdcolumn=crypt crypt=1" >$PATH_PAMD_SMTP if [ -f $PATH_PAMD_IMAP ]; then if ! [ -f $PATH_PAMD_IMAP.DTC.backup ]; then cp -f $PATH_PAMD_IMAP $PATH_PAMD_IMAP.DTC.backup fi fi cp -f $PATH_PAMD_SMTP $PATH_PAMD_IMAP if [ -f $PATH_PAMD_SIEVE ]; then if ! [ -f $PATH_PAMD_SIEVE.DTC.backup ]; then cp -f $PATH_PAMD_SIEVE $PATH_PAMD_SIEVE.DTC.backup fi fi cp -f $PATH_PAMD_SMTP $PATH_PAMD_SIEVE if [ -f $PATH_PAMD_POP ]; then if ! [ -f $PATH_PAMD_POP.DTC.backup ]; then cp -f $PATH_PAMD_POP $PATH_PAMD_POP.DTC.backup fi fi cp -f $PATH_PAMD_SMTP $PATH_PAMD_POP fi fi fi fi } modifyNamedConf () { # # include $PATH_DTC_ETC/named.zones in $PATH_NAMED_CONF # echoIfVerbose "===> Adding inclusion to named.conf" # need to detect named chroot for gentoo NAMED_CHROOT= if [ -e /etc/conf.d/named ]; then NAMED_CHROOT=`. /etc/conf.d/named; echo -n $CHROOT` echoIfVerbose "named is configured for chroot at $NAMED_CHROOT" fi # check to see if NAMED_CHROOT is / # if so, then we need not do all this hooha below if [ ""$NAMED_CHROOT = "/" ]; then NAMED_CHROOT= fi if [ -n ""$NAMED_CHROOT ]; then if [ -e ""$NAMED_CHROOT ]; then mkdir -p $NAMED_CHROOT/$PATH_DTC_ETC/zones mkdir -p $NAMED_CHROOT/$PATH_DTC_ETC/slave_zones touch $NAMED_CHROOT/$PATH_DTC_ETC/named.conf if [ -e $PATH_DTC_ETC/named.conf ]; then if [ ! -L $PATH_DTC_ETC/named.conf -a ! -e $PATH_DTC_ETC/named.conf.moved ] ; then mv $PATH_DTC_ETC/named.conf $PATH_DTC_ETC/named.conf.moved fi fi if [ -e $PATH_DTC_ETC/zones ]; then if [ ! -L $PATH_DTC_ETC/zones -a ! -e $PATH_DTC_ETC/zones.moved ]; then mv $PATH_DTC_ETC/zones $PATH_DTC_ETC/zones.moved fi fi if [ -e $PATH_DTC_ETC/slave_zones ]; then if [ ! -L $PATH_DTC_ETC/slave_zones -a ! -e $PATH_DTC_ETC/slave_zones.moved ]; then mv $PATH_DTC_ETC/slave_zones $PATH_DTC_ETC/slave_zones.moved fi fi if [ ! -L $PATH_DTC_ETC/named.conf ]; then ln -s $NAMED_CHROOT/$PATH_DTC_ETC/named.conf $PATH_DTC_ETC/named.conf fi if [ ! -L $PATH_DTC_ETC/zones ]; then ln -s $NAMED_CHROOT/$PATH_DTC_ETC/zones $PATH_DTC_ETC/zones fi if [ ! -L $PATH_DTC_ETC/slave_zones ]; then ln -s $NAMED_CHROOT/$PATH_DTC_ETC/slave_zones $PATH_DTC_ETC/slave_zones fi fi fi if grep "Configured by DTC" $PATH_NAMED_CONF >/dev/null then echoIfVerbose "named.conf has been configured before : skipping include insertion !" else if ! [ -f $PATH_NAMED_CONF.DTC.backup ] then cp -f $PATH_NAMED_CONF $PATH_NAMED_CONF.DTC.backup fi TMP_FILE=`${MKTEMP} DTC_install.named.conf.XXXXXX` || exit 1 echo "// Configured by DTC v0.10 : please don't touch this line !" > $TMP_FILE echo "include \"$PATH_DTC_ETC/named.conf\";" >> $TMP_FILE touch $PATH_DTC_ETC/named.conf cat < $TMP_FILE >>$PATH_NAMED_CONF if [ -e $TMP_FILE ]; then rm -f $TMP_FILE fi fi } linkQmailFilesToGenerated () { # only try and do qmail stuff if we have qmail installed! (check the control directory) if [ -e "$PATH_QMAIL_CTRL" ] ;then # # Install the qmail links in the /etc/qmail # echoIfVerbose "===> Linking qmail control files to DTC generated files" if ! [ -e $PATH_QMAIL_CTRL/rcpthosts.DTC.backup ] then cp -f $PATH_QMAIL_CTRL/rcpthosts $PATH_QMAIL_CTRL/rcpthosts.DTC.backup fi rm -f $PATH_QMAIL_CTRL/rcpthosts touch $PATH_DTC_ETC/rcpthosts ln -s $PATH_DTC_ETC/rcpthosts $PATH_QMAIL_CTRL/rcpthosts touch $PATH_QMAIL_CTRL/virtualdomains if ! [ -e $PATH_QMAIL_CTRL/virtualdomains.DTC.backup ] then cp -f $PATH_QMAIL_CTRL/virtualdomains $PATH_QMAIL_CTRL/virtualdomains.DTC.backup fi rm -f $PATH_QMAIL_CTRL/virtualdomains touch $PATH_DTC_ETC/virtualdomains ln -s $PATH_DTC_ETC/virtualdomains $PATH_QMAIL_CTRL/virtualdomains if ! [ -e /var/qmail/users/assign.DTC.backup ] then if [ -e /var/qmail/users/assign ]; then cp -f /var/qmail/users/assign /var/qmail/users/assign.DTC.backup fi fi rm -f /var/qmail/users/assign touch $PATH_DTC_ETC/assign if ! [ -e /var/qmail/users ]; then mkdir -p /var/qmail/users fi ln -s $PATH_DTC_ETC/assign /var/qmail/users/assign touch /etc/poppasswd if ! [ -e /etc/poppasswd.DTC.backup ] then cp -f /etc/poppasswd /etc/poppasswd.DTC.backup fi rm -f /etc/poppasswd touch $PATH_DTC_ETC/poppasswd ln -s $PATH_DTC_ETC/poppasswd /etc/poppasswd else echoIfVerbose "Could not found qmail directory: skipping" fi } setupAmavisConf () { echoIfVerbose "===> Customizing amavis config" # # Make some changes to the amavisd-new configuration to allow clamav to work with it cleanly # # make sure the amavisd configuration has 'amavis' user and group if [ -n ""$PATH_AMAVISD_CONF ]; then PATH_AMAVISD_ETC=`dirname $PATH_AMAVISD_CONF` fi AMAVISD_CONFD=0 # CLAMD_CONF is the file we modify that has the clamd.ctl AMAVIS_CLAMD_CONF=$PATH_AMAVISD_CONF # if there is no amavisd conf, but there is a conf.d, create a 99-dtc file if [ ! -f "$PATH_AMAVISD_CONF" -a -e $PATH_AMAVISD_ETC/conf.d ]; then touch $PATH_AMAVISD_ETC/conf.d/99-dtc PATH_AMAVISD_CONF=$PATH_AMAVISD_ETC/conf.d/99-dtc AMAVISD_CONFD=1 AMAVIS_CLAMD_CONF=`grep -l clamd.ctl $PATH_AMAVISD_ETC/conf.d/*` fi if [ -f "$PATH_AMAVISD_CONF" ]; then echoIfVerbose "===> Checking user and group configuration for amavisd..." # make sure our users exist for amavis set +e # turn back on error handling, these users probably exist already $GROUP_ADD_CMD amavis > /dev/null 2>&1 if [ $? -ne 0 ]; then echoIfVerbose "-> Group amavis already exists..." fi $USER_ADD_CMD -g amavis amavis > /dev/null 2>&1 if [ $? -ne 0 ]; then echoIfVerbose "-> User amavis already exists..." fi $PASSWD_CMD -l amavis > /dev/null 2>&1 if [ $? -ne 0 ]; then echoIfVerbose "Change password failed for amavis user" fi set -e if grep "Configured by DTC" "$PATH_AMAVISD_CONF" >/dev/null; then echoIfVerbose "$PATH_AMAVISD_CONF already configured..." else echoIfVerbose "Inserting configuration into $PATH_AMAVISD_CONF" # strip the 1; from the end of the config file perl -i -p -e 's/^1;[^\n]*\n//' $PATH_AMAVISD_CONF # fix the clamd ctl file to point to /var/run/clamav/clamd.ctl perl -i -p -e 's/\"i\/.*?\/clamd.ctl\"/\"\/var\/run\/clamav\/clamd.ctl\"/' $AMAVIS_CLAMD_CONF mkdir -p /var/run/clamav/ chown -R clamav:clamav /var/run/clamav TMP_FILE=`${MKTEMP} dtc_install.amavisd.conf.XXXXXX` || exit 1 echo "# Configured by DTC $VERSION" >> $TMP_FILE echo "\$daemon_user = 'amavis';" >> $TMP_FILE echo "\$daemon_group = 'amavis';" >> $TMP_FILE echo "\$final_virus_destiny = D_DISCARD;" >> $TMP_FILE echo "\$final_spam_destiny = D_PASS;" >> $TMP_FILE echo "\$final_banned_destiny = D_PASS;" >> $TMP_FILE echo "\$final_bad_header_destiny = D_PASS;" >> $TMP_FILE echo "\$warnvirussender = 0;" >> $TMP_FILE echo "\$warnspamsender = 0;" >> $TMP_FILE echo " # kill level defaults " >> $TMP_FILE echo "\$sa_tag_level_deflt = 2.0;" >> $TMP_FILE echo "\$sa_tag2_level_deflt = 6.3;" >> $TMP_FILE echo "\$sa_kill_level_deflt = \$sa_tag2_level_deflt;" >> $TMP_FILE echo "\$sa_dsn_cutoff_level = 50;" >> $TMP_FILE echo "\$sa_mail_body_size_limit = 150*1024;" >> $TMP_FILE echo "# The following line will read the local domains as generated by DTC, amavisd will need to be restarted for new domains..." >> $TMP_FILE echo "read_hash(\\%local_domains, '$PATH_DTC_ETC/local_domains');" >> $TMP_FILE # if we have a list of postfix relay domains, we may as well check them to virii etc... # If you enable this, it will tag ***SPAM*** twice... not very good looking :) # if [ -e "$PATH_DTC_ETC/postfix_relay_domains" ]; then # echo "my %tmp_relay_domains;" >> $TMP_FILE # echo "read_hash(\\%tmp_relay_domains, '$PATH_DTC_ETC/postfix_relay_domains');" >> $TMP_FILE # echo "# now merge the two hashes" >> $TMP_FILE # echo "@local_domains{keys %tmp_relay_domains} = values %tmp_relay_domains;" >> $TMP_FILE # fi echo "# Make sure anti-virus and spam are enabled @bypass_virus_checks_acl = [ 1 ]; @bypass_spam_checks_acl = [ 1 ]; # need to check to see if the variables exist, and set them properly if they do { no strict 'refs'; my \$ref=\"bypass_virus_checks_maps\"; if (defined @\$ref) { @\$ref = ( \\%bypass_virus_checks, \\@bypass_virus_checks_acl, \\\$bypass_virus_checks_re); } \$ref=\"bypass_spam_checks_maps\"; if (defined @\$ref) { @\$ref = ( \\%bypass_spam_checks, \\@bypass_spam_checks_acl, \\\$bypass_spam_checks_re); } } " >> $TMP_FILE echo "# End of DTC configuration $VERSION" >> $TMP_FILE echo "1; # insure a defined return" >> $TMP_FILE # now to insert it at the end of the actual amavisd.conf cat < $TMP_FILE >>$PATH_AMAVISD_CONF rm ${TMP_FILE} fi fi } modifyClamavConf () { if [ -f "$PATH_CLAMAV_CONF" ]; then echoIfVerbose "===> Checking user and group configuration for clamav..." # make sure our users exist for amavis set +e # turn back on error handling, these users probably exist already $GROUP_ADD_CMD clamav > /dev/null 2>&1 if [ $? -ne 0 ]; then echoIfVerbose "-> Group clamav already exists..." fi $USER_ADD_CMD -g clamav clamav > /dev/null 2>&1 if [ $? -ne 0 ]; then echoIfVerbose "-> User clamav already exists..." fi $PASSWD_CMD -l clamav > /dev/null 2>&1 if [ $? -ne 0 ]; then echoIfVerbose "-> Change password failed for clamav user" fi # now add amavisd to the clamav group and vice versa $USER_MOD_CMD -G clamav,amavis clamav > /dev/null 2>&1 if [ $? -ne 0 ]; then echoIfVerbose "-> Change group failed for clamav user" fi $USER_MOD_CMD -G amavis,clamav amavis > /dev/null 2>&1 if [ $? -ne 0 ]; then echoIfVerbose "-> Change group failed for amavis user" fi set -e # need to add the following to the config file: # AllowSupplementaryGroups # LocalSocket /var/run/clamav/clamd.ctl # need to fix a problem with a previous version if grep "^1;" "$PATH_CLAMAV_CONF" > /dev/null; then perl -i -p -e 's/^1;[^\n]*\n//' $PATH_CLAMAV_CONF fi if grep "Configured by DTC" "$PATH_CLAMAV_CONF" >/dev/null; then echoIfVerbose "$PATH_CLAMAV_CONF already configured..." else echoIfVerbose "Inserting configuration into $PATH_CLAMAV_CONF" TMP_FILE=`${MKTEMP} dtc_install.clamav.conf.XXXXXX` || exit 1 echo "# Configured by DTC $VERSION" >> $TMP_FILE echo "AllowSupplementaryGroups" >> $TMP_FILE echo "LocalSocket /var/run/clamav/clamd.ctl" >> $TMP_FILE echo "# End of DTC configuration $VERSION" >> $TMP_FILE # now to insert it at the end of the actual clamav.conf cat < $TMP_FILE >>$PATH_CLAMAV_CONF rm -f $TMP_FILE fi # Finaly restart the daemon if [ -x "/etc/init.d/clamav-daemon" ] ; then if [ -x /usr/sbin/invoke-rc.d ]; then /usr/sbin/invoke-rc.d clamav-daemon restart else if [ -x "/etc/init.d/clamav-daemon" ] ; then /etc/init.d/clamav-daemon restart fi fi fi fi } modifyCyrusPath () { # # Modify the cyrus imapd.conf # if [ -f "$PATH_CYRUS_CONF" -a ""$UNIX_TYPE != "freebsd" ] ; then echoIfVerbose "===> modifying cyrus config" if grep "Configured by DTC" "$PATH_CYRUS_CONF" >/dev/null then echoIfVerbose "Cyrus imapd.conf has been configured before" else searchAndReplace $PATH_CYRUS_CONF unixhierarchysep:\ no no/unixhierarchysep:\ yes searchAndReplace $PATH_CYRUS_CONF sasl_pwcheck_method:\ auxprop sasl_pwcheck_method:\ saslauthd echoIfVerbose "Inserting DTC configuration inside $PATH_CYRUS_CONF" TMP_FILE=`${MKTEMP} DTC_install.imapd.conf.XXXXXX` || exit 1 echo "# Configured by DTC v0.20 : Please don't touch this line !" > $TMP_FILE echo "virtdomains: yes quotawarn: 90 admins: cyrus sasl_mech_list: PLAIN LOGIN" >> $TMP_FILE echo "# End of DTC configuration v0.20 : Please don't touch this line !" >> $TMP_FILE # now to insert it at the end of the actual imapd.conf cat < $TMP_FILE >>$PATH_CYRUS_CONF rm $TMP_FILE fi else echo "$PATH_CYRUS_CONF NOT FOUND" fi } modifySaslStartAndSaslStartup () { if [ -f "$PATH_SASL_START_CONF" ] ; then echoIfVerbose "===> modifying saslauthd startup parameters" if grep "Configured by DTC" $PATH_SASL_START_CONF >/dev/null ; then echoIfVerbose "Already configured: skipping" else TMP_FILE=`${MKTEMP} DTC_install.saslauthd.XXXXXX` || exit 1 echo "# Configured by DTC v0.20 : Please don't touch this line !" > $TMP_FILE echo "START=yes PARAMS=\"-r -c \"" >> $TMP_FILE echo "# End of DTC configuration v0.20 : Please don't touch this line !" >> $TMP_FILE # now to insert it at the end of the actual saslauthd startup file cat < $TMP_FILE >>$PATH_SASL_START_CONF rm $TMP_FILE fi if [ -f $PATH_SASL_STARTUP ] ; then echoIfVerbose "modifying saslatuhd startup file" # create the direcotry for postfix to access SASL socket mkdir -p $PATH_SASL_SOCKET # get the md5sum of the file, if it's original do the change # else we have a problem and report it to do the change manualy sasl_start_md5sum=`md5sum $PATH_SASL_STARTUP|cut -d " " -f1` # ### CL find a better place for this ! sasl_orginal_m5="6307086733ad29bbd57f81b6c38334a1"; if [ ""$sasl_orginal_m5 = "$sasl_start_md5sum" ] ; then # ok file is original so we can "patch" it. patch $PATH_SASL_STARTUP <$PATH_DTC_ADMIN/patch_saslatuhd_startup else echo "Can not modify the saslauthd startupfile" echo "Please edit $PATH_SASL_STARTUP by hand and add folowing after startup:" echo "rm -f /var/spool/postfix/var/run/saslauthd/mux ln /var/run/saslauthd/mux /var/spool/postfix/var/run/saslauthd/mux" echo "for more informations contact DTC development and DTC forums" fi fi else if [ ""$conf_cyrus_enable = "true" ]; then echo "Big Problem: Cyrus install selected bo no saslauthd startup file"; echo "Workaround: make saslauth start with -r -c -a pam"; fi fi } modifyPostfixConfig () { # # Modify the postfix main.cf to include virtual delivery options # # Declare this makes the test when appenning the configuration for SASL # works if you don't have SASL SASLTMP_FILE="/thisfiledoesnotexists" if [ -f "$PATH_POSTFIX_CONF" ] then echoIfVerbose "===> Linking postfix control files to DTC generated files" touch $PATH_DTC_ETC/postfix_virtual.db touch $PATH_DTC_ETC/postfix_aliases.db # fix default /etc/aliases touch /etc/aliases newaliases touch $PATH_DTC_ETC/postfix_relay_recipients.db touch $PATH_DTC_ETC/postfix_vmailbox.db touch $PATH_DTC_ETC/postfix_virtual_uid_mapping.db chown ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $PATH_DTC_ETC/postfix_*.db if grep "Configured by DTC" "$PATH_POSTFIX_CONF" >/dev/null then echoIfVerbose "Postfix main.cf has been configured before, not adding virtual mailbox options" else if grep "recipient_delimiter = +" "$PATH_POSTFIX_ETC/main.cf" >/dev/null; then echoIfVerbose "Changing recipient delimiter from + to -" TMP_FILE=`${MKTEMP} DTC_install.main.cf.XXXXXX` || exit 1 sed "s/recipient_delimiter = +/recipient_delimiter = -/" "$PATH_POSTFIX_ETC/main.cf" >$TMP_FILE cat <$TMP_FILE >"$PATH_POSTFIX_ETC/main.cf" rm $TMP_FILE fi echoIfVerbose "Inserting DTC configuration inside $PATH_POSTFIX_CONF" TMP_FILE=`${MKTEMP} DTC_install.postfix_main.cf.XXXXXX` || exit 1 echo "# Configured by DTC v0.12 : Please don't touch this line !" > $TMP_FILE # CL: this is general config, for courier and cyrus # for mailname to be mx.$main_domain_name echo "mx.$main_domain_name" > /etc/mailname echo "# DTC virtual configuration" >> $TMP_FILE if [ ""$conf_cyrus_enable != "true" ]; then echo "myhostname = mx.$main_domain_name" >> $TMP_FILE fi echo "# disable the following functionality by default (otherwise can't match subdomains correctly) parent_domain_matches_subdomains= # disable mailbox size limit by default (user can add to postfix_config_snippets) mailbox_size_limit = 0 " >> $TMP_FILE if [ -x /usr/sbin/amavisd-new -o -x /usr/local/sbin/amavisd-new -o -x /usr/local/bin/amavisd-new ] ; then echo "# Amavis has been detected as installed, so this has been activated by default # if this is not what you want, comment it and restart postfix content_filter=smtp-amavis:[127.0.0.1]:10024 " >> $TMP_FILE else echo "# uncomment to enable amavis # - if you do uncomment this, make sure that you # also edit the master.cf file to make sure that # the return channel is set correctly #content_filter=smtp-amavis:[127.0.0.1]:10024 " >> $TMP_FILE fi echo "virtual_mailbox_domains = hash:$PATH_DTC_ETC/postfix_virtual_mailbox_domains " >> $TMP_FILE if [ ""$conf_cyrus_enable = "true" ]; then echo "virtual_transport = cyrus mailbox_transport = lmtp:unix:/var/run/socket/lmtp # local_recipient_maps = $alias_maps, ... ### CL ToDo! " >> $TMP_FILE else # courier/postfix only! echo "virtual_mailbox_base = / virtual_mailbox_maps = hash:$PATH_DTC_ETC/postfix_vmailbox virtual_minimum_uid = 98 virtual_uid_maps = static:${CONF_DTC_SYSTEM_UID} virtual_gid_maps = static:${CONF_DTC_SYSTEM_GID} virtual_uid_maps = hash:$PATH_DTC_ETC/postfix_virtual_uid_mapping" >> $TMP_FILE fi # CL continue with global part echo "virtual_alias_maps = hash:$PATH_DTC_ETC/postfix_virtual alias_maps = hash:/etc/aliases, hash:$PATH_DTC_ETC/postfix_aliases relay_domains = $PATH_DTC_ETC/postfix_relay_domains relay_recipient_maps = hash:$PATH_DTC_ETC/postfix_relay_recipients " >> $TMP_FILE if [ -n $conf_dnsbl_list ]; then IFS=, for i in $conf_dnsbl_list; do dnsbl_list="$dnsbl_list reject_rbl_client $i," done unset IFS fi if [ "$PATH_SASL_PASSWD2" = "" ]; then echo -n "" elif [ -f $PATH_SASL_PASSWD2 ]; then echoIfVerbose "Found sasl2passwd at $PATH_SASL_PASSWD2" mkdir -p $PATH_POSTFIX_ETC/sasl if [ -e $PATH_POSTFIX_ETC/sasl/smtpd.conf ]; then if ! [ -e $PATH_POSTFIX_ETC/sasl/smtpd.conf.dtcbackup ]; then cp $PATH_POSTFIX_ETC/sasl/smtpd.conf $PATH_POSTFIX_ETC/sasl/smtpd.conf.dtcbackup fi fi # prepare some sasldb2 files, so that our script latter can fix them if [ -e /var/spool/postfix/etc ]; then touch /var/spool/postfix/etc/sasldb2 if [ ! -e $PATH_DTC_ETC/sasldb2 ]; then cp /var/spool/postfix/etc/sasldb2 $PATH_DTC_ETC/sasldb2 fi chown postfix:${CONF_DTC_SYSTEM_GROUPNAME} /var/spool/postfix/etc/sasldb2 chmod 664 /var/spool/postfix/etc/sasldb2 else if [ -d /etc/sasl2 ]; then touch /etc/sasl2/sasldb2 chown postfix:${CONF_DTC_SYSTEM_GROUPNAME} /etc/sasl2/sasldb2 chmod 664 /etc/sasl2/sasldb2 else touch /etc/sasldb2 chown postfix:${CONF_DTC_SYSTEM_GROUPNAME} /etc/sasldb2 chmod 664 /etc/sasldb2 fi if [ ! -e $PATH_DTC_ETC/sasldb2 ]; then if [ -d /etc/sasl2 ]; then cp /etc/sasl2/sasldb2 $PATH_DTC_ETC/sasldb2 else cp /etc/sasldb2 $PATH_DTC_ETC/sasldb2 fi fi fi SASLTMP_FILE=`${MKTEMP} DTC_install.postfix_sasl.XXXXXX` || exit 1 echo "# Configured by DTC v0.15 : Please don't touch this line !" > ""$SASLTMP_FILE # CL: for cyrus use saslauthd instead of auxprop! if [ ""$conf_cyrus_enable = "true" ]; then echo "pwcheck_method: saslauthd mech_list: login plain" >> $SASLTMP_FILE else echo "pwcheck_method: auxprop mech_list: plain login digest-md5 cram-md5" >> $SASLTMP_FILE fi echo "# End of DTC configuration v0.15 : please don't touch this line !" >> $SASLTMP_FILE echo "smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, $dnsbl_list reject_unauth_destination" >> $TMP_FILE echo "smtp_sasl_auth_enable = no smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = /etc/mailname smtpd_sasl_auth_enable = yes smtpd_tls_auth_only = no " >> $TMP_FILE else echoIfVerbose "No saslpasswd2 found" echo "smtpd_recipient_restrictions = permit_mynetworks, $dnsbl_list reject_unauth_destination" >> $TMP_FILE fi # this adds supports for "config" snippets to append to main.cf if [ -f $PATH_DTC_ETC/postfix_config_snippets ]; then cat $PATH_DTC_ETC/postfix_config_snippets >> $TMP_FILE else echo "# /usr/share/dtc/etc/postfix_config_snippets # this file is appended to the postfix configure, in case you need to override some configure parameters in the postfix main.cf" > $PATH_DTC_ETC/postfix_config_snippets fi if grep "Configured by DTC 0.21" "$PATH_POSTFIX_ETC/master.cf" >/dev/null; then echoIfVerbose "Postfix master.cf has been configured before, not adding maildrop options" else echoIfVerbose "Inserting DTC configuration inside $PATH_POSTFIX_ETC/master.cf" TMP_FILE2=`${MKTEMP} DTC_install.postfix_master.cf.XXXXXX` || exit 1 echo "# Configured by DTC v0.17 : Please don't touch this line !" > $TMP_FILE2 # if we have maildrop, we should use it! if [ -n ""$PATH_USERDB_BIN -a -f "$PATH_USERDB_BIN" -a -n ""$PATH_MAILDROP_BIN -a -f "$PATH_MAILDROP_BIN" ]; then echo "maildrop unix - n n - - pipe flags=DRhu user=${CONF_DTC_SYSTEM_USERNAME} argv=$PATH_MAILDROP_BIN -d \${user}@\${nexthop} \${extension} \${recipient} \${user} \${nexthop} " >> $TMP_FILE2 fi # CL do we use cyrus? if [ ""$conf_cyrus_enable = "true" ]; then echo "cyrus unix - n n - - pipe flags=R user=cyrus argv=/usr/sbin/cyrdeliver -e -m \${extension} \${recipient}" >> $TMP_FILE2 fi # Insert our amavis stuff inside the master.cf echo "# amavisd-new smtp-amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks " >> $TMP_FILE2 echo "# End of DTC configuration v0.17 : please don't touch this line !" >> $TMP_FILE2 cat < $TMP_FILE2 >>"$PATH_POSTFIX_ETC/master.cf" rm $TMP_FILE2 fi # if we have maildrop, we should use it! if [ -n ""$PATH_USERDB_BIN -a -f "$PATH_USERDB_BIN" -a -n ""$PATH_MAILDROP_BIN -a -f "$PATH_MAILDROP_BIN" ]; then echo "virtual_transport = maildrop" >> $TMP_FILE echo "## Set to 1 because Maildrop only delivers one message at a time. maildrop_destination_recipient_limit = 1" >> $TMP_FILE fi echo "# End of DTC configuration v0.12 : please don't touch this line !" >> $TMP_FILE # now to insert it at the end of the actual main.cf cat < $TMP_FILE >>$PATH_POSTFIX_CONF rm $TMP_FILE # over-write the configuration for SASL if [ -e $SASLTMP_FILE ]; then cat $SASLTMP_FILE > $PATH_POSTFIX_ETC/sasl/smtpd.conf rm $SASLTMP_FILE fi fi fi } prepareMlmmjSpool () { # # prepare mlmmj environment to work with dtc # if [ -f "/usr/bin/mlmmj-make-ml" -o -f "/usr/bin/mlmmj-make-ml.sh" ] ; then echoIfVerbose "===> Detected presence of mlmmj... prepping environment..." # symlink the .sh to the non .sh, for the genfiles if [ ! -e "/usr/bin/mlmmj-make-ml" ] ; then ln -s "/usr/bin/mlmmj-make-ml.sh" "/usr/bin/mlmmj-make-ml" fi mkdir -p /etc/mlmmj/lists chown -R root:${CONF_DTC_SYSTEM_GROUPNAME} /etc/mlmmj/lists chmod -R g+w /etc/mlmmj/lists fi # create mlmmj spool directory if it doesn't exist yet if [ ! -e /var/spool/mlmmj/ ]; then mkdir -p /var/spool/mlmmj fi if [ -e /var/spool/mlmmj/ ] ;then chown ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} /var/spool/mlmmj/ fi } modifyCourierConfig () { # check to see if we have a userdb FILE, rather than a directory # move it out of the way, if so if [ -f "$PATH_COURIER_AUTHD_CONF_PATH/userdb" ]; then mv $PATH_COURIER_AUTHD_CONF_PATH/userdb $PATH_COURIER_AUTHD_CONF_PATH/userdb.existing fi # # Install courier mysql authenticaion # if [ -f "$PATH_COURIER_AUTHD_CONF_PATH/authdaemonrc" ] then echoIfVerbose "===> Adding directives to Courier authdaemonrc" if grep "Configured by DTC" $PATH_COURIER_AUTHD_CONF_PATH/authdaemonrc >/dev/null then echoIfVerbose "authdaemonrc has been configure before: skipping include insertion !" else echoIfVerbose "Inserting DTC configuration inside "$PATH_COURIER_AUTHD_CONF_PATH/authdaemonrc if ! [ -f $PATH_COURIER_AUTHD_CONF_PATH.DTC.backup ] then cp -f $PATH_COURIER_AUTHD_CONF_PATH/authdaemonrc $PATH_COURIER_AUTHD_CONF_PATH.DTC.backup fi TMP_FILE=`${MKTEMP} DTC_install.courier.conf.XXXXXX` || exit 1 echo "# Configured by DTC v0.12 : Please don't touch this line !" > $TMP_FILE echo "authmodulelist=\"authmysql authpam\"" >> $TMP_FILE echo "# End of DTC configuration v0.12 : please don't touch this line !" >> $TMP_FILE # now append this to the existing configuration file cat < $TMP_FILE >> $PATH_COURIER_AUTHD_CONF_PATH/authdaemonrc rm $TMP_FILE echo " # DB details for dtc mysql DB MYSQL_SERVER $conf_mysql_host MYSQL_PORT 3306 MYSQL_DATABASE $conf_mysql_db MYSQL_USERNAME dtcdaemons MYSQL_PASSWORD ${MYSQL_DTCDAEMONS_PASS} MYSQL_USER_TABLE pop_access MYSQL_LOGIN_FIELD id MYSQL_CRYPT_PWFIELD crypt MYSQL_HOME_FIELD home MYSQL_UID_FIELD uid MYSQL_GID_FIELD gid MYSQL_DEFAULT_DOMAIN $main_domain_name # use the experimental query MYSQL_SELECT_CLAUSE SELECT concat(id, '@', mbox_host), crypt, passwd, uid, gid, home, '', quota_size, '' FROM pop_access WHERE (id = '\$(local_part)' AND mbox_host = '\$(domain)') OR (id = SUBSTRING_INDEX('\$(local_part)', '%', 1) AND mbox_host = SUBSTRING_INDEX('\$(local_part)', '%', -1)) MYSQL_CHPASS_CLAUSE UPDATE pop_access SET passwd='\$(newpass)', crypt='\$(newpass_crypt)' WHERE (id = '\$(local_part)' AND mbox_host = '\$(domain)') OR (id = SUBSTRING_INDEX('\$(local_part)', '%', 1) AND mbox_host = SUBSTRING_INDEX('\$(local_part)', '%', -1)) " > $PATH_COURIER_AUTHD_CONF_PATH/authmysqlrc if [ -x "/etc/init.d/courier-authdaemon" ] ; then if [ -x /usr/sbin/invoke-rc.d ]; then /usr/sbin/invoke-rc.d courier-authdaemon restart else if [ -x /etc/init.d/courier-authdaemon ]; then /etc/init.d/courier-authdaemon restart fi fi fi if [ -x "/etc/init.d/courier-authlib" ] ; then if [ -x /usr/sbin/invoke-rc.d ]; then /usr/sbin/invoke-rc.d courier-authlib restart else if [ -x /etc/init.d/courier-authlib ]; then /etc/init.d/courier-authlib restart fi fi fi if [ -x "/etc/init.d/courier-imap" ] ; then if [ -x /usr/sbin/invoke-rc.d ]; then /usr/sbin/invoke-rc.d courier-imap restart else /etc/init.d/courier-imap restart fi fi if [ -x "/etc/init.d/courier-pop" ] ; then if [ -x /usr/sbin/invoke-rc.d ]; then /usr/sbin/invoke-rc.d courier-pop restart else /etc/init.d/courier-pop restart fi fi if [ -x "/etc/init.d/courier" ]; then if [ -x /usr/sbin/invoke-rc.d ]; then /usr/sbin/invoke-rc.d courier stop else /etc/init.d/courier stop fi fi # try to disable courierd using chkconfig (for redhat based distro) if [ -x /sbin/chkconfig ]; then /sbin/chkconfig courier off fi fi fi # need to remove the paths for courier in /etc/profile.d/ # since the MTA really breaks postfix paths and handling if [ -e /etc/profile.d/courier.sh ]; then mv /etc/profile.d/courier.sh /etc/profile.d/courier.sh.DTC.disabled fi if [ -e /etc/profile.d/courier.csh ]; then mv /etc/profile.d/courier.csh /etc/profile.d/courier.csh.DTC.disabled fi } modifyDovecotConfig () { # # Install dovecot mysql authenticaion # if [ -f $PATH_DOVECOT_CONF ] then echoIfVerbose "Detecting dovecot version..." DOVECOT_VERSION=`dovecot --version` DOVECOT_POSTONE=false case $DOVECOT_VERSION in 1.*) echoIfVerbose "Found version 1.0 or greater" DOVECOT_POSTONE=true ;; 0.*) echoIfVerbose "Found pre 1.0 version" ;; esac echoIfVerbose "===> Adding directives to dovecot.conf" if grep "Configured by DTC" $PATH_DOVECOT_CONF >/dev/null then echoIfVerbose "dovecot.conf has been configure before: skipping include insertion !" else if [ ""$DOVECOT_POSTONE ]; then echoIfVerbose "Version 1.x needs a new config file... replacing existing" if ! [ -f $PATH_DOVECOT_CONF.DTC.backup ]; then cp -f $PATH_DOVECOT_CONF $PATH_DOVECOT_CONF.DTC.backup fi echo " # Configured by DTC v0.x : Please don't touch this line ! protocols = imap imaps pop3 pop3s default_mail_env = maildir:%h/Maildir maildir_copy_with_hardlinks = yes protocol imap { } protocol pop3 { } auth default { mechanisms = plain passdb pam { args = \"*\" } userdb passwd { } user = root userdb sql { args = $PATH_DTC_ETC/dovecot-mysql.conf } passdb sql { args = $PATH_DTC_ETC/dovecot-mysql.conf } } plugin { } # End of DTC configuration v0.x : please don't touch this line ! " > $PATH_DOVECOT_CONF else echoIfVerbose "Inserting DTC configuration inside "$PATH_DOVECOT_CONF if ! [ -f $PATH_DOVECOT_CONF.DTC.backup ] then cp -f $PATH_DOVECOT_CONF $PATH_DOVECOT_CONF.DTC.backup fi TMP_FILE=`${MKTEMP} DTC_install.dovecot.conf.XXXXXX` || exit 1 echo "# Configured by DTC v0.12 : Please don't touch this line !" > $TMP_FILE echo "auth_userdb = mysql $PATH_DTC_ETC/dovecot-mysql.conf" >> $TMP_FILE echo "auth_passdb = mysql $PATH_DTC_ETC/dovecot-mysql.conf" >> $TMP_FILE echo "# End of DTC configuration v0.12 : please don't touch this line !" >> $TMP_FILE # now append this to the existing configuration file cat < $TMP_FILE >> $PATH_DOVECOT_CONF rm $TMP_FILE fi if [ ""$DOVECOT_POSTONE ]; then # there is a new configuration for 1.0.x echo " connect = host=$MYSQL_DB_SOCKET_PATH port=3306 dbname=$conf_mysql_db user=dtcdaemons password=${MYSQL_DTCDAEMONS_PASS} client_flags=0 driver = mysql default_pass_scheme = PLAIN password_query = SELECT passwd AS password FROM pop_access WHERE id = '%n' AND mbox_host = '%d' user_query = SELECT home, uid, gid FROM pop_access WHERE id = '%n' AND mbox_host = '%d' " > $PATH_DTC_ETC/dovecot-mysql.conf else echo " # DB details for dtc mysql DB db_host = $conf_mysql_host db_port = 3306 db_unix_socket = $MYSQL_DB_SOCKET_PATH db = $conf_mysql_db db_user = dtcdaemons db_passwd = ${MYSQL_DTCDAEMONS_PASS} db_client_flags = 0 default_pass_scheme = PLAIN password_query = SELECT passwd AS password FROM pop_access WHERE id = '%n' AND mbox_host = '%d' user_query = SELECT home, uid, gid FROM pop_access WHERE id = '%n' AND mbox_host = '%d' " > $PATH_DTC_ETC/dovecot-mysql.conf fi # need to restart dovecot too if [ -x "/etc/init.d/dovecot" ] ; then /etc/init.d/dovecot restart else if [ -x /usr/sbin/invoke-rc.d ]; then /usr/sbin/invoke-rc.d dovecot restart fi fi fi fi } modifyPureFtpdMySQLConfig () { # # Install pure-ftpd-mysql # echoIfVerbose "===> Adding directives to pure-ftpd-mysql" # FreeBSD has a file pure-ftpd.conf to configure pure-ftpd # It has to be tested like that because Debian don't have $conf_ftp_type and it # will never have: it just tests for the directory existance... if [ ""$UNIX_TYPE = "freebsd" -a ""$conf_ftp_type = "pureftpd" ] ;then if [ ! -f "/usr/local/etc/pure-ftpd.conf" ]; then sed -e "/^# MySQLConfigFile/d" /usr/local/etc/pure-ftpd.conf.sample > /usr/local/etc/pure-ftpd.conf echo "MySQLConfigFile /usr/local/etc/pureftpd-mysql.conf" >> /usr/local/etc/pure-ftpd.conf fi if [ ! -f "/usr/local/etc/pureftpd-mysql.conf" ]; then echo "# Configured by DTC v0.10 : Please don't touch this line ! MYSQLSocket /tmp/mysql.sock MYSQLUser dtcdaemons MYSQLPassword ${MYSQL_DTCDAEMONS_PASS} MYSQLDatabase dtc MYSQLCrypt cleartext MYSQLGetPW SELECT password FROM ftp_access WHERE login=\"\L\" MYSQLGetUID SELECT uid FROM ftp_access WHERE login=\"\L\" MYSQLGetGID SELECT gid FROM ftp_access WHERE login=\"\L\" MYSQLGetDir SELECT homedir FROM ftp_access WHERE login=\"\L\" " >/usr/local/etc/pureftpd-mysql.conf; fi if grep 'pureftpd_enable="YES"' /etc/rc.conf >/dev/null ; then echoIfVerbose "rc.conf already has pureftpd_enable=yes" else echoIfVerbose "Adding pureftpd_enable=yes in rc.conf" echo 'pureftpd_enable="YES"' >> /etc/rc.conf fi /usr/local/etc/rc.d/pure-ftpd start # Debian uses a directory structure with many files (and maybe other distro) else PURE_FTPD_ETC="/etc/pure-ftpd" if [ -e $PURE_FTPD_ETC ] ;then if [ -e /etc/pure-ftpd/conf/ ] ;then echo "yes" >/etc/pure-ftpd/conf/ChrootEveryone fi if [ -e $PURE_FTPD_ETC/db/ ] ;then echo "# Configured by DTC v0.10 : Please don't touch this line ! MYSQLSocket /var/run/mysqld/mysqld.sock MYSQLUser dtcdaemons MYSQLPassword ${MYSQL_DTCDAEMONS_PASS} MYSQLDatabase dtc MYSQLCrypt cleartext MYSQLGetPW SELECT password FROM ftp_access WHERE login=\"\L\" MYSQLGetUID SELECT uid FROM ftp_access WHERE login=\"\L\" MYSQLGetGID SELECT gid FROM ftp_access WHERE login=\"\L\" MYSQLGetDir SELECT homedir FROM ftp_access WHERE login=\"\L\" " >$PURE_FTPD_ETC/db/mysql.conf; # Retart after we did the config if [ -x /usr/sbin/invoke-rc.d ]; then /usr/sbin/invoke-rc.d pure-ftpd-mysql restart else if [ -x /etc/init.d/pure-ftpd-mysql ] ;then /etc/init.d/pure-ftpd-mysql restart fi fi fi fi fi } configProftpd () { echoIfVerbose "===> Customizing proftpd.conf" # # Install proftpd.conf to access to the database # if [ -f $PATH_PROFTPD_CONF ]; then echoIfVerbose "===> Adding directives to proftpd.conf" if grep "Configured by DTC" $PATH_PROFTPD_CONF >/dev/null then echoIfVerbose "proftpd.conf has been configured before : skipping include inssertion !" else echoIfVerbose "Inserting DTC configuration inside "$PATH_PROFTPD_CONF if ! [ -f $PATH_PROFTPD_CONF.DTC.backup ] then cp -f $PATH_PROFTPD_CONF $PATH_PROFTPD_CONF.DTC.backup fi # Generate the OpenSSL test certificate if it does not exists if [ ""$conf_gen_ssl_cert = "true" ]; then if [ ! -e $PATH_DTC_ETC"/ssl" ]; then mkdir -p $PATH_DTC_ETC"/ssl" fi if [ ! -e $PATH_DTC_ETC"/ssl/proftpd" ] ; then mkdir -p $PATH_DTC_ETC"/ssl/proftpd" fi cwd=`pwd` cd $PATH_DTC_ETC"/ssl/proftpd" if [ ! -e "./"new.cert.csr ]; then if [ ! -e "./"new.cert.cert ]; then if [ ! -e "./"new.cert.key ]; then CERTPASS_TMP_FILE=`${MKTEMP} certfilepass.XXXXXX` || exit 1 echo $conf_gen_ssl_cert"" >$CERTPASS_TMP_FILE ( echo $conf_cert_countrycode; echo "the state"; echo $conf_cert_locality; echo $conf_cert_organization; echo $conf_cert_unit; echo $dtc_admin_subdomain"."$main_domain_name; echo $conf_cert_email; echo $conf_cert_challenge_pass; echo $conf_cert_organization; ) | openssl req -passout file:$CERTPASS_TMP_FILE -new > new.cert.csr openssl rsa -passin file:$CERTPASS_TMP_FILE -in privkey.pem -out new.cert.key openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 3650 rm $CERTPASS_TMP_FILE fi fi fi cd $cwd fi # need to comment out any existing AuthOrder, since we are changing it perl -i -p -e 's/AuthOrder/#AuthOrder/' $PATH_PROFTPD_CONF TMP_FILE=`${MKTEMP} DTC_install.proftp.conf.XXXXXX` || exit 1 echo "# Configured by DTC v0.10 : Please don't touch this line !" > $TMP_FILE # This directive is not used anymore in newer version of proftpd # echo "#UserReverseDNS off" >> $TMP_FILE echo "AuthOrder mod_sql.c mod_auth_pam.c* mod_auth_unix.c" >> $TMP_FILE echo "IdentLookups off" >> $TMP_FILE echo "DefaultRoot ~" >> $TMP_FILE echo "SQLAuthenticate on" >> $TMP_FILE echo "SQLConnectInfo "$conf_mysql_db"@"$conf_mysql_host" dtcdaemons "${MYSQL_DTCDAEMONS_PASS} >> $TMP_FILE echo "SQLAuthTypes Plaintext" >> $TMP_FILE echo "SQLUserInfo ftp_access login password uid gid homedir shell" >> $TMP_FILE if [ -e $PATH_DTC_ETC"/ssl/proftpd/new.cert.cert" ] ; then if [ -e $PATH_DTC_ETC"/ssl/proftpd/new.cert.key" ] ; then if [ ""$conf_gen_ssl_cert = "true" ]; then echo "# This is the TLS auth support. Thanks to Erwan Gurcuff (gort) for the tip! TLSEngine on TLSLog /var/log/proftpd-tls.log TLSProtocol TLSv1 TLSRequired off TLSRSACertificateFile "$PATH_DTC_ETC"/ssl/proftpd/new.cert.cert TLSRSACertificateKeyFile "$PATH_DTC_ETC"/ssl/proftpd/new.cert.key TLSVerifyClient on " >> $TMP_FILE fi fi fi echo "# // Transfer Log to Proftpd SQLLog RETR,STOR transfer1 SQLNamedQuery transfer1 INSERT \"'%u', '%f', '%b', '%h', '%a', '%m', '%T',now(), 'c', NULL\" ftp_logs # // Count Logins per User SQLLog PASS logincount SQLNamedQuery logincount UPDATE \"count=count+1 WHERE login='%u'\" ftp_access # // Remember the last login time SQLLog PASS lastlogin SQLNamedQuery lastlogin UPDATE \"last_login=now() WHERE login='%u'\" ftp_access # // Count the downloaded bytes SQLLog RETR dlbytescount SQLNamedQuery dlbytescount UPDATE \"dl_bytes=dl_bytes+%b WHERE login='%u'\" ftp_access # // Count the downloaded files SQLLog RETR dlcount SQLNamedQuery dlcount UPDATE \"dl_count=dl_count+1 WHERE login='%u'\" ftp_access # // Count the uploaded bytes SQLLog STOR ulbytescount SQLNamedQuery ulbytescount UPDATE \"ul_bytes=ul_bytes+%b WHERE login='%u'\" ftp_access # // Count the uploaded files SQLLog STOR ulcount SQLNamedQuery ulcount UPDATE \"ul_count=ul_count+1 WHERE login='%u'\" ftp_access # End of DTC configuration v0.10 : please don't touch this line !" >> $TMP_FILE cat < $TMP_FILE >>$PATH_PROFTPD_CONF rm $TMP_FILE # This restarts proftpd if under debian like system # work has to be done under other OS to restart the ftp daemon if [ -x "/etc/init.d/proftpd" ] ; then if [ -x "`which /usr/sbin/invoke-rc.d 2>/dev/null`" ]; then invoke-rc.d proftpd restart else /etc/init.d/proftpd restart fi fi fi fi } configFreeRadius () { # # Install and configuration of FreeRadius 1.0 # if [ -e ""$FREERADIUS_ETC ] ;then echoIfVerbose "DTC has found you are using Freeradius and it's now configuring it" FREERADIUS_CONF=$FREERADIUS_ETC/radiusd.conf FREERADIUS_SQL_DOT_CONF=$FREERADIUS_ETC/sql.conf # Backup of freeradius config files if [ -e $FREERADIUS_CONF ] ;then if ! [ -e $FREERADIUS_CONF".DTCbackup" ] ;then cp $FREERADIUS_CONF $FREERADIUS_CONF".DTCbackup" fi fi if [ -e $FREERADIUS_SQL_DOT_CONF ] ;then if ! [ -e $FREERADIUS_SQL_DOT_CONF".DTCbackup" ] ;then cp $FREERADIUS_SQL_DOT_CONF $FREERADIUS_SQL_DOT_CONF".DTCbackup" fi fi TMP_FILE=`${MKTEMP} DTC_install.radius.conf.XXXXXX` || exit 1 TMP_FILE2=`${MKTEMP} DTC_install.radius.conf.XXXXXX` || exit 1 TMP_FILE3=`${MKTEMP} DTC_install.radius.conf.XXXXXX` || exit 1 TMP_FILE4=`${MKTEMP} DTC_install.radius.conf.XXXXXX` || exit 1 TMP_FILE5=`${MKTEMP} DTC_install.radius.conf.XXXXXX` || exit 1 TMP_FILE6=`${MKTEMP} DTC_install.radius.conf.XXXXXX` || exit 1 if [ -e /var/log/radacct ] ;then chown -R ${CONF_DTC_SYSTEM_USERNAME} /var/log/radacct fi sed "s/#user = nobody/user = nobody/" $FREERADIUS_CONF >$TMP_FILE if grep "group = nobody" $TMP_FILE >/dev/null ;then sed "s/#group = nobody/group = nobody/" $TMP_FILE >$TMP_FILE2 else sed "s/#group = nogroup/group = nogroup/" $TMP_FILE >$TMP_FILE2 fi sed "s/log_auth = no/log_auth = yes/" $TMP_FILE2 >$TMP_FILE3 sed "s/log_auth_badpass = no/log_auth_badpass = yes/" $TMP_FILE3 >$TMP_FILE4 sed "s/log_auth_goodpass = no/log_auth_goodpass = yes/" $TMP_FILE4 >$TMP_FILE5 sed "s/# sql/ sql/" $TMP_FILE5 >$TMP_FILE6 cat <$TMP_FILE6 >$FREERADIUS_CONF rm $TMP_FILE $TMP_FILE2 $TMP_FILE3 $TMP_FILE4 $TMP_FILE5 $TMP_FILE6 echoIfVerbose "===> Adding directives to sql.conf" if grep "Configured by DTC" $FREERADIUS_SQL_DOT_CONF >/dev/null then echoIfVerbose "sql.conf has been configured before : skipping include inssertion !" else echoIfVerbose "Inserting DTC configuration inside "$FREERADIUS_SQL_DOT_CONF TMP_FILE1=`${MKTEMP} DTC_install.sql.conf.XXXXXX` || exit 1 TMP_FILE2=`${MKTEMP} DTC_install.sql.conf.XXXXXX` || exit 1 TMP_FILE3=`${MKTEMP} DTC_install.sql.conf.XXXXXX` || exit 1 TMP_FILE4=`${MKTEMP} DTC_install.sql.conf.XXXXXX` || exit 1 TMP_FILE5=`${MKTEMP} DTC_install.sql.conf.XXXXXX` || exit 1 # Remove the default config grep -v "server =" $FREERADIUS_SQL_DOT_CONF >$TMP_FILE1 grep -v "login =" $TMP_FILE1 >$TMP_FILE2 grep -v "password =" $TMP_FILE2 >$TMP_FILE3 grep -v "radius_db = " $TMP_FILE3 >$TMP_FILE4 grep -v "}" $TMP_FILE4 >$TMP_FILE5 # Install the DTC db config TMP_FILE=`${MKTEMP} DTC_install.sql.conf.XXXXXX` || exit 1 echo "# Configured by DTC v0.10 : Please don't touch this line ! # Connect info server = "$conf_mysql_host" login = "$conf_mysql_login" password = "$conf_mysql_pass"" >> $TMP_FILE5 # echo "SQLConnectInfo "$conf_mysql_db"@"$conf_mysql_host" "$conf_mysql_login" "$conf_mysql_pass >> $TMP_FILE4 echo " # Database table configuration radius_db = "$conf_mysql_db" # End of DTC configuration v0.10 : please don't touch this line ! } " >> $TMP_FILE5 cat <$TMP_FILE5 >$FREERADIUS_SQL_DOT_CONF rm $TMP_FILE $TMP_FILE1 $TMP_FILE2 $TMP_FILE3 $TMP_FILE4 $TMP_FILE5 fi fi } modifyAWStatsConfig () { echoIfVerbose "===> Configuring awstats.conf" # # Generate default config file for awstats (if we have it installed) # if [ -f $PATH_AWSTATS_ETC/awstats.conf ]; then # now if we don't already have a dtc awstats config, create one based on the installed package config if ! [ -f $PATH_AWSTATS_ETC/awstats.dtc.conf ]; then # we will use the environment variables while calling awstats... # Parameter="__ENVNAME__" cp $PATH_AWSTATS_ETC/awstats.conf $PATH_AWSTATS_ETC/awstats.dtc.conf perl -i -p -e 's/^LogFile=\"[^\"]*\"/LogFile=\"__AWSTATS_LOG_FILE__\"/' $PATH_AWSTATS_ETC/awstats.dtc.conf perl -i -p -e 's/^SiteDomain=\"[^\"]*\"/SiteDomain=\"__AWSTATS_FULL_DOMAIN__\"/' $PATH_AWSTATS_ETC/awstats.dtc.conf perl -i -p -e 's/^DirData=\"[^\"]*\"/DirData=\"__AWSTATS_DIR_DATA__\"/' $PATH_AWSTATS_ETC/awstats.dtc.conf perl -i -p -e 's/^CreateDirDataIfNotExists=0/CreateDirDataIfNotExists=1/' $PATH_AWSTATS_ETC/awstats.dtc.conf fi fi } createRRDFiles () { # # create the rrd file for queuegraph.cgi # echoIfVerbose "===> Setting up rrdtools and graphs in \"$PATH_CGIBIN\"" echoIfVerbose "-> Creating mail queue rrd: $PATH_DTC_ADMIN/queuegraph/createrrd.sh $PATH_DTC_ETC" if [ ! -e $PATH_DTC_ETC/mailqueues.rrd ]; then $PATH_DTC_ADMIN/queuegraph/createrrd.sh $PATH_DTC_ETC fi if [ ! -e $PATH_CGIBIN/queuegraph.cgi ]; then ln -s $PATH_DTC_ADMIN/queuegraph.cgi $PATH_CGIBIN/queuegraph.cgi fi if [ -e $PATH_CGIBIN/queuegraph.cgi ]; then chown -hR ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $PATH_CGIBIN/queuegraph.cgi fi # fix path for mailqueues.rrd echoIfVerbose "-> Fixking paths in queuegraph.cgi" perl -i -p -e "s|/etc/postfix|$PATH_DTC_ETC|" $PATH_DTC_ADMIN/queuegraph.cgi if [ -z "$conf_eth2monitor" ] ; then echoIfVerbose "No interface selected: skipping the netusage.rrd setup!!!" else # # create the rrd file for netusegraph.cgi # if [ ! -e $PATH_DTC_ETC/netusage.rrd ]; then $PATH_DTC_ADMIN/netusegraph/createrrd.sh $PATH_DTC_ETC fi if [ ! -e $PATH_CGIBIN/netusegraph.cgi ]; then ln -s $PATH_DTC_ADMIN/netusegraph.cgi $PATH_CGIBIN/netusegraph.cgi fi if [ -e $PATH_CGIBIN/netusegraph.cgi ]; then # fix path for netusage.rrd perl -i -p -e "s|/etc/postfix|$PATH_DTC_ETC|" $PATH_DTC_ADMIN/netusegraph.cgi chown -hR ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $PATH_CGIBIN/netusegraph.cgi fi fi # # create the rrd file for cpugraph.cgi # echoIfVerbose "-> Creating cpu queue rrd" if [ ! -e $PATH_DTC_ETC/cpu.rrd ]; then $PATH_DTC_ADMIN/cpugraph/createrrd.sh $PATH_DTC_ETC fi if [ ! -e $PATH_CGIBIN/cpugraph.cgi ]; then ln -s $PATH_DTC_ADMIN/cpugraph.cgi $PATH_CGIBIN/cpugraph.cgi fi echoIfVerbose "-> Fixing path in cpugraph.cgi" if [ -e $PATH_DTC_ADMIN/cpugraph.cgi ]; then # fix path for cpugraph.cgi perl -i -p -e "s|/etc/postfix|$PATH_DTC_ETC|" $PATH_DTC_ADMIN/cpugraph.cgi chown -hR ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $PATH_CGIBIN/cpugraph.cgi fi # # Create the rrd file for memgraph.cgi # echoIfVerbose "-> Creating memory rrd" if [ ! -e $PATH_DTC_ETC/memusage.rrd ]; then $PATH_DTC_ADMIN/memgraph/createrrd.sh $PATH_DTC_ETC fi if [ ! -e $PATH_CGIBIN/memgraph.cgi ]; then ln -s $PATH_DTC_ADMIN/memgraph.cgi $PATH_CGIBIN/memgraph.cgi fi echoIfVerbose "-> Fixing path in memgraph.cgi" if [ -e $PATH_DTC_ADMIN/memgraph.cgi ]; then # fix path for memgraph.cgi perl -i -p -e "s|/etc/postfix|$PATH_DTC_ETC|" $PATH_DTC_ADMIN/memgraph.cgi chown -hR ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} $PATH_CGIBIN/memgraph.cgi fi } modifySSHDConfig () { # # Modify the SSH default option to make sure the UsePAM and turn on Password auth # echoIfVerbose "===> Modifying your ssh.conf" # default to /etc/ssh/sshd_config if it's not set by the installer if [ -z ""$PATH_SSH_CONF ]; then PATH_SSH_CONF=/etc/ssh/sshd_config fi echoIfVerbose "===> Modifying SSH config to allow chroot logins... "$PATH_SSH_CONF # first we want to comment out any previously set variables # PasswordAuthentication # UsePAM TMP_FILE=`${MKTEMP} DTC_install.sshd_conf.XXXXXX` || exit 1 if grep "^PasswordAuthentication" $PATH_SSH_CONF >/dev/null 2>&1 then sed -e "s/^PasswordAuthentication/#PasswordAuthentication/" $PATH_SSH_CONF > $TMP_FILE cat <$TMP_FILE >$PATH_SSH_CONF fi if grep "^UsePAM" $PATH_SSH_CONF >/dev/null 2>&1 then sed -e "s/^UsePAM/#UsePAM/" $PATH_SSH_CONF > $TMP_FILE cat <$TMP_FILE >$PATH_SSH_CONF fi # now that we have removed the conflicting entries, add it back with the DTC required switches if grep "Configured by DTC" $PATH_SSH_CONF >/dev/null then echoIfVerbose "$PATH_SSH_CONF has been configured before..." else if ! [ -f $PATH_SSH_CONF.DTC.backup ] then echoIfVerbose "===> Backuping "$PATH_SSH_CONF cp -f "$PATH_SSH_CONF" "$PATH_SSH_CONF.DTC.backup" fi echo "# Configured by DTC 0.21 : please do not touch this line !" > $TMP_FILE echo "UsePAM yes" >> $TMP_FILE echo "PasswordAuthentication yes" >> $TMP_FILE echo "# End of DTC configuration : please don't touch this line !" >> $TMP_FILE cat <$TMP_FILE >>$PATH_SSH_CONF fi rm $TMP_FILE } modifyNSSConfig () { # # Modify /etc/nsswitch.conf # TMP_FILE=`${MKTEMP} DTC_install.nsswitch.conf.XXXXXX` || exit 1 if [ -z "$PATH_NSSWITCH_CONF" ]; then PATH_NSSWITCH_CONF=/etc/nsswitch.conf fi if -f [ $PATH_NSSWITCH_CONF ] ; then if grep "Configured by DTC" $PATH_NSSWITCH_CONF >/dev/null then echoIfVerbose "$PATH_NSSWITCH_CONF has been configured before..." else if ! [ -f $PATH_NSSWITCH_CONF.DTC.backup ] then echoIfVerbose "===> Backuping "$PATH_NSSWITCH_CONF cp -f "$PATH_NSSWITCH_CONF" "$PATH_NSSWITCH_CONF.DTC.backup" fi echo "# Configured by DTC 0.21 : please do not touch this line !" > $TMP_FILE echo " passwd: compat mysql group: compat mysql shadow: compat mysql " >> $TMP_FILE echo "# End of DTC configuration : please don't touch this line !" >> $TMP_FILE cat <$TMP_FILE >>$PATH_NSSWITCH_CONF fi rm $TMP_FILE # # Modify /etc/nss-mysql.conf and /etc/nss-mysql-root.conf # TMP_FILE=`${MKTEMP} DTC_install.nss-mysql.conf.XXXXXX` || exit 1 if [ -z "$PATH_NSS_CONF" ]; then if [ ""$UNIX_TYPE = "freebsd" ] ;then PATH_NSS_CONF="${LOCALBASE}/etc/libnss-mysql.cfg" NSSMYSQL_VERSION=libnss-mysql if [ -f $PATH_NSS_CONF ]; then if ! grep "Configured by DTC" $PATH_NSS_CONF >/dev/null then mv ${PATH_NSS_CONF} ${PATH_NSS_CONF}.before.dtc touch ${PATH_NSS_CONF} fi else touch ${PATH_NSS_CONF} fi elif [ -e /etc/libnss-mysql.cfg ]; then PATH_NSS_CONF=/etc/libnss-mysql.cfg NSSMYSQL_VERSION=libnss-mysql # mv the existing config out of the way mv $PATH_NSS_CONF $PATH_NSS_CONF.before.dtc touch ${PATH_NSS_CONF} else PATH_NSS_CONF=/etc/nss-mysql.conf NSSMYSQL_VERSION=nss-mysql fi fi if [ -z "$PATH_NSS_ROOT_CONF" ]; then if [ ""$UNIX_TYPE = "freebsd" ] ;then PATH_NSS_ROOT_CONF="${LOCALBASE}/etc/libnss-mysql-root.cfg" NSSMYSQL_VERSION=libnss-mysql if [ -f $PATH_NSS_ROOT_CONF ]; then if ! grep "Configured by DTC" $PATH_NSS_ROOT_CONF >/dev/null then mv ${PATH_NSS_ROOT_CONF} ${PATH_NSS_ROOT_CONF}.before.dtc touch ${PATH_NSS_ROOT_CONF} fi else touch ${PATH_NSS_ROOT_CONF} fi elif [ -e /etc/libnss-mysql-root.cfg ]; then PATH_NSS_ROOT_CONF=/etc/libnss-mysql-root.cfg NSSMYSQL_VERSION=libnss-mysql mv $PATH_NSS_ROOT_CONF $PATH_NSS_ROOT_CONF.before.dtc touch ${PATH_NSS_ROOT_CONF} else PATH_NSS_ROOT_CONF=/etc/nss-mysql-root.conf NSSMYSQL_VERSION=nss-mysql fi fi if grep "Configured by DTC" $PATH_NSS_CONF >/dev/null then echoIfVerbose "$PATH_NSS_CONF has been configured before..." else if ! [ -f $PATH_NSS_CONF.DTC.backup ] then echoIfVerbose "===> Backuping "$PATH_NSS_CONF cp -f "$PATH_NSS_CONF" "$PATH_NSS_CONF.DTC.backup" fi echo "# Configured by DTC 0.21 : please do not touch this line !" > $TMP_FILE if [ ""$NSSMYSQL_VERSION = "nss-mysql" ]; then echo " users.host = inet:localhost:3306; users.database = ${conf_mysql_db}; users.db_user = dtcdaemons; users.db_password = ${MYSQL_DTCDAEMONS_PASS}; users.backup_host =; users.backup_database =; users.table = ssh_access; users.where_clause =; users.user_column = ssh_access.login; users.password_column = ssh_access.crypt; users.userid_column = ssh_access.uid; users.uid_column = ssh_access.uid; users.gid_column = ssh_access.gid; users.realname_column = \"DTC User\"; users.homedir_column = ssh_access.homedir; users.shell_column = ssh_access.shell; groups.group_info_table = ssh_groups; groups.where_clause =; groups.group_name_column = ssh_groups.group_name; groups.groupid_column = ssh_groups.group_id; groups.gid_column = ssh_groups.gid; groups.password_column = ssh_groups.group_password; groups.members_table = ssh_user_group; groups.member_userid_column = ssh_user_group.user_id; groups.member_groupid_column = ssh_user_group.group_id; " >> $TMP_FILE else # this is the libnss version echo " [queries] getpwnam SELECT login,'*',uid,gid,'DTC User',homedir,shell FROM ssh_access WHERE login='%1$s' LIMIT 1 getpwuid SELECT login,'*',uid,gid,'DTC User',homedir,shell FROM ssh_access WHERE uid='%1$u' LIMIT 1 getpwent SELECT login,'*',uid,gid,'DTC User',homedir,shell FROM ssh_access getgrnam SELECT group_name,group_password,group_id FROM ssh_groups WHERE group_name='%1$s' LIMIT 1 getgrgid SELECT group_name,group_password,group_id FROM ssh_groups WHERE group_id='%1$u' LIMIT 1 getgrent SELECT group_name,group_password,group_id FROM ssh_groups memsbygid SELECT login FROM ssh_access WHERE gid='%1$u' gidsbymem SELECT gid FROM ssh_access WHERE login='%1$s' getspnam SELECT login,crypt,UNIX_TIMESTAMP() - 10,1,2,7,-1,-1,0 FROM ssh_access WHERE ssh_access.login='%1$s' LIMIT 1 getspent SELECT login,crypt,UNIX_TIMESTAMP() - 10,1,2,7,-1,-1,0 FROM ssh_access [server] host localhost port 3306 database ${conf_mysql_db} username dtcdaemons password ${MYSQL_DTCDAEMONS_PASS} " >> $TMP_FILE fi echo "# End of DTC configuration : please don't touch this line !" >> $TMP_FILE cat <$TMP_FILE >>$PATH_NSS_CONF fi # fix perm for the nss root configuration chmod 400 $PATH_NSS_CONF if grep "Configured by DTC" $PATH_NSS_ROOT_CONF >/dev/null then echoIfVerbose "$PATH_NSS_ROOT_CONF has been configured before..." else if ! [ -f $PATH_NSS_ROOT_CONF.DTC.backup ] then echoIfVerbose "===> Backuping "$PATH_NSS_ROOT_CONF cp -f "$PATH_NSS_ROOT_CONF" "$PATH_NSS_ROOT_CONF.DTC.backup" fi echo "# Configured by DTC 0.21 : please do not touch this line !" > $TMP_FILE if [ ""$NSSMYSQL_VERSION = "nss-mysql" ]; then echo " shadow.host = inet:localhost:3306; shadow.database = ${conf_mysql_db}; shadow.db_user = dtcdaemons; shadow.db_password = ${MYSQL_DTCDAEMONS_PASS}; shadow.backup_host =; shadow.backup_database =; shadow.table = ssh_access; shadow.where_clause =; shadow.userid_column = ssh_access.uid; shadow.user_column = ssh_access.login; shadow.password_column = ssh_access.crypt; shadow.lastchange_column = UNIX_TIMESTAMP()-10; shadow.min_column = 1; shadow.max_column = 2; shadow.warn_column = 7; shadow.inact_column = -1; shadow.expire_column = -1; " >> $TMP_FILE else # libnss version echo "[server] host localhost port 3306 database ${conf_mysql_db} username dtcdaemons password ${MYSQL_DTCDAEMONS_PASS} " >> $TMP_FILE fi echo "# End of DTC configuration : please don't touch this line !" >> $TMP_FILE cat <$TMP_FILE >>$PATH_NSS_ROOT_CONF fi # fix perm for the nss root configuration chmod 400 $PATH_NSS_ROOT_CONF rm $TMP_FILE else echo "-> Didn't find libnss nsswitch.conf: configuration of libnssmysql aborded" fi } # # Install the cron php4 scripts in the $PATH_CRONTAB_CONF # # just in case we haven't specified PATH_CRONTAB_CONF, default to /etc/crontab if [ -z ""$PATH_CRONTAB_CONF ]; then PATH_CRONTAB_CONF=/etc/crontab fi modifyCrontab () { echoIfVerbose "===> Installing cron script in "$PATH_CRONTAB_CONF if grep "Configured by DTC " $PATH_CRONTAB_CONF >/dev/null then echoIfVerbose "/etc/crontab has been configured before : skinping include inssertion" else echoIfVerbose "Inserting DTC cronjob in "$PATH_CRONTAB_CONF if ! [ -f $PATH_CRONTAB_CONF.DTC.backup ] then cp -f $PATH_CRONTAB_CONF $PATH_CRONTAB_CONF.DTC.backup fi # Under Debian, we use cron.d in the rules file as much as possible # (unfortunatly, I don't know if it's possible to make it dynamic) if [ ! ""$UNIX_TYPE = "debian" ] ; then TMP_FILE=`${MKTEMP} DTC_install.crontab.XXXXXX` || exit 1 echo "# Configured by DTC v0.10 : Please don't touch this line !" > $TMP_FILE echo "00,10,20,30,40,50 * * * * root cd $PATH_DTC_ADMIN; $PATH_PHP_CGI $PATH_DTC_ADMIN/cron.php >>/var/log/dtc.log" >> $TMP_FILE echo "9 4 * * * ${CONF_DTC_SYSTEM_USERNAME} cd $PATH_DTC_ADMIN; nice -n+20 $PATH_PHP_CGI $PATH_DTC_ADMIN/accesslog.php" >> $TMP_FILE if [ ! ""$UNIX_TYPE = "freebsd" ]; then echo "* * * * * root cd $PATH_DTC_ADMIN; nice -n+20 $PATH_DTC_ADMIN/cpugraph/get_cpu_load.sh $PATH_DTC_ETC >>/var/log/dtc.log" >> $TMP_FILE echo "* * * * * root cd $PATH_DTC_ADMIN; nice -n+20 $PATH_DTC_ADMIN/netusegraph/get_net_usage.sh $PATH_DTC_ETC \"$conf_eth2monitor\" >>/var/log/dtc.log" >> $TMP_FILE echo "* * * * * root cd $PATH_DTC_ADMIN; nice -n+20 $PATH_DTC_ADMIN/memgraph/get_meminfo.sh $PATH_DTC_ETC >>/var/log/dtc.log" >> $TMP_FILE else echo "#* * * * * root cd $PATH_DTC_ADMIN; nice -n+20 $PATH_DTC_ADMIN/cpugraph/get_cpu_load.sh $PATH_DTC_ETC >>/var/log/dtc.log" >> $TMP_FILE echo "#* * * * * root cd $PATH_DTC_ADMIN; nice -n+20 $PATH_DTC_ADMIN/netusegraph/get_net_usage.sh $PATH_DTC_ETC \"$conf_eth2monitor\" >>/var/log/dtc.log" >> $TMP_FILE echo "#* * * * * root cd $PATH_DTC_ADMIN; nice -n+20 $PATH_DTC_ADMIN/memgraph/get_meminfo.sh $PATH_DTC_ETC >>/var/log/dtc.log" >> $TMP_FILE fi echo "9 3 * * * root cd $PATH_DTC_ADMIN; $PATH_PHP_CGI $PATH_DTC_ADMIN/reminders.php" >> $TMP_FILE if [ ""$conf_mta_type = "postfix" -o ""$conf_mta_type = "p" ]; then echo "* * * * * root cd $PATH_DTC_ADMIN; $PATH_DTC_ADMIN/queuegraph/count_postfix.sh $PATH_DTC_ETC >>/var/log/dtc.log" >> $TMP_FILE fi if [ ""$conf_mta_type = "qmail" -o ""$conf_mta_type = "q" ]; then echo "* * * * * root cd $PATH_DTC_ADMIN; nice -n+20 $PATH_DTC_ADMIN/queuegraph/count_qmail.sh $PATH_DTC_ETC >>/var/log/dtc.log" >> $TMP_FILE fi cat < $TMP_FILE >>/etc/crontab rm $TMP_FILE else if [ ""$conf_mta_type = "postfix" -o ""$conf_mta_type = "p" ]; then echo "* * * * * root cd $PATH_DTC_ADMIN; $PATH_DTC_ADMIN/queuegraph/count_postfix.sh $PATH_DTC_ETC >>/var/log/dtc.log" > /etc/cron.d/dtc-mail-queue-graph fi if [ ""$conf_mta_type = "qmail" -o ""$conf_mta_type = "q" ]; then echo "* * * * * root cd $PATH_DTC_ADMIN; nice -n+20 $PATH_DTC_ADMIN/queuegraph/count_qmail.sh $PATH_DTC_ETC >>/var/log/dtc.log" > /etc/cron.d/dtc-mail-queue-graph fi fi fi } reportingInstall () { if [ -e /usr/bin/wget ] ; then WGET="/usr/bin/wget" else WGET=`which wget` fi if [ ""$conf_report_setup = "true" -a -x $WGET ] ; then echoIfVerbose "===> Reporting install using $WGET -b -q --output-document=/dev/null http://www.gplhost.com/dtc-install-stats.php?ostype=${UNIX_TYPE}" $WGET -b -q --output-document=/dev/null "http://www.gplhost.com/dtc-install-stats.php?ostype=${UNIX_TYPE}" -o /dev/null >/dev/null else echoIfVerbose "===> Not reporting install this time..." fi } startPhpCronScript () { if [ ""$VERBOSE_INSTALL = "yes" ] ;then echo "***********************************************************" echo "*** Please wait while DTC configures all the daemons... ***" echo "***********************************************************" curdir=`pwd` cd $PATH_DTC_ADMIN; $PATH_PHP_CGI $PATH_DTC_ADMIN/cron.php cd $curdir echo "--- --- --- INSTALLATION FINISHED --- --- ---" else curdir=`pwd` cd $PATH_DTC_ADMIN; $PATH_PHP_CGI $PATH_DTC_ADMIN/cron.php 2>&1 >/var/log/dtc.log echo "done!" cd $curdir fi } echoEndMessage () { echo "" echo "Browse to: \"http://"$dtc_admin_subdomain"."$main_domain_name"/dtcadmin/\"" echo " or to: \"https://"$dtc_admin_subdomain"."$main_domain_name"/dtcadmin/\"" echo "with login/pass of the main domain admin." echo "Remember to relaunch this installer if you" echo "install some other mail servers, whatever" echo "it is (qmail, postfix, courier, etc...)." echo "NOTE: please check sshd_config and then restart ssh" echo "Visit DTC Home page:" echo "http://www.gplhost.com/software-dtc.html" } createChrootTemplate () { checkBsdKernel if [ -z $conf_chroot_path"" ] ; then CHROOT_DIR=/var/www/chroot fi echoIfVerbose "===> Creating chroot tree in "$conf_chroot_path" for unix type: "$UNIX_TYPE # set our umask so things are created with the correct group perms umask 022 # now onto the creation mkdir -p $conf_chroot_path cd $conf_chroot_path # create directory structure mkdir -p etc dev bin lib tmp var/tmp var/run sbin libexec mkdir -p usr/bin usr/lib usr/libexec usr/share usr/lib/zoneinfo # make devices - adjust MAJOR/MINOR as appropriate ( see ls -l /dev/* ) if ! [ ""$conf_omit_dev_mknod = "true" ] ; then echoIfVerbose "-> Making devices" if ! [ -e dev/null ] ; then if [ $UNIX_TYPE"" = "freebsd" -o $UNIX_TYPE"" = "osx" ] ; then mknod dev/null c 2 2 # FreeBSD? else mknod dev/null c 1 3 # Linux fi fi if [ $UNIX_TYPE"" = "freebsd" -o $UNIX_TYPE"" = "osx" ] ; then if [ $kernel"" = "OpenBSD" ] ; then if ! [ -e dev/urandom ] ; then mknod dev/urandom c 45 2 # OpenBSD ? fi else if ! [ -e dev/random ] ; then mknod dev/random c 2 3 # FreeBSD fi if ! [ -e dev/urandom ] ; then mknod dev/urandom c 2 3 fi fi else if ! [ -e dev/random ] ; then mknod dev/random c 1 8 # Linux fi if ! [ -e dev/urandom ] ; then mknod dev/urandom c 1 9 # Linux fi fi # some external programs may need these: if [ $UNIX_TYPE"" = "freebsd" -o $UNIX_TYPE"" = "osx" ] ; then if ! [ -e dev/stdin ] ; then mknod dev/stdin c 22 0 # FreeBSD, OpenBSD fi if ! [ -e dev/stdout ] ; then mknod dev/stdout c 22 1 # FreeBSD, OpenBSD fi if ! [ -e dev/stderr ] ; then mknod dev/stderr c 22 2 # FreeBSD, OpenBSD fi fi fi # copy required binaries to $conf_chroot_path/usr/bin and $conf_chroot_path/bin echoIfVerbose "-> Copying utilities" if [ -e /bin/bzip2 ] ; then cp -pf /bin/bzip2 usr/bin/ fi if [ -e /usr/bin/bzip2 ] ; then cp -pf /usr/bin/bzip2 usr/bin/ fi if [ -e /usr/bin/file ] ; then cp -pf /usr/bin/file usr/bin/ fi # copy zip and unzip if they are present if [ -e /usr/bin/zip ] ; then cp -pf /usr/bin/zip bin/ fi if [ -e /usr/bin/unzip ] ; then cp -pf /usr/bin/unzip bin/ fi if [ -e /bin/bash ] ; then cp -pf /bin/bash bin fi if [ -e /usr/bin/bash ] ; then cp -pf /usr/bin/bash bin fi if [ -e /usr/bin/tar ]; then cp -pf /usr/bin/tar bin fi if [ -e /bin/tar ]; then cp -pf /bin/tar bin fi if [ -e /usr/bin/false ]; then cp -pf /usr/bin/false bin fi if [ -e /bin/false ]; then cp -pf /bin/false bin fi if [ -e /usr/bin/sftp ]; then cp -pf /usr/bin/sftp bin/ fi # the sftp-server binary can be in /usr/lib or /lib, so check both places if [ -e /usr/lib/sftp-server ]; then cp -pf /usr/lib/sftp-server usr/lib/ fi if [ -e /lib/sftp-server ]; then cp -pf /lib/sftp-server lib/ fi if [ -e /usr/bin/scp ]; then cp -pf /usr/bin/scp bin/ fi # copy more required binaries to $conf_chroot_path/bin cp -pf /bin/sh /bin/echo /bin/ls /bin/pwd /bin/cat bin/ if [ $UNIX_TYPE"" = "freebsd" ] ; then cp -pf /usr/bin/cpio usr/bin cp -pf /libexec/ld-elf.so.1 libexec cp -pf /bin/rm /bin/mv /usr/bin/gunzip /usr/bin/tar /usr/bin/false bin/ elif [ $UNIX_TYPE"" = "osx" ] ; then cp -pf /usr/bin/cpio usr/bin cp -pf /usr/bin/rm /usr/bin/mv /usr/bin/gunzip /usr/bin/tar /usr/bin/false bin/ else cp -pf /bin/rm /bin/mv /bin/gunzip bin/ cp -pf /bin/cpio usr/bin fi # copy ldconfig from sbin to $conf_chroot_path/sbin if ! [ $UNIX_TYPE"" = "osx" ] ; then cp -pf /sbin/ldconfig sbin/ fi echoIfVerbose "-> Creating /etc template" # copy needed /etc files to $conf_chroot_path/etc cp -pf /etc/protocols /etc/services /etc/hosts /etc/resolv.conf etc/ # generate /etc/passwd and /etc/group # ignore errors set +e grep daemon /etc/passwd > etc/passwd grep bin /etc/passwd >> etc/passwd grep sys /etc/passwd >> etc/passwd grep man /etc/passwd >> etc/passwd grep lp /etc/passwd >> etc/passwd grep mail /etc/passwd >> etc/passwd grep news /etc/passwd >> etc/passwd grep uucp /etc/passwd >> etc/passwd grep www-data /etc/passwd >> etc/passwd # generate this one manually: grep nobody /etc/passwd >> etc/passwd grep daemon /etc/group > etc/group grep bin /etc/group >> etc/group grep sys /etc/group >> etc/group grep man /etc/group >> etc/group grep lp /etc/group >> etc/group grep mail /etc/group >> etc/group grep news /etc/group >> etc/group grep uucp /etc/group >> etc/group grep www-data /etc/group >> etc/group grep ${CONF_DTC_SYSTEM_GROUPNAME} /etc/group >> etc/group grep ${CONF_DTC_SYSTEM_USERNAME} /etc/group >> etc/group set -e # fix entry for nobody in /etc/passwd echo "${CONF_DTC_SYSTEM_USERNAME}:x:${CONF_DTC_SYSTEM_UID}:${CONF_DTC_SYSTEM_GID}:${CONF_DTC_SYSTEM_USERNAME}:/html:/bin/bash" >> etc/passwd # create shadow account line for nobody echo "${CONF_DTC_SYSTEM_USERNAME}::12719:0:99999:7:::" > etc/shadow chown ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} etc/shadow if [ -e /etc/host.conf ] ; then cp -pf /etc/host.conf etc/ fi if [ -e /etc/ld.conf ] ; then cp -pf /etc/ld.conf etc/ fi if [ -e /etc/nsswitch.conf ] ; then cp -pf /etc/nsswitch.conf etc/ fi if [ -e /etc/localtime ] ; then cp -pf /etc/localtime etc/ fi # copy shared libraries to $conf_chroot_path/lib # (check: ldd /usr/bin/perl (or other binary) to see which ones are needed) # #FreeBSD: #for j in \ echoIfVerbose "-> Copying essential libraries" if [ $UNIX_TYPE"" = "freebsd" ] ; then cp -f /lib/libc.so* /lib/libm.so* lib/ cp -f /usr/lib/libc.so* usr/lib/ cp -pf /usr/lib/libm.so* usr/lib/ cp -pf /usr/lib/libstdc\+\+.so* usr/lib/ if [ -e /usr/compat/linux/usr/lib/libz.so.1 ] ; then cp /usr/compat/linux/usr/lib/libz.so.1 usr/lib fi else if [ $UNIX_TYPE"" = "osx" ] ; then mkdir -p usr/lib echo "-> usr/lib" cp -pf /usr/lib/dyld /usr/lib/libSystem.B.dylib \ /usr/lib/libc.dylib /usr/lib/libdl.dylib \ /usr/lib/libncurses.5.dylib /usr/lib/libpam.dylib \ /usr/lib/libpthread.dylib usr/lib/ cp -pf /usr/lib/dylib1.o /usr/lib/libSystem.dylib \ /usr/lib/libcrypto.dylib /usr/lib/libm.dylib \ /usr/lib/libncurses.dylib /usr/lib/libpam_misc.dylib \ /usr/lib/libz.dylib usr/lib echo "-> usr/lib/system" mkdir -p usr/lib/system cp -pf /usr/lib/system/libmathCommon.A.dylib usr/lib/system else FOUNDED_ARCH=`uname -m` if [ ""$FOUNDED_ARCH = "x86_64" ] ; then if [ ! -e lib64 ]; then ln -s lib lib64 fi fi if [ -e /lib/ld-linux.so.2 ] ; then cp -pf /lib/ld-linux.so.2 lib/ fi if [ -e /lib/ld-linux-x86-64.so.2 ] ; then cp -pf /lib/ld-linux-x86-64.so.2 lib/ fi cp -pf /lib/libdl.so.2 lib/ cp -pf /lib/libm.so.6 lib/ cp -pf /lib/libpthread.so.0 lib/ cp -pf /lib/libc.so.6 lib/ cp -pf /lib/libcrypt.so.1 lib/ cp -pf /lib/librt.so.1 lib/ cp -pf /lib/libnss_compat.so.2 /lib/libnsl.so.1 /lib/libnss_files.so.2 \ /lib/libpam.so.0 /lib/libpam_misc.so.0 lib/ if [ -e /lib/libncurses.so.5 ]; then cp /lib/libncurses.so.5 lib/ fi if [ -e /usr/lib/libncurses.so.5 ]; then cp /usr/lib/libncurses.so.5 lib/ fi if [ -e /lib/libacl.so.1 ]; then cp /lib/libacl.so.1 lib/ fi if [ -e /lib/libattr.so.1 ]; then cp /lib/libattr.so.1 lib/ fi if [ -e /lib/libcap.so.1 ]; then cp /lib/libcap.so.1 lib/ fi if [ -e /lib/libbz2.so.1.0 ]; then cp /lib/libbz2.so.1.0 lib/ fi if [ -e /usr/lib/libbz2.so.1.0 ]; then cp /usr/lib/libbz2.so.1.0 lib/ fi if [ -e /usr/lib/libmagic.so.1 ] then cp -pf /usr/lib/libmagic.so.1 lib/ fi if [ $UNIX_TYPE"" = "gentoo" ] ; then cp -pf /lib/libz.so.1 lib/ else cp -pf /usr/lib/libz.so.1 lib/ fi # libs for sftp and scp if [ -e /lib/libresolv.so.2 ]; then cp -pf /lib/libresolv.so.2 lib/ fi if [ -e /usr/lib/libcrypto.so.0.9.7 ]; then cp -pf /usr/lib/libcrypto.so.0.9.7 lib/ fi if [ -e /usr/lib/libcrypto.so.0.9.8 ]; then cp -pf /usr/lib/libcrypto.so.0.9.8 lib/ fi if [ -e /lib/libutil.so.1 ]; then cp -pf /lib/libutil.so.1 lib/ fi fi fi # magic files needed by file(1). Different versions and installations # expect magic files in different locations. Check the documentation. # Some usual locations are: if [ -e /usr/share/misc/file ] ; then #cp -pf /usr/local/share/file/* usr/local/share/file/ mkdir -p usr/share/misc/file cp -pf /usr/share/misc/file/magic* usr/share/misc/file #cp -pf /usr/share/magic usr/share/ fi # No need anymore - fix up pam.d into jail # if [ -e /etc/pam.d ]; then # mkdir -p ./etc/pam.d/ # cp /etc/pam.d/* ./etc/pam.d/ # fi # No need anymore - copy PAM-Modules to jail #if [ -e /lib/security ]; then #cp -r /lib/security ./lib/ #fi #if [ -e /etc/security ]; then # cp -r /etc/security ./etc/ #fi if [ -e /etc/login.defs ]; then cp /etc/login.defs ./etc/ fi # now we have come this far, make sure our chroot includes enough libs for this environment echoIfVerbose "-> Some ldd things" LDD=`which ldd` if [ -n "$LDD" -a ! $UNIX_TYPE"" = "freebsd" ]; then for i in bin/* ; do for j in `$LDD $i | cut -f 1 -d' '`; do if [ -e $j ]; then cp -pf $j lib/ fi if [ -e /lib/$j ]; then cp -pf /lib/$j lib/ fi if [ -e /usr/lib/$j ]; then cp -pf /usr/lib/$j lib/ fi if [ -e /usr/local/lib/$j ]; then cp -pf /usr/local/lib/$j lib/ fi done done fi # if we have a sudo binary around, then use it to create our chroot shell SUDO=`which sudo` if [ -n "$SUDO" ] ; then # create a chroot shell script echoIfVerbose "Creating chroot shell script..." SHELL=/bin/dtc-chroot-shell echo '#!/bin/sh' > $SHELL echo "`which sudo` -H `which chroot` \$HOME /bin/su - \$USER" \"\$@\" >> $SHELL chmod 755 $SHELL # fix sudoers # fix /etc/shells fi # set protections echoIfVerbose "-> Fixup rights" chmod 1770 tmp chmod 1770 var/tmp if ! [ ""$conf_omit_dev_mknod = "true" ] ; then chmod 666 dev/null chmod 644 dev/*random fi #now need to copy over the perl binary and some modules cp -pf /usr/bin/perl usr/bin/ echoIfVerbose "-> Managing ldconfig" if [ $UNIX_TYPE"" = "freebsd" ] ;then # now create our ld.so cache cp /libexec/ld-elf.so.1 $conf_chroot_path/libexec chroot $conf_chroot_path ./sbin/ldconfig # just in case we have wiped our /etc/ld.so.cache (run locally) /sbin/ldconfig else if ! [ $UNIX_TYPE"" = "osx" ] ;then # now create our ld.so cache mkdir -p $conf_chroot_path/etc touch $conf_chroot_path/etc/ld.so.cache touch $conf_chroot_path/etc/ld.so.conf chroot $conf_chroot_path ./sbin/ldconfig # just in case we have wiped our /etc/ld.so.cache (run locally) /sbin/ldconfig fi fi chown ${CONF_DTC_SYSTEM_USERNAME}:${CONF_DTC_SYSTEM_GROUPNAME} etc dev bin lib tmp var sbin libexec usr echoIfVerbose "-> Done chroot template!" } checkBsdKernel () { echoIfVerbose "===> Checking BSD type" kernel=`uname -a | awk '{print $1}'`; echoIfVerbose "Kernel: $kernel" } enableBsdBind () { checkBsdKernel if [ $kernel = "FreeBSD" ] || [ $kernel = "NetBSD" ]; then named=`grep named_enable /etc/rc.conf` nonamed=`cat /etc/rc.conf | grep named | awk '{print $1}' | grep NO` if [ "$named" = "" ] || [ "$nonamed" != "" ]; then echo "===> FreeBSD or NetBSD: Backing up /etc/rc.conf and inserting named_enable=YES" cp /etc/rc.conf /etc/rc.conf.old echo "/etc/rc.conf /etc/rc.conf.old saved" cat /etc/rc.conf | grep -v "named" >> /etc/rc.tmp echo 'named_enable="YES" # Run named, the DNS server (or NO).' >> /etc/rc.tmp echo 'named_program="/usr/sbin/named" # path to named, if you want a different one.' >> /etc/rc.tmp echo '#named_flags="-u bind -g bind" # Flags for named' >> /etc/rc.tmp mv /etc/rc.tmp /etc/rc.conf echo "named /etc/rc.conf injected" else echo "===> /etc/rc.conf is already configured: leaving..." fi fi if [ $kernel = "OpenBSD" ]; then flag=`grep named_flags=\"-c /etc/rc.conf` echo "conf $flag" if [ "$flag" = "" ]; then echo "===> OpenBSD: Backing up /etc/rc.conf and inserting named_flags=\"-c /etc/named.conf\"" echo "/etc/rc.conf no named" cp /etc/rc.conf /etc/rc.conf.old echo "/etc/rc.conf /etc/rc.conf.old saved" cat /etc/rc.conf | grep -v "named_flags=NO" >> /etc/rc.tmp echo 'named_flags="-c /etc/named.conf"' >> /etc/rc.tmp mv /etc/rc.tmp /etc/rc.conf echo "named /etc/rc.conf injected" if [ ! -f /etc/named.conf ]; then echo "no /etc/named.conf" if ! [ ! -f /var/named/etc/named.conf ]; then cp /var/named/etc/named.conf /etc/named.conf echo "/var/named/etc/named.conf /etc/named.conf copied" else mv /etc/rc.conf.old /etc/rc.conf echo "/etc/rc.conf.old /etc/rc.conf replaced" echo "set named at your own configuration in /etc/rc.conf and in your named.conf" fi echo "conf named.conf done" fi echo "conf /etc/rc.conf done" fi echo "conf done" fi } copyBsdPhpIni () { # Copy dist file if no php.ini is there yet... if [ -e /usr/local/etc/php.ini-dist ] ; then if ! [ -e /usr/local/etc/php.ini ] ; then cp /usr/local/etc/php.ini-dist /usr/local/etc/php.ini fi fi } ########################## HERE STARTS THE UNINSTALLER ################### deleteGeneratedFiles () { rm -f ${PATH_DTC_ADMIN}/.htaccess rm -f ${PATH_DTC_SHARED}/shared/cyrus.php rm -f ${PATH_DTC_SHARED}/shared/mysql_config.php if [ -e /bin/dtc-chroot-shell ] ; then rm /bin/dtc-chroot-shell fi rm -f ${PATH_DTC_SHARED}/etc/apache.pid } uninstallCrontab () { if grep "Configured by DTC" $PATH_CRONTAB_CONF >/dev/null then echoIfVerbose "===> Uninstalling inclusion from crontab" TMP_FILE=`${MKTEMP} DTC_uninstall.crontab.XXXXXX` || exit 1 TMP_FILE2=`${MKTEMP} DTC_uninstall.crontab.XXXXXX` || exit 1 grep -v "Configured by DTC" $PATH_CRONTAB_CONF > $TMP_FILE grep -v "cd /usr/share/dtc/admin; " $TMP_FILE > $TMP_FILE2 # don't rm the original file, just empty it so we keep permissions echo -n > $PATH_CRONTAB_CONF cat < $TMP_FILE2 >> $PATH_CRONTAB_CONF rm -f $TMP_FILE $TMP_FILE2 fi # Those are for debian if [ -f "/etc/cron.d/dtc-mail-queue-graph" ] ; then rm -f /etc/cron.d/dtc-mail-queue-graph fi if [ -f "/etc/cron.d/dtc-postfix-courier" ] ; then rm -f /etc/cron.d/dtc-postfix-courier fi if [ -f "/etc/cron.d/dtc" ] ; then rm -f /etc/cron.d/dtc fi } uninstallNamed () { if grep "Configured by DTC" $PATH_NAMED_CONF >/dev/null then echoIfVerbose "===> Uninstalling inclusion from named.conf" TMP_FILE=`${MKTEMP} DTC_uninstall.named.conf.XXXXXX` || exit 1 TMP_FILE2=`${MKTEMP} DTC_uninstall.named.conf.XXXXXX` || exit 1 grep -v "Configured by DTC" $PATH_NAMED_CONF > $TMP_FILE grep -v "include \"$PATH_DTC_ETC/named.conf\"" $TMP_FILE > $TMP_FILE2 cp -f $PATH_NAMED_CONF $PATH_NAMED_CONF.DTC.removed # don't rm the original file, just empty it echo -n > $PATH_NAMED_CONF cat < $TMP_FILE2 >> $PATH_NAMED_CONF rm -f $TMP_FILE $TMP_FILE2 fi } uninstallHttpdConfig () { # # uninstall httpd.conf # if grep "Configured by DTC" $PATH_HTTPD_CONF >/dev/null 2>&1 then echoIfVerbose "===> Uninstalling inclusion from httpd.conf" TMP_FILE=`$MKTEMP DTC_uninstall.httpd.conf.XXXXXX` || exit 1 start_line=`grep -n "Configured by DTC" $PATH_HTTPD_CONF | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_HTTPD_CONF| cut -d":" -f1` nbr_line=`cat $PATH_HTTPD_CONF | wc -l` cat $PATH_HTTPD_CONF | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_HTTPD_CONF | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cat < $TMP_FILE >$PATH_HTTPD_CONF rm $TMP_FILE fi if [ -e /etc/apache2/ports.conf ] ; then echoIfVerbose "===> Uninstalling ports.conf" if [ -e /etc/apache2/ports.conf.DTC_backup ] ;then cat Uninstalling inclusion from courier authdaemonrc" if grep "Configured by DTC" $PATH_COURIER_CONF_PATH/authdaemonrc >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_COURIER_CONF_PATH/authdaemonrc | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_COURIER_CONF_PATH/authdaemonrc| cut -d":" -f1` nbr_line=`cat $PATH_COURIER_CONF_PATH/authdaemonrc | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.courier.conf.XXXXXX` || exit 1 cat $PATH_COURIER_CONF_PATH/authdaemonrc | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_COURIER_CONF_PATH/authdaemonrc | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_COURIER_CONF_PATH/authdaemonrc $PATH_COURIER_CONF_PATH/authdaemonrc.DTC.removed echo -n > $PATH_COURIER_CONF_PATH/authdaemonrc cat < $TMP_FILE >> $PATH_COURIER_CONF_PATH/authdaemonrc rm $TMP_FILE fi } uninstallDevecotConfig () { # # uninstall dovecot.conf # echoIfVerbose "===> Uninstalling inclusion from dovecot.conf" if grep "Configured by DTC" $PATH_DOVECOT_CONF >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_DOVECOT_CONF | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_DOVECOT_CONF| cut -d":" -f1` nbr_line=`cat $PATH_DOVECOT_CONF | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.dovecot.conf.XXXXXX` || exit 1 cat $PATH_DOVECOT_CONF | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_DOVECOT_CONF | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_DOVECOT_CONF $PATH_DOVECOT_CONF.DTC.removed echo -n > $PATH_DOVECOT_CONF cat < $TMP_FILE >> $PATH_DOVECOT_CONF rm $TMP_FILE fi } uninstallProftpdConfig () { # # uninstall proftpd.conf # echoIfVerbose "===> Uninstalling inclusion from proftpd.conf" if grep "Configured by DTC" $PATH_PROFTPD_CONF >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_PROFTPD_CONF | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_PROFTPD_CONF| cut -d":" -f1` nbr_line=`cat $PATH_PROFTPD_CONF | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.proftpd.conf.XXXXXX` || exit 1 cat $PATH_PROFTPD_CONF | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_PROFTPD_CONF | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_PROFTPD_CONF $PATH_PROFTPD_CONF.DTC.removed echo -n > $PATH_PROFTPD_CONF cat < $TMP_FILE >> $PATH_PROFTPD_CONF rm $TMP_FILE fi } uninstallPostfix () { # # uninstall postfix/main.cf # echoIfVerbose "===> Uninstalling inclusion from postfix/main.cf" if grep "Configured by DTC" $PATH_POSTFIX_CONF >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_POSTFIX_CONF | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_POSTFIX_CONF| cut -d":" -f1` nbr_line=`cat $PATH_POSTFIX_CONF | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.postfix.conf.XXXXXX` || exit 1 cat $PATH_POSTFIX_CONF | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_POSTFIX_CONF | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_POSTFIX_CONF $PATH_POSTFIX_CONF.DTC.removed echo -n > $PATH_POSTFIX_CONF cat < $TMP_FILE >> $PATH_POSTFIX_CONF rm $TMP_FILE fi # # uninstall postfix/master.cf # echoIfVerbose "===> Uninstalling inclusion from postfix/master.cf" if grep "Configured by DTC" ${PATH_POSTFIX_ETC}/master.cf >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" ${PATH_POSTFIX_ETC}/master.cf | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" ${PATH_POSTFIX_ETC}/master.cf | cut -d":" -f1` nbr_line=`cat ${PATH_POSTFIX_ETC}/master.cf | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.postfix.conf.XXXXXX` || exit 1 cat ${PATH_POSTFIX_ETC}/master.cf | head -n $(($start_line - 1 )) > $TMP_FILE cat ${PATH_POSTFIX_ETC}/master.cf | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f ${PATH_POSTFIX_ETC}/master.cf ${PATH_POSTFIX_ETC}/master.cf.DTC.removed echo -n > ${PATH_POSTFIX_ETC}/master.cf cat < $TMP_FILE >> ${PATH_POSTFIX_ETC}/master.cf rm $TMP_FILE fi # # uninstall postfix/sasl/smtpd.conf # echoIfVerbose "===> Uninstalling inclusion from postfix/sasl/smtpd.conf" if grep "Configured by DTC" $PATH_POSTFIX_ETC/sasl/smtpd.conf >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_POSTFIX_ETC/sasl/smtpd.conf | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_POSTFIX_ETC/sasl/smtpd.conf | cut -d":" -f1` nbr_line=`cat $PATH_POSTFIX_ETC/sasl/smtpd.conf | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.postfix.sasl.XXXXXX` || exit 1 cat $PATH_POSTFIX_ETC/sasl/smtpd.conf | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_POSTFIX_ETC/sasl/smtpd.conf | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_POSTFIX_ETC/sasl/smtpd.conf $PATH_POSTFIX_CONF.DTC.removed echo -n > $PATH_POSTFIX_ETC/sasl/smtpd.conf cat < $TMP_FILE >> $PATH_POSTFIX_ETC/sasl/smtpd.conf rm $TMP_FILE fi } uninstallAmavisConf () { # # uninstall amavis/amavisd.conf # PATH_AMAVISD_ETC=`dirname $PATH_AMAVISD_CONF` # if there is no amavisd conf, but there is a conf.d, delete a 99-dtc file if [ ! -f "$PATH_AMAVISD_CONF" -a -e $PATH_AMAVISD_ETC/conf.d/99-dtc ]; then rm $PATH_AMAVISD_ETC/conf.d/99-dtc fi echoIfVerbose "===> Uninstalling inclusion from amavis/amavisd.conf" if grep "Configured by DTC" $PATH_AMAVISD_CONF >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_AMAVISD_CONF | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_AMAVISD_CONF| cut -d":" -f1` nbr_line=`cat $PATH_AMAVISD_CONF | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.amavisd.conf.XXXXXX` || exit 1 cat $PATH_AMAVISD_CONF | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_AMAVISD_CONF | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_AMAVISD_CONF $PATH_AMAVISD_CONF.DTC.removed echo -n > $PATH_AMAVISD_CONF cat < $TMP_FILE >> $PATH_AMAVISD_CONF rm $TMP_FILE fi } uninstallQmail () { # # Uninstall qmail # echoIfVerbose "===> Uninstalling from qmail" if [ -e /var/qmail ] then if [ -e /var/qmail/control/rcpthosts.DTC.backup ] ; then cp -f /var/qmail/control/rcpthosts.DTC.backup /var/qmail/control/rcpthosts fi if [ -e /var/qmail/control/virtualdomains.DTC.backup ] ; then cp -f /var/qmail/control/virtualdomains.DTC.backup /var/qmail/control/virtualdomains fi if [ -e /var/qmail/control/users/assign.DTC.backup ] ; then cp -f /var/qmail/control/users/assign.DTC.backup /var/qmail/control/users/assign fi if [ -e /etc/poppasswd.DTC.backup ] ; then cp -f /etc/poppasswd.DTC.backup /etc/poppasswd fi fi } uninstallSshVhostsConfig () { # Uninstall sudoers and shell # check for some path defaults... if [ -z "$PATH_SUDO" ]; then PATH_SUDO=`which sudo` fi if [ -z "$PATH_CHROOT" ]; then PATH_CHROOT=`which chroot` fi if [ -z "$PATH_SHELLS_CONF" ]; then PATH_SHELLS_CONF=/etc/shells fi if [ -z "$PATH_SUDOERS_CONF" ]; then PATH_SUDOERS_CONF=/etc/sudoers fi echoIfVerbose "===> Uninstalling inclusion from $PATH_SUDOERS_CONF" if grep "Configured by DTC" $PATH_SUDOERS_CONF >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_SUDOERS_CONF | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_SUDOERS_CONF | cut -d":" -f1` nbr_line=`cat $PATH_SUDOERS_CONF | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.sudoers.XXXXXX` || exit 1 cat $PATH_SUDOERS_CONF | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_SUDOERS_CONF | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_SUDOERS_CONF $PATH_SUDOERS_CONF.DTC.removed echo -n > $PATH_SUDOERS_CONF cat < $TMP_FILE >> $PATH_SUDOERS_CONF rm $TMP_FILE fi echoIfVerbose "===> Uninstalling inclusion from $PATH_SHELLS_CONF" if grep "Configured by DTC" $PATH_SHELLS_CONF >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_SHELLS_CONF | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_SHELLS_CONF | cut -d":" -f1` nbr_line=`cat $PATH_SHELLS_CONF | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.shells.XXXXXX` || exit 1 cat $PATH_SHELLS_CONF | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_SHELLS_CONF | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_SHELLS_CONF $PATH_SHELLS_CONF.DTC.removed echo -n > $PATH_SHELLS_CONF cat < $TMP_FILE >> $PATH_SHELLS_CONF rm $TMP_FILE fi if [ -z "$PATH_SSH_CONF" ]; then PATH_SSH_CONF=/etc/ssh/sshd_config fi echoIfVerbose "===> Uninstalling inclusion from $PATH_SSH_CONF" if grep "Configured by DTC" $PATH_SSH_CONF >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_SSH_CONF | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_SSH_CONF | cut -d":" -f1` nbr_line=`cat $PATH_SSH_CONF | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.ssh.XXXXXX` || exit 1 cat $PATH_SSH_CONF | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_SSH_CONF | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_SSH_CONF $PATH_SSH_CONF.DTC.removed echo -n > $PATH_SSH_CONF cat < $TMP_FILE >> $PATH_SSH_CONF rm $TMP_FILE fi # stuff to remove from NSS mysql config / password if [ -z "$PATH_NSS_CONF" ]; then PATH_NSS_CONF=/etc/nss-mysql.conf fi echoIfVerbose "===> Uninstalling inclusion from $PATH_NSS_CONF" if grep "Configured by DTC" $PATH_NSS_CONF >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_NSS_CONF | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_NSS_CONF | cut -d":" -f1` nbr_line=`cat $PATH_NSS_CONF | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.nss-mysql.XXXXXX` || exit 1 cat $PATH_NSS_CONF | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_NSS_CONF | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_NSS_CONF $PATH_NSS_CONF.DTC.removed echo -n > $PATH_NSS_CONF cat < $TMP_FILE >> $PATH_NSS_CONF rm $TMP_FILE fi # stuff to remove from NSS mysql root config / shadow if [ -z "$PATH_NSS_ROOT_CONF" ]; then PATH_NSS_ROOT_CONF=/etc/nss-mysql-root.conf fi echoIfVerbose "===> Uninstalling inclusion from $PATH_NSS_ROOT_CONF" if grep "Configured by DTC" $PATH_NSS_ROOT_CONF >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_NSS_ROOT_CONF | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_NSS_ROOT_CONF | cut -d":" -f1` nbr_line=`cat $PATH_NSS_ROOT_CONF | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.nss-mysql-root.XXXXXX` || exit 1 cat $PATH_NSS_ROOT_CONF | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_NSS_ROOT_CONF | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_NSS_ROOT_CONF $PATH_NSS_ROOT_CONF.DTC.removed echo -n > $PATH_NSS_ROOT_CONF cat < $TMP_FILE >> $PATH_NSS_ROOT_CONF rm $TMP_FILE fi if [ -z "$PATH_NSSWITCH_CONF" ]; then PATH_NSSWITCH_CONF=/etc/nsswitch.conf fi # remove the stuff from nsswitch.conf echoIfVerbose "===> Uninstalling inclusion from $PATH_NSSWITCH_CONF" if grep "Configured by DTC" $PATH_NSSWITCH_CONF >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $PATH_NSSWITCH_CONF | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $PATH_NSSWITCH_CONF | cut -d":" -f1` nbr_line=`cat $PATH_NSSWITCH_CONF | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.nsswitch.XXXXXX` || exit 1 cat $PATH_NSSWITCH_CONF | head -n $(($start_line - 1 )) > $TMP_FILE cat $PATH_NSSWITCH_CONF | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $PATH_NSSWITCH_CONF $PATH_NSSWITCH_CONF.DTC.removed echo -n > $PATH_NSSWITCH_CONF cat < $TMP_FILE >> $PATH_NSSWITCH_CONF rm $TMP_FILE fi } uninstallETC_CONFD_APACHE2 () { APACHE2_CONFD="/etc/conf.d/apache2" if [ -e ${APACHE2_CONFD} ]; then echoIfVerbose "===> Uninstalling inclusion from $APACHE2_CONFD" if grep "Configured by DTC" $APACHE2_CONFD >/dev/null 2>&1 then start_line=`grep -n "Configured by DTC" $APACHE2_CONFD | cut -d":" -f1` end_line=`grep -n "End of DTC configuration" $APACHE2_CONFD | cut -d":" -f1` nbr_line=`cat $APACHE2_CONFD | wc -l` TMP_FILE=`${MKTEMP} DTC_uninstall.conf.d_apache2.XXXXXX` || exit 1 cat $APACHE2_CONFD | head -n $(($start_line - 1 )) > $TMP_FILE cat $APACHE2_CONFD | tail -n $(($nbr_line - $end_line )) >> $TMP_FILE cp -f $APACHE2_CONFD $APACHE2_CONFD.DTC.removed echo -n > $APACHE2_CONFD cat < $TMP_FILE >> $APACHE2_CONFD rm $TMP_FILE fi fi } ############################ HERE STARTS THE GENERAL CALLING SCRIPTS ############################### saveConfig () { if [ -z ""$DTC_SAVED_INSTALL_CONFIG ] ; then DTC_SAVED_INSTALL_CONFIG="/root/.dtc_saved_config" fi echo " conf_mysql_host=${conf_mysql_host} conf_mysql_login=${conf_mysql_login} conf_mysql_pass=${conf_mysql_pass} conf_mysql_db=${conf_mysql_db} conf_mysql_change_root=${conf_mysql_change_root} conf_mta_type=${conf_mta_type} conf_cyrus_enable=${conf_cyrus_enable} conf_cyrus_pass=${conf_cyrus_pass} dtc_admin_subdomain=${dtc_admin_subdomain} main_domain_name=${main_domain_name} conf_adm_login=${conf_adm_login} conf_adm_pass=${conf_adm_pass} conf_ip_addr=${conf_ip_addr} conf_use_nated_vhosts=${conf_use_nated_vhosts} conf_nated_vhosts_ip=${conf_nated_vhosts_ip} conf_apache_version=${conf_apache_version} conf_hosting_path=${conf_hosting_path} conf_chroot_path=${conf_chroot_path} conf_eth2monitor=${conf_eth2monitor} conf_report_setup=${conf_report_setup} conf_omit_dev_mknod=${conf_omit_dev_mknod} conf_gen_ssl_cert=${conf_gen_ssl_cert} conf_cert_passphrase=${conf_cert_passphrase} conf_cert_countrycode=${conf_cert_countrycode} conf_cert_locality=${conf_cert_locality} conf_cert_organization=${conf_cert_organization} conf_cert_unit=${conf_cert_unit} conf_cert_email=${conf_cert_email} conf_cert_challenge_pass=${conf_cert_challenge_pass} " >${DTC_SAVED_INSTALL_CONFIG} } DTCsearchConfigFiles () { searchPATH_PHP_CGI searchPHPversion searchPATH_PHP_INI_APACHE searchPATH_PHP_INI_CLI searchDebianVersion searchMYSQL_DB_SOCKET_PATH searchPATH_SUDO setDtcdbPassword } DTCinstallPackage () { createDTCuserAndGroup DTCsearchConfigFiles if [ $UNIX_TYPE"" = "debian" ] ; then if [ ""$DEBIAN_VERSION_MAJOR -lt 4 ] ; then modifyPHP_INI_EXTENSIONS fi fi if [ ! $UNIX_TYPE"" = "debian" ] ; then changeMySQLPassword else if [ ""$DEBIAN_VERSION_MAJOR -lt 4 ] ; then changeMySQLPassword fi fi saveConfig createChrootTemplate createHostingDirAndFiles # setupDTCDatabase generateMySQLConfigPHPfile createDTCRootShellScript createApachePIDSymLink enableApache2Modules createApacheAdminProtectedDir generateOpenSSLApacheCert createCyrusAuthPhp createRRDFiles reportingInstall } DTCuninstallPackage () { createDTCuserAndGroup DTCsearchConfigFiles deleteGeneratedFiles } DTCuninstallDaemons () { createDTCuserAndGroup DTCsearchConfigFiles uninstallCrontab uninstallNamed uninstallHttpdConfig uninstallETC_CONFD_APACHE2 uninstallCourierConfig uninstallDevecotConfig uninstallProftpdConfig uninstallPostfix uninstallAmavisConf uninstallQmail uninstallSshVhostsConfig } DTCsetupDaemons () { createDTCuserAndGroup DTCsearchConfigFiles if [ -z ${DTC_SAVED_INSTALL_CONFIG} ] ; then DTC_SAVED_INSTALL_CONFIG=/root/.dtc_saved_config fi ${DTC_SAVED_INSTALL_CONFIG} /root/.dtc_saved_config modifyResolvConf setupDTCDatabase chownSquirrelAndFastcgiToDtcUserAndGroup modifySUODERS_DOT_CONF increasePhpIniMemAndExecTime changeApacheUserAndGroup modifyHTTPD_CONF modifyETC_CONFD_APACHE2 modifyCyrusImapdConf modifyNamedConf linkQmailFilesToGenerated setupAmavisConf modifyClamavConf modifyCyrusPath modifySaslStartAndSaslStartup modifyPostfixConfig prepareMlmmjSpool modifyCourierConfig modifyDovecotConfig modifyPureFtpdMySQLConfig configFreeRadius modifyAWStatsConfig modifySSHDConfig modifyNSSConfig modifyCrontab startPhpCronScript echoEndMessage exit 0 }