Mini Shell
# -*- coding: utf-8 -*-
# ISP Manager function library
#
# Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2019 All Rights Reserved
#
# Licensed under CLOUD LINUX LICENSE AGREEMENT
# http://cloudlinux.com/docs/LICENSE.TXT
#
#Redistribution and use in source and binary forms, with or without
#modification, are permitted provided that the following conditions
#are met:
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
# * The names of its contributors may not be used to endorse or
# promote products derived from this software without specific
# prior written permission.
#
#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
#"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
#LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
#FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
#COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
#INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
#BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
#LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
#CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
#LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
#ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
#POSSIBILITY OF SUCH DAMAGE.
#
# Module functionality:
# Create php.ini files for DA PHP version selector
# Create symlink to user data directory
#
from __future__ import absolute_import
from __future__ import division
from __future__ import print_function
from __future__ import unicode_literals
from future import standard_library
standard_library.install_aliases()
from builtins import *
import os
import pwd
import shutil
import subprocess
import cagefslib
import cldetectlib as detect
import secureio
from cagefsctl import get_list_of_users, cagefs_is_enabled, save_dir_exists, get_exclude_user_list, get_min_uid, MIN_UID
from clcagefslib.io import read_file
from clcagefslib.selector.panel.isp import ispmanager_create_user_wrapper
from clcommon.utils import mod_makedirs
def install_ispmanager_directory_exclude():
"""
Install exclude .cagefs folder from backup
:return: None
"""
# Only for ISP Manager
detect.getCP()
if not detect.is_ispmanager():
return
if detect.CP_VERSION.startswith('4'):
# ISP Manager v4
isp_command_list = ['/usr/local/ispmgr/sbin/mgrctl', 'backupplan']
try:
result = cagefslib.Execute(isp_command_list, check_return_code=False, exit_on_error=False).split('\n')
for line in result:
if line.find('id=') != -1:
plan_id = str(line.split('name=')[0].replace('id=', '').strip())
isp_command_list.extend(['.content.edit plid=' + plan_id, 'sok=ok', 'type=exclude',
'module=file','filedata=.cagefs'])
cagefslib.Execute(isp_command_list, check_return_code=False, exit_on_error=False)
except OSError as e:
secureio.print_error('Failed to set exclude dir for ISPManager 4:', str(e))
else:
# ISP Manager v5
if detect.ispmanager5_is_master():
# ISP5 Master
try:
cagefs_exclude_is_found = False
exclude_files_list = list()
# Search .cagefs in excludes
isp_command_list = ['/usr/local/mgr5/sbin/mgrctl', '-m', 'ispmgr', 'backup2.settings']
result = cagefslib.Execute(isp_command_list, check_return_code=False, exit_on_error=False).split('\n')
for line in result:
if line.startswith('exclude_files'):
# line as:
# exclude_files=data/.cagefs data/mod-tmp data/somedir
l_parts = line.strip().split('=')
if len(l_parts) != 2:
continue
# l_parts[1] as 'data/.cagefs data/mod-tmp data/somedir'
exclude_files_list = l_parts[1].split(' ')
# if .cagefs absent in exclude list, add it
for exclude_file in exclude_files_list:
if '.cagefs' in exclude_file:
cagefs_exclude_is_found = True
break
break
if not cagefs_exclude_is_found:
# .cagefs not found in excludes, add it
add_line = ' '.join(exclude_files_list) + ' ' + 'data/.cagefs'
add_line = add_line.strip()
isp_command_list.extend(['exclude_files=%s' % add_line, 'sok=ok'])
cagefslib.Execute(isp_command_list, check_return_code=False, exit_on_error=False).split('\n')
except (OSError, IOError,) as e:
secureio.print_error('Failed to set exclude dir for ISPManager 5:', str(e))
def create_php_cgi_etc(filename, php_ini_path):
if os.path.isfile(filename):
# check file content
content = read_file(filename)
if content[0] == '#!/bin/bash\n':
for line in content:
parts = line.strip().split()
if (len(parts) == 4) and (parts[0] == 'exec') and (parts[1] == '/usr/bin/php-cgi') and\
(parts[2] == '-c') and (parts[3] == php_ini_path):
return
dirpath = os.path.dirname(filename)
if not os.path.lexists(dirpath):
mod_makedirs(dirpath, 0o755)
f = open(filename, 'w')
f.write('#!/bin/bash\n')
f.write('exec /usr/bin/php-cgi -c ' + php_ini_path + '\n')
f.close()
# make it executable
os.chmod(filename, 0o755)
# Call from cagefs
def configure_selector_for_ispmanager():
# Only for ISP Manager v4.x
detect.getCP()
if not detect.is_ispmanager() or not detect.CP_VERSION.startswith('4'):
return
ISP_MANAGER_CONF_FILE = '/usr/local/ispmgr/etc/ispmgr.conf'
if not os.path.isfile(ISP_MANAGER_CONF_FILE):
return
# 1. Read php.ini path from native conf
cagefslib.read_native_conf()
if not cagefslib.config_loaded:
return
content = cagefslib.orig_binaries
php_ini_path = '/etc/php.ini'
if 'php.ini' in content:
php_ini_path = content['php.ini']
# 2. Create /usr/local/bin/php-cgi-etc
script_file = '/usr/local/bin/php-cgi-etc'
create_php_cgi_etc(script_file, php_ini_path)
# 3. Create in CageFs skeleton (/usr/share/cagefs-skeleton/usr/local/bin/php-cgi-etc)
if os.path.isdir('/usr/share/cagefs-skeleton'):
create_php_cgi_etc('/usr/share/cagefs-skeleton/usr/local/bin/php-cgi-etc', php_ini_path)
# 4. Read /usr/local/ispmgr/etc/ispmgr.conf
content = read_file(ISP_MANAGER_CONF_FILE)
i = 0
is_found = False
old_path = ''
for line in content:
parts = line.strip().split()
if (len(parts) == 3) and (parts[0] == 'path') and (parts[1] == 'phpcgibinary'):
old_path = parts[2]
is_found = True
break
i += 1
if is_found:
# directive found, check path in it
if old_path != script_file:
content[i] = 'path phpcgibinary ' + script_file + '\n'
cagefslib.write_file(ISP_MANAGER_CONF_FILE, content)
else:
# directive not found, append it
f = open(ISP_MANAGER_CONF_FILE, 'a')
f.write('path phpcgibinary ' + script_file + '\n')
f.close()
# 5. Clear ISP Manager's cache and restart it
shutil.rmtree('/usr/local/ispmgr/var/.xmlcache/ispmgr', True)
p = subprocess.Popen(['killall', 'ispmgr'], shell=False, stdin=open('/dev/null'), stdout=subprocess.PIPE,
stderr=subprocess.STDOUT, close_fds=True)
p.wait()
# 6. Create user php wrappers
#!/usr/local/bin/php-cgi-etc - for alt versions
#!/usr/bin/php-cgi - for native
if (not cagefs_is_enabled()) or save_dir_exists():
cagefs_enabled_users = []
else:
cagefs_enabled_users = get_list_of_users(True)
exclude_list = get_exclude_user_list()
get_min_uid()
min_uid = MIN_UID
pw = pwd.getpwall()
for user_data in pw:
if user_data.pw_uid < min_uid or user_data.pw_name in exclude_list:
continue
is_user_in_cagefs = user_data.pw_name in cagefs_enabled_users
ispmanager_create_user_wrapper_detect_php_ver(user_data, is_user_in_cagefs, True)
# Creates user wrapper dependently user in cagefs or not
# This function for single-user operations in cagefsctl
def ispmanager_create_user_wrapper_detect_php_ver(user_data, is_user_in_cagefs, is_write_log=False):
# Only for ISP Manager v4.x
detect.getCP()
if not detect.is_ispmanager() or not detect.CP_VERSION.startswith('4'):
return
if not is_user_in_cagefs:
user_php_ver = "native"
else:
user_php_ver = cagefslib.get_php_version_for_user(user_data.pw_name)
if user_php_ver is None:
return
ispmanager_create_user_wrapper(user_data.pw_name, user_php_ver, user_data, is_write_log)
Zerion Mini Shell 1.0