From 1fe0e4594e13639f28c85f1feb0cfb10f532c923 Mon Sep 17 00:00:00 2001 From: Alan Garcia Date: Mon, 18 Feb 2013 13:11:25 +0000 Subject: [PATCH] Ca continue encore et encore --- bureau/class/config.php | 16 ++++++----- debian/alternc.config | 8 +++--- debian/alternc.postinst | 29 +++++++++++--------- install/alternc.install | 21 +++++++++++---- src/fixperms.sh | 10 +++---- src/functions.sh | 9 +++++++ src/mem_add | 59 ++++++++++++++++++----------------------- 7 files changed, 86 insertions(+), 66 deletions(-) diff --git a/bureau/class/config.php b/bureau/class/config.php index a6c4e7a1..33140309 100644 --- a/bureau/class/config.php +++ b/bureau/class/config.php @@ -49,13 +49,6 @@ Merci de revenir plus tard."; } /* */ -// FIXME: Some constant, we put them here so that we can change them later ;) LFS -define('ALTERNC_MAIL', "/var/alternc/mail"); -define('ALTERNC_HTML', "/var/alternc/html"); -define('ALTERNC_PANEL', "/usr/lib/alternc/panel"); -define('ALTERNC_LOGS', "/var/alternc/logs"); -define('ALTERNC_LOCALES', ALTERNC_PANEL."/locales"); - /* Toutes les pages du bureau passent ici. On utilise une sémaphore pour s'assurer que personne ne pourra accéder à 2 pages du bureau en même temps. */ @@ -99,6 +92,15 @@ $host=getenv("HTTP_HOST"); /* Global variables (AlternC configuration) */ require_once(dirname(__FILE__)."/local.php"); + +// Define constants from vars of /etc/alternc/local.sh +// The you can't choose where is the AlternC Panel +define('ALTERNC_MAIL', "$L_ALTERNC_MAIL"); +define('ALTERNC_HTML', "$L_ALTERNC_LOC"); +define('ALTERNC_LOGS', "$L_ALTERNC_LOGS"); +define('ALTERNC_PANEL', "/usr/lib/alternc/panel"); +define('ALTERNC_LOCALES', ALTERNC_PANEL."/locales"); + /* PHPLIB inclusions : */ $root=ALTERNC_PANEL."/"; diff --git a/debian/alternc.config b/debian/alternc.config index c9bd9e27..9ec8eb85 100644 --- a/debian/alternc.config +++ b/debian/alternc.config @@ -74,7 +74,9 @@ FQDN="`(cat /etc/mailname 2>/dev/null || hostname -f)|tr '[:upper:]' '[:lower:]' INTERNAL_IP="`env LANG=C /sbin/ifconfig|grep inet | grep -v 127.0.0.1| head -1 | cut -d: -f2 | sed -e 's/\([0-9\.]*\).*$/\1/' 2>/dev/null || hostname -f`" PUBLIC_IP="$INTERNAL_IP" DEFAULT_MX="`cat /etc/mailname 2>/dev/null || hostname -f`" -ALTERNC_LOC=/var/alternc +ALTERNC_HTML="/var/www/alternc" +ALTERNC_MAIL="/var/mail/alternc" +ALTERNC_LOGS="/var/logs/alternc/sites/" NS1_HOSTNAME="$FQDN" NS2_HOSTNAME="$FQDN" HOSTING="AlternC" @@ -179,9 +181,9 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 11 ]; do ;; 10) # We need to set the alternc_location here because we have to test for quotas and acls - db_set alternc/alternc_location "$ALTERNC_LOC" + db_set alternc/alternc_html "$ALTERNC_HTML" - db_get alternc/alternc_location + db_get alternc/alternc_html LOCATION="$RET" #checking acl and quota activation, does't work with NFS yet. should now work with lxc MOUNT_POINT=$(df -P ${LOCATION%/*} | tail -n 1 | awk '{print $6}') diff --git a/debian/alternc.postinst b/debian/alternc.postinst index a2e67e01..f7a664b6 100644 --- a/debian/alternc.postinst +++ b/debian/alternc.postinst @@ -47,9 +47,8 @@ case "$1" in dpkg-statoverride --quiet --update --add root sasl 710 /var/spool/postfix/var/run/saslauthd || true - db_get "alternc/alternc_location" + db_get "alternc/alternc_mail" VMAIL_HOME="$RET" - #Create Dovecot user for mail handling FIXME change home with ALTERNC_LOC if ! getent group vmail; then addgroup --gid 1998 vmail fi @@ -103,9 +102,6 @@ DEFAULT_SECONDARY_MX="" # quels clients mysql sont permis (%, localhost, etc) MYSQL_CLIENT="" -# Folder holding data (used for quota management) -ALTERNC_LOC="" - # the type of backup created by the sql backup script # valid options are "rotate" (newsyslog-style) or "date" (suffix is the date) SQLBACKUP_TYPE="" @@ -118,6 +114,12 @@ ALTERNC_SLAVES="" # File to look at for forced launch of update_domain (use incron) INOTIFY_UPDATE_DOMAIN="/var/run/alternc/inotify_update_domain.lock" + +# AlternC Locations +ALTERNC_HTML="" +ALTERNC_MAIL="" +ALTERNC_LOGS="" + EOF chown root:alterncpanel $CONFIGFILE @@ -144,8 +146,10 @@ EOF update_var alternc/mysql/client MYSQL_CLIENT update_var alternc/sql/backup_type SQLBACKUP_TYPE update_var alternc/sql/backup_overwrite SQLBACKUP_OVERWRITE - update_var alternc/alternc_location ALTERNC_LOC update_var alternc/slaves ALTERNC_SLAVES + update_var alternc/alternc_html ALTERNC_HTML + update_var alternc/alternc_mail ALTERNC_MAIL + update_var alternc/alternc_logs ALTERNC_LOGS sed -e "$SED_SCRIPT" < $CONFIGFILE > $CONFIGFILE.tmp mv -f $CONFIGFILE.tmp $CONFIGFILE @@ -187,20 +191,21 @@ EOF # multi-server configuration: we create an alternc account with # authorized keys. since this is the master, we do not give him a # valid shell, but we still need the user for proper perms + ALTERNC_USER_HOME="$ALTERNC_HTML" if [ ! -z "$ALTERNC_SLAVES" ] && [ "$ALTERNC_SLAVES" != "localhost" ] ; then if ! grep -q alternc /etc/passwd ; then echo "Creating alternc account" - adduser --quiet --system --uid 342 --home $ALTERNC_LOC --shell /bin/false --ingroup adm alternc + adduser --quiet --system --uid 342 --home $ALTERNC_HTML --shell /bin/false --ingroup adm alternc fi chown alternc /var/alternc if [ -r ~root/.ssh/id_dsa.pub ]; then key=`cat ~root/.ssh/id_dsa.pub` - if ! grep -q "$key" $ALTERNC_LOC/.ssh/authorized_keys ; then + if ! grep -q "$key" $ALTERNC_USER_HOME/.ssh/authorized_keys ; then echo "Authorizing root ssh key to access the common alternc account" - mkdir -p $ALTERNC_LOC/.ssh - echo "$key" >> $ALTERNC_LOC/.ssh/authorized_keys - chown -R alternc:adm $ALTERNC_LOC/.ssh - chmod -R og-rwx $ALTERNC_LOC/.ssh + mkdir -p $ALTERNC_USER_HOME/.ssh + echo "$key" >> $ALTERNC_USER_HOME/.ssh/authorized_keys + chown -R alternc:adm $ALTERNC_USER_HOME/.ssh + chmod -R og-rwx $ALTERNC_USER_HOME/.ssh fi else echo "No SSH key in "~root/.ssh/id_dsa.pub diff --git a/install/alternc.install b/install/alternc.install index f9049f61..d5d71b8e 100644 --- a/install/alternc.install +++ b/install/alternc.install @@ -123,10 +123,19 @@ fi chown :alterncpanel /etc/alternc/local.sh . /etc/alternc/local.sh +# Create the target directory +for i in "$ALTERNC_HTML" "$ALTERNC_MAIL" "$ALTERNC_LOGS" ; do + test -d "$i" || mkdir -p "$i" +done + +chown alterncpanel:adm "$ALTERNC_LOGS" +chown www-data:www-data "$ALTERNC_HTML" +chown vmail:vmail "$ALTERNC_MAIL" + # Check ACL -aclcheckfile="$ALTERNC_LOC/test-acl" +aclcheckfile="$ALTERNC_HTML/test-acl" touch "$aclcheckfile" -setfacl -m u:root:rwx "$aclcheckfile" 2>/dev/null || ( echo "Error : ACL aren't activated on $ALTERNC_LOC . AlternC can't work without it." ; exit 2) +setfacl -m u:root:rwx "$aclcheckfile" 2>/dev/null || ( echo "Error : ACL aren't activated on $ALTERNC_HTML . AlternC can't work without it." ; exit 2) # XXX: copy-paste from debian/config if [ -r /etc/alternc/my.cnf ]; then @@ -195,11 +204,13 @@ s\\%%dbuser%%\\$MYSQL_USER\\; s\\%%dbpwd%%\\$MYSQL_PASS\\; s\\%%db_mail_user%%\\$MYSQL_MAIL_USER\\; s\\%%db_mail_pwd%%\\$MYSQL_MAIL_PASS\\; -s\\%%ALTERNC_LOC%%\\$ALTERNC_LOC\\; s\\%%warning_message%%\\$WARNING\\; s\\%%fqdn_lettre%%\\$FQDN_LETTER\\; s\\%%version%%\\$VERSION\\; s\\%%ns2_ip%%\\$NS2_IP\\; +s\\%%ALTERNC_HTML%%\\$ALTERNC_HTML\\; +s\\%%ALTERNC_MAIL%%\\$ALTERNC_MAIL\\; +s\\%%ALTERNC_LOGS%%\\$ALTERNC_LOGS\\; EOF # hook @@ -423,8 +434,8 @@ if [ "$slave" = "1" ]; then exit 0 fi -chown alterncpanel:alterncpanel "$ALTERNC_LOC/html/"* -setfacl -b -k -m d:g:alterncpanel:rw- -m g:alterncpanel:rw- "$ALTERNC_LOC/html/"* +chown alterncpanel:alterncpanel "$ALTERNC_HTML/"* +setfacl -b -k -m d:g:alterncpanel:rw- -m g:alterncpanel:rw- "$ALTERNC_HTML/"* #creating log file if [ ! -e "/var/log/alternc/bureau.log" ]; then diff --git a/src/fixperms.sh b/src/fixperms.sh index a6d7692f..21fc466c 100755 --- a/src/fixperms.sh +++ b/src/fixperms.sh @@ -73,23 +73,22 @@ while getopts "l:u:f:d:" optname esac done -CONFIG_FILE="/etc/alternc/local.sh" PATH=/sbin:/bin:/usr/sbin:/usr/bin - umask 022 +CONFIG_FILE="/usr/lib/alternc/functions.sh" if [ ! -r "$CONFIG_FILE" ]; then echo "Can't access $CONFIG_FILE." exit 1 fi +source "$CONFIG_FILE" if [ `id -u` -ne 0 ]; then - echo "fixperms.sh must be launched as root" + echo "$0 must be launched as root" exit 1 fi -. "$CONFIG_FILE" doone() { read GID LOGIN || true @@ -97,8 +96,7 @@ doone() { if [ "$DEBUG" ]; then echo "Setting rights and ownership for user $LOGIN having gid $GID" fi - INITIALE=`echo $LOGIN |cut -c1` - REP="$ALTERNC_LOC/html/$INITIALE/$LOGIN/$sub_dir" + REP="$(get_html_path_by_name "$name")" # Set the file readable only for the AlternC User mkdir -p "$REP" diff --git a/src/functions.sh b/src/functions.sh index 37718821..0e244030 100755 --- a/src/functions.sh +++ b/src/functions.sh @@ -48,6 +48,15 @@ print_domain_letter() { fi } +# Return the html path for a account name +get_html_path_by_name() { + local name="$1" + if [[ ! "$name" =~ ^([a-z0-9]+)$ ]] ; then + echo "Account name is incorrect." + exit 2 + fi + echo "$ALTERNC_HTML/${name:0:1}/$name" +} # echoes the first letter of an alternc account name. print_user_letter() { diff --git a/src/mem_add b/src/mem_add index 661e0d0e..d6947b2e 100755 --- a/src/mem_add +++ b/src/mem_add @@ -1,43 +1,36 @@ -#!/usr/bin/perl +#!/bin/bash -use strict; +if [ $# -ne 2 ] ; then + echo "Usage: sudo mem_add " + echo " Create the AlternC account having uid number " + exit 1 +fi -my ($name,$uid) = @ARGV; +name="$1" +uid="$2" -if (!$name || !$uid) { - print "Usage: sudo mem_add \n"; - print " Create the AlternC account having uid number \n"; - exit(1); -} +if [[ ! "$name" =~ ^([a-z0-9]+)$ ]] ; then + echo "Account name is incorrect." + exit 2 +fi -$ENV{PATH} = ""; -delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; -if (!($name =~ /^([a-z0-9]+)$/)) { - die "Account name is incorrect."; -} -$name=$1; -if (!($uid =~ /^([0-9]+)$/)) { - die "uid is incorrect."; -} -$uid=$1; +if [[ ! "$uid" =~ ^([0-9]+)$ ]] ; then + echo "uid is incorrect." + exit 3 +fi -if ( $< != 0 ) { - die "please launch mem_add as root (or using sudo)"; -} -#$< = $>; -#$( = $); +if [[ ! "$(id -u)" == "0" ]] ; then + echo "please launch mem_add as root (or using sudo)" + exit 4 +fi -my $PTH="/var/alternc/html/".substr($name,0,1)."/".$name; +# Get the vars and some functions +source /usr/lib/alternc/functions.sh +target="$(get_html_path_by_name "$name")" -my @create_paths = ($PTH); +mkdir -p "$target" +chmod 2770 "$target" +/usr/lib/alternc/fixperms.sh -u "$uid" -for my $p (@create_paths) { - mkdir($p); - chown($uid, $uid, $p); - system("/bin/chmod 02770 '$p'"); - system("/usr/lib/alternc/fixperms.sh -u '$uid' "); -} - -0;