#!/bin/bash ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # # # Plesk script # #default values ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. set_apache_params() { apache_user="www-data" apache_UID=80 apache_group="www-data" apache_GID=80 apache_pid_file="$APACHE_ROOT/logs/httpd.pid" apache_lock_file="$APACHE_ROOT/logs/httpd.lock" product_lock_file="$HTTPD_CONF_D/cnf.lock" apache_service_name="apache2" apache_modules_d="/usr/lib/apache2/modules" apache_service="$apache_service_name" apache_httpd_conf="$HTTPD_CONF_D/apache2.conf" apache_httpd_include="$HTTPD_INCLUDE_D/zz010_psa_httpd.conf" APACHE_ROOT="/usr" min_suexec_UID=10000 max_suexec_UID=16000 min_suexec_GID=$min_suexec_UID max_suexec_GID=$max_suexec_UID suexec_storage=/usr/lib/plesk-9.0/suexec suexec=/usr/lib/apache2/suexec suexec_dir="`dirname "$suexec"`" suexec_file="`basename "$suexec"`" rpm_httpd_bin=/usr/sbin/httpd } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # vim:ft=sh # Usage: pleskrc pleskrc() { [ 2 -le $# ] || die "Not enough arguments" local service_name=${1//[-.@]/_} local action=$2 local ret=0 local inten shift shift # Now check redefined functions if test "$machine" = "linux" && is_function "${service_name}_${action}_${machine}_${linux_distr}"; then "${service_name}_${action}_${machine}_${linux_distr}" "$@" return $? elif is_function "${service_name}_${action}_${machine}"; then "${service_name}_${action}_${machine}" "$@" return $? elif is_function "${service_name}_${action}"; then "${service_name}_${action}" "$@" return $? fi # Not redefined - call default action eval "service=\$${service_name}_service" [ -n "$service" ] || die "$action $service_name service (Empty service name for '$service_name')" if [ "$action" = "name" ]; then echo "${service}.service" return 0 fi inten="$action service $service" pleskrc_is_failure_for_action_ok "$action" || echo_try "$inten" if [ -x "/bin/systemctl" -a "$do_upgrade" = "1" -a ! -f "/var/lock/parallels-panel-bootstrapper-running.lock" -a -z "$SYSTEMD_DAEMON_RELOADED" ]; then # reload systemd units if requested from an upgrade package script - in case a unit was changed /bin/systemctl daemon-reload SYSTEMD_DAEMON_RELOADED="yes" fi service_ctl "$action" "$service" "$service_name" ret="$?" pleskrc_is_failure_for_action_ok "$action" || { if [ "$ret" -eq 0 ]; then suc else if [ -x "/bin/systemctl" ]; then p_echo "`/bin/systemctl -l status \"${service}.service\" | awk 'BEGIN {s=0} s==1 {s=2} /^$/ {s=1} s==2 {print}'`" fi warn "$inten failed" fi } return $ret } pleskrc_is_failure_for_action_ok() { local action="$1" case "$action" in status|exists|is-active|is-enabled|is-failed) return 0 ;; esac return 1 } # NOTE: # Function service_ctl is just helper for pleskrc(). # Do not call it directly, use pleskrc()!!! service_ctl() { local action=$1 local service=$2 local service_name=$3 if [ "$action" != "exists" ]; then _service_exec $service exists if [ "$?" != "0" ]; then p_echo "attempt to ${inten} - service doesn't exist (missing unit file or not executable control script)" return 1 fi fi case "$action" in start) pleskrc "$service_name" status || _service_exec "$service" "$action" ;; stop) ! pleskrc "$service_name" status || _service_exec "$service" "$action" ;; restart) if pleskrc "$service_name" status; then _service_exec "$service" "$action" else _service_exec "$service" start fi ;; reload) ! pleskrc "$service_name" status || _service_exec "$service" "$action" ;; status) _service_exec "$service" status ;; try-restart) if [ -x "/bin/systemctl" ]; then _service_exec "$service" "$action" else ! pleskrc "$service_name" status || _service_exec "$service" "restart" fi ;; try-reload) ! pleskrc "$service_name" status || _service_exec "$service" "reload" ;; reload-or-restart) if [ -x "/bin/systemctl" ]; then _service_exec "$service" "$action" elif pleskrc "$service_name" status; then _service_exec "$service" "reload" else _service_exec "$service" "start" fi ;; *) _service_exec "$service" "$action" ;; esac >> "$product_log" } _service_exec() { # Keep in sync with pylibplesk/plesk_service.py local service=$1 local action=$2 local action_cmd local sysvinit_service="/etc/init.d/$service" if [ -x "/bin/systemctl" ]; then case "${action}" in exists) if /bin/systemctl cat "$service.service" >/dev/null 2>&1; then return 0 # systemd unit elif [ -f "/lib/systemd/system/$service.service" ]; then /bin/systemctl daemon-reload return 0 # systemd unit which exists but was changed and has not been reloaded before elif [ -x "$sysvinit_service" ]; then return 0 # sysvinit compat fi return 1 # not found ;; status) action="is-active" ;; reload|graceful) action='reload-or-try-restart' ;; esac /bin/systemctl "$action" "${service}.service" else warn "Cannot $action $service on this system: no executable /bin/systemctl" return 1 fi } is_function() { local type_output=$(type -t "$1") test "X${type_output}" = "Xfunction" } # echo message to product log, also to console in debug mode p_echo() { if [ -n "$product_log" ] ; then echo "$@" >> "$product_log" 2>&1 fi if [ -n "$PLESK_INSTALLER_DEBUG" -o -n "$PLESK_INSTALLER_VERBOSE" -o -z "$product_log" ] ; then echo "$@" >&2 fi } # same as p_echo, but without new line pnnl_echo() { p_echo -n "$@" } int_err() { report_problem "internal" "Internal error: $@" exit 1 } p_see_product_log() { log_is_in_dev "${product_log}" || printf " (see log file: ${product_log})" >&2 } die() { report_problem "fatal" "ERROR while trying to $@" printf "Check the error reason" >&2 p_see_product_log echo ", fix and try again" >&2 selinux_close exit 1 } warn() { local inten="$1" if [ -n "$PLESK_INSTALLER_DEBUG" -o -n "$PLESK_INSTALLER_VERBOSE" ]; then p_echo p_echo "WARNING!" pnnl_echo "Some problems are found during $inten" p_see_product_log p_echo p_echo "Continue..." p_echo fi report_problem "warning" "Warning: $inten" } echo_try() { msg="$*" pnnl_echo " Trying to $msg... " } suc() { p_echo "done" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. reexec_with_clean_env() { # Usage: call this function as 'reexec_with_clean_env "$@"' at the start of a script. # Don't use with scripts that require sensitive environment variables. # Don't put the call under any input/output redirection. # Purpose: make sure the script is executed with a sane environment. local lc="`get_default_locale`" export LANG="$lc" LC_MESSAGES="$lc" LC_ALL="$lc" export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin umask 022 PLESK_SCRIPT_COMMAND_LINE="$0 $*" [ -z "$PLESK_INSTALLER_ENV_CLEANED" ] || { unset PLESK_INSTALLER_ENV_CLEANED; return 0; } [ -n "$BASH" ] || exec /bin/bash "$0" "$@" # N.B.: the following code requires Bash. On Dash it would cause syntax error upon parse w/o eval. eval ' local extra_vars=() # list of variables to preserve for var in "${!PLESK_@}"; do # enumerate all PLESK_* variables extra_vars+=("$var=${!var}") done extra_vars+=("PLESK_INSTALLER_ENV_CLEANED=1") # Exec self with clean env except for extra_vars, shell opts, and arguments. exec /usr/bin/env -i "${extra_vars[@]}" /bin/bash ${-:+-$-} "$0" "$@" || { echo "Failed to reexec self ($0) with clean environment" >&2 exit 91 # Just some relatively unique error code } ' } get_default_locale() { # Note that CentOS 7 typically doesn't have C.UTF-8 for lc in "C.UTF-8" "en_US.UTF-8" "C"; do if [ -z "`LC_ALL=$lc locale 2>&1 >/dev/null`" ]; then echo "$lc" return 0 fi done echo "C" } detect_vz() { [ -z "$PLESK_VZ_RESULT" ] || return $PLESK_VZ_RESULT PLESK_VZ_RESULT=1 PLESK_VZ=0 PLESK_VE_HW_NODE=0 PLESK_VZ_TYPE= local issue_file="/etc/issue" local vzcheck_file="/proc/self/status" [ -f "$vzcheck_file" ] || return 1 local env_id=`sed -ne 's|^envID\:[[:space:]]*\([[:digit:]]\+\)$|\1|p' "$vzcheck_file"` [ -n "$env_id" ] || return 1 if [ "$env_id" = "0" ]; then # Either VZ/OpenVZ HW node or unjailed CloudLinux PLESK_VE_HW_NODE=1 return 1 fi if grep -q "CloudLinux" "$issue_file" >/dev/null 2>&1 ; then return 1 fi if [ -f "/proc/vz/veredir" ]; then PLESK_VZ_TYPE="vz" elif [ -d "/proc/vz" ]; then PLESK_VZ_TYPE="openvz" fi PLESK_VZ=1 PLESK_VZ_RESULT=0 return 0 } # detects lxc and docker containers detect_lxc() { [ -z "$PLESK_LXC_RESULT" ] || return $PLESK_LXC_RESULT PLESK_LXC_RESULT=1 PLESK_LXC=0 if { [ -f /proc/1/cgroup ] && grep -q 'docker\|lxc' /proc/1/cgroup; } || \ { [ -f /proc/1/environ ] && cat /proc/1/environ | tr \\0 \\n | grep -q "container=lxc"; }; then PLESK_LXC_RESULT=0 PLESK_LXC=1 fi return "$PLESK_LXC_RESULT" } call_optional_function() { local type_output="`LC_ALL=C type \"$1\" 2>/dev/null | head -n 1`" case "$type_output" in *function) "$@" ;; *) return 0 ;; esac } problems_log_tail() { [ -f "$product_problems_log" ] || return 0 { tac "$product_problems_log" | awk '/^START/ { exit } { print }' | tac } 2>/dev/null } product_log_tail() { [ -f "$product_log" ] || return 0 { tac "$product_log" | awk '/^START/ { exit } { print }' | tac } 2>/dev/null } product_and_problems_log_tail() { product_log_tail [ "$product_log" = "$product_problems_log" ] || problems_log_tail } log_is_in_dev() { test "${1:0:5}" = "/dev/" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. get_pid() { local i local ex_f="$1" local opt="$2" local owner="$3" local min_num="1" local ps_long="ps axuw" # Use pidof by default, bug 121868, except for FreeBSD - 140182 if type pidof >/dev/null 2>&1 && [ "$os" != "BSD" ]; then for pid in `pidof -o $$ -o $PPID -o %PPID -x $ex_f`; do # Check for owner [ "$opt" = "true" -a "$owner" != "`ps -p $pid -o ruser=`" ] && continue min_num=$pid break done common_var=$min_num return $min_num fi case "$opt" in false) for i in `$ps_long | grep $ex_f | grep -v grep | grep -v httpsdctl | grep -v apachectl | awk '{print $2}' -`; do min_num=$i break done ;; true) for i in `$ps_long | grep $ex_f | grep -v grep | grep -v httpsdctl | grep -v apachectl | grep "$owner" | awk '{print $2}' -`; do min_num=$i break done ;; *) p_echo "get_pid: wrong parameter" die "get_pid $ex_f $opt $owner" ;; esac common_var=$min_num return $min_num } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. construct_report_template() { local severity="${1:-error}" local summary="$2" local update_ticket="`get_update_ticket`" set_error_report_source set_error_report_component set_error_report_params set_error_report_environment true construct_report_code construct_report_debug construct_report_message cat <<-EOL $report_source $severity `date --iso-8601=seconds` $report_component /] ]>/g'`]]> `construct_report_message | base64` $report_params `construct_report_code | base64` `construct_report_debug | base64` $report_environment $update_ticket EOL } construct_report_code() { local call_level=${1:-5} local func_level=$[call_level - 1] local lineno_func=${BASH_LINENO[ $func_level ]} local script_name=${BASH_SOURCE[ $[func_level + 1] ]} echo "# Call of ${FUNCNAME[$func_level]}() from ${FUNCNAME[$[func_level + 1]]}() at `readlink -m $script_name`:${BASH_LINENO[$func_level]}" head -n $[lineno_func + 4] "$script_name" 2>/dev/null | tail -n 8 } construct_report_debug() { local call_level=${1:-5} call_level=$[call_level-1] # Generate calls stack trace. for i in `seq $call_level ${#FUNCNAME[@]}`; do [ "${FUNCNAME[$i]}" != "main" ] || break local func_call="`sed -n -e "${BASH_LINENO[$i]}p" "${BASH_SOURCE[$[i+1]]}" 2>/dev/null | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//'`" [ -n "$func_call" -a -z "${func_call##*${FUNCNAME[$i]}*}" ] || func_call="${FUNCNAME[$i]}" echo "#$[i - $call_level] `readlink -m ${BASH_SOURCE[$[i+1]]}`(${BASH_LINENO[$i]}): $func_call" done } construct_report_message() { product_and_problems_log_tail echo "" if [ -n "$report_context" ]; then echo "Context: $report_context" echo "" fi if [ -n "$RP_LOADED_PATCHES" ]; then echo "Loaded runtime patches: $RP_LOADED_PATCHES" echo "" fi } # Construct report to send it to our errors tracker construct_report() { local severity="${1:-error}" local summary="$2" [ -n "$summary" ] || int_err "Unable to send error report. Some parameters are not defined." set_error_report_source get_product_versions construct_report_template "$severity" "$summary" \ | $PRODUCT_ROOT_D/admin/bin/send-error-report --version "$product_this_version" $report_source >/dev/null 2>&1 } # Use this function to report failed actions. # Typical report should contain # - reason or problem description (example: file copying failed) # - how to resolve or investigate problem (example: check file permissions, free disk space) # - how to re-run action (example: perform specific command, restart bootstrapper script, run installation again) report_problem() { local severity="${1:-error}" # Get first string of error as a summary of report shift local summary="$1" [ -n "$product_problems_log" ] || product_problems_log="/dev/stderr" p_echo if [ "0$problems_occured" -eq 0 ]; then echo "***** $process problem report *****" >> "$product_problems_log" 2>&1 fi for problem_message in "$@"; do p_echo "$problem_message" if [ "$product_log" != "$product_problems_log" ]; then echo "$problem_message" >> "$product_problems_log" 2>&1 fi done p_echo construct_report "$severity" "$summary" [ -n "$PLESK_INSTALLER_DEBUG" -o -n "$PLESK_INSTALLER_VERBOSE" ] || \ product_log_tail problems_occured=1 } set_error_report_source() { [ -z "$1" ] || report_source="$1" [ -n "$report_source" ] || { if [ -n "$PACKAGE_ID" -o -n "$PACKAGE_ACTION" -o -n "$PACKAGE_NAME" -o -n "$PACKAGE_VERSION" ]; then report_source="install" else report_source="backend" fi } } set_error_report_component() { local component="$1" if [ "$report_source" = "install" ]; then [ -n "$report_component" ] || report_component="$PACKAGE_ID" return 0 fi [ -z "$component" ] || report_component="$1" [ -n "$report_component" ] || report_component="`basename $0`" } set_error_report_params() { if [ "$report_source" = "install" ]; then [ -n "$report_params" ] || report_params="`echo "$PACKAGE_ACTION of $PACKAGE_NAME $PACKAGE_VERSION" | base64`" return 0 fi [ -z "$*" ] || report_params="`echo "$*" | base64`" [ -n "$report_params" ] || report_params="`echo "$PLESK_SCRIPT_COMMAND_LINE" | base64`" } detect_virtualization() { detect_vz detect_lxc local is_docker="`[ -f "/.dockerenv" ] && echo yes || :`" local systemd_detect_virt_ct="`/usr/bin/systemd-detect-virt -c 2>/dev/null | grep -v '^none$' || :`" local systemd_detect_virt_vm="`/usr/bin/systemd-detect-virt -v 2>/dev/null | grep -v '^none$' || :`" local virt_what="`/usr/sbin/virt-what 2>/dev/null | xargs || :`" if [ -n "$is_docker" ]; then echo "docker $virt_what" elif [ "$PLESK_VZ" = "1" ]; then echo "${PLESK_VZ_TYPE:-virtuozzo}" elif [ "$PLESK_LXC" = "1" ]; then echo "lxc $virt_what" elif [ -n "$systemd_detect_virt_ct" ]; then echo "$systemd_detect_virt_ct $systemd_detect_virt_vm" elif [ -n "$virt_what" ]; then echo "$virt_what" elif [ -n "$systemd_detect_virt_vm" ]; then echo "$systemd_detect_virt_vm" fi } default_error_report_environment() { local virtualization="`detect_virtualization`" if [ -n "$virtualization" ]; then echo "virtualization: $virtualization" fi } set_error_report_environment() { [ -z "$*" ] || report_environment="`echo "$*" | base64`" [ -n "$report_environment" ] || report_environment="`default_error_report_environment | base64`" } get_update_ticket() { [ -r $PRODUCT_ROOT_D/var/update_ticket ] && cat $PRODUCT_ROOT_D/var/update_ticket | awk '{$1=$1};1' } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # # Support for runtime patching of shell scripts (including utilities and package scripts). # # --- Service functions --- # Load and apply a patch in a relatively safe way rp_safe_load_patch() { local patch_file="$1" echo_try "load shell patch '$patch_file'" /bin/sh -n "$RP_BASEDIR/$patch_file" && { . "$RP_BASEDIR/$patch_file" RP_LOADED_PATCHES="$RP_LOADED_PATCHES $patch_file" } && suc } # Apply patches specific to the current context (e.g., depending on utility basename or package name) # This is currently not implemented. This may be overriden by "spark". rp_patch_runtime_context_specific() { : } # --- Main entry points --- rp_patch_runtime() { # List of loaded patch files RP_LOADED_PATCHES= local RP_BASEDIR="$PRODUCT_BOOTSTRAPPER_DIR/rp" [ -d "$RP_BASEDIR" ] || return 0 if [ -r "$RP_BASEDIR/spark" ]; then rp_safe_load_patch "spark" fi call_optional_function rp_patch_runtime_context_specific "$@" } selinux_close() { if [ -z "$SELINUX_ENFORCE" -o "$SELINUX_ENFORCE" = "Disabled" ]; then return fi setenforce "$SELINUX_ENFORCE" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # vim:ft=sh: #set_params set_common_params() { common_var=0 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin LANG="`get_default_locale`" export PATH LANG unset GREP_OPTIONS umask 022 ulimit -n 65535 2>/dev/null get_product_versions certificate_file="$PRODUCT_ETC_D/httpsd.pem" services="/etc/services" crontab="/usr/bin/crontab" SYSTEM_RC_D="/etc/init.d" PLESK_LIBEXEC_DIR="/usr/lib/plesk-9.0" PLESK_DB_DIR="/var/lib/plesk" PRODUCT_BOOTSTRAPPER_DIR="`printf "/opt/psa/bootstrapper/pp%s-bootstrapper" "$product_this_version"`" AUTOGENERATED_CONFIGS="#ATTENTION!\n#\n#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,\n#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.\n" AUTOGENERATED_CONFIGS_UPGRADE="#ATTENTION!\n#\n#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,\n#SO ALL YOUR CHANGES WILL BE LOST AFTER YOU UPGRADE PLESK.\n" PRODUCT_LOGS_D="/var/log/plesk" sendmail="/usr/sbin/sendmail" ps="ps axw" ifconfig="/sbin/ifconfig -a" machine="linux" if [ -f /etc/debian_version ]; then linux_distr="debian" else linux_distr="redhat" fi dummy_home="/" if [ -x /usr/sbin/nologin ]; then dummy_shell="/usr/sbin/nologin" else dummy_shell="/bin/false" fi rp_patch_runtime } get_product_versions() { # Don't use global variables set elsewhere in this code. Use substitutions if needed. local prod_root_d="/opt/psa" product_name="psa" if [ -z "$product_this_version" ]; then # 1. Try to fetch version from file created by bootstrapper (should be 3-component). product_this_version="`cat "/var/lock/plesk-target-version" 2>/dev/null`" # 2. Fallback to $PRODUCT_ROOT_D/version (should be 3-component). if [ -z "$product_this_version" -a -r "$prod_root_d/version" ]; then product_this_version="`awk '{ print $1 }' "$prod_root_d/version"`" fi # 3. Fallback to hardcoded version (2-component). This may cause some other code to fail. if [ -z "$product_this_version" ]; then product_this_version="18.0" echo "Unable to determine \$product_this_version, will use less precise value '$product_this_version'" >&2 fi fi product_version="$product_this_version" if [ -z "$product_prev_version" ]; then if [ -r "$prod_root_d/version.upg" ]; then product_prev_version=`awk '{ print $1 }' "$prod_root_d/version.upg"` elif [ -r "$prod_root_d/version" ]; then product_prev_version=`awk '{ print $1 }' "$prod_root_d/version"` else product_prev_version="$product_this_version" fi fi } true exim_status_linux_debian exim_status_linux_debian() { get_pid /usr/lib/exim/exim3 false local pid=$common_var if test "$pid" -ne 1; then #running return 0; fi return 1 } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # -*- vim:ft=sh # MySQL service action handlers ### FIXME: probably need var service_restart warn true mysql_stop mysql_stop() { local op_result i inten="stop MySQL server" echo_try $inten service_ctl stop $mysql_service mysql op_result=$? if [ "X$linux_distr" = "Xdebian" ]; then # Debian has well designed mysql stopping code [ "$op_result" -eq 0 ] || die $inten suc return 0 fi for i in 2 4 6 8 16; do if ! mysql_status ; then suc return 0 fi # I just want to be sure that mysql really stopped killall -TERM mysqld mysql safe_mysqld mysqld_safe >> $product_log 2>&1 sleep $i done die "$inten" } true mysql_status mysql_status() { # Previously this handler also checked for mysqld pid on Debian systems. Should not be needed nowadays. service_ctl status $mysql_service mysql } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # vim:syntax=sh set_nginx_params() { nginx_service=nginx nginx_rc_config="/etc/default/nginx" nginx_user="nginx" nginx_bin="/usr/sbin/nginx" } true postfix_status postfix_status() { # here be dragons. # the practical experience shows that simple checking of status of # Postfix "master" process is not enough. So we read Postfix master # process pid file if any, then try to look for a process with # name ``qmgr'' and parent pid being equal to # the pid read from the pidfile. If pgrep finds such a process # it returns 0, if not its exit status is non-zero. # pgrep is portable enough to prefer it to "hand-made" alternatives # such as famous ``ps | grep $name | grep -v grep...'' pipes # bug 147822. do not interrupt installation for FreeBSD [ -f "/var/spool/postfix/pid/master.pid" ] || return 1 local ppid read ppid /dev/null if [ $? -ne 0 -o -z "$ppid" ]; then # not found or other error return 1; fi pgrep -P $ppid qmgr >/dev/null 2>/dev/null } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. reexec_with_clean_env "$@" # constants PN=`basename $0` usage() { cat << EOT Usage: $PN [--nginx|--apache|--service SERVICE_NAME] --set ULIMIT [--no-restart] Increase limit on number of open files for web-servers and other services ("ulimit nofile"). Note that if existing ulimits are greater than new ones then they are left unchanged. Commands: -s, --set ULIMIT set number of open file ulimits (ulimit -n) -g, --get get number of open file ulimits for nginx and apache from config files (show -1 if limits are not set) Options: -n, --nginx manage nginx ulimits -a, --apache manage apache ulimits -R, --no-restart do not reconfigure/restart webservers -d, --service SERVICE_NAME manage ulimits for specified services EOT } set_service_ulimit_systemd() { local nginx_ulimits_conf="$1" local ulimits="$2" local section="Service" local option="LimitNOFILE" mkdir -p `dirname "$nginx_ulimits_conf"` # format: # [Service] # LimitNOFILE=4096 # What's happenning: # 1. Check if we are inside section [Service] # 2. If inside, search for LimitNOFILE=... 3. if new limit is bigger 4. then replace old with new one # 5. print line # 6. If LimitNOFILE was not found then: print section header if we are not inside the section; print LimitNOFILE=new_value perl -nle '$inside = m/^\s*\['$section'\]/ ... m/^\s*\[.+\]/; if ($inside) { m/^\s*'$option'\s*=\s*(\d+)/ and $found=1 and $1 < '$ulimits' and s/^\s*('$option')\s*=\s*\d+.*$/$1='$ulimits'/ } print } { unless ($found) { $inside or print "['$section']"; print "'$option'='$ulimits'" }' \ "$nginx_ulimits_conf" > "$nginx_ulimits_conf.new" 2>/dev/null && \ mv -f "$nginx_ulimits_conf.new" "$nginx_ulimits_conf" systemctl --system daemon-reload } set_nginx_default_ulimit() { set_service_ulimit_systemd "/lib/systemd/system/nginx.service.d/limit_nofile.conf" "$@" } get_service_ulimit_systemd() { local ulimits_conf="$1" local section="Service" local option="LimitNOFILE" # format: # [Service] # LimitNOFILE=4096 # What's happenning: # 1. Check if we are inside section [Service] # 2. If inside, search for LimitNOFILE=... # 3. print line perl -nle '$inside = m/^\s*\['$section'\]/ ... m/^\s*\[.+\]/; if ($inside) { m/^\s*'$option'\s*=\s*(\d+)/ and print $1}' \ "$ulimits_conf" 2>/dev/null } get_nginx_default_ulimit() { local ulimits= ulimits=$(get_service_ulimit_systemd "/lib/systemd/system/nginx.service.d/limit_nofile.conf") if [ -z "$ulimits" ]; then ulimits="-1" fi echo "nginx:$ulimits" } set_nginx_worker_rlimit_nofile() { local ulimits="$1" local nginx_global_params_conf="/etc/nginx/ulimit.global_params" local option="worker_rlimit_nofile" # if file 'global_params' does not exist then it will be created. # format: "worker_rlimit_nofile 4096;" perl -nle '/^\s*'$option'\s+(\d+)\s*;/ and $found=1 and $1 < '$ulimits' and s/^\s*('$option')\s+\d+;.*$/$1 '$ulimits';/g; print } { print "'$option' '$ulimits';" unless $found' \ "$nginx_global_params_conf" > "$nginx_global_params_conf.new" 2>/dev/null && \ mv -f "$nginx_global_params_conf.new" "$nginx_global_params_conf" } set_apache_ulimit() { set_service_ulimit_systemd "/lib/systemd/system/apache2.service.d/limit_nofile.conf" "$@" } get_apache_ulimit() { local ulimits= ulimits=$(get_service_ulimit_systemd "/lib/systemd/system/apache2.service.d/limit_nofile.conf") if [ -z "$ulimits" ]; then ulimits="-1" fi echo "apache:$ulimits" } set_service_ulimit() { local service_name="$1" if [ ! -f "/lib/systemd/system/$service_name.service" ]; then echo "Incorrect parameter --service: '$service_name' is not found" >&2 return 1 fi local service_dir="/lib/systemd/system/$service_name.service.d" local service_conf="$service_dir/limit_nofile.conf" [ -d "$service_dir" ] || install -m 0755 -d "$service_dir" [ -f "$service_conf" ] || touch "$service_conf" set_service_ulimit_systemd "$service_conf" "$2" } restart_srv() { # Set up required variables for apache, nginx. # Localize global variables changes to the scope of this function. local service="$1" ( case "$service" in apache) set_apache_params ;; nginx) set_nginx_params ;; esac product_log="/dev/stderr" pleskrc "$service" restart ) } #parse options TEMP=`getopt -o nad:s:gRh --long nginx,apache,service:,set:,get,no-restart,help -n "$PN" -- "$@"` if [ $? != 0 ] ; then echo "Internal error: failed to parse command line options." >&2 ; exit 1 ; fi eval set -- "$TEMP" opt_nginx=0 opt_apache=0 opt_services= opt_set=0 opt_get=0 opt_no_restart=0 while true; do case $1 in -n|--nginx) opt_nginx=1; shift;; -a|--apache) opt_apache=1; shift;; -d|--service) opt_services="$2"; shift 2;; -s|--set) opt_set="$2"; shift 2;; -g|--get) opt_get=1; shift;; -R|--no-restart) opt_no_restart=1; shift;; -h|--help) usage; exit 0;; --) shift; [ -z $opt_services ] || opt_services+=" $@"; break;; *) echo "Unrecognized option: $1" >&2; usage; exit 1;; esac done set_common_params if [ "$opt_nginx" -eq 0 -a "$opt_apache" -eq 0 -a -z "$opt_services" ]; then opt_nginx=1 opt_apache=1 fi if [ "$opt_set" -gt 0 ]; then if ! echo "$opt_set" | grep -E -q '^[0-9]+$'; then echo "Incorrect parameter --set, expected integer, found: '$opt_set'" >&2 exit 1 fi if [ -n "$opt_services" ]; then if echo "$opt_services" | grep -E -q '^--'; then echo "Incorrect parameter --service, expected services names, found: '$opt_services'" >&2 exit 1 fi fi if [ "$opt_apache" -gt 0 ]; then set_apache_ulimit "$opt_set" || exit 1 [ "$opt_no_restart" -eq 1 ] || restart_srv apache fi if [ "$opt_nginx" -gt 0 ]; then set_nginx_default_ulimit "$opt_set" || exit 1 set_nginx_worker_rlimit_nofile "$opt_set" || exit 1 [ "$opt_no_restart" -eq 1 ] || restart_srv nginx fi if [ -n "$opt_services" ]; then for service in $opt_services; do set_service_ulimit "$service" "$opt_set" done fi fi if [ "$opt_get" -gt 0 ]; then get_nginx_default_ulimit || exit 1 get_apache_ulimit || exit 1 fi # vim: ft=sh