kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

[git] merge master

This commit is contained in:
alban 2014-06-29 00:15:29 +02:00
parent 67081465c0
commit 3c59b9f45e
30 changed files with 483 additions and 1750 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitattributes vendored
View File

@ -654,6 +654,7 @@ src/generate_apache_conf.php -text
src/generate_bind_conf.php -text
src/inotify_do_actions.sh -text
src/inotify_update_domains.sh -text
src/mail_add.php -text
src/mail_dodelete.php -text
src/mem_add -text
src/mem_del -text

1
.travis.yml
View File

@ -1,5 +1,6 @@
language: php
php:
- 5.5
- 5.4
- 5.3
script: phpunit --coverage-clover=coverage.clover

11
awstats/alternc-awstats
View File

@ -1,11 +1,12 @@
#!/bin/bash
# Appelé seul, lance les stats AWStats du jour.
# Appelé avec "all" lance les stats avec tous les fichiers .gz situés dans /var/log/apache
# Appelé avec un nom de domaine en paramètre, rescanne tous les fichiers .gz pour ce domaine uniquement.
# Called with no parameters, launch the daily awstats stats
# called with "all", launch all stats with all apache log files from /var/log/alternc/sites/
# called with a domain name, launch the stats for this domain from all apache log files
# Include some usefull functions
. /usr/lib/alternc/functions.sh
cd /usr/lib/alternc
# AlternC system functions
. ./functions.sh
# Regenerate the awstat etc cache files :
if [ -x ./awstats.cache.php ]

40
awstats/bureau/class/m_aws.php
View File

@ -478,7 +478,7 @@ class m_aws {
$err->raise("aws",_("Login already exist"));
return false;
}
$pass=_md5cr($pass);
$pass=$this->crypt_apr1_md5($pass);
// FIXME retourner une erreur l'insert se passe pas bien
$db->query("INSERT INTO aws_users (uid,login,pass) VALUES ('$cuid','$login','$pass');");
return $this->_createhtpasswd();
@ -498,7 +498,7 @@ class m_aws {
$err->raise("aws",_("Login does not exists")); // Login does not exists
return false;
}
$pass=_md5c($pass);
$pass=$this->crypt_apr1_md5($pass);
$db->query("UPDATE aws_users SET pass='$pass' WHERE login='$login';");
return $this->_createhtpasswd();
}
@ -794,6 +794,42 @@ class m_aws {
return $str;
}
/* ----------------------------------------------------------------- */
/**
* from http://php.net/crypt#73619
*/
function crypt_apr1_md5($plainpasswd) {
$salt = substr(str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789"), 0, 8);
$len = strlen($plainpasswd);
$text = $plainpasswd.'$apr1$'.$salt;
$bin = pack("H32", md5($plainpasswd.$salt.$plainpasswd));
for($i = $len; $i > 0; $i -= 16) { $text .= substr($bin, 0, min(16, $i)); }
for($i = $len; $i > 0; $i >>= 1) { $text .= ($i & 1) ? chr(0) : $plainpasswd{0}; }
$bin = pack("H32", md5($text));
for($i = 0; $i < 1000; $i++) {
$new = ($i & 1) ? $plainpasswd : $bin;
if ($i % 3) $new .= $salt;
if ($i % 7) $new .= $plainpasswd;
$new .= ($i & 1) ? $bin : $plainpasswd;
$bin = pack("H32", md5($new));
}
for ($i = 0; $i < 5; $i++) {
$k = $i + 6;
$j = $i + 12;
if ($j == 16) $j = 5;
$tmp = $bin[$i].$bin[$k].$bin[$j].$tmp;
}
$tmp = chr(0).chr(0).$bin[11].$tmp;
$tmp = strtr(strrev(substr(base64_encode($tmp), 2)),
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
return "$"."apr1"."$".$salt."$".$tmp;
}
} /* CLASSE m_aws */
?>

7
bureau/admin/index.php
View File

@ -74,12 +74,9 @@ if ( empty($logo) || ! $logo ) {
<br/>
<?php
if (isset($_GET['authip_token'])) $authip_token=$_GET['authip_token'];
/*
if (!$_SERVER[HTTPS]) {
echo "<h4>ATTENTION : vous allez acc<63>der <20> votre panel en mode *non s<>curis<69>*<br/>
<a href=\"https://".$_SERVER["HTTP_HOST"]."/\">Cliquez ici pour passer en mode s<>curis<69></a></h4>";
if (variable_get('https_warning', true, 'warn users to switch to HTTPS') && !isset($_SERVER['HTTPS'])) {
echo '<h4>' . sprintf(_('WARNING: you are trying to access the control panel insecurely, click <a href="https://%s">here</a> to go to secure mode'), $_SERVER["HTTP_HOST"]) . '</h4>';
}
*/
?>
<div style="margin: 0 auto 30px auto; width: 700px;">
<table width="100%"><tr><td>

6
bureau/admin/mail_list.php
View File

@ -202,6 +202,7 @@ if (date("Y-m-d")==substr($val["lastlogin"],0,10)) echo substr($val["lastlogin"]
<?php __("Which protocol shall you use?"); ?>
<div id="accordion-mailout">
<?php if ($mail->srv_submission) { ?>
<h4><?php __("Submission");?></h4>
<div>
<ul>
@ -213,6 +214,8 @@ if (date("Y-m-d")==substr($val["lastlogin"],0,10)) echo substr($val["lastlogin"]
<li><b><?php __("Connection security:");?></b> STARTTLS</li>
</ul>
</div>
<?php } ?>
<?php if ($mail->srv_smtp) { ?>
<h4><?php __("SMTP");?></h4>
<div>
<ul>
@ -224,6 +227,8 @@ if (date("Y-m-d")==substr($val["lastlogin"],0,10)) echo substr($val["lastlogin"]
<li><b><?php __("Connection security:");?></b> STARTTLS</li>
</ul>
</div>
<?php } ?>
<?php if ($mail->srv_smtps) { ?>
<h4><?php __("SMTPS");?></h4>
<div>
<ul>
@ -235,6 +240,7 @@ if (date("Y-m-d")==substr($val["lastlogin"],0,10)) echo substr($val["lastlogin"]
<li><b><?php __("Connection security:");?></b> SSL</li>
</ul>
</div>
<?php } ?>
</div><!-- accordion-mailout -->
</div><!-- tabs-mailhelp-out -->

19
bureau/class/m_admin.php
View File

@ -68,9 +68,11 @@ class m_admin {
);
$this->archive=variable_get('archive_del_data','','If folder specified html folder of deleted user is archived, else it is deleted. ');
}
/**
* Builds the admin menu
*
* @global type $mem
* @global m_mem $mem
* @global type $cuid
* @global type $debug_alternc
* @global type $L_INOTIFY_UPDATE_DOMAIN
@ -173,6 +175,21 @@ class m_admin {
return $db->f('uid');
}
/**
* return the name of an alternc account
*
* @global type $db
* @param type $uid
* @return null if missing
*/
function get_login_by_uid($uid) {
global $db;
$db->query("SELECT login FROM membres WHERE uid=$uid;");
if (! $db->next_record()) {
return null;
}
return $db->f('login');
}
/**
* Returns the known information about a hosted account

2
bureau/class/m_ftp.php
View File

@ -279,7 +279,7 @@ class m_ftp {
}
// Explicitly look for only allowed chars
if ( ! preg_match("/^[A-Za-z0-9_\.\-]+$/", $l) ) {
if ( ! preg_match("/^[A-Za-z0-9]+[A-Za-z0-9_\.\-]*$/", $l) ) {
$err->raise('ftp', _("FTP login is incorrect"));
return false;
}

6
bureau/class/m_mail.php
View File

@ -85,9 +85,9 @@ class m_mail {
*
*/
function m_mail() {
$this->srv_submission = variable_get('mail_human_submission', '%%FQDN%%','Human name for mail server (submission protocol)', array('desc'=>'Name','type'=>'string'));
$this->srv_smtp = variable_get('mail_human_smtp', '%%FQDN%%','Human name for mail server (SMTP protocol)', array('desc'=>'Name','type'=>'string'));
$this->srv_smtps = variable_get('mail_human_smtps', '%%FQDN%%','Human name for mail server (SMTPS protocol)', array('desc'=>'Name','type'=>'string'));
$this->srv_submission = variable_get('mail_human_submission', '%%FQDN%%','Human name for mail server (submission protocol), leave empty to disable help', array('desc'=>'Name','type'=>'string'));
$this->srv_smtp = variable_get('mail_human_smtp', '%%FQDN%%','Human name for mail server (SMTP protocol), leave empty to disable help', array('desc'=>'Name','type'=>'string'));
$this->srv_smtps = variable_get('mail_human_smtps', '%%FQDN%%','Human name for mail server (SMTPS protocol), leave empty to disable help', array('desc'=>'Name','type'=>'string'));
$this->srv_imap = variable_get('mail_human_imap', '%%FQDN%%','Human name for IMAP mail server', array('desc'=>'Name','type'=>'string'));
$this->srv_imaps = variable_get('mail_human_imaps', '%%FQDN%%','Human name for IMAPS mail server', array('desc'=>'Name','type'=>'string'));
$this->srv_pop3 = variable_get('mail_human_pop3', '%%FQDN%%','Human name for POP3 mail server', array('desc'=>'Name','type'=>'string'));

8
bureau/class/m_mem.php
View File

@ -54,10 +54,8 @@ class m_mem {
/**
* Password kind used in this class (hook for admin class)
*/
/**
*
* @return type
* @return array
*/
function alternc_password_policy() {
return array("mem"=>"AlternC's account password");
@ -156,7 +154,9 @@ class m_mem {
$sess = md5(uniqid(mt_rand()));
$_REQUEST["session"] = $sess;
$db->query("insert into sessions (sid,ip,uid) values ('$sess',$ip,'$cuid');");
if( !preg_match("/^cli/",PHP_SAPI) ){
setcookie("session",$sess,0,"/");
}
$err->error = 0;
$db->query("SELECT * FROM local WHERE uid = '$cuid';");
if ($db->num_rows()) {
@ -244,8 +244,6 @@ class m_mem {
/**
* @param boolean $t
*/
/**
*
* @param type $t
* @return boolean

9
bureau/class/m_piwik.php
View File

@ -133,8 +133,7 @@ class m_piwik {
$user_login = $this->clean_user_name($user_login);
$user_pass = create_pass();
$user_mail = $user_mail ? $user_mail : $mem->user['mail'];
$user_mail = create_pass(4) . '@gmail.com'; // FIXME $user_mail; Unicité sur les emails ... Soit on ajoute + random soit, on prompt
$user_mail = $mem->user['mail'];
$user_alias = $user_login;
$api_data = $this->call_privileged_page('API', 'UsersManager.addUser', array('userLogin' => $user_login, 'password' => $user_pass, 'email' => $user_mail, 'alias' => $user_alias), 'JSON');
@ -405,9 +404,10 @@ class m_piwik {
* @return boolean
*/
function site_add($siteName, $urls, $ecommerce = FALSE) {
global $db, $cuid;
$urls = is_array($urls) ? implode(',', $urls) : $urls;
$api_data = $this->call_privileged_page('API', 'SitesManager.addSite', array('siteName' => $siteName, 'urls' => $urls));
printvar($api_data);
$db->query("INSERT INTO piwik_sites set uid='$cuid', piwik_id='{$api_data->value}'");
return TRUE;
}
@ -485,7 +485,8 @@ class m_piwik {
* @return type
*/
function clean_user_name($username) {
return mysql_real_escape_string(trim($username));
global $admin, $cuid;
return 'alternc_' . $admin->get_login_by_uid($cuid) . '_' . mysql_real_escape_string(trim($username));
}

56
debian/alternc.config vendored
View File

@ -1,14 +1,11 @@
#!/bin/bash
set -e
#!/bin/bash -e
# Source debconf library.
. /usr/share/debconf/confmodule
db_capb backup
#Return if everything is good, exit error number otherwise
# Validate an IPv4 address.
function valid_ip()
{
local ip=$1
@ -27,7 +24,7 @@ function valid_ip()
}
#checking mysql connectivity and updating local.sh variables accordingly
# Checking mysql connectivity and updating local.sh environment variables accordingly
check_mysql()
{
STATE=0
@ -68,12 +65,9 @@ check_mysql()
done
}
# Return the deepest existing directory in a path
function get_first_existing_dir()
{
# Prend en premier parametre un chemin
# Retourne le répertoire parent existant le plus "proche"
# Exemple: on lui donne /var/www/alternc/gerard/dupont/ mais
# seul /var/www/alternc existe, ca répond /var/www/alternc
dir="$1"
if [ -z "$dir" ] ; then
return 0
@ -86,7 +80,7 @@ function get_first_existing_dir()
}
# default values for local.sh
# Compute default values for local.sh
MYSQL_HOST=127.0.0.1
MYSQL_DATABASE=alternc
MYSQL_USER=sysusr
@ -114,6 +108,28 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do
if [ -r /etc/alternc/local.sh ]; then
# source the current config
. /etc/alternc/local.sh
# and push it into debconf (its values have priority over anything!)
db_set alternc/hostingname "$HOSTING"
db_set alternc/desktopname "`echo $FQDN | tr '[:upper:]' '[:lower:]'`"
db_set alternc/public_ip "$PUBLIC_IP"
db_set alternc/internal_ip "$INTERNAL_IP"
db_set alternc/ns1 "$NS1_HOSTNAME"
db_set alternc/ns2 "$NS2_HOSTNAME"
db_set alternc/default_mx "$DEFAULT_MX"
db_set alternc/alternc_html "$ALTERNC_HTML"
db_set alternc/alternc_mail "$ALTERNC_MAIL"
db_set alternc/alternc_logs "$ALTERNC_LOGS"
db_set alternc/monitor_ip "$MONITOR_IP"
db_set alternc/default_mx2 "$DEFAULT_SECONDARY_MX"
db_set alternc/mysql/host "$MYSQL_HOST"
db_set alternc/mysql/db "$MYSQL_DATABASE"
db_set alternc/mysql/user "$MYSQL_USER"
db_set alternc/mysql/password "$MYSQL_PASS"
db_set alternc/mysql/client "$MYSQL_CLIENT"
db_set alternc/sql/backup_type "$SQLBACKUP_TYPE"
db_set alternc/sql/backup_overwrite "$SQLBACKUP_OVERWRITE"
db_set alternc/mysql/alternc_mail_user "$MYSQL_MAIL_USER"
db_set alternc/mysql/alternc_mail_password "$MYSQL_MAIL_PASS"
fi
# upgrade <= 3.0 to >= 3.1
if [ "x$ALTERNC_LOC" != "x" ]; then
@ -135,13 +151,12 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do
db_set alternc/desktopname "$FQDN"
db_input high alternc/desktopname || true
fi
# Be sure that the FQDN is lowercase (Bug #1405)
# Ensure that the FQDN is lowercase (Fixes #1405)
db_get alternc/desktopname
db_set alternc/desktopname "`echo $RET | tr '[:upper:]' '[:lower:]'`"
# End bug #1405
;;
3)
#we ask for the public and private ip
# Ask for the public and private ip
db_get alternc/public_ip
if [ -z "$RET" ]; then
db_set alternc/public_ip "$PUBLIC_IP"
@ -172,7 +187,7 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do
done
;;
4)
#private IP
# Private IP
db_get alternc/internal_ip
if [ -z "$RET" ]; then
db_set alternc/internal_ip "$INTERNAL_IP"
@ -190,7 +205,7 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do
done
;;
5)
#We ask for the DNS server for the ip
# Ask for the DNS servers
db_get alternc/ns1
if [ -z "$RET" ]; then
db_set alternc/ns1 "$NS1_HOSTNAME"
@ -225,7 +240,7 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do
10)
db_get alternc/use_remote_mysql
if [ "$RET" == "true" ]; then
# user want to use a remote server
# User want to use a remote server
check_mysql
fi
;;
@ -240,10 +255,10 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do
db_get alternc/alternc_html
ALTERNC_HTML="$RET"
#checking acl and quota activation.
# Checking acl and quota activation.
basedir=`get_first_existing_dir "$ALTERNC_HTML"`;
MOUNT_POINT=$(df -P ${basedir} | tail -n 1 | awk '{print $6}')
#we get the first existing dir
# Get the first existing dir
aclcheckfile="$basedir/test-acl"
touch "$aclcheckfile"
setfacl -m u:root:rwx "$aclcheckfile" 2>/dev/null || (
@ -259,7 +274,6 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do
if [ -z "$RET" ]; then
db_input critical alternc/quotauninstalled || true
db_go
#db_reset alternc/quotauninstalled || true
db_set alternc/quotauninstalled "false" || true
fi
)
@ -324,7 +338,7 @@ if [ -z "$RET" ]; then
fi
# Even if we asked the question concerning the database earlier in the process
#those calls are needed to pass the variable of remote sql server to AlternC
# Those calls are needed to pass the variable of remote sql server to AlternC
db_get alternc/mysql/db
if [ -z "$RET" ]; then
db_set alternc/mysql/db "$MYSQL_DATABASE"

14
debian/changelog vendored
View File

@ -1,3 +1,17 @@
alternc (3.3~rc1) stable; urgency=low
* unofficial Prerelease of AlternC 3.3
* update_domaines now in PHP and using classes and hooks instead of BASH
-- Benjamin Sonntag <benjamin@sonntag.fr> Thu, 26 Jun 2014 15:13:00 +0200
alternc (3.2.1) stable; urgency=low
* Version identical to 3.1 for Squeeze
* Includes a small dovecot patch / dependency for dovecot 2.0 for Wheezy
-- Benjamin Sonntag <benjamin@sonntag.fr> Thu, 28 Mar 2014 18:19:00 +0200
alternc (3.1.1) oldstable; urgency=low
* many bugfixed from 3.1 / 3.2 :

6
debian/control vendored
View File

@ -9,7 +9,7 @@ Standards-Version: 3.9.4
Package: alternc
Architecture: all
Pre-depends: debconf (>= 0.5.00) | debconf-2.0, bash (>= 4), acl
Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, bind9, wget, rsync, ca-certificates, locales, perl-suid | perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), sudo, adduser, mysql-client, dnsutils, dovecot-common (>=1:1.2.15), dovecot-common(<< 1:2.0), dovecot-imapd (>= 1:1.2.15), dovecot-pop3d (>= 1:1.2.15), vlogger, mailutils | mailx, incron, cron, opendkim, mysql-client(>= 5.0), ${misc:Depends}
Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, bind9, wget, rsync, ca-certificates, locales, perl-suid | perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), sudo, adduser, mysql-client, dnsutils, dovecot-common (>=1:2.1.7), dovecot-imapd, dovecot-pop3d, dovecot-mysql, vlogger, mailutils | mailx, incron, cron, opendkim, opendkim-tools, dovecot-sieve, dovecot-managesieved, ${misc:Depends}
Recommends: mysql-server(>= 5.0), ntp, quota, unzip, bzip2
Conflicts: alternc-admintools, alternc-awstats (<< 1.0), alternc-webalizer (<= 0.9.4), alternc-mailman (<< 2.0), courier-authlib
Provides: alternc-admintools
@ -38,8 +38,8 @@ Description-fr.UTF-8: Suite logicielle d'hébergement mutualisé pour Debian
Package: alternc-slave
Architecture: all
Pre-depends: debconf (>= 0.5.00) | debconf-2.0, acl
Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, postfix-tls, bind9, wget, rsync, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), adduser, mysql-client, sudo, dovecot-common (>= 1:1.2.15), dovecot-imapd, dovecot-pop3d, vlogger, mailutils | mailx, incron, cron, opendkim, ${misc:Depends}
Recommends: dovecot-managesieved, dovecot-sieve, dovecot-mysql, quota
Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, postfix-tls, bind9, wget, rsync, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), adduser, mysql-client, sudo, dovecot-common (>= 1:2.1.7), dovecot-imapd, dovecot-pop3d, dovecot-mysql, vlogger, mailutils | mailx, incron, cron, opendkim, opendkim-tools, dovecot-managesieved, dovecot-sieve, dovecot-mysql, ${misc:Depends}
Recommends: quota
Conflicts: alternc-admintools, alternc-awstats (<= 0.3.2), alternc-webalizer (<= 0.9.4), alternc
Provides: alternc
Replaces: alternc

47
etc/alternc/templates/dovecot/dovecot-dict-quota.conf
View File

@ -1,47 +0,0 @@
# AUTO GENERATED FILE
# Modify template in /etc/alternc/templates/
# and launch alternc.install if you want
# to modify this file.
#
connect=host=%%dbhost%% dbname=%%dbname%% user=%%db_mail_user%% password=%%db_mail_pwd%%
#connect = host=localhost dbname=mails user=testuser password=pass
# CREATE TABLE quota (
# username varchar(100) not null,
# bytes bigint not null default 0,
# messages integer not null default 0,
# primary key (username)
# );
map {
pattern = priv/quota/storage
table = dovecot_view
username_field = user
value_field = quota_dovecot
}
map {
pattern = priv/quota/messages
table = dovecot_view
username_field = user
value_field = nb_messages
}
# CREATE TABLE expires (
# username varchar(100) not null,
# mailbox varchar(255) not null,
# expire_stamp integer not null,
# primary key (username, mailbox)
# );
#map {
# pattern = shared/expire/$user/$mailbox
# table = expires
# value_field = expire_stamp
# fields {
# username = $user
# mailbox = $mailbox
# }
#}

132
etc/alternc/templates/dovecot/dovecot-sql.conf
View File

@ -1,132 +0,0 @@
# AUTO GENERATED FILE
# Modify template in /etc/alternc/templates/
# and launch alternc.install if you want
# to modify this file.
#
# This file is opened as root, so it should be owned by root and mode 0600.
#
# http://wiki.dovecot.org/AuthDatabase/SQL
#
# For the sql passdb module, you'll need a database with a table that
# contains fields for at least the username and password. If you want to
# use the user@domain syntax, you might want to have a separate domain
# field as well.
#
# If your users all have the same uig/gid, and have predictable home
# directories, you can use the static userdb module to generate the home
# dir based on the username and domain. In this case, you won't need fields
# for home, uid, or gid in the database.
#
# If you prefer to use the sql userdb module, you'll want to add fields
# for home, uid, and gid. Here is an example table:
#
# CREATE TABLE users (
# username VARCHAR(128) NOT NULL,
# domain VARCHAR(128) NOT NULL,
# password VARCHAR(64) NOT NULL,
# home VARCHAR(255) NOT NULL,
# uid INTEGER NOT NULL,
# gid INTEGER NOT NULL,
# active CHAR(1) DEFAULT 'Y' NOT NULL
# );
# Database driver: mysql, pgsql, sqlite
driver = mysql
# Database connection string. This is driver-specific setting.
#
# pgsql:
# For available options, see the PostgreSQL documention for the
# PQconnectdb function of libpq.
#
# mysql:
# Basic options emulate PostgreSQL option names:
# host, port, user, password, dbname
#
# But also adds some new settings:
# client_flags - See MySQL manual
# ssl_ca, ssl_ca_path - Set either one or both to enable SSL
# ssl_cert, ssl_key - For sending client-side certificates to server
# ssl_cipher - Set minimum allowed cipher security (default: HIGH)
# option_file - Read options from the given file instead of
# the default my.cnf location
# option_group - Read options from the given group (default: client)
#
# You can connect to UNIX sockets by using host: host=/var/run/mysqld/mysqld.sock
# Note that currently you can't use spaces in parameters.
#
# MySQL supports multiple host parameters for load balancing / HA.
#
# sqlite:
# The path to the database file.
#
# Examples:
# connect = host=192.168.1.1 dbname=users
# connect = host=sql.example.com dbname=virtual user=virtual password=blarg
# connect = /etc/dovecot/authdb.sqlite
#
connect = host=%%dbhost%% dbname=%%dbname%% user=%%db_mail_user%% password=%%db_mail_pwd%%
# Default password scheme.
#
# List of supported schemes is in
# http://wiki.dovecot.org/Authentication/PasswordSchemes
#
default_pass_scheme = MD5
# passdb query to retrieve the password. It can return fields:
# password - The user's password. This field must be returned.
# user - user@domain from the database. Needed with case-insensitive lookups.
# username and domain - An alternative way to represent the "user" field.
#
# The "user" field is often necessary with case-insensitive lookups to avoid
# e.g. "name" and "nAme" logins creating two different mail directories. If
# your user and domain names are in separate fields, you can return "username"
# and "domain" fields instead of "user".
#
# The query can also return other fields which have a special meaning, see
# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
#
# Commonly used available substitutions (see http://wiki.dovecot.org/Variables
# for full list):
# %u = entire user@domain
# %n = user part of user@domain
# %d = domain part of user@domain
#
# Note that these can be used only as input to SQL query. If the query outputs
# any of these substitutions, they're not touched. Otherwise it would be
# difficult to have eg. usernames containing '%' characters.
#
# Example:
# password_query = SELECT userid AS user, pw AS password \
# FROM users WHERE userid = '%u' AND active = 'Y'
#
#password_query = \
# SELECT username, domain, password \
# FROM users WHERE username = '%n' AND domain = '%d'
# userdb query to retrieve the user information. It can return fields:
# uid - System UID (overrides mail_uid setting)
# gid - System GID (overrides mail_gid setting)
# home - Home directory
# mail - Mail location (overrides mail_location setting)
#
# None of these are strictly required. If you use a single UID and GID, and
# home or mail directory fits to a template string, you could use userdb static
# instead. For a list of all fields that can be returned, see
# http://wiki.dovecot.org/UserDatabase/ExtraFields
#
# Examples:
# user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
#
user_query = SELECT userdb_home AS home, userdb_uid AS uid, 1998 AS gid, userdb_quota_rule AS quota_rule FROM dovecot_view WHERE user = '%u';
# If you wish to avoid two SQL lookups (passdb + userdb), you can use
# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
# also have to return userdb fields in password_query prefixed with "userdb_"
# string. For example:
password_query = SELECT user, password, userdb_home, userdb_uid, 1998 AS userdb_gid,userdb_quota_rule FROM dovecot_view where user= '%u';

1296
etc/alternc/templates/dovecot/dovecot.conf
View File

File diff suppressed because it is too large Load Diff

2
etc/alternc/templates/postfix/master.cf
View File

@ -113,6 +113,6 @@ mailman unix - n n - - pipe
${nexthop} ${user}
#dovecot LDA, as explained here: http://wiki.dovecot.org/LDA/Postfix
dovecot unix - n n - 0 pipe
flags=DRhu user=vmail:vmail argv=/usr/bin/sudo /usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
flags=DRhu user=vmail:vmail argv=/usr/bin/sudo /usr/lib/dovecot/deliver -f ${sender} -a ${recipient} -d ${user}@${nexthop}

12
install/alternc.install
View File

@ -79,7 +79,7 @@ if [ -e /etc/default/saslauthd ]; then
fi
if [ -e /etc/dovecot/dovecot.conf ]; then
CONFIG_FILES="$CONFIG_FILES etc/dovecot/dovecot.conf etc/dovecot/dovecot-sql.conf etc/dovecot/dovecot-dict-quota.conf"
CONFIG_FILES="$CONFIG_FILES etc/dovecot/alternc-sql.conf etc/dovecot/alternc-dict-quota.conf etc/dovecot/conf.d/95_alternc.conf"
fi
INSTALLED_CONFIG_TAR="/var/lib/alternc/backups/etc-installed.tar.gz"
@ -315,7 +315,7 @@ if [ -x /usr/sbin/apache2 ]; then
fi
# We enable dovecot SSL certificate instructions: (on wheezy we should use a new file in /etc/dovecot/conf.d/ )
sed -i -e 's#^ssl_cert_file.*$#ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem#' -e 's#^ssl_key_file.*$#ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key#' /etc/dovecot/dovecot.conf
( echo "ssl_cert = </etc/alternc/apache.pem" ; echo "ssl_key = </etc/alternc/apache.pem" ) >/etc/dovecot/conf.d/96_ssl.conf
else
# We disable proftpd tls module
@ -324,7 +324,7 @@ if [ -x /usr/sbin/apache2 ]; then
cp /etc/proftpd/modules.conf /etc/alternc/templates/proftpd/
# We disable dovecot SSL certificate instructions: (on wheezy we should remove a file in /etc/dovecot/conf.d/ )
sed -i -e 's#^ssl_cert_file.*$#ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem#' -e 's#^ssl_key_file.*$#ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key#' /etc/dovecot/dovecot.conf
( echo "ssl_cert = </etc/ssl/certs/ssl-cert-snakeoil.pem" ; echo "ssl_key = </etc/ssl/private/ssl-cert-snakeoil.key" ) >/etc/dovecot/conf.d/96_ssl.conf
echo "SSL not configured"
echo "create a certificate in /etc/alternc/apache.pem and rerun alternc.install"
@ -570,8 +570,10 @@ if [ "$HAS_ROOT" != "1" ]; then
fi
# giving vmail user read access on dovecot sql file
chgrp vmail /etc/dovecot/dovecot.conf
chmod g+r /etc/dovecot/dovecot.conf
chgrp vmail /etc/dovecot/alternc-sql.conf
chmod g+r /etc/dovecot/alternc-sql.conf
# Override some dovecot 2.0 configuration that may have happened during dovecot postinst:
sed -i -e 's/^ *!include/#!include/' /etc/dovecot/conf.d/10-auth.conf
# Changing owner of web panel's files
chown -R alterncpanel:alterncpanel "/usr/share/alternc/panel/"

4
phpunit/tests/_datasets/membres.yml
View File

@ -2,7 +2,7 @@ membres:
-
uid : 2000
login : admin
pass : admin
pass : $1$GB4d6Hq7$HxND.Qbn5xDuO3xCbW/dV/
enabled : 1
su : 1
mail : root@alternc.org
@ -13,7 +13,7 @@ membres:
-
uid : 2001
login : phpunit
pass : phpunit
pass : phqzC1nAjK7Vs
enabled : 1
su : 0
mail : phpunit@alternc.org

38
phpunit/tests/bureau/class/m_adminTest.php
View File

@ -2,7 +2,7 @@
/**
* Generated by PHPUnit_SkeletonGenerator 1.2.1 on 2014-03-13 at 15:55:58.
*/
class m_adminTest extends PHPUnit_Framework_TestCase
class m_adminTest extends AlterncTest
{
/**
* @var m_admin
@ -15,10 +15,39 @@ class m_adminTest extends PHPUnit_Framework_TestCase
*/
protected function setUp()
{
global $mem;
parent::setUp();
$this->object = new m_admin;
$mem = new m_mem();
$mem->user["su"] = 1;
}
/**
* @return PHPUnit_Extensions_Database_DataSet_IDataSet
*/
public function getDataSet() {
$dataset_file = "membres.yml";
// $list = array(
// "testPurge" => "actions-purgeable.yml",
// "testGet_action" => "actions-purgeable.yml",
// "testGet_old" => "actions-purgeable.yml",
// "testFinish" => "actions-purgeable.yml",
// "testReset_job" => "actions-began.yml",
// "testGet_job" => "actions-ready.yml",
// "testCancel" => "actions-purgeable.yml",
// "default" => "actions-purgeable.yml"
// );
// if (isset($list[$this->getName()])) {
// $dataset_file = $list[$this->getName()];
// } else {
// $dataset_file = "actions-empty.yml";
// }
return parent::loadDataSet($dataset_file);
}
/**
* Tears down the fixture, for example, closes a network connection.
* This method is called after a test is executed.
@ -30,14 +59,11 @@ class m_adminTest extends PHPUnit_Framework_TestCase
/**
* @covers m_admin::hook_menu
* @todo Implement testHook_menu().
*/
public function testHook_menu()
{
// Remove the following lines when you implement this test.
$this->markTestIncomplete(
'This test has not been implemented yet.'
);
$result = $this->object->hook_menu();
$this->assertInternalType("array",$result);
}
/**

16
phpunit/tests/bureau/class/m_ftpTest.php
View File

@ -118,10 +118,13 @@ class m_ftpTest extends PHPUnit_Framework_TestCase
*/
public function testCheck_login()
{
// Remove the following lines when you implement this test.
$this->markTestIncomplete(
'This test has not been implemented yet.'
);
// Allowed
$this->assertTrue($this->object->check_login('plop'));
$this->assertTrue($this->object->check_login('00'));
// Forbidden
$this->assertFalse($this->object->check_login('_plop'));
$this->assertFalse($this->object->check_login('arf+'));
}
/**
@ -238,9 +241,6 @@ class m_ftpTest extends PHPUnit_Framework_TestCase
*/
public function testHook_upnp_list()
{
// Remove the following lines when you implement this test.
$this->markTestIncomplete(
'This test has not been implemented yet.'
);
$this->assertArrayHasKey('ftp', $this->object->hook_upnp_list());
}
}

78
phpunit/tests/bureau/class/m_memTest.php
View File

@ -2,8 +2,13 @@
/**
* Generated by PHPUnit_SkeletonGenerator 1.2.1 on 2014-03-13 at 15:55:59.
*/
class m_memTest extends PHPUnit_Framework_TestCase
class m_memTest extends AlterncTest
{
protected $login = "phpunit";
protected $pass = "phpunit";
/**
* @var m_mem
*/
@ -19,6 +24,31 @@ class m_memTest extends PHPUnit_Framework_TestCase
$this->object = new m_mem;
}
/**
* @return PHPUnit_Extensions_Database_DataSet_IDataSet
*/
public function getDataSet() {
$dataset_file = "membres.yml";
// $list = array(
// "testPurge" => "actions-purgeable.yml",
// "testGet_action" => "actions-purgeable.yml",
// "testGet_old" => "actions-purgeable.yml",
// "testFinish" => "actions-purgeable.yml",
// "testReset_job" => "actions-began.yml",
// "testGet_job" => "actions-ready.yml",
// "testCancel" => "actions-purgeable.yml",
// "default" => "actions-purgeable.yml"
// );
// if (isset($list[$this->getName()])) {
// $dataset_file = $list[$this->getName()];
// } else {
// $dataset_file = "actions-empty.yml";
// }
return parent::loadDataSet($dataset_file);
}
/**
* Tears down the fixture, for example, closes a network connection.
* This method is called after a test is executed.
@ -30,26 +60,21 @@ class m_memTest extends PHPUnit_Framework_TestCase
/**
* @covers m_mem::alternc_password_policy
* @todo Implement testAlternc_password_policy().
*/
public function testAlternc_password_policy()
{
// Remove the following lines when you implement this test.
$this->markTestIncomplete(
'This test has not been implemented yet.'
);
$result = $this->object->alternc_password_policy();
$this->assertInternalType("array",$result);
}
/**
* @covers m_mem::hook_menu
* @todo Implement testHook_menu().
*/
public function testHook_menu()
{
// Remove the following lines when you implement this test.
$this->markTestIncomplete(
'This test has not been implemented yet.'
);
$result = $this->object->hook_menu();
$this->assertInternalType("array",$result);
}
/**
@ -58,22 +83,35 @@ class m_memTest extends PHPUnit_Framework_TestCase
*/
public function testCheckright()
{
// Remove the following lines when you implement this test.
$this->markTestIncomplete(
'This test has not been implemented yet.'
);
$result = $this->object->checkright();
$this->assertFalse($result);
}
/**
* @covers m_mem::login
* @todo Implement testLogin().
*/
public function testLogin()
{
// Remove the following lines when you implement this test.
$this->markTestIncomplete(
'This test has not been implemented yet.'
);
$result = $this->object->login($this->login, $this->pass);
$this->assertTrue($result);
}
/**
* @covers m_mem::login
*/
public function testWrongLogin()
{
$result = $this->object->login($this->login, "null");
$this->assertFalse($result);
}
/**
* @covers m_mem::login
*/
public function testWrongIPLogin()
{
$result = $this->object->login($this->login, $this->pass, true);
$this->assertFalse($result);
}
/**

2
roundcube/templates/roundcube/plugins/managesieve/config.inc.php
View File

@ -10,7 +10,7 @@
/***********************************************************************/
// managesieve server port
$rcmail_config['managesieve_port'] = 2000;
$rcmail_config['managesieve_port'] = 4190;
// managesieve server address, default is localhost.
// Replacement variables supported in host name:

2
src/delete_logs.sh
View File

@ -17,4 +17,4 @@ done
stop_if_jobs_locked
# ALTERNC_LOGS is from local.sh
nice -n 10 find "$ALTERNC_LOGS" -mtime +$DAYS -delete
find "$ALTERNC_LOGS" -mtime +$DAYS -delete

110
src/update_quota_mail.sh
View File

@ -4,42 +4,101 @@
#You can call this script either without arguments, inwich case each maildir quotas will be recalculated
#or you can call it with a directory reffering to a maildir to just sync one mailbox
#basic checks
if [ $# -gt 1 ]; then
echo "usage : update_quota_mail.sh (Maildir)."
function showhelp() {
echo "FIXME: some help"
exit
fi
}
if [ $# -eq 1 ];then
if [ ! -d "$1" ];then
echo "$1 is not a directory, aborting."
exit
# Generate the $maildirs list based on the arguments
while getopts "a:m:d:c:" optname
do
case "$optname" in
"a")
# All mails
# FIXME replace it by a select in da DB
maildirs=`find "$ALTERNC_MAIL/" -maxdepth 2 -mindepth 2 -type d`
;;
"m")
# An email
if [[ "$OPTARG" =~ ^[^\@]*@[^\@]*$ ]] ; then
if [[ "$(mysql_query "select userdb_home from dovecot_view where user = '$OPTARG'")" ]]; then
maildirs=$(mysql_query "select userdb_home from dovecot_view where user = '$OPTARG'")
else
d="$1"
echo "Bad mail provided"
showhelp
fi
else
#Fist we set the quotas no 0 (infinite for each already existing account
t=`mysql_query "UPDATE mailbox SET quota='0' WHERE quota IS NULL"`
d=`find "$ALTERNC_MAIL/" -maxdepth 2 -mindepth 2 -type d`
echo "Bad mail provided"
showhelp
fi
;;
"d")
# Expecting a domain
# Check if domain is well-formed
if [[ ! "$OPTARG" =~ ^[a-z\-]+(\.[a-z\-]+)+$ ]] ; then
echo "Bad domain provided"
showhelp
fi
# Attemp to get from database.
if [[ ! "$(mysql_query "select domaine from domaines where domaine = '$OPTARG'")" ]]; then
# Seem to be empty
echo "Bad domain provided"
showhelp
fi
maildirs=$(mysql_query "select userdb_home from dovecot_view where user like '%@$OPTARG'")
;;
"c")
# An account
if [[ "$OPTARG" =~ ^[a-z]*$ ]] ; then
if [[ "$(mysql_query "select domaine from domaines where domaine = '$1'")" ]]; then
maildirs=$(mysql_query "select userdb_home from dovecot_view where userdb_uid = $OPTARG")
else
echo "Bad account provided"
showhelp
fi
else
echo "Bad account provided"
showhelp
fi
;;
"?")
echo "Unknown option $OPTARG - stop processing"
showhelp
exit
;;
":")
echo "No argument value for option $OPTARG - stop processing"
showhelp
exit
;;
*)
# Should not occur
echo "Unknown error while processing options"
showhelp
exit
;;
esac
done
# Now we have $maildirs, we can work on it
# FIXME add check if maildir is empty
#Then we loop through every maildir to get the maildir size
for i in $d ; do
for i in $maildirs ; do
if [ ! -d "$i" ];then
echo "The maildir $i does not exists. It's quota won't be resync"
continue
fi
if [ -d "$i" ];then
user=`ls -l $i| tail -n 1|cut -d' ' -f 3`
# We grep only mails, not the others files
mails=`find $i -type f | egrep "(^$i)*[0-9]+\.M"`
# This part only count mails size
#size=0
#for j in $mails
#do
# size=$(( $size + `du -b $j|awk '{print $1}'`))
#done
# This part count the total mailbox size (mails + sieve scripts + ...)
size=`du -b -s $i|awk '{print $1}'`
@ -49,10 +108,7 @@ for i in $d ; do
echo "dir size : "$size
echo ""
#update the mailbox table accordingly
mysql_query "UPDATE mailbox SET bytes=$size WHERE path='$i' "
mysql_query "UPDATE mailbox SET messages=$mail_count WHERE path='$i' "
else
echo "The maildir $i does not exists. It's quota won't be resync"
fi
mysql_query "UPDATE mailbox SET bytes=$size WHERE path='$i' ; "
mysql_query "UPDATE mailbox SET messages=$mail_count WHERE path='$i' ; "
done

6
wheezy/95_alternc.conf
View File

@ -16,13 +16,13 @@ protocols = imap pop3 sieve
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you're connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
disable_plaintext_auth = yes
disable_plaintext_auth = no
# Space separated list of wanted authentication mechanisms:
# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
# gss-spnego
# NOTE: See also disable_plaintext_auth setting.
auth_mechanisms = plain
auth_mechanisms = plain login
##
## Password and user databases
@ -144,7 +144,7 @@ service auth {
# 10-ssl.conf
# SSL/TLS support: yes, no, required. </usr/share/doc/dovecot-common/wiki/SSL.txt>
ssl = required
ssl = yes
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but

12
wheezy/alternc.install.diff
View File

@ -1,6 +1,6 @@
--- alternc.install 2013-08-22 09:16:54.818542162 +0200
+++ alternc.install.wheezy 2013-08-22 09:58:06.713339922 +0200
@@ -78,7 +78,7 @@
--- alternc.install 2014-03-28 17:30:31.378712101 +0100
+++ alternc.install.wheezy 2014-04-03 10:57:57.840148474 +0200
@@ -79,7 +79,7 @@
fi
if [ -e /etc/dovecot/dovecot.conf ]; then
@ -9,7 +9,7 @@
fi
INSTALLED_CONFIG_TAR="/var/lib/alternc/backups/etc-installed.tar.gz"
@@ -305,7 +305,7 @@
@@ -315,7 +315,7 @@
fi
# We enable dovecot SSL certificate instructions: (on wheezy we should use a new file in /etc/dovecot/conf.d/ )
@ -18,7 +18,7 @@
else
# We disable proftpd tls module
@@ -314,7 +314,7 @@
@@ -324,7 +324,7 @@
cp /etc/proftpd/modules.conf /etc/alternc/templates/proftpd/
# We disable dovecot SSL certificate instructions: (on wheezy we should remove a file in /etc/dovecot/conf.d/ )
@ -27,7 +27,7 @@
echo "SSL not configured"
echo "create a certificate in /etc/alternc/apache.pem and rerun alternc.install"
@@ -533,9 +533,11 @@
@@ -569,9 +569,11 @@
fi
fi

8
wheezy/changelog.diff
View File

@ -1,12 +1,12 @@
--- changelog 2013-10-18 15:17:57.640081683 +0200
+++ changelog.wheezy 2013-10-18 15:19:58.442690776 +0200
@@ -1,0 +1,7 @@
--- changelog 2014-06-24 13:42:50.234304438 +0200
+++ changelog.wheezy 2014-06-24 13:43:51.978313552 +0200
@@ -1,3 +1,10 @@
+alternc (3.2.1) stable; urgency=low
+
+ * Version identical to 3.1 for Squeeze
+ * Includes a small dovecot patch / dependency for dovecot 2.0 for Wheezy
+
+ -- Benjamin Sonntag <benjamin@sonntag.fr> Thu, 28 Mar 2013 18:19:00 +0200
+ -- Benjamin Sonntag <benjamin@sonntag.fr> Thu, 28 Mar 2014 18:19:00 +0200
+
alternc (3.1.1) oldstable; urgency=low