#!/bin/bash ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # # # Plesk script # #default values product_default_conf() { PRODUCT_ROOT_D=/opt/psa PRODUCT_RC_D=/etc/init.d PRODUCT_ETC_D=/opt/psa/etc PLESK_LIBEXEC_DIR=/usr/lib/plesk-9.0 HTTPD_VHOSTS_D=/var/www/vhosts HTTPD_CONF_D=/etc/apache2 HTTPD_INCLUDE_D=/etc/apache2/conf-enabled HTTPD_BIN=/usr/sbin/apache2 HTTPD_LOG_D=/var/log/apache2 HTTPD_SERVICE=apache2 QMAIL_ROOT_D=/var/qmail PLESK_MAILNAMES_D=/var/qmail/mailnames RBLSMTPD=/usr/sbin/rblsmtpd NAMED_RUN_ROOT_D=/var/named/run-root WEB_STAT=/usr/bin/webalizer MYSQL_VAR_D=/var/lib/mysql MYSQL_BIN_D=/usr/bin MYSQL_SOCKET=/var/run/mysqld/mysqld.sock PGSQL_DATA_D=/var/lib/postgresql/16/main PGSQL_CONF_D=/etc/postgresql/16/main PGSQL_BIN_D=/usr/lib/postgresql/16/bin DUMP_D=/var/lib/psa/dumps DUMP_TMP_D=/tmp MAILMAN_ROOT_D=/usr/lib/mailman MAILMAN_VAR_D=/var/lib/mailman PYTHON_BIN=/usr/bin/python2 GPG_BIN=/usr/bin/gpg TAR_BIN=/usr/lib/plesk-9.0/sw-tar AWSTATS_ETC_D=/etc/awstats AWSTATS_BIN_D=/usr/lib/cgi-bin AWSTATS_TOOLS_D=/usr/share/awstats/tools AWSTATS_DOC_D=/usr/share/awstats OPENSSL_BIN=/usr/bin/openssl LIB_SSL_PATH=/lib/libssl.so LIB_CRYPTO_PATH=/lib/libcrypto.so CLIENT_PHP_BIN=/opt/psa/bin/php-cli SNI_SUPPORT=true APS_DB_DRIVER_LIBRARY=/usr/lib/x86_64-linux-gnu/sw/libmysqlserver.so.2.0 SA_MAX_MAIL_SIZE=256000 } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. #admin set_admin_params() { ADMIN_ROOT=$PRODUCT_ROOT_D/admin UTILS_DIR=$ADMIN_ROOT/sbin admin_user="${product}adm" admin_UID=8444 admin_group="${product}adm" admin_GID=8444 ADMIN_CERT="$ADMIN_ROOT/conf/httpsd.pem" } get_certificate() { local dst="$1" local src="${certificate_file}" # Check or generate new default certificate [ -s "$src" ] || generate_default_certificate set_ac 0 0 0400 "${src}" cp -fp $src $dst } generate_default_certificate() { # Currently I have no will to accurately rewrite the stuff below # so I just add support for (optional) file parameter. Actually # one need to accurately handle temporary files, directory creation # etc. Probably next time... local cert_file cert_file="${certificate_file}" if [ -s "$cert_file" ]; then p_echo "default certificate already exists" return fi # This var also can safely be made local. It's not used outside local OPENSSL_CNF is_temp_cnf rc OPENSSL_CNF=${PRODUCT_ROOT_D}/admin/conf/openssl.cnf OPENSSL_INPUT=${PRODUCT_ROOT_D}/admin/conf/openssl.input is_temp_cnf=0 if [ ! -f "${OPENSSL_CNF}" ]; then # Well, base psa package isn't yet installed. # let's form a temporary config file OPENSSL_CNF=$(mktemp /tmp/openssl.cnf.XXXXXX) [ $? != 0 ] && die "Unable to create temporary file" cat >>${OPENSSL_CNF} <>${OPENSSL_INPUT} <> $product_log 2>&1 # preserve exit code rc=$? if [ $rc -eq 0 ]; then cat "${cert_file}_" | sed -e 's/^\(-----END.*\)/\1\ /' > $cert_file set_ac 0 0 0400 "${cert_file}" fi # cleanup temporary files rm -f "${cert_file}_" ||: if [ "x$is_temp_cnf" = "x1" ]; then rm -f ${OPENSSL_CNF} ||: rm -f ${OPENSSL_INPUT} ||: fi return $rc } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. clean_panel_sessions() { # use subshell to catch die's inside db_do: ( db_do "DELETE FROM sessions" db_do "DELETE FROM SessionContexts" ) } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. set_apache_params() { apache_user="www-data" apache_UID=80 apache_group="www-data" apache_GID=80 apache_pid_file="$APACHE_ROOT/logs/httpd.pid" apache_lock_file="$APACHE_ROOT/logs/httpd.lock" product_lock_file="$HTTPD_CONF_D/cnf.lock" apache_service_name="apache2" apache_modules_d="/usr/lib/apache2/modules" apache_service="$apache_service_name" apache_httpd_conf="$HTTPD_CONF_D/apache2.conf" apache_httpd_include="$HTTPD_INCLUDE_D/zz010_psa_httpd.conf" APACHE_ROOT="/usr" min_suexec_UID=10000 max_suexec_UID=16000 min_suexec_GID=$min_suexec_UID max_suexec_GID=$max_suexec_UID suexec_storage=/usr/lib/plesk-9.0/suexec suexec=/usr/lib/apache2/suexec suexec_dir="`dirname "$suexec"`" suexec_file="`basename "$suexec"`" rpm_httpd_bin=/usr/sbin/httpd } reconfigure_apache_if_needed() { [ -n "$apache_need_reconfiguration" ] || return 0 echo_try "reconfigure webserver(s) (reconfigure-all)" if httpdmng_reconfigure all ; then unset apache_need_reconfiguration suc else warn "webserver reconfiguration, maybe will attempt later" fi } httpdmng_reconfigure() { local httpdmng_tool="${PRODUCT_ROOT_D}/admin/sbin/httpdmng" local what="$1" shift case "$what" in all|server|webmail) : ;; *) simply_die "Unexpected argument '$what' to httpdmng_reconfigure()" ;; esac if [ ! -x "$httpdmng_tool" ]; then p_echo "Unable to do 'httpdmng --reconfigure-$what': the utility is not yet on its place. Maybe will attempt later." return 1 fi ! "$httpdmng_tool" "--reconfigure-$what" -skip-removing -service-node local "$@" >> $product_log 2>&1 || return 0 # There are 2 well known possible reasons of webserver templates reconfiguration failure: # 1. domain/server/webmail templates are well, but arbitrary domain unable to be configured due to the some reasons, # for example broken vhost structure # 2. broken domain/server/webmail templates # STEP 1. try to rollback to the default templates ! httpdmng_reconfigure_rollback_to_default_templates "${what}" "$@" || return 0 if [ "all" = "${what}" ]; then # STEP 2. ignore broken domains pp_echo "Warning: web server configuration is broken. We will try to repair it. This operation can take a lot of time, please do not interrupt the process." p_echo "Unable to rebuild web server configuration, possible there are broken domains" local inten="reconfigure web-server configurations skipping broken domains" echo_try "${inten}" if "$httpdmng_tool" "--reconfigure-$what" "-skip-broken" -service-node local "$@" >> $product_log 2>&1; then suc return 0 else # STEP 3. try to rollback to the default templates, broken domains are ignored (possibly problem are in the server/webmail configs) warn "${inten}" ! httpdmng_reconfigure_rollback_to_default_templates "${what}" "-skip-broken" -service-node local "$@" || return 0 fi fi return 1 } # NOTE: do not use function directly, it just helper for httpdmng_reconfigure !!! # here we try to reconfigure webserver configs using default temnplates httpdmng_reconfigure_rollback_to_default_templates() { local template_d="${PRODUCT_ROOT_D}/admin/conf/templates" local inten="rebuild web server configs with default templates after reconfiguration failure" local tmp_d= local what="$1" shift [ -d "${template_d}/custom" ] || return 1 p_echo "Unable to rebuild web server configuration with currently active default templates" echo_try "${inten}" if ! tmp_d=`mktemp -d "${template_d}/broken_templates_XXXXXXXX" 2>>$product_log`; then warn "${inten} - unable to create temporary directory for custom templates" return 1 fi if ! mv -f "${template_d}/custom/"* "${tmp_d}"; then warn "${inten} - unable to move custom templates into ${tmp_d}" return 1 fi rm -rf "${template_d}/custom" if ! "$httpdmng_tool" "--reconfigure-$what" -service-node local "$@" >> $product_log 2>&1; then warn "${inten} - using default templates does not solve the problem, restore custom ones" mv -f "${tmp_d}" "${template_d}/custom" return 1 fi suc pp_echo "Custom templates which are breaking web server reconfiguration were moved to ${tmp_d}" cat <"${tmp_d}/README" This directory contains broken custom webserver templates which are breaking web server reconfiguration. Custom templates were moved here on `date` during product update or upgrade. EOF } read_apsc_connection_params_db() { # Warning: password can be encrypted. Don't use it. apsc_db_name=`db_read_misc_attr "aps_database"` apsc_db_user=`db_read_misc_attr "aps_login"` apsc_db_passwd=`db_read_misc_attr "aps_password"` apsc_db_host=`db_read_misc_attr "aps_host"` } save_apsc_connection_params_db() { local register_script="$PRODUCT_ROOT_D/admin/plib/scripts/register_apsc_database.php" [ -f "$register_script" ] || die 'can not find "register_apsc_database.php"' local dsn_apsc_host="`get_dsn apsc host`" local dsn_apsc_port="`get_dsn apsc port`" sw_engine_pleskrun "$register_script" --register \ -host "${dsn_apsc_host:-localhost}" \ -port "${dsn_apsc_port:-3306}" \ -database "$apsc_db_name" \ -login "$apsc_db_user" \ -password "$apsc_db_passwd" >> "$product_log" 2>&1 } check_apsc_installed() { local db_name=`db_read_misc_attr "aps_database"` [ -n "$db_name" ] || return 1 db_test_database "$db_name" } install_cron_backup() { local backup_file_before_10_5_24="/etc/cron.d/plesk-backup-manager" local backup_file="/etc/cron.d/plesk-backup-manager-task" if [ -s "${backup_file_before_10_5_24}" ]; then mv -f "${backup_file_before_10_5_24}" "${backup_file}" else rm -f "${backup_file_before_10_5_24}" fi [ ! -s "${backup_file}" ] || return 0 minutes=`get_random_number 15` cat >"${backup_file}" <<-EOF $minutes,`expr $minutes + 15`,`expr $minutes + 30`,`expr $minutes + 45` * * * * root [ -x $PRODUCT_ROOT_D/admin/sbin/backupmng ] && $PRODUCT_ROOT_D/admin/sbin/backupmng >/dev/null 2>&1 EOF } remove_cron_backup() { rm -f "/etc/cron.d/plesk-backup-manager" "/etc/cron.d/plesk-backup-manager-task" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # vim:ft=sh: #courier-imap set_courier_imap_params() { COURIERIMAP_CONFDIR="/etc/courier-imap" COURIERIMAP_PIDPATH="/run" IMAPD_CERT="/usr/share/imapd.pem" POP3D_CERT="/usr/share/pop3d.pem" COURIER_DHPARAMS="/usr/share/dhparams.pem" # Certificate paths for Courier-IMAP <= 3.0.8 OLD_IMAPD_CERT="/usr/share/courier-imap/imapd.pem" OLD_POP3D_CERT="/usr/share/courier-imap/pop3d.pem" COURIER_DELIVER_QUOTA="/usr/bin/deliverquota" courier_imapd_service="courier-imapd" courier_imaps_service="courier-imaps" courier_pop3d_service="courier-pop3d" courier_pop3s_service="courier-pop3s" courier_authdaemon_service="courier-authdaemon" # Service name for Courier-IMAP <= 3.0.8 old_courier_service="courier-imap" } # db_test test_query awk_script # Runs test_query and processes it with awk_script. If the output is # not empty, return 0, otherwise return 1. Hint: supply '1' for # awk_script to test just for the presence of any output. db_test() { local any_db= eval `sh_get_args '--any-db) any_db=yes;;'` local test_query="$1" local awk_script="$2" local output if [ -n "$any_db" ]; then output="`mysql_raw_anydb -e \"$test_query\" 2>>\"$product_log\"`" else output="`mysql_raw -e \"$test_query\" 2>>\"$product_log\"`" fi local status=$? if [ "$status" -ne 0 ]; then p_echo "$output" die "run the following SQL query: $1" fi echo -n "$output" | awk -F '\t' -- "$awk_script" | test `wc -l` -ne 0 } # db_do [--inten ] query # Runs query. If it fails, die # the inten string describes the query reason (to make finding the bug simpler) db_do() { local desc="execute SQL query" eval `sh_get_args '--inten) desc=" (to $2)"; shift;;'` if [ "$db_fix_check_stage" = "yes" ]; then return fi local query="$1" dbclient_invoke -e "$query" >>"$product_log" 2>&1 || die "$desc, the query was: $query" } # db_select # runs via mysql_raw # writes output to db_select_output # if query fails, output errors and return 1 db_select() { local desc="execute SQL query" local query="$1" local output output="`mysql_raw -e \"$query\" 2>>\"$product_log\"`" local status="$?" if [ "$status" -ne "0" ]; then p_echo "$output" die "run the following SQL query: $query" fi db_select_output="$output" return 0 } # db_test_database database # Returns 0 if the database exists db_test_database() { local database="$1" local mysql_db_name="mysql" db_test "SHOW DATABASES" "\$1 == \"$database\"" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # vim:ft=sh: db_read_misc_attr() { db_select "SELECT val FROM misc WHERE param = '$1'" echo "$db_select_output" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # vim:ft=sh: set_dovecot_params() { DOVECOT_CONFDIR="/etc/dovecot" DOVECOT_INCLUDE_DIR="/etc/dovecot/conf.d" DOVECOT_DIST_CONFDIR="/usr/share/doc/plesk-dovecot/dist-config" DOVECOT_CERT_DIR="/etc/dovecot/private" DOVECOT_CERT="$DOVECOT_CERT_DIR/ssl-cert-and-key.pem" DOVECOT_INTERNAL_USERGROUP="dovecot" DOVECOT_LOGIN_USERGROUP="dovenull" DOVECOT_LDA="/usr/lib/dovecot/dovecot-lda" dovecot_service="dovecot" } is_remote_db_feature_enabled() { [ -s "/etc/psa/private/dsn.ini" ] } get_dsn() { local section="$1" local param="$2" ! is_remote_db_feature_enabled || get_ini_conf_var "/etc/psa/private/dsn.ini" "$section" "$param" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # vim:ft=sh # Usage: pleskrc pleskrc() { [ 2 -le $# ] || die "Not enough arguments" local service_name=${1//[-.@]/_} local action=$2 local ret=0 local inten shift shift # Now check redefined functions if test "$machine" = "linux" && is_function "${service_name}_${action}_${machine}_${linux_distr}"; then "${service_name}_${action}_${machine}_${linux_distr}" "$@" return $? elif is_function "${service_name}_${action}_${machine}"; then "${service_name}_${action}_${machine}" "$@" return $? elif is_function "${service_name}_${action}"; then "${service_name}_${action}" "$@" return $? fi # Not redefined - call default action eval "service=\$${service_name}_service" [ -n "$service" ] || die "$action $service_name service (Empty service name for '$service_name')" if [ "$action" = "name" ]; then echo "${service}.service" return 0 fi inten="$action service $service" pleskrc_is_failure_for_action_ok "$action" || echo_try "$inten" if [ -x "/bin/systemctl" -a "$do_upgrade" = "1" -a ! -f "/var/lock/parallels-panel-bootstrapper-running.lock" -a -z "$SYSTEMD_DAEMON_RELOADED" ]; then # reload systemd units if requested from an upgrade package script - in case a unit was changed /bin/systemctl daemon-reload SYSTEMD_DAEMON_RELOADED="yes" fi service_ctl "$action" "$service" "$service_name" ret="$?" pleskrc_is_failure_for_action_ok "$action" || { if [ "$ret" -eq 0 ]; then suc else if [ -x "/bin/systemctl" ]; then p_echo "`/bin/systemctl -l status \"${service}.service\" | awk 'BEGIN {s=0} s==1 {s=2} /^$/ {s=1} s==2 {print}'`" fi warn "$inten failed" fi } return $ret } pleskrc_is_failure_for_action_ok() { local action="$1" case "$action" in status|exists|is-active|is-enabled|is-failed) return 0 ;; esac return 1 } # NOTE: # Function service_ctl is just helper for pleskrc(). # Do not call it directly, use pleskrc()!!! service_ctl() { local action=$1 local service=$2 local service_name=$3 if [ "$action" != "exists" ]; then _service_exec $service exists if [ "$?" != "0" ]; then p_echo "attempt to ${inten} - service doesn't exist (missing unit file or not executable control script)" return 1 fi fi case "$action" in start) pleskrc "$service_name" status || _service_exec "$service" "$action" ;; stop) ! pleskrc "$service_name" status || _service_exec "$service" "$action" ;; restart) if pleskrc "$service_name" status; then _service_exec "$service" "$action" else _service_exec "$service" start fi ;; reload) ! pleskrc "$service_name" status || _service_exec "$service" "$action" ;; status) _service_exec "$service" status ;; try-restart) if [ -x "/bin/systemctl" ]; then _service_exec "$service" "$action" else ! pleskrc "$service_name" status || _service_exec "$service" "restart" fi ;; try-reload) ! pleskrc "$service_name" status || _service_exec "$service" "reload" ;; reload-or-restart) if [ -x "/bin/systemctl" ]; then _service_exec "$service" "$action" elif pleskrc "$service_name" status; then _service_exec "$service" "reload" else _service_exec "$service" "start" fi ;; *) _service_exec "$service" "$action" ;; esac >> "$product_log" } _service_exec() { # Keep in sync with pylibplesk/plesk_service.py local service=$1 local action=$2 local action_cmd local sysvinit_service="/etc/init.d/$service" if [ -x "/bin/systemctl" ]; then case "${action}" in exists) if /bin/systemctl cat "$service.service" >/dev/null 2>&1; then return 0 # systemd unit elif [ -f "/lib/systemd/system/$service.service" ]; then /bin/systemctl daemon-reload return 0 # systemd unit which exists but was changed and has not been reloaded before elif [ -x "$sysvinit_service" ]; then return 0 # sysvinit compat fi return 1 # not found ;; status) action="is-active" ;; reload|graceful) action='reload-or-try-restart' ;; esac /bin/systemctl "$action" "${service}.service" else warn "Cannot $action $service on this system: no executable /bin/systemctl" return 1 fi } is_function() { local type_output=$(type -t "$1") test "X${type_output}" = "Xfunction" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # echo message to product log and console (always visible) pp_echo() { if [ -n "$product_log" ] ; then echo "$@" >> "$product_log" 2>&1 fi echo "$@" >&2 } # echo message to product log, also to console in debug mode p_echo() { if [ -n "$product_log" ] ; then echo "$@" >> "$product_log" 2>&1 fi if [ -n "$PLESK_INSTALLER_DEBUG" -o -n "$PLESK_INSTALLER_VERBOSE" -o -z "$product_log" ] ; then echo "$@" >&2 fi } # same as p_echo, but without new line pnnl_echo() { p_echo -n "$@" } int_err() { report_problem "internal" "Internal error: $@" exit 1 } p_see_product_log() { log_is_in_dev "${product_log}" || printf " (see log file: ${product_log})" >&2 } die() { report_problem "fatal" "ERROR while trying to $@" printf "Check the error reason" >&2 p_see_product_log echo ", fix and try again" >&2 selinux_close exit 1 } simply_die() { report_problem "fatal" "$@" exit 1 } warn() { local inten="$1" if [ -n "$PLESK_INSTALLER_DEBUG" -o -n "$PLESK_INSTALLER_VERBOSE" ]; then p_echo p_echo "WARNING!" pnnl_echo "Some problems are found during $inten" p_see_product_log p_echo p_echo "Continue..." p_echo fi report_problem "warning" "Warning: $inten" } echo_try() { msg="$*" pnnl_echo " Trying to $msg... " } suc() { p_echo "done" } write_structured_report() { # Write json error report into file $PLESK_INSTALLER_ERROR_REPORT if specified. # @params are tags in format "key=value" # Report body (human readable information) is read from stdin. local report_file="$PLESK_INSTALLER_ERROR_REPORT" [ -n "$report_file" ] || return 0 local python_bin= for bin in "/opt/psa/bin/python" "/usr/local/psa/bin/python" "/usr/bin/python2" "/usr/libexec/platform-python" "/usr/bin/python3"; do if [ -x "$bin" ]; then python_bin="$bin" break fi done if [ ! -x "$python_bin" ]; then p_echo "Cannot write structured error report: python interpreter not found." return 1 fi "$python_bin" -c 'import sys, json report_file = sys.argv[1] error = sys.stdin.read() data = { "error": error, } for tag in sys.argv[2:]: k, v = tag.split("=", 1) data[k] = v with open(report_file, "a") as f: json.dump(data, f) f.write("\n") ' "$report_file" "date=$(date --utc --iso-8601=ns)" "$@" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. reexec_with_clean_env() { # Usage: call this function as 'reexec_with_clean_env "$@"' at the start of a script. # Don't use with scripts that require sensitive environment variables. # Don't put the call under any input/output redirection. # Purpose: make sure the script is executed with a sane environment. local lc="`get_default_locale`" export LANG="$lc" LC_MESSAGES="$lc" LC_ALL="$lc" export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin umask 022 PLESK_SCRIPT_COMMAND_LINE="$0 $*" [ -z "$PLESK_INSTALLER_ENV_CLEANED" ] || { unset PLESK_INSTALLER_ENV_CLEANED; return 0; } [ -n "$BASH" ] || exec /bin/bash "$0" "$@" # N.B.: the following code requires Bash. On Dash it would cause syntax error upon parse w/o eval. eval ' local extra_vars=() # list of variables to preserve for var in "${!PLESK_@}"; do # enumerate all PLESK_* variables extra_vars+=("$var=${!var}") done extra_vars+=("PLESK_INSTALLER_ENV_CLEANED=1") # Exec self with clean env except for extra_vars, shell opts, and arguments. exec /usr/bin/env -i "${extra_vars[@]}" /bin/bash ${-:+-$-} "$0" "$@" || { echo "Failed to reexec self ($0) with clean environment" >&2 exit 91 # Just some relatively unique error code } ' } get_default_locale() { # Note that CentOS 7 typically doesn't have C.UTF-8 for lc in "C.UTF-8" "en_US.UTF-8" "C"; do if [ -z "`LC_ALL=$lc locale 2>&1 >/dev/null`" ]; then echo "$lc" return 0 fi done echo "C" } # accumulates chown and chmod set_ac() { local u_owner g_owner perms node u_owner="$1" g_owner="$2" perms="$3" node="$4" # A very small optimization - replacing of two execs by one, # it works only if the following conditions are observed: # - u_owner is username (not UID); # - g_owner is group (not GID); # - perms is in octal mode. # If some conditions aren't observed, # optimization doesn't work, # but it doesn't break function [ "$(stat -c '%U:%G 0%a' $node)" != "$u_owner:$g_owner $perms" ] || return 0 chown $u_owner:$g_owner $node || die "chown $u_owner:$g_owner $node" chmod $perms $node || die "chmod $perms $node" } mkdir_ex() { local owner group mode dir owner="$1" group="$2" mode="$3" dir="$4" if ! test -d "$dir"; then mkdir "$dir" || die "create directory $dir" fi set_ac "$owner" "$group" "$mode" "$dir" } detect_vz() { [ -z "$PLESK_VZ_RESULT" ] || return $PLESK_VZ_RESULT PLESK_VZ_RESULT=1 PLESK_VZ=0 PLESK_VE_HW_NODE=0 PLESK_VZ_TYPE= local issue_file="/etc/issue" local vzcheck_file="/proc/self/status" [ -f "$vzcheck_file" ] || return 1 local env_id=`sed -ne 's|^envID\:[[:space:]]*\([[:digit:]]\+\)$|\1|p' "$vzcheck_file"` [ -n "$env_id" ] || return 1 if [ "$env_id" = "0" ]; then # Either VZ/OpenVZ HW node or unjailed CloudLinux PLESK_VE_HW_NODE=1 return 1 fi if grep -q "CloudLinux" "$issue_file" >/dev/null 2>&1 ; then return 1 fi if [ -f "/proc/vz/veredir" ]; then PLESK_VZ_TYPE="vz" elif [ -d "/proc/vz" ]; then PLESK_VZ_TYPE="openvz" fi PLESK_VZ=1 PLESK_VZ_RESULT=0 return 0 } # detects lxc and docker containers detect_lxc() { [ -z "$PLESK_LXC_RESULT" ] || return $PLESK_LXC_RESULT PLESK_LXC_RESULT=1 PLESK_LXC=0 if { [ -f /proc/1/cgroup ] && grep -q 'docker\|lxc' /proc/1/cgroup; } || \ { [ -f /proc/1/environ ] && cat /proc/1/environ | tr \\0 \\n | grep -q "container=lxc"; }; then PLESK_LXC_RESULT=0 PLESK_LXC=1 fi return "$PLESK_LXC_RESULT" } call_optional_function() { local type_output="`LC_ALL=C type \"$1\" 2>/dev/null | head -n 1`" case "$type_output" in *function) "$@" ;; *) return 0 ;; esac } sh_get_args() { echo 'while true; do case "$1" in '"$1"'*) break;; esac; shift; done' } get_random_number() { perl -e ' my $res = int(rand($ARGV[0])); if (exists $ARGV[1]) { $res = $res + $ARGV[1]; } print $res; ' "$@" } get_random_string() { local str_length="$1" local str_symbols="$2" if [ -x "$PRODUCT_ROOT_D/admin/sbin/random_str" -a -z "$str_symbols" ]; then "$PRODUCT_ROOT_D/admin/sbin/random_str" "$str_length" else # random_str utility may be unavailable in pre phase if [ -z "$str_length" ]; then str_length="14" fi if [ -z "$str_symbols" ]; then str_symbols="A-Za-z0-9_" fi < /dev/urandom tr -dc "$str_symbols" 2>/dev/null | head -c "$str_length" 2>/dev/null fi } sequence() { if type seq >/dev/null 2>&1; then seq $* elif type jot >/dev/null 2>&1; then jot $* else die "Unable to find seq or jot command" fi } get_ini_conf_var() { local conf="$1" local section="$2" local param="$3" [ -n "$conf" -a -n "$param" ] || die "get_ini_conf_var(): required parameters missing" local section_empty=0 [ -n "$section" ] || section_empty=1 perl -n -e 'BEGIN { $insect='$section_empty' } next if (/^\s*;/); $insect=0 if (/^\s*\[.*\]/); $insect=1 if (/^\s*\['$section'\]/); $val = $2, $val =~ s/\s+$//, print $val . "\n" if ($insect && /^\s*('$param')\s*=\s*([^;\n]*)(;.*)?$/);' $conf | head -n 1 } set_ini_conf_var() { local conf="$1" local section="$2" local param="$3" local value="$4" [ -n "$conf" -a -n "$param" ] || die "set_ini_conf_var(): required parameters missing" local section_empty=0 [ -n "$section" ] || section_empty=1 perl -n -e 'BEGIN { $insect='$section_empty' } if (not /^\s*;/) { $insect=0 if (/^\s*\[.*\]/); $insect=1 if (/^\s*\['$section'\]/); if ($insect && /^(\s*('$param')\s*=\s*)([^;\n]*)((;.*)?)$/) { $tail = $4; chomp($tail); $tail = " " . $tail if ($tail); print $1 . "'$value'" . $tail . "\n"; next; } } print $_;' $conf > $conf.tmp && \ cat $conf.tmp > $conf && rm -f $conf.tmp } sw_engine_pleskrun() { if [ -x $PRODUCT_ROOT_D/bin/sw-engine-pleskrun ]; then $PRODUCT_ROOT_D/bin/sw-engine-pleskrun "$@" elif [ -x "/usr/bin/sw-engine" ]; then local args if [ -e "$PRODUCT_ROOT_D/admin/conf/php.ini" ]; then args="-c $PRODUCT_ROOT_D/admin/conf/php.ini" else args="-d psasem.semfile=\"$PRODUCT_ROOT_D/var/psasem.sem\"" fi /usr/bin/sw-engine $args "$@" else echo "No Plesk PHP interpreter found" return 1 fi } install_default_license_key() { pnnl_echo "install default license key ..." # check OF-key if sw_engine_pleskrun -r 'exit(of_get_key_by_product("plesk-unix") === false ? 1 :0);'; then p_echo "not needed, OF license found" return fi # check Unified key if sw_engine_pleskrun -r 'exit(of_get_key_by_product("plesk-unified") === false ? 1 :0);'; then p_echo "not needed, unified license found" return fi local dest_dir="/etc/sw/keys/keys" local key=plesk-default-key.xml [ ! -s "$dest_dir/$key" ] || return 0 cp -f "${PRODUCT_ROOT_D}/var/$key" "$dest_dir/" chown root:swkey-data "$dest_dir/$key" chmod 0660 "$dest_dir/$key" suc } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. #-*- vim:syntax=sh product_log_name_ex() { local aux_descr="$1" local action="${CUSTOM_LOG_ACTION_NAME-installation}" if [ -n "$aux_descr" ]; then aux_descr="_${aux_descr}" fi if [ -n "$CUSTOM_LOG_NAME" ]; then echo "${CUSTOM_LOG_NAME}${action:+_$action}${aux_descr}.log" else get_product_versions echo "plesk_${product_this_version}${action:+_$action}${aux_descr}.log" fi } product_log_name() { product_log_name_ex } product_problems_log_name() { product_log_name_ex "problems" } problems_log_tail() { [ -f "$product_problems_log" ] || return 0 { tac "$product_problems_log" | awk '/^START/ { exit } { print }' | tac } 2>/dev/null } product_log_tail() { [ -f "$product_log" ] || return 0 { tac "$product_log" | awk '/^START/ { exit } { print }' | tac } 2>/dev/null } product_and_problems_log_tail() { product_log_tail [ "$product_log" = "$product_problems_log" ] || problems_log_tail } cleanup_problems_log() { [ -f "$product_problems_log" ] || return 0 touch "$product_problems_log.tmp" chmod 0600 "$product_problems_log.tmp" awk 'BEGIN { st = "" } /^START/ && (st ~ /^START/) { print st; } /^START/ { st=$0; next } /^STOP/ && (st ~ /^START/) { st=""; next } (st != "") { print st; st="" } { print } ' "$product_problems_log" > "$product_problems_log.tmp" && \ mv -f "$product_problems_log.tmp" "$product_problems_log" || \ rm -f "$product_problems_log.tmp" if [ ! -s "$product_problems_log" ]; then rm -f "$product_problems_log" fi } set_log_action_name() { CUSTOM_LOG_ACTION_NAME="$1" } mktemp_log() { local logname="$1" local dir="$2" if [ "${logname:0:1}" != "/" ]; then logname="$dir/$logname" fi dir="`dirname $logname`" if [ ! -d "$dir" ]; then mkdir -p "$dir" || { echo "Unable to create log directory : $dir"; exit 1; } if [ "$EUID" -eq "0" ]; then set_ac root root 0700 "$dir" fi fi if [ "${logname%XXX}" != "$logname" ]; then mktemp "$logname" else echo "$logname" fi } log_is_in_dev() { test "${1:0:5}" = "/dev/" } start_writing_logfile() { local logfile="$1" local title="$2" ! log_is_in_dev "$logfile" || return 0 echo "START $title" >> "$logfile" || { echo "Cannot write installation log $logfile" >&2; exit 1; } [ "$EUID" -ne "0" ] || set_ac root root 0600 "$logfile" } log_start() { true product_log_name product_problems_log_name mktemp_log local title="$1" local custom_log="$2" local custom_problems_log="$3" local product_log_dir="/var/log/plesk/install" product_log="$product_log_dir/`product_log_name`" product_problems_log="$product_log_dir/`product_problems_log_name`" problems_occured=0 # init product log [ ! -n "$custom_log" ] || product_log="$custom_log" product_log=`mktemp_log "$product_log" "$product_log_dir"` # init problems log if [ -n "$custom_problems_log" ]; then product_problems_log=`mktemp_log "$custom_problems_log" "$product_log_dir"` elif [ -n "$custom_log" ]; then product_problems_log="$product_log" else product_problems_log=`mktemp_log "$product_problems_log" "$product_log_dir"` fi # write starting message into logs start_writing_logfile "$product_log" "$title" if [ "$product_log" != "$product_problems_log" ]; then start_writing_logfile "$product_problems_log" "$title" fi is_function profiler_setup && profiler_setup "$title" || : } log_transaction_start() { LOG_TRANSACTION_TITLE="$1" LOG_TRANSACTION_SUBJECT="$2" local log_transaction_custom_logfile="$3" local log_transaction_custom_problems_logfile="$4" transaction_begin autocommit log_start "$LOG_TRANSACTION_TITLE" "$log_transaction_custom_logfile" "$log_transaction_custom_problems_logfile" transaction_add_commit_action "log_transaction_stop" transaction_add_rollback_action "log_transaction_stop" } log_transaction_stop() { log_stop "$LOG_TRANSACTION_TITLE" "$LOG_TRANSACTION_SUBJECT" } log_stop() { local title="$1" local subject="$2" if [ "$product_log" = "$product_problems_log" ] || \ log_is_in_dev "$product_problems_log"; then [ -e "$product_log" ] && echo "STOP $title" >>"$product_log" is_function profiler_stop && profiler_stop || : return fi if [ -z "$subject" ]; then subject="[${title}]" fi # check if problems are non-empty, check for problems_occured local status local problem_lines="`problems_log_tail | wc -l`" if [ "$problem_lines" -eq 0 ]; then status="completed successfully" else if [ $problems_occured -ne 0 ]; then status="failed" else status="completed with warnings" fi fi if [ -e "$product_log" ]; then p_echo p_echo "**** $subject $status." p_echo fi if [ "$problem_lines" -ne 0 ]; then [ ! -e "$product_log" ] || problems_log_tail >>"$product_log" 2>&1 problems_log_tail fi [ ! -e "$product_log" ] || echo "STOP $title" >>"$product_log" if [ $problems_occured -ne 0 ]; then echo "STOP $title: PROBLEMS FOUND" >>"$product_problems_log" else [ ! -s "$product_problems_log" ] || echo "STOP $title: OK" >>"$product_problems_log" fi if [ "X${PLESK_INSTALLER_KEEP_PROBLEMS_LOG}" = "X" ]; then cleanup_problems_log fi is_function profiler_stop && profiler_stop || : } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. generate_password_file() { local passwd_file="$1" local title="$2" local user="$3" local group="$4" local mode="$5" if [ "$#" -ne 5 ]; then die "Some arguments was not defined for this function" fi local passwd local inten="generate random password for $title" echo_try $inten if [ ! -s "$passwd_file" ]; then passwd=`get_random_string` || die $inten echo "$passwd" > "$passwd_file" || die $inten set_ac $user $group $mode $passwd_file || die $inten else set_ac $user $group $mode $passwd_file || die $inten fi suc } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. get_pid() { local i local ex_f="$1" local opt="$2" local owner="$3" local min_num="1" local ps_long="ps axuw" # Use pidof by default, bug 121868, except for FreeBSD - 140182 if type pidof >/dev/null 2>&1 && [ "$os" != "BSD" ]; then for pid in `pidof -o $$ -o $PPID -o %PPID -x $ex_f`; do # Check for owner [ "$opt" = "true" -a "$owner" != "`ps -p $pid -o ruser=`" ] && continue min_num=$pid break done common_var=$min_num return $min_num fi case "$opt" in false) for i in `$ps_long | grep $ex_f | grep -v grep | grep -v httpsdctl | grep -v apachectl | awk '{print $2}' -`; do min_num=$i break done ;; true) for i in `$ps_long | grep $ex_f | grep -v grep | grep -v httpsdctl | grep -v apachectl | grep "$owner" | awk '{print $2}' -`; do min_num=$i break done ;; *) p_echo "get_pid: wrong parameter" die "get_pid $ex_f $opt $owner" ;; esac common_var=$min_num return $min_num } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. construct_report_template() { local severity="${1:-error}" local summary="$2" local update_ticket="`get_update_ticket`" set_error_report_source set_error_report_component set_error_report_params set_error_report_environment true construct_report_code construct_report_debug construct_report_message cat <<-EOL $report_source $severity `date --iso-8601=seconds` $report_component /] ]>/g'`]]> `construct_report_message | base64` $report_params `construct_report_code | base64` `construct_report_debug | base64` $report_environment $update_ticket EOL } construct_report_code() { local call_level=${1:-5} local func_level=$[call_level - 1] local lineno_func=${BASH_LINENO[ $func_level ]} local script_name=${BASH_SOURCE[ $[func_level + 1] ]} echo "# Call of ${FUNCNAME[$func_level]}() from ${FUNCNAME[$[func_level + 1]]}() at `readlink -m $script_name`:${BASH_LINENO[$func_level]}" head -n $[lineno_func + 4] "$script_name" 2>/dev/null | tail -n 8 } construct_report_debug() { local call_level=${1:-5} call_level=$[call_level-1] # Generate calls stack trace. for i in `seq $call_level ${#FUNCNAME[@]}`; do [ "${FUNCNAME[$i]}" != "main" ] || break local func_call="`sed -n -e "${BASH_LINENO[$i]}p" "${BASH_SOURCE[$[i+1]]}" 2>/dev/null | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//'`" [ -n "$func_call" -a -z "${func_call##*${FUNCNAME[$i]}*}" ] || func_call="${FUNCNAME[$i]}" echo "#$[i - $call_level] `readlink -m ${BASH_SOURCE[$[i+1]]}`(${BASH_LINENO[$i]}): $func_call" done } construct_report_message() { product_and_problems_log_tail echo "" if [ -n "$report_context" ]; then echo "Context: $report_context" echo "" fi if [ -n "$RP_LOADED_PATCHES" ]; then echo "Loaded runtime patches: $RP_LOADED_PATCHES" echo "" fi } # Construct report to send it to our errors tracker construct_report() { local severity="${1:-error}" local summary="$2" [ -n "$summary" ] || int_err "Unable to send error report. Some parameters are not defined." set_error_report_source get_product_versions construct_report_template "$severity" "$summary" \ | $PRODUCT_ROOT_D/admin/bin/send-error-report --version "$product_this_version" $report_source >/dev/null 2>&1 } # Use this function to report failed actions. # Typical report should contain # - reason or problem description (example: file copying failed) # - how to resolve or investigate problem (example: check file permissions, free disk space) # - how to re-run action (example: perform specific command, restart bootstrapper script, run installation again) report_problem() { local severity="${1:-error}" # Get first string of error as a summary of report shift local summary="$1" [ -n "$product_problems_log" ] || product_problems_log="/dev/stderr" p_echo if [ "0$problems_occured" -eq 0 ]; then echo "***** $process problem report *****" >> "$product_problems_log" 2>&1 fi for problem_message in "$@"; do p_echo "$problem_message" if [ "$product_log" != "$product_problems_log" ]; then echo "$problem_message" >> "$product_problems_log" 2>&1 fi done p_echo construct_report "$severity" "$summary" [ -n "$PLESK_INSTALLER_DEBUG" -o -n "$PLESK_INSTALLER_VERBOSE" ] || \ product_log_tail problems_occured=1 } set_error_report_context() { report_context="$*" } set_error_report_source() { [ -z "$1" ] || report_source="$1" [ -n "$report_source" ] || { if [ -n "$PACKAGE_ID" -o -n "$PACKAGE_ACTION" -o -n "$PACKAGE_NAME" -o -n "$PACKAGE_VERSION" ]; then report_source="install" else report_source="backend" fi } } set_error_report_component() { local component="$1" if [ "$report_source" = "install" ]; then [ -n "$report_component" ] || report_component="$PACKAGE_ID" return 0 fi [ -z "$component" ] || report_component="$1" [ -n "$report_component" ] || report_component="`basename $0`" } set_error_report_params() { if [ "$report_source" = "install" ]; then [ -n "$report_params" ] || report_params="`echo "$PACKAGE_ACTION of $PACKAGE_NAME $PACKAGE_VERSION" | base64`" return 0 fi [ -z "$*" ] || report_params="`echo "$*" | base64`" [ -n "$report_params" ] || report_params="`echo "$PLESK_SCRIPT_COMMAND_LINE" | base64`" } detect_virtualization() { detect_vz detect_lxc local is_docker="`[ -f "/.dockerenv" ] && echo yes || :`" local systemd_detect_virt_ct="`/usr/bin/systemd-detect-virt -c 2>/dev/null | grep -v '^none$' || :`" local systemd_detect_virt_vm="`/usr/bin/systemd-detect-virt -v 2>/dev/null | grep -v '^none$' || :`" local virt_what="`/usr/sbin/virt-what 2>/dev/null | xargs || :`" if [ -n "$is_docker" ]; then echo "docker $virt_what" elif [ "$PLESK_VZ" = "1" ]; then echo "${PLESK_VZ_TYPE:-virtuozzo}" elif [ "$PLESK_LXC" = "1" ]; then echo "lxc $virt_what" elif [ -n "$systemd_detect_virt_ct" ]; then echo "$systemd_detect_virt_ct $systemd_detect_virt_vm" elif [ -n "$virt_what" ]; then echo "$virt_what" elif [ -n "$systemd_detect_virt_vm" ]; then echo "$systemd_detect_virt_vm" fi } default_error_report_environment() { local virtualization="`detect_virtualization`" if [ -n "$virtualization" ]; then echo "virtualization: $virtualization" fi } set_error_report_environment() { [ -z "$*" ] || report_environment="`echo "$*" | base64`" [ -n "$report_environment" ] || report_environment="`default_error_report_environment | base64`" } get_update_ticket() { [ -r $PRODUCT_ROOT_D/var/update_ticket ] && cat $PRODUCT_ROOT_D/var/update_ticket | awk '{$1=$1};1' } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # # Support for runtime patching of shell scripts (including utilities and package scripts). # # --- Service functions --- # Load and apply a patch in a relatively safe way rp_safe_load_patch() { local patch_file="$1" echo_try "load shell patch '$patch_file'" /bin/sh -n "$RP_BASEDIR/$patch_file" && { . "$RP_BASEDIR/$patch_file" RP_LOADED_PATCHES="$RP_LOADED_PATCHES $patch_file" } && suc } # Apply patches specific to the current context (e.g., depending on utility basename or package name) # This is currently not implemented. This may be overriden by "spark". rp_patch_runtime_context_specific() { : } # --- Main entry points --- rp_patch_runtime() { # List of loaded patch files RP_LOADED_PATCHES= local RP_BASEDIR="$PRODUCT_BOOTSTRAPPER_DIR/rp" [ -d "$RP_BASEDIR" ] || return 0 if [ -r "$RP_BASEDIR/spark" ]; then rp_safe_load_patch "spark" fi call_optional_function rp_patch_runtime_context_specific "$@" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. transaction_begin() { [ -n "$TRANSACTION_STARTED" ] && die "Another transaction in progress!" TRANSACTION_STARTED="true" TRANSACTION_ROLLBACK_FUNCS= TRANSACTION_COMMIT_FUNCS= local transaction_autocommit="$1" if [ -n "$transaction_autocommit" ]; then trap "transaction_commit_auto" EXIT trap "transaction_rollback" HUP PIPE INT QUIT TERM else trap "transaction_rollback" HUP PIPE INT QUIT TERM EXIT fi } transaction_rollback() { TRANSACTION_RETURN_CODE="${TRANSACTION_RETURN_CODE:-$?}" [ -z "$TRANSACTION_STARTED" ] && die "Transaction is not started!" # perform rollback actions local f for f in ${TRANSACTION_ROLLBACK_FUNCS}; do "$f" done TRANSACTION_STARTED= TRANSACTION_ROLLBACK_FUNCS= TRANSACTION_COMMIT_FUNCS= trap - HUP PIPE INT QUIT TERM EXIT exit 1 } transaction_commit() { TRANSACTION_RETURN_CODE="${TRANSACTION_RETURN_CODE:-$?}" [ -z "$TRANSACTION_STARTED" ] && die "Transaction is not started!" # perform commit actions local f for f in ${TRANSACTION_COMMIT_FUNCS}; do "$f" done TRANSACTION_STARTED= TRANSACTION_ROLLBACK_FUNCS= TRANSACTION_COMMIT_FUNCS= trap - HUP PIPE INT QUIT TERM EXIT } transaction_commit_auto() { TRANSACTION_RETURN_CODE="$?" if [ "$TRANSACTION_RETURN_CODE" -eq 0 ]; then transaction_commit "$@" else transaction_rollback "$@" fi } transaction_add_rollback_action() { [ -z "$TRANSACTION_STARTED" ] && die "Transaction is not started!" # LIFO rollback order [ -z "$TRANSACTION_ROLLBACK_FUNCS" ] \ && TRANSACTION_ROLLBACK_FUNCS="$1" \ || TRANSACTION_ROLLBACK_FUNCS="$1 $TRANSACTION_ROLLBACK_FUNCS" } transaction_add_commit_action() { [ -z "$TRANSACTION_STARTED" ] && die "Transaction is not started!" # FIFO commit order [ -z "$TRANSACTION_COMMIT_FUNCS" ] \ && TRANSACTION_COMMIT_FUNCS="$1" \ || TRANSACTION_COMMIT_FUNCS="$TRANSACTION_COMMIT_FUNCS $1" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # vim:ft=sh initial_conf() { PRODNAME="psa" PRODUCT_NAME="psa" product=${PRODNAME} PRODUCT_FULL_NAME="Plesk" product_etc="/etc/${PRODNAME}" prod_conf_t="/etc/psa/psa.conf" support_contact="https://support.plesk.com/" conceived_os_vendor=Ubuntu conceived_os_version="24.04" clients_group="psacln" clients_GID="10001" services_group="psaserv" services_GID="10003" product_suff="saved_by_${product}".`date "+%m.%d;%H:%M"` product_suffo="saved_by_${product}" # plesk default password PRODUCT_DEFAULT_PASSWORD="setup" } read_conf() { [ -n "$prod_conf_t" ] || prod_conf_t=/etc/psa/psa.conf if [ -s $prod_conf_t ]; then tmp_var=`perl -e 'undef $/; $_=<>; s/#.*$//gm; s/^\s*(\S+)\s*/$1=/mg; print' $prod_conf_t` eval $tmp_var else if ! is_product_installation; then p_echo "Unable to find product configuration file: $prod_conf_t. Default values will be used." return 1 fi fi return 0 } get_my_cnf_param() { local r= local my_cnf find_my_cnf "non-fatal" && \ r=`perl -e '$p="'"$1"'"; undef $/; $_=<>; s/#.*$//gm; /\[mysqld\](.*?)\[/sg; $_=substr($1, rindex $1,"$p") and /$p\s*=(.*)/m and print $1 ' ${my_cnf}` echo $r } get_mysql_socket() { # Marked as local as it's not used anywhere else now. local mysql_socket="/var/run/mysqld/mysqld.sock" local mysqlsock=`get_my_cnf_param socket` local MYSQL_SOCKETS="/var/lib/mysql/mysql.sock /tmp/mysql.sock /var/run/mysqld/mysqld.sock" for i in $mysql_socket $mysqlsock $MYSQL_SOCKETS; do if [ -S "$i" ]; then # This is used internally by mysqld_safe. Maybe this whole function isn't required nowadays. # See also: http://dev.mysql.com/doc/refman/5.0/en/problems-with-mysql-sock.html MYSQL_UNIX_PORT=$i export MYSQL_UNIX_PORT mysql_socket="$i" break fi done } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. #-*- vim:ft=sh register_service() { [ -n "$1" ] || die "register_service: service name not specified" local inten="register service $1" echo_try "$inten" { # sysvinit tools will not be called on systemd OS'es # since such OS'es are not explicitly supported enable_respawn_service "$1.service" # systemctl daemon-reload is performed implicitly unless --no-reload is passed /bin/systemctl enable --quiet "$1.service" local rs_db="$PRODUCT_ROOT_D/admin/sbin/register_service_db" [ ! -x "$rs_db" ] || "$rs_db" -a "$@" } suc } unregister_service() { [ -n "$1" ] || die "unregister_service: service name not specified" local inten="unregister service $1" echo_try $inten { local rs_db="$PRODUCT_ROOT_D/admin/sbin/register_service_db" [ ! -x "$rs_db" ] || "$rs_db" -r "$1" disable_respawn_service "$1.service" # systemctl daemon-reload is performed implicitly unless --no-reload is passed /bin/systemctl disable --quiet "$1.service" # purge sysvinit symlinks from /etc/rc.d which might be created by systemd-sysv-install # it spawns `update-rc.d defaults` or `chkconfig --add` if sysvinit script exists /usr/sbin/update-rc.d -f "$1" remove 1>/dev/null 2>&1 || : } >> $product_log 2>&1 suc } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. #-*- vim:ft=sh enable_respawn_service() { grep_q_recursive() { local val="$1" local file="$2" if [ -f "$file" ]; then ! grep -q "$val" "$file" || return 0 for f in `sed -n -e "s/^\.include\s//p" $file`; do ! grep_q_recursive "$val" "$f" || return 0 done fi return 1 } [ -n "$1" ] || die "enable_respawn_service: service name not specified" local inten="enable automatic respawn for service $1" echo_try "$inten" local service=$1 local main_unit=`systemctl show $service | sed -n -e "s/FragmentPath=//p"` local respawn_unit="/lib/systemd/system/$service.d/respawn.conf" local dropin_units=`systemctl show $service | sed -n -e "s/DropInPaths=//p" | sed "s|$respawn_unit||"` local ini="/opt/psa/admin/conf/panel.ini" local ini_section="systemd" local respawn [ ! -f "$ini" ] || respawn=`get_ini_conf_var "$ini" "$ini_section" respawn` if [ -z "${respawn/on/}" ]; then for unit in $main_unit $dropin_units; do ! grep_q_recursive "^Restart=" "$unit" || respawn="off" ! grep_q_recursive "^Type=oneshot" "$unit" || respawn="off" done fi rm -f "$respawn_unit" if [ -z "${respawn/on/}" ]; then mkdir -p "$(dirname $respawn_unit)" if [ -f "$ini" ]; then local restart=` get_ini_conf_var "$ini" "$ini_section" Service.Restart` local restartsec=` get_ini_conf_var "$ini" "$ini_section" Service.RestartSec` fi cat < "$respawn_unit" [Service] Restart=${restart:-"on-failure"} RestartSec=${restartsec:-"5"} EOT fi suc } disable_respawn_service() { [ -n "$1" ] || die "disable_respawn_service: service name not specified" local inten="disable automatic respawn for service $1" echo_try "$inten" local respawn_unit="/lib/systemd/system/$1.d/respawn.conf" rm -f "$respawn_unit" suc } selinux_close() { if [ -z "$SELINUX_ENFORCE" -o "$SELINUX_ENFORCE" = "Disabled" ]; then return fi setenforce "$SELINUX_ENFORCE" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # vim:ft=sh: #set_params set_common_params() { common_var=0 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin LANG="`get_default_locale`" export PATH LANG unset GREP_OPTIONS umask 022 ulimit -n 65535 2>/dev/null get_product_versions certificate_file="$PRODUCT_ETC_D/httpsd.pem" services="/etc/services" crontab="/usr/bin/crontab" SYSTEM_RC_D="/etc/init.d" PLESK_LIBEXEC_DIR="/usr/lib/plesk-9.0" PLESK_DB_DIR="/var/lib/plesk" PRODUCT_BOOTSTRAPPER_DIR="`printf "/opt/psa/bootstrapper/pp%s-bootstrapper" "$product_this_version"`" AUTOGENERATED_CONFIGS="#ATTENTION!\n#\n#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,\n#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.\n" AUTOGENERATED_CONFIGS_UPGRADE="#ATTENTION!\n#\n#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,\n#SO ALL YOUR CHANGES WILL BE LOST AFTER YOU UPGRADE PLESK.\n" PRODUCT_LOGS_D="/var/log/plesk" sendmail="/usr/sbin/sendmail" ps="ps axw" ifconfig="/sbin/ifconfig -a" machine="linux" if [ -f /etc/debian_version ]; then linux_distr="debian" else linux_distr="redhat" fi dummy_home="/" if [ -x /usr/sbin/nologin ]; then dummy_shell="/usr/sbin/nologin" else dummy_shell="/bin/false" fi rp_patch_runtime } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. set_swcpserver_params() { swcpserver_service=sw-cp-server swcpserver_binary=/usr/sbin/sw-cp-serverd swcpserver_pidfile=/var/run/sw-cp-server.pid swcpserver_includedir=/etc/sw-cp-server/conf.d true swcpserver_status } swcpserver_status() { get_pid "$swcpserver_binary" false local pid=$common_var if [ "$pid" -ne 1 ]; then return 0 fi return 1 } get_product_versions() { # Don't use global variables set elsewhere in this code. Use substitutions if needed. local prod_root_d="/opt/psa" product_name="psa" if [ -z "$product_this_version" ]; then # 1. Try to fetch version from file created by bootstrapper (should be 3-component). product_this_version="`cat "/var/lock/plesk-target-version" 2>/dev/null`" # 2. Fallback to $PRODUCT_ROOT_D/version (should be 3-component). if [ -z "$product_this_version" -a -r "$prod_root_d/version" ]; then product_this_version="`awk '{ print $1 }' "$prod_root_d/version"`" fi # 3. Fallback to hardcoded version (2-component). This may cause some other code to fail. if [ -z "$product_this_version" ]; then product_this_version="18.0" echo "Unable to determine \$product_this_version, will use less precise value '$product_this_version'" >&2 fi fi product_version="$product_this_version" if [ -z "$product_prev_version" ]; then if [ -r "$prod_root_d/version.upg" ]; then product_prev_version=`awk '{ print $1 }' "$prod_root_d/version.upg"` elif [ -r "$prod_root_d/version" ]; then product_prev_version=`awk '{ print $1 }' "$prod_root_d/version"` else product_prev_version="$product_this_version" fi fi } # Clean installation of the product is being performed is_product_installation() { [ "X$do_upgrade" != "X1" -a ! -s "/opt/psa/version.upg" ] } set_postfix_auth() { local run="$PRODUCT_ROOT_D/admin/sbin/mailmng-server --set-mail-params" if db_test "SELECT value FROM ServiceNodeConfiguration WHERE name='relay' AND value='open' AND serviceNodeId=1 AND section='mailServer'" 1 ; then run="$run --relayclient" fi if db_test "SELECT * FROM ServiceNodeConfiguration WHERE name='disable_smtp_auth' and value=0 AND serviceNodeId=1 AND section='mailServer'" 1 ; then run="$run --smtpauth" fi if db_test "SELECT * FROM ServiceNodeConfiguration WHERE name='disable_pop_auth' and value=0 AND serviceNodeId=1 AND section='mailServer'" 1 ; then run="$run --popauth" fi db_select "SELECT value FROM ServiceNodeConfiguration WHERE name='poplock_time' AND serviceNodeId=1 AND section='mailServer'" if [ -n "$db_select_output" ]; then # this will also set correct crontab for poplock.db cleanup run="$run --poplock-time=$db_select_output" fi $run >> $product_log 2>&1 } update_postfix_poplockdb_cleanup_crontab() { [ -x "${PRODUCT_RC_D}/postfix" -a ! -f "${PRODUCT_RC_D}/qmail" ] || return 0 set_postfix_auth } set_mysql_auth() { # This function requires set_mysql_server_params and set_mysql_client_params (or set_mysqld_params) # to be called before local inten="set up mysql authentication" local dsn_plesk_host="`get_dsn plesk host`" local dsn_plesk_port="`get_dsn plesk port`" local dsn_plesk_username="`get_dsn plesk username`" local dsn_plesk_password="`get_dsn plesk password`" get_admin_passwd [ -n "$dsn_plesk_host" ] || pleskrc mysql start mysql_host="${dsn_plesk_host:+--host=$dsn_plesk_host}" mysql_port="${dsn_plesk_port:+--port=$dsn_plesk_port}" mysql_user="--user=${dsn_plesk_username:-admin}" mysql_passwd="${dsn_plesk_password:-$admin_passwd}" if find_my_cnf 'non-fatal'; then mysql_defaults="--defaults-file=$my_cnf" else mysql_defaults="--no-defaults" fi if [ -z "$PLESK_MYSQL_AUTH_SKIP_CONNECTION_CHECK" ]; then mysql_test_connection 10 || die "$inten" fi suc } get_admin_passwd() { [ -z "$admin_passwd" ] || return 0 if [ -f "$mysql_passwd_file" ]; then admin_passwd=`cat "$mysql_passwd_file"` return 0 fi admin_passwd=`get_random_string 1 'A-Z'` admin_passwd+=`get_random_string 1 'a-z'` admin_passwd+=`get_random_string 1 '0-9'` admin_passwd+=`get_random_string 1 '_%=+\-@<>:.,:'` admin_passwd+=`get_random_string 10 'A-Za-z0-9_%=+\-@<>:.,:'` admin_passwd=`printf "%s" "$admin_passwd" | fold -w 1 | shuf - | tr -d '\n'` [ -n "$admin_passwd" ] || admin_passwd="$PRODUCT_DEFAULT_PASSWORD" touch "$admin_password_needs_encryption_flag" } mysql_quote_string() { echo "$1" | perl -pe 's|\\|\\\\|g' } mysql_test_connection() { inten="establish test connection" echo_try $inten attempts=${1:-1} for i in `sequence $attempts`; do echo "" | mysql_direct mysql >> "$product_log" 2>&1 if [ "$?" -eq "0" ]; then p_echo "connected" return 0 fi [ "$attempts" -eq "1" ] || sleep 1 done p_echo "failed" return 1 } find_my_cnf() { local non_fatal="$1" local cnf_files="/etc/my.cnf /etc/mysql/my.cnf /var/db/mysql/my.cnf" for my_cnf in $cnf_files; do if [ -f ${my_cnf} ]; then break fi done [ -f "$my_cnf" -o -n "$non_fatal" ] || { local msg="find the MySQL server configuration file. \ If you use a third-party MySQL server build, make sure you do not use implicit default configuration \ and you have the MySQL configuration file in one of the following locations: $cnf_files" echo "Failed to $msg" | write_structured_report 'stage=mysqlsetup' 'level=fatal' 'errtype=mysqlnomycnf' "mycnffiles=$cnf_files" || : die "$msg" } [ -f "$my_cnf" ] || return 1 my_cnf_d=`awk '/^\s*!includedir\>/ {print $2}' "$my_cnf" | head -1` return 0 } set_mysql_server_params() { get_mysql_socket if [ -n "/lib/systemd/system" -a -f "/lib/systemd/system/mariadb.service" ]; then mysql_service="mariadb" elif [ -n "/lib/systemd/system" -a -f "/lib/systemd/system/mysqld.service" ]; then # Percona server mysql_service="mysqld" elif [ -n "/lib/systemd/system" -a -f "/lib/systemd/system/mysql.service" ]; then # MySQL 8 installations on debian / ubuntu mysql_service="mysql" elif [ -x "${PRODUCT_RC_D}/mysql" ]; then mysql_service="mysql" elif [ -x "${PRODUCT_RC_D}/mysql.sh" ]; then mysql_service="mysql.sh" elif [ -x "${PRODUCT_RC_D}/mysqld" ]; then mysql_service="mysqld" elif [ -x "${PRODUCT_RC_D}/mysql" ]; then mysql_service="mysql" else die "detect MySQL service name" fi } set_mysql_client_params() { mysql_client="$MYSQL_BIN_D/mysql" [ -f "$MYSQL_BIN_D/mariadb" ] && mysql_client="$MYSQL_BIN_D/mariadb" # Override this variable as needed mysql_db_name="$PRODNAME" mysql_passwd_file="$product_etc/.${PRODNAME}.shadow" mysql_args="-N" mysql_args_raw="-Br" local dsn_plesk_dbname="`get_dsn plesk dbname`" [ -z "$dsn_plesk_dbname" ] || mysql_db_name="$dsn_plesk_dbname" } #Invoke mysql dbclient_invoke() { mysql_anydb -D$mysql_db_name "$@" } mysql_anydb() { ( export MYSQL_PWD="$mysql_passwd" $mysql_client $mysql_defaults $mysql_host $mysql_port $mysql_user $mysql_args "$@" 2>>"$product_log" local status=$? if [ $status -gt 0 ]; then $mysql_client $mysql_defaults $mysql_host $mysql_port $mysql_user $mysql_args -D$mysql_db_name $mysql_args_raw -e "SHOW ENGINE innodb status" >>"$product_log" 2>&1 fi unset MYSQL_PWD return $status ) } # Invoke mysql without any wrapper or something else mysql_direct() { # a bit dirty but it works properly for passwords with spaces, quotes and double quotes: if [ -n "$mysql_passwd" ]; then ( export MYSQL_PWD="$mysql_passwd" $mysql_client $mysql_defaults $mysql_host $mysql_port $mysql_user $mysql_args "$@" 2>>"$product_log" rc=$? unset MYSQL_PWD return $rc ) else $mysql_client $mysql_defaults $mysql_host $mysql_port $mysql_user $mysql_args "$@" 2>>"$product_log" fi } # Invoke mysql in raw mode mysql_raw() { dbclient_invoke $mysql_args_raw "$@" } mysql_raw_anydb() { mysql_anydb $mysql_args_raw "$@" } uses_mysql_client() { # Initialize local MySQL authentication parameters and test connection. # After that db_*() and mysql*() functions may be used. # Any MySQL-specific overrides (e.g., local mysql_db_name="whatever") should appear # *after* calling this function. # This function is for use in component installers that require access to MySQL DB. set_mysql_server_params set_mysql_client_params set_mysql_auth } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. reset_user_password() { true mysql_quote_string local user="$1" local passwd="$2" local hosts="${3:-localhost}" local inten="reset database user password for '${user}@${hosts}'" echo_try "${inten}" if [ "$hosts" = "127.0.0.1" -o "$hosts" = "::1" ] ; then hosts="${hosts} localhost" fi hosts="${hosts} %" local quoted_passwd=`mysql_quote_string "$passwd"` # MySQL has dropped PASSWORD() in 8.0.11: # https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-11.html local has_passwd_fun="" # mysql_direct() writes errors directly to $product_log, so we set # it to /dev/null to silence the expected error message about PASSWORD() # not existing if echo "SELECT PASSWORD('test')" | product_log=/dev/null mysql_direct mysql &>/dev/null; then has_passwd_fun=1 fi local host="" for host in $hosts; do local query="" if [ -n "$has_passwd_fun" ]; then query="SET PASSWORD FOR '$user'@'$host' = PASSWORD('$quoted_passwd')" else query="ALTER USER '$user'@'$host' IDENTIFIED BY '$quoted_passwd'" fi if echo "$query" | mysql_direct mysql; then suc return 0 fi done warn "$inten - database user does not exist." return 1 } is_local_mysql_instance() { local host="$1" [ -z "$host" -o "$host" = "localhost" -o "$host" = "127.0.0.1" -o "$host" = "::1" ] } check_db_accessible() { local mysql_db_name="$1" local mysql_user="--user=$2" local mysql_passwd="$3" #INFO: we should not die here echo "" | mysql_direct } reset_sitebuilder_passwd() { local no_force="$1" local sb_conf="/usr/local/sb/config" [ -f "$sb_conf" ] || return 0 local sb_host=` get_ini_conf_var "$sb_conf" "database" "host"` local sb_username=`get_ini_conf_var "$sb_conf" "database" "username"` local sb_password=`get_ini_conf_var "$sb_conf" "database" "password"` local sb_dbname=` get_ini_conf_var "$sb_conf" "database" "dbname"` is_local_mysql_instance "$sb_host" || return 0 if [ -n "$no_force" ]; then check_db_accessible "$sb_dbname" "$sb_username" "$sb_password" && return 0 || : fi if reset_user_password "$sb_username" "$sb_password" "$sb_host"; then check_db_accessible "$sb_dbname" "$sb_username" "$sb_password" else # https://jira.plesk.ru/browse/PPP-4676 return 0 fi } get_webmail_config_param() { local webmail_config="$1" local config_var="$2" local param="$3" local default_val="$4" local result=`sw_engine_pleskrun -n -r 'include "'$webmail_config'"; echo $'${config_var}${param}';' 2>/dev/null` [ -n "$result" ] || result="$default_val" echo "$result" } get_horde_config_param() { get_webmail_config_param "/usr/share/psa-horde/config/conf.php" "conf" "$1" "$2" } get_roundcube_config_param() { #INFO: this function now is able to extract settings from config.inc.php, now it just db_dsnw; # if need another parameters need to reimplement this function - parse defaults.inc.php, parse config.inc.php and merge data get_webmail_config_param "/usr/share/psa-roundcube/config/config.inc.php" "config" "$1" } reset_horde_passwd() { local no_force="$1" set_horde_params local horde_shadow="$horde_passwd_file" [ -f "$horde_shadow" ] || horde_shadow="/etc/psa/.webmail.shadow" local hor_host=` get_horde_config_param "['sql']['hostspec']" "localhost"` local hor_user=` get_horde_config_param "['sql']['username']" "horde"` local hor_dbname=`get_horde_config_param "['sql']['database']" "horde"` local hor_passwd=`get_horde_config_param "['sql']['password']"` [ -n "$hor_passwd" ] || hor_passwd=`cat "$horde_shadow" 2>/dev/null` [ -n "$hor_passwd" -a -n "$hor_user" -a -n "$hor_dbname" ] || return 0 is_local_mysql_instance "$hor_host" || return 0 if [ -n "$no_force" ]; then ! check_db_accessible "$hor_dbname" "$hor_user" "$hor_passwd" || return 0 fi reset_user_password "$hor_user" "$hor_passwd" "$hor_host" && \ check_db_accessible "$hor_dbname" "$hor_user" "$hor_passwd" } parse_mysql_dsn_get_user() { echo $1 | perl -nle 'm|^mysql://([^:]+):([^@]+)@([^/:]+)(?::(\d+))?/(.*)$| and print $1 or exit 1' } parse_mysql_dsn_get_passwd() { echo $1 | perl -nle 'm|^mysql://([^:]+):([^@]+)@([^/:]+)(?::(\d+))?/(.*)$| and print $2 or exit 1' } parse_mysql_dsn_get_host() { echo $1 | perl -nle 'm|^mysql://([^:]+):([^@]+)@([^/:]+)(?::(\d+))?/(.*)$| and print $3 or exit 1' } parse_mysql_dsn_get_db() { echo $1 | perl -nle 'm|^mysql://([^:]+):([^@]+)@([^/:]+)(?::(\d+))?/(.*)$| and print $5 or exit 1' } reset_roundcube_passwd() { local no_force="$1" local roundcube_dsn=`get_roundcube_config_param "['db_dsnw']"` local roundcube_user=`parse_mysql_dsn_get_user "$roundcube_dsn"` local roundcube_passwd=`parse_mysql_dsn_get_passwd "$roundcube_dsn"` local roundcube_host=`parse_mysql_dsn_get_host "$roundcube_dsn"` local roundcube_db=`parse_mysql_dsn_get_db "$roundcube_dsn"` [ -n "$roundcube_passwd" -a -n "$roundcube_user" -a -n "$roundcube_db" ] || return 0 is_local_mysql_instance "$roundcube_host" || return 0 if [ -n "$no_force" ]; then ! check_db_accessible "$roundcube_db" "$roundcube_user" "$roundcube_passwd" || return 0 fi reset_user_password "$roundcube_user" "$roundcube_passwd" "$roundcube_host" && \ check_db_accessible "$roundcube_db" "$roundcube_user" "$roundcube_passwd" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. phpmyadmin_config_backup() { set_phpmyadmin_params if [ -f "$PHPMYADMIN_CONFIG" ]; then cp -f "$PHPMYADMIN_CONFIG" "$PHPMYADMIN_CONFIG_BACKUP" fi } phpmyadmin_rm_config_backup() { rm -f "$PHPMYADMIN_CONFIG_BACKUP" } set_phpmyadmin_params() { PHPMYADMIN_D="$PRODUCT_ROOT_D/phpMyAdmin" PHPMYADMIN_CONFIG="$PHPMYADMIN_D/config.plesk.php" # Executed as root, so must be placed in a directory which is root-owned and not world-writable PHPMYADMIN_CONFIG_BACKUP="$PLESK_DB_DIR/phpMyAdmin.config.php.save" # Layout of phpMyAdmin before 18.0.30 PHPMYADMIN_D_OLD="$PRODUCT_ROOT_D/admin/htdocs/domains/databases/phpMyAdmin" PHPMYADMIN_CONFIG_OLD="$PHPMYADMIN_D_OLD/libraries/config.default.php" } pma__write_values_to_config() { ( umask 0027 sed -e "`pma__sed_script`" < "$PHPMYADMIN_CONFIG.tpl" > "$PHPMYADMIN_CONFIG" || return 1 set_admin_params set_ac root "$admin_group" 0640 "$PHPMYADMIN_CONFIG" ) } pma__set_default_values() { controluser="phpmyadmin" controlpass="`get_random_string 16`" pmadb="phpmyadmin" } pma__sed_script() { echo " s|@@""CONTROLUSER""@@|$controluser|g s|@@""CONTROLPASS""@@|$controlpass|g s|@@""PMADB""@@|$pmadb|g " } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. install_postfix_certificate() { local force= if [ $# -ne 0 ]; then force="yes" fi local CERT_DIR=`/usr/sbin/postconf -h config_directory` local TLS_CERT=${CERT_DIR}/postfix_default.pem if ! mkdir_ex 0 0 755 ${CERT_DIR}; then warn "Unable to create directory for ${CERT_DIR} with proper permissions." return 1 fi [ -z "${force}" -a -f ${TLS_CERT} ] && return ||: get_certificate "${TLS_CERT}" set_ac 0 0 600 "${TLS_CERT}" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # $1 - openssl binary # $2 - openssl args # $3 - cert file name # $4 - bits number qmail_tls_cert() { local QMAIL_CONTROL_D TLS_CERT QMAIL_CONTROL_D=${QMAIL_ROOT_D}/control TLS_CERT=${QMAIL_CONTROL_D}/$3 if [ ! -f ${TLS_CERT} ]; then $1 $2 -out ${TLS_CERT} $4 >> $product_log 2>&1 if [ $? -ne 0 ]; then warn "Certificate for qmail TLS sessions ${TLS_CERT} was not generated. Qmail will generate it at each TLS session. It is too slow and will make high CPU load." fi p_echo fi if [ -f ${TLS_CERT} ]; then chmod 600 ${TLS_CERT} && chown qmaild:0 ${TLS_CERT} if [ $? -ne 0 ]; then # Fallback for case when qmail is not installed chmod 600 ${TLS_CERT} && chown root:0 ${TLS_CERT} warn "Unable to set proper permission to ${TLS_CERT} Normally, owner user and group should be qmaild:0 and access should be 0600." fi fi } generate_tls_certificates() { local SSL_BIN inten umask_sav inten="generate SSL certificates for TLS sessions" echo_try $inten SSL_BIN=/usr/bin/openssl # store old umask and set very secure one umask_sav=`umask` umask 0077 qmail_tls_cert ${SSL_BIN} "genrsa" rsa512.pem 512 #qmail_tls_cert ${SSL_BIN} "dhparam -2" dh512.pem 512 #qmail_tls_cert ${SSL_BIN} "dhparam -2" dh1024.pem 1024 umask ${umask_sav} suc } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. #qmail set_qmail_params() { QMAIL_DIR="/var/qmail" QMAIL_USERS="alias:2021:nofiles:false:alias qmaild:2020:nofiles:false: qmaill:2022:nofiles:false: qmailp:2023:nofiles:false: qmailq:2520:qmail: qmailr:2521:qmail: qmails:2522:qmail:" QMAIL_GROUPS="qmail:2520 nofiles:2020" #variable from psa.conf but used in mail-qc-driver #so we need define this before install psa base package if [ -z "$QMAIL_ROOT_D" ]; then QMAIL_ROOT_D="/var/qmail" fi qmail_service="qmail" qmail_extra_cmd="" } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. set_horde_params() { horde_datadir="/usr/share/psa-horde" horde_confdir="/etc/psa-webmail/horde" horde_sysconfd="$horde_confdir/horde" horde_logdir="/var/log/psa-horde" horde_passwd_file="/etc/psa-webmail/horde/.horde.shadow" horde_title="Horde Web Based mail client" imp_datadir="$horde_datadir/imp" imp_sysconfd="$horde_confdir/imp" turba_datadir="$horde_datadir/turba" turba_sysconfd="$horde_confdir/turba" kronolith_datadir="$horde_datadir/kronolith" kronolith_sysconfd="$horde_confdir/kronolith" ingo_datadir="$horde_datadir/ingo" ingo_sysconfd="$horde_confdir/ingo" mnemo_datadir="$horde_datadir/mnemo" mnemo_sysconfd="$horde_confdir/mnemo" passwd_datadir="$horde_datadir/passwd" passwd_sysconfd="$horde_confdir/passwd" horde_user="horde_sysuser" horde_group="horde_sysgroup" horde_php_ini="/etc/psa-webmail/horde/horde/php.ini" horde_conf_php="/etc/psa-webmail/horde/horde/conf.php" horde_db_user_privileges=( "ALTER" "CREATE" "DELETE" "DROP" "INDEX" "INSERT" "REFERENCES" "SELECT" "UPDATE" ) } generate_horde_password() { local inten='generate horde password' local dsn_horde_password="`get_dsn horde password`" if [ -n "$dsn_horde_password" -a ! -s "$horde_passwd_file" ]; then echo "$dsn_horde_password" > "$horde_passwd_file" fi generate_password_file "$horde_passwd_file" "$horde_title" root "$horde_group" 640 horde_password=`cat $horde_passwd_file` || die $inten } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. generate_roundcube_password() { local inten='generate roundcube password' local dsn_roundcube_password="`get_dsn roundcube password`" if [ -n "$dsn_roundcube_password" -a ! -s "$roundcube_passwd_file" ]; then echo "$dsn_roundcube_password" > "$roundcube_passwd_file" fi generate_password_file "$roundcube_passwd_file" "$roundcube_title" root root 640 roundcube_password=`cat $roundcube_passwd_file` || die $inten } update_roundcube_db_settings() { local cfg_db_dsnw="\$config\['db_dsnw'\]" local host="`get_dsn roundcube host`" local port="`get_dsn roundcube port`" local db_user="$roundcube_db_user" local db_name="$roundcube_db_name" local roundcube_dsn=`get_roundcube_config_param "['db_dsnw']"` [ -n "$db_user" ] || db_user=`parse_mysql_dsn_get_user "$roundcube_dsn"` [ -n "$db_name" ] || db_name=`parse_mysql_dsn_get_db "$roundcube_dsn"` sed -e "s#${cfg_db_dsnw}.*#${cfg_db_dsnw} = 'mysql://${db_user}:${roundcube_password}@${host:-localhost}${port:+:$port}/${db_name}';#" \ -i ${roundcube_conf} } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. # vim:set ft=sh: set_roundcube_params() { roundcube_passwd_file="/usr/share/psa-roundcube/config/.roundcube.shadow" roundcube_title="Roundcube Web Based mail client" roundcube_conf="/usr/share/psa-roundcube/config/config.inc.php" roundcube_conf_defaults="/usr/share/psa-roundcube/config/defaults.inc.php" roundcube_sql_d="/usr/share/psa-roundcube/SQL" roundcube_user="roundcube_sysuser" roundcube_group="roundcube_sysgroup" roundcube_home="/usr/share/psa-roundcube" roundcube_logs_d="/var/log/plesk-roundcube" roundcube_temp_d="/var/tmp" roundcube_php_ini="/etc/psa-webmail/roundcube/php.ini" roundcube_php_ini_tpl="/usr/share/psa-roundcube/config/php.ini.tpl" roundcube_preupgrade_version_file="/etc/psa-webmail/roundcube/version.upg" roundcube_db_user_privileges=( "ALTER" "CREATE" "DELETE" "DROP" "INDEX" "INSERT" "REFERENCES" "SELECT" "UPDATE" ) } ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. rstinst_update_default_cert_copy() { local src="$certificate_file" local dst="$1" [ -n "$dst" ] || die "rstinst_update_default_cert_copy(): certificate file required" if diff -q "$certificate_file_old" "$dst" >/dev/null 2>&1 ; then cp -fp "$src" "$dst" set_ac 0 0 0400 "$dst" else p_echo "Not touching custom or absent certificate $dst" fi } rstinst_backup_old_default_cert() { pp_echo " Creating default certificate backup..." certificate_file_old="$certificate_file.old" cp -fp "$certificate_file" "$certificate_file_old" } rstinst_default_cert() { set_admin_params pp_echo " Updating default certificate..." cp -fp "$ADMIN_CERT" "$certificate_file" } rstinst_wipe_old_default_cert() { pp_echo " Removing default certificate backup..." rm -f "$certificate_file_old" } rstinst_reset_courier_imap_certs() { set_courier_imap_params pp_echo " Updating Courier-IMAP certificates..." rstinst_update_default_cert_copy "$IMAPD_CERT" rstinst_update_default_cert_copy "$POP3D_CERT" } rstinst_reset_dovecot_cert() { set_dovecot_params pp_echo " Updating Dovecot certificate..." rstinst_update_default_cert_copy "$DOVECOT_CERT" } rstinst_reset_mail_certs() { if rstinst_is_qmail; then rstinst_reset_qmail_certs elif rstinst_is_postfix; then pp_echo " Generating new Postfix certificates..." install_postfix_certificate force fi } rstinst_reset_qmail_certs() { set_qmail_params local qmail_control_d="$QMAIL_ROOT_D/control" local qmail_tls_cert="$qmail_control_d/rsa512.pem" local qmail_client_cert="$qmail_control_d/clientcert.pem" local qmail_server_cert="$qmail_control_d/servercert.pem" [ -d "$qmail_control_d" ] || return 0 pp_echo " Generating new QMail certificates..." local qmail_user=qmaild local qmail_group=qmail if ! id "$qmail_user" 1>/dev/null 2>&1 || ! groupmod "$qmail_group" 1>/dev/null 2>&1 ; then # Qmail may not be actually installed, but we need to update certs nonetheless qmail_user=root qmail_group=0 fi rm -f "$qmail_tls_cert" && \ [ "$qmail_user" != "root" ] && generate_tls_certificates rstinst_update_default_cert_copy "$qmail_server_cert" && \ set_ac "$qmail_user" "$qmail_group" 0640 "$qmail_server_cert" if [ ! -L "$qmail_client_cert" ] || [ "`readlink $qmail_client_cert`" != "$qmail_server_cert" ]; then rstinst_update_default_cert_copy "$qmail_client_cert" && \ set_ac "$qmail_user" "$qmail_group" 0640 "$qmail_client_cert" fi } rstinst_generate_certificates() { pp_echo " Generating new certificates..." rstinst_cloning_action create-backup-sign rstinst_cloning_action delete-certificates rstinst_default_cert rstinst_reset_courier_imap_certs rstinst_reset_dovecot_cert rstinst_reset_mail_certs rstinst_wipe_old_default_cert } # vim:ft=sh ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. rstinst_check_bool_misc_param() { local param="$1" local default_value="$2" [ -n "$param" ] || die "rstinst_check_bool_misc_param(): parameter name required" [ -n "$default_value" ] || default_value="false" local param_value=`db_read_misc_attr "$param"` [ -n "$param_value" ] || param_value="$default_value" [ "$param_value" = "true" ] } rstinst_is_reset_init_conf_scheduled() { rstinst_check_bool_misc_param "vps_cloning_reset_init_conf" } rstinst_is_license_keys_reset_scheduled() { rstinst_check_bool_misc_param "vps_cloning_license_reset" } rstinst_is_public_image_cloning_mode() { rstinst_check_bool_misc_param "vps_cloning_mode" } rstinst_is_public_image_cloning_started() { rstinst_check_bool_misc_param "vps_cloning_started" } rstinst_is_update_master_key_scheduled() { rstinst_check_bool_misc_param "vps_cloning_update_master_key" } rstinst_is_qmail() { [ -x ${PRODUCT_ROOT_D}/admin/sbin/mailmng-server ] || return 1 ${PRODUCT_ROOT_D}/admin/sbin/mailmng-server --features | grep -q "SMTP_Server_package.*qmail" } rstinst_is_postfix() { [ -x ${PRODUCT_ROOT_D}/admin/sbin/mailmng-server ] || return 1 ${PRODUCT_ROOT_D}/admin/sbin/mailmng-server --features | grep -q "SMTP_Server_package.*postfix" } rstinst_cloning_action() { local action="$1" sw_engine_pleskrun "$PRODUCT_ROOT_D/admin/plib/scripts/cloning_actions.php" --do "$action" >> $product_log 2>&1 } rstinst_set_status_flag() { [ -n "$1" -a -n "$2" ] || return local status_d="$rstinst_status_d/$1" local flag="$2.flag" [ -d "$status_d" ] || mkdir -p "$status_d" echo `date +%s` >> "$status_d/$flag" } rstinst_check_status_flag() { [ -f "$rstinst_status_d/$1/$2.flag" ] } rstinst_set_subtask_status_flag() { rstinst_set_status_flag "subtask" "$1" } rstinst_setup_report_cloning() { touch /var/lock/plesk-report-cloning.flag } rstinst_report_cloning() { local rc="$1" local launcher="$PRODUCT_ROOT_D/bin/py3-python" local flag="/var/lock/plesk-report-cloning.flag" local report_bin="/root/parallels/report-update" [ -s "$report_bin" ] || report_bin="/var/cache/parallels_installer/report-update" [ -d "`dirname "$report_bin"`" ] || install -m 0700 -o root -g root -d "`dirname "$report_bin"`" [ -s "$report_bin" ] || /usr/bin/curl -m 300 --retry 3 -fsSL "http://autoinstall.plesk.com/report-update" \ -o "$report_bin" >> "$product_log" 2>&1 [ -s "$report_bin" ] || { warn "locate or download report-update utility to report cloning result" return 1 } "$launcher" "$report_bin" --op "clone" --rc "$rc" --start-flag "$flag" >> "$product_log" 2>&1 } # vim:ft=sh ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. set_maintenance_mode_params() { maintenance_sw_cp_server_config="/etc/sw-cp-server/conf.d/maintenance" maintenance_status="$PRODUCT_ROOT_D/var/maintenance/status.json" maintenance_scheduled="" maintenance_enabled="" if rstinst_is_maintenance_mode_scheduled; then maintenance_scheduled="true" fi if rstinst_is_maintenance_mode_enabled; then maintenance_enabled="true" fi } report_maintenance_status() { local stage="$1" local percentage="$2" local message="$3" [ -n "$maintenance_enabled" ] || return echo '{"status":"'$stage'","progress":"'$percentage'","message":"'$message'"}' > "$maintenance_status" } rstinst_is_maintenance_mode_scheduled() { rstinst_check_bool_misc_param "vps_cloning_maintenance_mode" } rstinst_is_maintenance_mode_enabled() { grep -q '^set $maintenance on;' "$maintenance_sw_cp_server_config" } rstinst_enable_maintenance_mode() { if [ -z "$maintenance_scheduled" ]; then echo "Maintenance mode does not schedued in database" return fi echo 'set $maintenance on;' > "$maintenance_sw_cp_server_config" maintenance_enabled="true" } rstinst_disable_maintenance_mode() { if [ -z "$maintenance_scheduled" -o -z "$maintenance_enabled" ]; then return fi echo 'set $maintenance off;' > "$maintenance_sw_cp_server_config" rm -f "$maintenance_status" maintenance_enabled="" } # vim:ft=sh ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. rstinst_reread_admin_passwd() { admin_passwd= set_mysql_auth } rstinst_gen_passwd() { get_random_string 16 'A-Za-z0-9_' } rstinst_recipher_passwords() { rstinst_cloning_action reset-secret-key || warn 'generating new encryption key and switching to it' rstinst_reread_admin_passwd } rstinst_reset_admin_passwd() { pp_echo " Generating new admin password..." rstinst_cloning_action reset-admin-password || warn 'resetting admin password' rstinst_reread_admin_passwd } rstinst_reset_sitebuilder_passwd() { local sb_conf="/usr/local/sb/config" [ -f "$sb_conf" ] || return 0 local sb_host=`get_ini_conf_var "$sb_conf" "database" "host"` is_local_mysql_instance "$sb_host" || return 0 pp_echo " Generating new WPB (sitebuilder) password..." set_ini_conf_var "$sb_conf" "database" "password" `rstinst_gen_passwd` reset_sitebuilder_passwd } rstinst_reset_apsc_passwd() { check_apsc_installed || return 0 read_apsc_connection_params_db is_local_mysql_instance "$apsc_db_host" || return 0 pp_echo " Generating new APS controller password..." apsc_db_passwd=`rstinst_gen_passwd` reset_user_password "$apsc_db_user" "$apsc_db_passwd" "$apsc_db_host" && \ save_apsc_connection_params_db && \ sw_engine_pleskrun "$PRODUCT_ROOT_D/admin/plib/scripts/check_apsc_connection.php" >>"$product_log" 2>&1 [ $? -eq 0 ] || warn "connect to APS controller database with new password" } rstinst_reset_horde_passwd() { set_horde_params [ -s "$horde_passwd_file" ] || return 0 local hor_host=`get_horde_config_param "['sql']['hostspec']" "localhost"` is_local_mysql_instance "$hor_host" || return 0 pp_echo " Generating new $horde_title password..." rm -f "$horde_passwd_file" && \ generate_horde_password && \ reset_horde_passwd } rstinst_reset_roundcube_passwd() { set_roundcube_params [ -s "$roundcube_passwd_file" ] || return 0 pp_echo " Generating new $roundcube_title password..." rm -f "$roundcube_passwd_file" && \ generate_roundcube_password && \ update_roundcube_db_settings && \ reset_roundcube_passwd } rstinst_reset_phpmyadmin_passwd() { set_phpmyadmin_params phpmyadmin_config_backup || return 0 pp_echo " Generating new phpMyAdmin password..." local pmahost="localhost" local controluser controlpass pmadb pma__set_default_values controlpass=`rstinst_gen_passwd` [ -n "$controlpass" -a -n "$controluser" -a -n "$pmadb" ] && \ pma__write_values_to_config && \ reset_user_password "$controluser" "$controlpass" "$pmahost" && \ check_db_accessible "$pmadb" "$controluser" "$controlpass" && \ phpmyadmin_rm_config_backup [ $? -eq 0 ] || warn "connect to phpMyAdmin database with new password" } rstinst_reset_mysql_debian_sys_maint_passwd() { local mysql_debian_cnf="/etc/mysql/debian.cnf" [ -f "$mysql_debian_cnf" ] || return 0 # debian-sys-maint is not used on Debian 9 anymore grep -E -q "user\s*=\s*debian-sys-maint" /etc/mysql/debian.cnf || return 0 pp_echo " Generating new debian-sys-maint mysql password..." local mysql_debian_pass=`rstinst_gen_passwd` perl -i -ple '$_ = "$1 = '$mysql_debian_pass'" if /^(\s*password\s*)=/' "$mysql_debian_cnf" db_do "SET PASSWORD FOR 'debian-sys-maint'@localhost = PASSWORD('$mysql_debian_pass')" } rstinst_remove_additional_admins() { pp_echo " Removing additional administrators..." rstinst_cloning_action cleanup-admin-aliases } rstinst_generate_passwords() { pp_echo " Generating new passwords..." rstinst_recipher_passwords rstinst_reset_admin_passwd rstinst_remove_additional_admins rstinst_reset_sitebuilder_passwd rstinst_reset_apsc_passwd rstinst_reset_horde_passwd rstinst_reset_roundcube_passwd rstinst_reset_phpmyadmin_passwd rstinst_reset_mysql_debian_sys_maint_passwd # Postgres is not configured by default. } # vim:ft=sh ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. rstinst_reset_libswkey_store() { rstinst_is_license_keys_reset_scheduled || return 0 pp_echo " Resetting license keys store..." local swkey_store="/etc/sw/keys" rm -rf $swkey_store/backup/* rm -rf $swkey_store/keys/* rm -rf $swkey_store/instances rm -f $swkey_store/registry.xml install_default_license_key } rstinst_generate_guids() { pp_echo " Generating new GUIDs for BL entities..." rstinst_cloning_action reset-guids } rstinst_reshuffle_cron_tasks() { pp_echo " Randomizing cron tasks execution time shifts..." update_postfix_poplockdb_cleanup_crontab remove_cron_backup; install_cron_backup } rstinst_clean_panel_sessions() { p_echo " Cleaning Panel sessions..." clean_panel_sessions } rstinst_schedule_init_conf_screens() { pp_echo " Enabling initial configuration screens on next admin login..." # show license, admin info, ip and passwd initial configuration screens rstinst_cloning_action schedule-init-conf-screens rstinst_clean_panel_sessions } rstinst_update_master_key() { rstinst_is_update_master_key_scheduled || return 0 pp_echo " Updating Plesk license key..." rstinst_cloning_action update-master-key } rstinst_reset_owner_id() { pp_echo " Reset owner id..." db_do "DELETE FROM PleskStats WHERE param = 'cloudAccountId'" } rstinst_reset_upgrade_history() { pp_echo " Reset upgrade history..." rstinst_cloning_action reset-upgrade-history } rstinst_reset_stats() { pp_echo " Reset statistics..." rstinst_cloning_action reset-stats } rstinst_reset_one_time_logins() { pp_echo " Reset one-ltime logins..." rstinst_cloning_action reset-one-time-logins } rstinst_reset_panel_certificate() { pp_echo " Resetting existing certificate..." rstinst_backup_old_default_cert rstinst_cloning_action create-panel-certificate } rstinst_remap_ips() { pp_echo " Remapping IP addresses..." rstinst_cloning_action remap-ips } rstinst_reset_webpros_accounts() { pp_echo " Resetting WebPros Accounts..." rstinst_cloning_action reset-webpros-accounts } rstinst_reset_all() { pp_echo "Resetting instance-specific settings..." rstinst_reset_one_time_logins rstinst_reset_owner_id rstinst_reset_panel_certificate rstinst_remap_ips rstinst_generate_guids rstinst_update_master_key rstinst_generate_passwords rstinst_generate_certificates rstinst_reshuffle_cron_tasks rstinst_reset_libswkey_store rstinst_schedule_init_conf_screens rstinst_reset_upgrade_history rstinst_reset_stats rstinst_reset_webpros_accounts } # vim:ft=sh ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. rstinst_fix_hostname_postfix_virtual_db() { local myhostname=`"/usr/sbin/postconf" -h myhostname` local myhostname_matched= db_select "select name from domains union all select name from domain_aliases" local domains="$db_select_output" # prepare records to remove local to_rm=`"/usr/sbin/postmap" -s "hash:/var/spool/postfix/plesk/virtual"` # do not remove records related to existing domains or domain aliases for domain in $domains; do [ "$domain" != "$myhostname" ] || myhostname_matched="yes" to_rm=`printf "$to_rm" | grep -v "^\([[:alnum:]_-]\+@\)\?${domain}\s"` done # remove records related to old hostname if exists for key in `printf "${to_rm}" | awk '{print $1}'`; do "/usr/sbin/postmap" -d "$key" "hash:/var/spool/postfix/plesk/virtual" >> $product_log 2>&1 done # create default domain aliases if needed if [ -z "$myhostname_matched" ]; then for name in $(/usr/lib/plesk-9.0/mail_admin_aliases "--list-default-virtaliases"); do echo "$name@$myhostname $name@localhost.localdomain" | "/usr/sbin/postmap" -i "hash:/var/spool/postfix/plesk/virtual" >> $product_log 2>&1 done echo "$myhostname 1" | "/usr/sbin/postmap" -i "hash:/var/spool/postfix/plesk/virtual" >> $product_log 2>&1 fi } rstinst_reconfigure_mailserver() { pp_echo " Reconfiguring mailserver..." if rstinst_is_postfix; then pp_echo " ==> Fix mailsrv settings..." pp_echo " ==> Sanitize myhostname, mydomain and myorigin" # postinst explicitly sets myhostname, mydomain and myorigin on debian-based OS'es # it may lead to confusing after hostname changed (e.g. on cloud image deploy) # make postfix use the fqdn from gethostname() as myhostname "/usr/sbin/postconf" -X "myhostname" >> $product_log 2>&1 # make postfix use myhostname minus the first component as mydomain "/usr/sbin/postconf" -X "mydomain" >> $product_log 2>&1 # make postfix use myhostname as myorigin "/usr/sbin/postconf" -X "myorigin" >> $product_log 2>&1 ! rstinst_is_reset_init_conf_scheduled || "/usr/lib/plesk-9.0/mail_admin_aliases" rstinst_fix_hostname_postfix_virtual_db "/usr/lib/plesk-9.0/postfix-poplockdb-clean" >> $product_log 2>&1 "/usr/lib/plesk-9.0/remote_mail_restore/mail_auth_dump" >> $product_log 2>&1 "/opt/psa/admin/sbin/mailmng-service" --restart-service --mail-component=daemons-only >> $product_log 2>&1 & fi } rstinst_reconfigure_webservers() { pp_echo " Reconfiguring Webservers..." # This is at least needed to accommodate to default certificate change. # However, normaly there are no domains when this utility is called, # so it shouldn't take long. reconfigure_apache_if_needed } rstinst_update_all_services() { pp_echo "Reloading services configuration..." rstinst_reconfigure_webservers rstinst_reconfigure_mailserver # We would also need to restart various services, if the script was run manually. # But that is not a top priority right now. } # vim:ft=sh ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. rstinst_is_updates_available() { db_select "select count(42) from smb_componentUpdates" if [ -n "$db_select_output" -a "$db_select_output" == "0" ]; then echo "No updates for currently installed components found" return 1 fi } rstinst_deferred_install_updates() { ! rstinst_check_bool_misc_param "vps_cloning_skip_update" || return 0 pp_echo "Scheduling automatic product update..." rstinst_cloning_action set-skip-update { rstinst_set_subtask_status_flag "update" local ts_start=`date +%s` # check for updates rstinst_set_subtask_status_flag "update-check" sw_engine_pleskrun "$PRODUCT_ROOT_D/admin/plib/DailyMaintainance/script.php" -f "CheckForUpdates" rstinst_set_subtask_status_flag "update-check.complete" rstinst_reread_admin_passwd if rstinst_is_updates_available; then rstinst_set_subtask_status_flag "update.available" echo "Updates for currently installed components found" # sleep for default login_timeout before first attempt to updates installation local t_sleep=1800 local ts_next=$((`date +%s` + t_sleep)) echo "Updates installation is delayed for $t_sleep seconds (till `date -d @$ts_next`)" sleep "$t_sleep" rstinst_reread_admin_passwd while true ; do # check for updates available (it may already be installed by admin itself) rstinst_is_updates_available || break # if active session found then go to sleep db_select "select ifnull(max(modified + lifetime), 0) from sessions" t_sleep=$((db_select_output - `date +%s`)) if [ "$t_sleep" -gt "0" ]; then echo "Active panel session was found" [ "$t_sleep" -le "300" ] || t_sleep=300 ts_next=$((`date +%s` + t_sleep)) if [ $((ts_next - ts_start)) -gt 43200 ]; then rstinst_set_subtask_status_flag "update.timeout" echo "Update installation is aborted due timeout" break fi echo "Updates installation is delayed for $t_sleep seconds (till `date -d @$ts_next`)" rstinst_set_subtask_status_flag "update-delay" sleep "$t_sleep" rstinst_reread_admin_passwd rstinst_set_subtask_status_flag "update-delay.complete" continue fi rstinst_set_subtask_status_flag "update-install" echo "Starting asynchronous product update task..." sw_engine_pleskrun "$PRODUCT_ROOT_D/admin/plib/DailyMaintainance/script.php" -f "InstallUpdates" rstinst_set_subtask_status_flag "update-install.complete" echo "Asynchronous update task completed with return code $?" echo break done fi rstinst_set_subtask_status_flag "update.complete" } >> $product_log 2>&1 & } # vim:ft=sh ### Copyright 1999-2025. WebPros International GmbH. All rights reserved. reexec_with_clean_env "$@" prog="`basename $0`" rstinst_action="$1" shift rstinst_args="$@" usage() { cat << EOT Usage: $prog [options] Available commands and options: schedule Schedule cloning service to be run on the next boot. start-pre Perform preliminary actions. Used by plesk-cloning.service. This command is called automatically in the scope of 'start' command if it hasn't been called before. start Perform cloning. --force Reset instance-specific data regardless of currently active cloning mode options. status Get current status of the cloning procedure. --json Use json formatted output. help Show this help message. WARNING: You probably don't want to invoke this utility directly. It will reset ALL global instance-specific data on this machine, including but not limited to passwords, certificates, and optionally license keys. If you are preparing a public master image for a cloud platform or virtualization solution take a look at 'cloning' utility. If you are sure you need to invoke this utility directly, pass '--do-what-I-say' option along with '$prog start'. Note that this utility is not designed to reset any customer data, but only global and admin data. EOT exit 1 } rstinst_check_args() { local opt_do_what_i_say= for arg in $rstinst_args; do case "${rstinst_action}${arg}" in start--do-what-I-say) opt_do_what_i_say="yes" ;; start--force) opt_force_instance_reset="yes" ;; status--json) opt_status_json="yes" ;; help*|*-h|*--help) usage ;; *) echo "Unknown argument '$arg'" echo usage ;; esac done [ "${rstinst_action}" != "start" -o -n "$opt_do_what_i_say" ] || usage } rstinst_log_title() { echo "$prog $rstinst_action $rstinst_args AT `date`" } rstinst_init() { set_log_action_name "$prog" [ "$rstinst_action" == "status" ] || log_transaction_start "`rstinst_log_title`" rstinst_check_args product_default_conf initial_conf set_common_params read_conf rstinst_status_d="$PRODUCT_ROOT_D/var/$prog/status" [ "$rstinst_action" != "schedule" ] || rm -rf "$rstinst_status_d" if [ "$rstinst_action" != "status" ]; then set_error_report_source "backend" set_error_report_component "reset_instance_data" set_error_report_context "`rstinst_log_title`" # mysql isn't required for the prereset stage # moreover it may not yet be ready to accept connections # see plesk-cloning.service for details [ "$rstinst_action" = "prereset" ] || uses_mysql_client set_apache_params set_swcpserver_params set_maintenance_mode_params fi } rstinst_do_action() { local action="$1" [ -n "$action" ] || return 1 rstinst_set_status_flag "action" "$action.started" rstinst_${action} && rstinst_set_status_flag "action" "$action.completed" } rstinst_check_action_started() { rstinst_check_status_flag "action" "$1.started" } rstinst_check_action_completed() { rstinst_check_status_flag "action" "$1.completed" } rstinst_get_status() { local status= if rstinst_check_action_completed "postreset"; then # already finished rstinst_check_action_completed "reset" && status="completed" || status="error" elif rstinst_check_action_started "prereset"; then # was started, check service is running local is_active=`/bin/systemctl is-active plesk-cloning.service` if [ "$is_active" == "activating" -o "$is_active" == "active" -o "$is_active" == "deactivating" ]; then status="running" elif rstinst_check_action_completed "postreset"; then # service has been exited right now, recheck is required status=`rstinst_get_status` else status="error" fi elif rstinst_check_action_started "schedule"; then # was scheduled, check service is enabled if /bin/systemctl is-enabled plesk-cloning.service >/dev/null 2>&1; then status="scheduled" elif rstinst_check_action_started "prereset"; then # service has been started rigth now, recheck is required status=`rstinst_get_status` else status="error" fi fi echo "${status:-absent}" } rstinst_status() { local status=`rstinst_get_status` if [ -z "$opt_status_json" ]; then echo "$status" else echo "{\"status\":\"$status\"}" fi } rstinst_schedule() { register_service plesk-cloning } rstinst_prereset() { rstinst_setup_report_cloning # make sure the service is invoked only once unregister_service plesk-cloning # normally this code runs in the scope of ExecStartPre section of plesk-cloning.service # it is executed before start of sw-cp-server due Requires/After options of the service # so reload isn't required to apply maintenance mode rstinst_enable_maintenance_mode report_maintenance_status "clone" 0 } rstinst_reset() { if [ "$opt_force_instance_reset" != "yes" ]; then if ! rstinst_is_public_image_cloning_mode || rstinst_is_public_image_cloning_started; then die "No cloning was scheduled or one already started" fi fi rstinst_cloning_action start-event # Note: general policy for this script is to avoid interrupting its # execution unless something _extremely_ bad happened. # Ideally we should execute each action that might fail in a separate # subshell. But that would dramatically influence global variables # and therefore probably introduce a couple of new critical bugs. report_maintenance_status "clone" "30" "Resetting instance-specific settings..." rstinst_reset_all report_maintenance_status "clone" "60" "Reloading services configuration..." rstinst_update_all_services report_maintenance_status "clone" "90" "Scheduling automatic product update..." rstinst_deferred_install_updates pp_echo "Completed" rstinst_cloning_action complete-event } rstinst_postreset() { rstinst_disable_maintenance_mode pleskrc swcpserver try-reload } rstinst_do_action_postreset() { rstinst_do_action "postreset" rstinst_report_cloning "$TRANSACTION_RETURN_CODE" } rstinst_init true rstinst_schedule rstinst_prereset rstinst_reset rstinst_postreset case "$rstinst_action" in schedule) rstinst_do_action "schedule" ;; start-pre) rstinst_do_action "prereset" ;; start) transaction_add_rollback_action "rstinst_do_action_postreset" transaction_add_commit_action "rstinst_do_action_postreset" # execute preliminary actions if util is started not by systemd if ! rstinst_check_action_started "prereset"; then rstinst_do_action "prereset" # reload of sw-cp-server is required to apply maintenance mode pleskrc swcpserver try-reload fi rstinst_do_action "reset" ;; status) rstinst_status ;; *) usage ;; esac # vim:ft=sh