From 1216be27b683bbbb85998b94bfaa7eef9a1c5eec Mon Sep 17 00:00:00 2001 From: earnolmartin Date: Fri, 13 Jul 2018 10:02:45 -0600 Subject: [PATCH] Backup Fixes, Additional Database Name Validation, Minor Tweaks to Unattended Install, and More Minor Fixes --- ehcp/classapp.php | 32 +++++++++++++++++++++++++++----- ehcp/install.sh | 25 ++++++++++++++++++++++++- ehcp/install_lib.php | 6 +++++- ehcp/install_main.sh | 10 ++++++++-- ehcp/localutils.php | 4 ++++ 5 files changed, 68 insertions(+), 9 deletions(-) diff --git a/ehcp/classapp.php b/ehcp/classapp.php index 88bc70c..2bc3ba3 100755 --- a/ehcp/classapp.php +++ b/ehcp/classapp.php @@ -3324,15 +3324,22 @@ function pwdls($comment='',$dir=''){ function backup_databases2($dbs,$mysqlusers,$file){ $this->requireCommandLine(__FUNCTION__); - + $foundEHCPDB = false; # set empty file then fill with dump of each mysql database, in ehcp, (before vers 0.27: all databases were dumped, that caused: malfunction because of restore of mysql db itself... now, mysql db is not restored... so, passwords of new mysql server are kept after restore... ) print_r($dbs); if(count($dbs)>0){ foreach($dbs as $db) { - $sql="create database if not exists ".$db['dbname'].";\n"; - $sql.="use ".$db['dbname'].";\n"; + $sql = ""; + if($db['dbname'] == "ehcp"){ + $foundEHCPDB = true; + // Delete EHCP database since importing the backup will fail if there's existing values in it. + $sql .= "DROP DATABASE IF EXISTS `".$db['dbname']."`;\n"; + } + + $sql .= "create database if not exists `".$db['dbname']."`;\n"; + $sql .= "use `".$db['dbname']."`;\n"; writeoutput2($file,$sql,"a"); $cmd=escapeshellcmd("mysqldump ".$db['dbname']." -u root --password=".$this->conf['mysqlrootpass'])." >> ".escapeshellcmd($file); @@ -3350,12 +3357,22 @@ function backup_databases2($dbs,$mysqlusers,$file){ // Put grant usage permissions into the file $sql = "GRANT USAGE ON *.* TO '$dbusername'@'localhost' IDENTIFIED BY '$dbuserpass';"; - $sql .= "\n" . "GRANT ALL PRIVILEGES ON $dbname.* TO '$dbusername'@'localhost';"; + $sql .= "\n" . "GRANT ALL PRIVILEGES ON `" . $dbname . ".*` TO '$dbusername'@'localhost';"; writeoutput2($file,$sql,"a"); } } + + // Last part flush privileges and regrant EHCP privileges + $fixAccounts = ""; + + // Handle EHCP regrant + if($foundEHCPDB){ + $fixAccounts .= "GRANT USAGE ON *.* TO 'ehcp'@'localhost' IDENTIFIED BY '" . $this->dbpass . "';"; + $fixAccounts .= "\n" . "GRANT ALL PRIVILEGES ON `ehcp.*` TO 'ehcp'@'localhost';"; + } + // Flush privileges to activate the new user accounts and passwords - $fixAccounts = "FLUSH PRIVILEGES;"; + $fixAccounts .= "\n" . "FLUSH PRIVILEGES;"; writeoutput2($file,$fixAccounts,"a"); } @@ -11456,6 +11473,11 @@ function addMysqlDbDirect($myserver, $domainname, $dbusername, $dbuserpass, $dbu return $this->errorText("Database user passwords cannot be greater than 32 characters."); } + $dbnameModified = removeInvalidChars($dbname, "database"); + if($dbnameModified != $dbname){ + return $this->errorText("Database names may only contain alphanumeric characters along with underscores."); + } + if(!$myserver) $myserver=$_SESSION['myserver']; if(!$myserver) $myserver=$this->getMysqlServer('',false,__FUNCTION__); # get mysql server info.. diff --git a/ehcp/install.sh b/ehcp/install.sh index 374fb9e..7d8616f 100755 --- a/ehcp/install.sh +++ b/ehcp/install.sh @@ -118,11 +118,34 @@ do preUnattended=1 elif [ "$varCheck" == "debug" ]; then debug="debug" + elif [ "$varCheck" == "extra" ]; then + installmode="extra" + elif [ "$varCheck" == "normal" ]; then + installmode="normal" fi done if [ ! -z "$preUnattended" ]; then - # They really want this install to be unattended, so run the installer and use default passwords of 1234 + ## They really want this install to be unattended, so run the installer and use default passwords of 1234 + + if [ ! -z "$installmode" ] && [ "$installmode" == "extra" ]; then + + # Handle policyd + insPolicyD="ins_policyd.cfg" + if [ ! -e "$insPolicyD" ]; then + echo -e "insPolicyD=true" > "$insPolicyD" + fi + + # Set amavis fully qualified domain name + if [ ! -e "fqdn_amavis.cfg" ]; then + FQDNCFG="fqdn_amavis.cfg" + FQDNName="ehcpforce.tk" + echo -e "FQDNName=\"$FQDNName\"" > "$FQDNCFG" + fi + + fi + + ## Run the main installer passing the parameters we received bash install_main.sh "$@" else diff --git a/ehcp/install_lib.php b/ehcp/install_lib.php index 4cd2a3f..b523814 100755 --- a/ehcp/install_lib.php +++ b/ehcp/install_lib.php @@ -976,7 +976,11 @@ function mysqldebconf($rYear){ //by earnolmartin@gmail.com } // More generic - $mariadbVersionStrFromAptCache = shell_exec('bash /var/www/new/ehcp/scripts/getMariaDbMajorMinorVersion.sh'); + if(file_exists("/var/www/new/ehcp/scripts/getMariaDbMajorMinorVersion.sh")){ + $mariadbVersionStrFromAptCache = shell_exec('bash /var/www/new/ehcp/scripts/getMariaDbMajorMinorVersion.sh'); + }else if(file_exists("scripts/getMariaDbMajorMinorVersion.sh")){ + $mariadbVersionStrFromAptCache = shell_exec('bash scripts/getMariaDbMajorMinorVersion.sh'); + } // For all versions if(hasValue($rootpass)){ diff --git a/ehcp/install_main.sh b/ehcp/install_main.sh index 77d1bec..35d5067 100755 --- a/ehcp/install_main.sh +++ b/ehcp/install_main.sh @@ -1362,8 +1362,14 @@ function installAntiSpam(){ aptgetInstall "amavisd-new" "runlevel=1" # amavisd-new install should not start the daemon immediately after installation since we haven't configured our fully qualified domain name of the server yet # Use FQDN for mail server (used by Amavis) as entered by user earlier - sed -i "s/^#\$myhostname.*/\$myhostname = \"$FQDNName\";/g" "$AMAVISHOST" - sed -i "s#^\$myhostname.*#\$myhostname = \"$FQDNName\";#g" "$AMAVISHOST" + if [ -z "$FQDNName" ]; then + # Just replace it with ehcpforce.tk + sed -i "s/^#\$myhostname.*/\$myhostname = \"ehcpforce.tk\";/g" "$AMAVISHOST" + sed -i "s#^\$myhostname.*#\$myhostname = \"ehcpforce.tk\";#g" "$AMAVISHOST" + else + sed -i "s/^#\$myhostname.*/\$myhostname = \"$FQDNName\";/g" "$AMAVISHOST" + sed -i "s#^\$myhostname.*#\$myhostname = \"$FQDNName\";#g" "$AMAVISHOST" + fi # Install SpamAssassin and Clamav-Daemon aptgetInstall "spamassassin clamav-daemon" diff --git a/ehcp/localutils.php b/ehcp/localutils.php index a6ad0d2..b92b612 100755 --- a/ehcp/localutils.php +++ b/ehcp/localutils.php @@ -1042,6 +1042,10 @@ function removeInvalidChars($string, $mode){ $pattern = "/[^A-Za-z0-9\/_\-]/i"; $string = preg_replace($pattern, "", $string); break; + case "database": + $pattern = "/[^A-Za-z0-9_]/i"; + $string = preg_replace($pattern, "", $string); + break; case "title": $pattern = "/[^A-Za-z0-9_\-\s']/i"; break;