1*4882a593Smuzhiyun#!/bin/sh 2*4882a593Smuzhiyun# Modified version of setup.sh distributed with webmin 3*4882a593Smuzhiyun 4*4882a593Smuzhiyunif [ "$wadir" = "" ]; then 5*4882a593Smuzhiyun echo "ERROR: wadir not specified" 6*4882a593Smuzhiyun echo "" 7*4882a593Smuzhiyun exit 1 8*4882a593Smuzhiyunfi 9*4882a593Smuzhiyun 10*4882a593Smuzhiyunconfig_dir_runtime=$config_dir 11*4882a593Smuzhiyunconfig_dir=$prefix$config_dir 12*4882a593Smuzhiyun 13*4882a593Smuzhiyunwadir_runtime=$wadir 14*4882a593Smuzhiyunwadir=$prefix$wadir 15*4882a593Smuzhiyun 16*4882a593Smuzhiyunver=`cat "$wadir/version"` 17*4882a593Smuzhiyun 18*4882a593Smuzhiyuncd "$wadir" 19*4882a593Smuzhiyun 20*4882a593Smuzhiyun# Work out perl library path 21*4882a593SmuzhiyunPERLLIB=$wadir 22*4882a593Smuzhiyun 23*4882a593Smuzhiyun# Validate source directory 24*4882a593Smuzhiyunallmods=`cd "$wadir"; echo */module.info | sed -e 's/\/module.info//g'` 25*4882a593Smuzhiyunif [ "$allmods" = "" ]; then 26*4882a593Smuzhiyun echo "ERROR: Failed to get module list" 27*4882a593Smuzhiyun echo "" 28*4882a593Smuzhiyun exit 1 29*4882a593Smuzhiyunfi 30*4882a593Smuzhiyunecho "" 31*4882a593Smuzhiyun 32*4882a593Smuzhiyunif [ "$login" = "webmin" ]; then 33*4882a593Smuzhiyun echo "ERROR: Username 'webmin' is reserved for internal use" 34*4882a593Smuzhiyun echo "" 35*4882a593Smuzhiyun exit 14 36*4882a593Smuzhiyunfi 37*4882a593Smuzhiyun 38*4882a593Smuzhiyun# Create webserver config file 39*4882a593Smuzhiyunecho $perl > $config_dir/perl-path 40*4882a593Smuzhiyunecho $var_dir > $config_dir/var-path 41*4882a593Smuzhiyunecho "Creating web server config files.." 42*4882a593Smuzhiyuncfile=$config_dir/miniserv.conf 43*4882a593Smuzhiyunecho "port=$port" >> $cfile 44*4882a593Smuzhiyunecho "root=$wadir_runtime" >> $cfile 45*4882a593Smuzhiyunecho "mimetypes=$wadir_runtime/mime.types" >> $cfile 46*4882a593Smuzhiyunecho "addtype_cgi=internal/cgi" >> $cfile 47*4882a593Smuzhiyunecho "realm=Webmin Server" >> $cfile 48*4882a593Smuzhiyunecho "logfile=$var_dir/miniserv.log" >> $cfile 49*4882a593Smuzhiyunecho "errorlog=$var_dir/miniserv.error" >> $cfile 50*4882a593Smuzhiyunecho "pidfile=$var_dir/miniserv.pid" >> $cfile 51*4882a593Smuzhiyunecho "logtime=168" >> $cfile 52*4882a593Smuzhiyunecho "ppath=$ppath" >> $cfile 53*4882a593Smuzhiyunecho "ssl=$ssl" >> $cfile 54*4882a593Smuzhiyunecho "env_WEBMIN_CONFIG=$config_dir_runtime" >> $cfile 55*4882a593Smuzhiyunecho "env_WEBMIN_VAR=$var_dir" >> $cfile 56*4882a593Smuzhiyunecho "atboot=$atboot" >> $cfile 57*4882a593Smuzhiyunecho "logout=$config_dir_runtime/logout-flag" >> $cfile 58*4882a593Smuzhiyunif [ "$listen" != "" ]; then 59*4882a593Smuzhiyun echo "listen=$listen" >> $cfile 60*4882a593Smuzhiyunelse 61*4882a593Smuzhiyun echo "listen=10000" >> $cfile 62*4882a593Smuzhiyunfi 63*4882a593Smuzhiyunecho "denyfile=\\.pl\$" >> $cfile 64*4882a593Smuzhiyunecho "log=1" >> $cfile 65*4882a593Smuzhiyunecho "blockhost_failures=5" >> $cfile 66*4882a593Smuzhiyunecho "blockhost_time=60" >> $cfile 67*4882a593Smuzhiyunecho "syslog=1" >> $cfile 68*4882a593Smuzhiyunif [ "$allow" != "" ]; then 69*4882a593Smuzhiyun echo "allow=$allow" >> $cfile 70*4882a593Smuzhiyunfi 71*4882a593Smuzhiyunif [ "$session" != "" ]; then 72*4882a593Smuzhiyun echo "session=$session" >> $cfile 73*4882a593Smuzhiyunelse 74*4882a593Smuzhiyun echo "session=1" >> $cfile 75*4882a593Smuzhiyunfi 76*4882a593Smuzhiyunif [ "$pam" != "" ]; then 77*4882a593Smuzhiyun echo "pam=$pam" >> $cfile 78*4882a593Smuzhiyunfi 79*4882a593Smuzhiyunif [ "$no_pam" != "" ]; then 80*4882a593Smuzhiyun echo "no_pam=$no_pam" >> $cfile 81*4882a593Smuzhiyunfi 82*4882a593Smuzhiyunecho premodules=WebminCore >> $cfile 83*4882a593Smuzhiyunecho "server=MiniServ/$ver" >> $cfile 84*4882a593Smuzhiyun 85*4882a593Smuzhiyunmd5pass=`$perl -e 'print crypt("test", "\\$1\\$A9wB3O18\\$zaZgqrEmb9VNltWTL454R/") eq "\\$1\\$A9wB3O18\\$zaZgqrEmb9VNltWTL454R/" ? "1\n" : "0\n"'` 86*4882a593Smuzhiyun 87*4882a593Smuzhiyunufile=$config_dir/miniserv.users 88*4882a593Smuzhiyunif [ "$crypt" != "" ]; then 89*4882a593Smuzhiyun echo "$login:$crypt:0" > $ufile 90*4882a593Smuzhiyunelse 91*4882a593Smuzhiyun if [ "$md5pass" = "1" ]; then 92*4882a593Smuzhiyun $perl -e 'print "$ARGV[0]:",crypt($ARGV[1], "\$1\$XXXXXXXX"),":0\n"' "$login" "$password" > $ufile 93*4882a593Smuzhiyun else 94*4882a593Smuzhiyun $perl -e 'print "$ARGV[0]:",crypt($ARGV[1], "XX"),":0\n"' "$login" "$password" > $ufile 95*4882a593Smuzhiyun fi 96*4882a593Smuzhiyunfi 97*4882a593Smuzhiyunchmod 600 $ufile 98*4882a593Smuzhiyunecho "userfile=$config_dir_runtime/miniserv.users" >> $cfile 99*4882a593Smuzhiyun 100*4882a593Smuzhiyunkfile=$config_dir/miniserv.pem 101*4882a593Smuzhiyunopenssl version >/dev/null 2>&1 102*4882a593Smuzhiyunif [ "$?" = "0" ]; then 103*4882a593Smuzhiyun # We can generate a new SSL key for this host 104*4882a593Smuzhiyun host=`hostname` 105*4882a593Smuzhiyun openssl req -newkey rsa:512 -x509 -nodes -out $tempdir/cert -keyout $tempdir/key -days 1825 >/dev/null 2>&1 <<EOF 106*4882a593Smuzhiyun. 107*4882a593Smuzhiyun. 108*4882a593Smuzhiyun. 109*4882a593SmuzhiyunWebmin Webserver on $host 110*4882a593Smuzhiyun. 111*4882a593Smuzhiyun* 112*4882a593Smuzhiyunroot@$host 113*4882a593SmuzhiyunEOF 114*4882a593Smuzhiyun if [ "$?" = "0" ]; then 115*4882a593Smuzhiyun cat $tempdir/cert $tempdir/key >$kfile 116*4882a593Smuzhiyun fi 117*4882a593Smuzhiyun rm -f $tempdir/cert $tempdir/key 118*4882a593Smuzhiyunfi 119*4882a593Smuzhiyunif [ ! -r $kfile ]; then 120*4882a593Smuzhiyun # Fall back to the built-in key 121*4882a593Smuzhiyun cp "$wadir/miniserv.pem" $kfile 122*4882a593Smuzhiyunfi 123*4882a593Smuzhiyunchmod 600 $kfile 124*4882a593Smuzhiyunecho "keyfile=$config_dir_runtime/miniserv.pem" >> $cfile 125*4882a593Smuzhiyun 126*4882a593Smuzhiyunchmod 600 $cfile 127*4882a593Smuzhiyunecho "..done" 128*4882a593Smuzhiyunecho "" 129*4882a593Smuzhiyun 130*4882a593Smuzhiyunecho "Creating access control file.." 131*4882a593Smuzhiyunafile=$config_dir/webmin.acl 132*4882a593Smuzhiyunrm -f $afile 133*4882a593Smuzhiyunif [ "$defaultmods" = "" ]; then 134*4882a593Smuzhiyun echo "$login: $allmods" >> $afile 135*4882a593Smuzhiyunelse 136*4882a593Smuzhiyun echo "$login: $defaultmods" >> $afile 137*4882a593Smuzhiyunfi 138*4882a593Smuzhiyunchmod 600 $afile 139*4882a593Smuzhiyunecho "..done" 140*4882a593Smuzhiyunecho "" 141*4882a593Smuzhiyun 142*4882a593Smuzhiyunif [ "$login" != "root" -a "$login" != "admin" ]; then 143*4882a593Smuzhiyun # Allow use of RPC by this user 144*4882a593Smuzhiyun echo rpc=1 >>$config_dir/$login.acl 145*4882a593Smuzhiyunfi 146*4882a593Smuzhiyun 147*4882a593Smuzhiyunif [ "$noperlpath" = "" ]; then 148*4882a593Smuzhiyun echo "Inserting path to perl into scripts.." 149*4882a593Smuzhiyun (find "$wadir" -name '*.cgi' -print ; find "$wadir" -name '*.pl' -print) | $perl "$wadir/perlpath.pl" $perl_runtime - 150*4882a593Smuzhiyun echo "..done" 151*4882a593Smuzhiyun echo "" 152*4882a593Smuzhiyunfi 153*4882a593Smuzhiyun 154*4882a593Smuzhiyunecho "Creating start and stop scripts.." 155*4882a593Smuzhiyunrm -f $config_dir/stop $config_dir/start $config_dir/restart $config_dir/reload 156*4882a593Smuzhiyunecho "#!/bin/sh" >>$config_dir/start 157*4882a593Smuzhiyunecho "echo Starting Webmin server in $wadir_runtime" >>$config_dir/start 158*4882a593Smuzhiyunecho "trap '' 1" >>$config_dir/start 159*4882a593Smuzhiyunecho "LANG=" >>$config_dir/start 160*4882a593Smuzhiyunecho "export LANG" >>$config_dir/start 161*4882a593Smuzhiyunecho "#PERLIO=:raw" >>$config_dir/start 162*4882a593Smuzhiyunecho "unset PERLIO" >>$config_dir/start 163*4882a593Smuzhiyunecho "export PERLIO" >>$config_dir/start 164*4882a593Smuzhiyunecho "PERLLIB=$PERLLIB" >>$config_dir/start 165*4882a593Smuzhiyunecho "export PERLLIB" >>$config_dir/start 166*4882a593Smuzhiyununame -a | grep -i 'HP/*UX' >/dev/null 167*4882a593Smuzhiyunif [ $? = "0" ]; then 168*4882a593Smuzhiyun echo "exec '$wadir_runtime/miniserv.pl' $config_dir_runtime/miniserv.conf &" >>$config_dir/start 169*4882a593Smuzhiyunelse 170*4882a593Smuzhiyun echo "exec '$wadir_runtime/miniserv.pl' $config_dir_runtime/miniserv.conf" >>$config_dir/start 171*4882a593Smuzhiyunfi 172*4882a593Smuzhiyun 173*4882a593Smuzhiyunecho "#!/bin/sh" >>$config_dir/stop 174*4882a593Smuzhiyunecho "echo Stopping Webmin server in $wadir_runtime" >>$config_dir/stop 175*4882a593Smuzhiyunecho "pidfile=\`grep \"^pidfile=\" $config_dir_runtime/miniserv.conf | sed -e 's/pidfile=//g'\`" >>$config_dir/stop 176*4882a593Smuzhiyunecho "kill \`cat \$pidfile\`" >>$config_dir/stop 177*4882a593Smuzhiyun 178*4882a593Smuzhiyunecho "#!/bin/sh" >>$config_dir/restart 179*4882a593Smuzhiyunecho "$config_dir_runtime/stop && $config_dir_runtime/start" >>$config_dir/restart 180*4882a593Smuzhiyun 181*4882a593Smuzhiyunecho "#!/bin/sh" >>$config_dir/reload 182*4882a593Smuzhiyunecho "echo Reloading Webmin server in $wadir_runtime" >>$config_dir/reload 183*4882a593Smuzhiyunecho "pidfile=\`grep \"^pidfile=\" $config_dir_runtime/miniserv.conf | sed -e 's/pidfile=//g'\`" >>$config_dir/reload 184*4882a593Smuzhiyunecho "kill -USR1 \`cat \$pidfile\`" >>$config_dir/reload 185*4882a593Smuzhiyun 186*4882a593Smuzhiyunchmod 755 $config_dir/start $config_dir/stop $config_dir/restart $config_dir/reload 187*4882a593Smuzhiyunecho "..done" 188*4882a593Smuzhiyunecho "" 189*4882a593Smuzhiyun 190*4882a593Smuzhiyunif [ "$upgrading" = 1 ]; then 191*4882a593Smuzhiyun echo "Updating config files.." 192*4882a593Smuzhiyunelse 193*4882a593Smuzhiyun echo "Copying config files.." 194*4882a593Smuzhiyunfi 195*4882a593Smuzhiyunnewmods=`$perl "$wadir/copyconfig.pl" "$os_type/$real_os_type" "$os_version/$real_os_version" "$wadir" $config_dir "" $allmods` 196*4882a593Smuzhiyun# Store the OS and version 197*4882a593Smuzhiyunecho "os_type=$os_type" >> $config_dir/config 198*4882a593Smuzhiyunecho "os_version=$os_version" >> $config_dir/config 199*4882a593Smuzhiyunecho "real_os_type=$real_os_type" >> $config_dir/config 200*4882a593Smuzhiyunecho "real_os_version=$real_os_version" >> $config_dir/config 201*4882a593Smuzhiyunif [ -r /etc/system.cnf ]; then 202*4882a593Smuzhiyun # Found a caldera system config file .. get the language 203*4882a593Smuzhiyun source /etc/system.cnf 204*4882a593Smuzhiyun if [ "$CONF_LST_LANG" = "us" ]; then 205*4882a593Smuzhiyun CONF_LST_LANG=en 206*4882a593Smuzhiyun elif [ "$CONF_LST_LANG" = "uk" ]; then 207*4882a593Smuzhiyun CONF_LST_LANG=en 208*4882a593Smuzhiyun fi 209*4882a593Smuzhiyun grep "lang=$CONF_LST_LANG," "$wadir/lang_list.txt" >/dev/null 2>&1 210*4882a593Smuzhiyun if [ "$?" = 0 ]; then 211*4882a593Smuzhiyun echo "lang=$CONF_LST_LANG" >> $config_dir/config 212*4882a593Smuzhiyun fi 213*4882a593Smuzhiyunfi 214*4882a593Smuzhiyun 215*4882a593Smuzhiyun# Turn on logging by default 216*4882a593Smuzhiyunecho "log=1" >> $config_dir/config 217*4882a593Smuzhiyun 218*4882a593Smuzhiyun# Use licence module specified by environment variable 219*4882a593Smuzhiyunif [ "$licence_module" != "" ]; then 220*4882a593Smuzhiyun echo licence_module=$licence_module >>$config_dir/config 221*4882a593Smuzhiyunfi 222*4882a593Smuzhiyun 223*4882a593Smuzhiyun# Disallow unknown referers by default 224*4882a593Smuzhiyunecho "referers_none=1" >>$config_dir/config 225*4882a593Smuzhiyunecho $ver > $config_dir/version 226*4882a593Smuzhiyunecho "..done" 227*4882a593Smuzhiyunecho "" 228*4882a593Smuzhiyun 229*4882a593Smuzhiyun# Set passwd_ fields in miniserv.conf from global config 230*4882a593Smuzhiyunfor field in passwd_file passwd_uindex passwd_pindex passwd_cindex passwd_mindex; do 231*4882a593Smuzhiyun grep $field= $config_dir/miniserv.conf >/dev/null 232*4882a593Smuzhiyun if [ "$?" != "0" ]; then 233*4882a593Smuzhiyun grep $field= $config_dir/config >> $config_dir/miniserv.conf 234*4882a593Smuzhiyun fi 235*4882a593Smuzhiyundone 236*4882a593Smuzhiyungrep passwd_mode= $config_dir/miniserv.conf >/dev/null 237*4882a593Smuzhiyunif [ "$?" != "0" ]; then 238*4882a593Smuzhiyun echo passwd_mode=0 >> $config_dir/miniserv.conf 239*4882a593Smuzhiyunfi 240*4882a593Smuzhiyun 241*4882a593Smuzhiyun# If Perl crypt supports MD5, then make it the default 242*4882a593Smuzhiyunif [ "$md5pass" = "1" ]; then 243*4882a593Smuzhiyun echo md5pass=1 >> $config_dir/config 244*4882a593Smuzhiyunfi 245*4882a593Smuzhiyun 246*4882a593Smuzhiyun# Set a special theme if none was set before 247*4882a593Smuzhiyunif [ "$theme" = "" ]; then 248*4882a593Smuzhiyun theme=`cat "$wadir/defaulttheme" 2>/dev/null` 249*4882a593Smuzhiyunfi 250*4882a593Smuzhiyunoldthemeline=`grep "^theme=" $config_dir/config` 251*4882a593Smuzhiyunoldtheme=`echo $oldthemeline | sed -e 's/theme=//g'` 252*4882a593Smuzhiyunif [ "$theme" != "" ] && [ "$oldthemeline" = "" ] && [ -d "$wadir/$theme" ]; then 253*4882a593Smuzhiyun themelist=$theme 254*4882a593Smuzhiyunfi 255*4882a593Smuzhiyun 256*4882a593Smuzhiyun# Set a special overlay if none was set before 257*4882a593Smuzhiyunif [ "$overlay" = "" ]; then 258*4882a593Smuzhiyun overlay=`cat "$wadir/defaultoverlay" 2>/dev/null` 259*4882a593Smuzhiyunfi 260*4882a593Smuzhiyunif [ "$overlay" != "" ] && [ "$theme" != "" ] && [ -d "$wadir/$overlay" ]; then 261*4882a593Smuzhiyun themelist="$themelist $overlay" 262*4882a593Smuzhiyunfi 263*4882a593Smuzhiyun 264*4882a593Smuzhiyun# Apply the theme and maybe overlay 265*4882a593Smuzhiyunif [ "$themelist" != "" ]; then 266*4882a593Smuzhiyun echo "theme=$themelist" >> $config_dir/config 267*4882a593Smuzhiyun echo "preroot=$themelist" >> $config_dir/miniserv.conf 268*4882a593Smuzhiyunfi 269*4882a593Smuzhiyun 270*4882a593Smuzhiyun# Set the product field in the global config 271*4882a593Smuzhiyungrep product= $config_dir/config >/dev/null 272*4882a593Smuzhiyunif [ "$?" != "0" ]; then 273*4882a593Smuzhiyun echo product=webmin >> $config_dir/config 274*4882a593Smuzhiyunfi 275*4882a593Smuzhiyun 276*4882a593Smuzhiyunif [ "$makeboot" = "1" ]; then 277*4882a593Smuzhiyun echo "Configuring Webmin to start at boot time.." 278*4882a593Smuzhiyun (cd "$wadir/init" ; WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir "$wadir/init/atboot.pl" $bootscript) 279*4882a593Smuzhiyun echo "..done" 280*4882a593Smuzhiyun echo "" 281*4882a593Smuzhiyunfi 282*4882a593Smuzhiyun 283*4882a593Smuzhiyun# If password delays are not specifically disabled, enable them 284*4882a593Smuzhiyungrep passdelay= $config_dir/miniserv.conf >/dev/null 285*4882a593Smuzhiyunif [ "$?" != "0" ]; then 286*4882a593Smuzhiyun echo passdelay=1 >> $config_dir/miniserv.conf 287*4882a593Smuzhiyunfi 288*4882a593Smuzhiyun 289*4882a593Smuzhiyunecho "Changing ownership and permissions .." 290*4882a593Smuzhiyun# Make all config dirs non-world-readable 291*4882a593Smuzhiyunfor m in $newmods; do 292*4882a593Smuzhiyun chown -R root $config_dir/$m 293*4882a593Smuzhiyun chgrp -R bin $config_dir/$m 294*4882a593Smuzhiyun chmod -R og-rw $config_dir/$m 295*4882a593Smuzhiyundone 296*4882a593Smuzhiyun# Make miniserv config files non-world-readable 297*4882a593Smuzhiyunfor f in miniserv.conf miniserv.pem miniserv.users; do 298*4882a593Smuzhiyun chown -R root $config_dir/$f 299*4882a593Smuzhiyun chgrp -R bin $config_dir/$f 300*4882a593Smuzhiyun chmod -R og-rw $config_dir/$f 301*4882a593Smuzhiyundone 302*4882a593Smuzhiyunchmod +r $config_dir/version 303*4882a593Smuzhiyunif [ "$nochown" = "" ]; then 304*4882a593Smuzhiyun # Make program directory non-world-writable, but executable 305*4882a593Smuzhiyun chown -R root "$wadir" 306*4882a593Smuzhiyun chgrp -R bin "$wadir" 307*4882a593Smuzhiyun chmod -R og-w "$wadir" 308*4882a593Smuzhiyun chmod -R a+rx "$wadir" 309*4882a593Smuzhiyunfi 310*4882a593Smuzhiyunif [ $var_dir != "/var" ]; then 311*4882a593Smuzhiyun # Make log directory non-world-readable or writable 312*4882a593Smuzhiyun chown -R root $prefix$var_dir 313*4882a593Smuzhiyun chgrp -R bin $prefix$var_dir 314*4882a593Smuzhiyun chmod -R og-rwx $prefix$var_dir 315*4882a593Smuzhiyunfi 316*4882a593Smuzhiyun# Fix up bad permissions from some older installs 317*4882a593Smuzhiyunfor m in ldap-client ldap-server ldap-useradmin mailboxes mysql postgresql servers virtual-server; do 318*4882a593Smuzhiyun if [ -d "$config_dir/$m" ]; then 319*4882a593Smuzhiyun chown root $config_dir/$m 320*4882a593Smuzhiyun chgrp bin $config_dir/$m 321*4882a593Smuzhiyun chmod og-rw $config_dir/$m 322*4882a593Smuzhiyun chmod og-rw $config_dir/$m/config 2>/dev/null 323*4882a593Smuzhiyun fi 324*4882a593Smuzhiyundone 325*4882a593Smuzhiyun 326*4882a593Smuzhiyunif [ "$nopostinstall" = "" ]; then 327*4882a593Smuzhiyun echo "Running postinstall scripts .." 328*4882a593Smuzhiyun (cd "$wadir" ; WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir "$wadir/run-postinstalls.pl") 329*4882a593Smuzhiyun echo "..done" 330*4882a593Smuzhiyun echo "" 331*4882a593Smuzhiyunfi 332*4882a593Smuzhiyun 333*4882a593Smuzhiyun# Enable background collection 334*4882a593Smuzhiyunif [ "$upgrading" != 1 -a -r $config_dir/system-status/enable-collection.pl ]; then 335*4882a593Smuzhiyun echo "Enabling background status collection .." 336*4882a593Smuzhiyun $config_dir/system-status/enable-collection.pl 5 337*4882a593Smuzhiyun echo "..done" 338*4882a593Smuzhiyun echo "" 339*4882a593Smuzhiyunfi 340*4882a593Smuzhiyun 341