cutemeli/server
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2adfbd9ea73fc04955d459a3e37101263067ebdb
server/usr/lib/plesk-9.0/services/webserver.apache
cutemeli 2adfbd9ea7 .gitignore angepasst
2026-01-07 20:52:11 +01:00

2301 lines
58 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
#
#
# Plesk script
#
#default values
product_default_conf()
{
PRODUCT_ROOT_D=/opt/psa
PRODUCT_RC_D=/etc/init.d
PRODUCT_ETC_D=/opt/psa/etc
PLESK_LIBEXEC_DIR=/usr/lib/plesk-9.0
HTTPD_VHOSTS_D=/var/www/vhosts
HTTPD_CONF_D=/etc/apache2
HTTPD_INCLUDE_D=/etc/apache2/conf-enabled
HTTPD_BIN=/usr/sbin/apache2
HTTPD_LOG_D=/var/log/apache2
HTTPD_SERVICE=apache2
QMAIL_ROOT_D=/var/qmail
PLESK_MAILNAMES_D=/var/qmail/mailnames
RBLSMTPD=/usr/sbin/rblsmtpd
NAMED_RUN_ROOT_D=/var/named/run-root
WEB_STAT=/usr/bin/webalizer
MYSQL_VAR_D=/var/lib/mysql
MYSQL_BIN_D=/usr/bin
MYSQL_SOCKET=/var/run/mysqld/mysqld.sock
PGSQL_DATA_D=/var/lib/postgresql/16/main
PGSQL_CONF_D=/etc/postgresql/16/main
PGSQL_BIN_D=/usr/lib/postgresql/16/bin
DUMP_D=/var/lib/psa/dumps
DUMP_TMP_D=/tmp
MAILMAN_ROOT_D=/usr/lib/mailman
MAILMAN_VAR_D=/var/lib/mailman
PYTHON_BIN=/usr/bin/python2
GPG_BIN=/usr/bin/gpg
TAR_BIN=/usr/lib/plesk-9.0/sw-tar
AWSTATS_ETC_D=/etc/awstats
AWSTATS_BIN_D=/usr/lib/cgi-bin
AWSTATS_TOOLS_D=/usr/share/awstats/tools
AWSTATS_DOC_D=/usr/share/awstats
OPENSSL_BIN=/usr/bin/openssl
LIB_SSL_PATH=/lib/libssl.so
LIB_CRYPTO_PATH=/lib/libcrypto.so
CLIENT_PHP_BIN=/opt/psa/bin/php-cli
SNI_SUPPORT=true
APS_DB_DRIVER_LIBRARY=/usr/lib/x86_64-linux-gnu/sw/libmysqlserver.so.2.0
SA_MAX_MAIL_SIZE=256000
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
set_apache_params()
{
apache_user="www-data"
apache_UID=80
apache_group="www-data"
apache_GID=80
apache_pid_file="$APACHE_ROOT/logs/httpd.pid"
apache_lock_file="$APACHE_ROOT/logs/httpd.lock"
product_lock_file="$HTTPD_CONF_D/cnf.lock"
apache_service_name="apache2"
apache_modules_d="/usr/lib/apache2/modules"
apache_service="$apache_service_name"
apache_httpd_conf="$HTTPD_CONF_D/apache2.conf"
apache_httpd_include="$HTTPD_INCLUDE_D/zz010_psa_httpd.conf"
APACHE_ROOT="/usr"
min_suexec_UID=10000
max_suexec_UID=16000
min_suexec_GID=$min_suexec_UID
max_suexec_GID=$max_suexec_UID
suexec_storage=/usr/lib/plesk-9.0/suexec
suexec=/usr/lib/apache2/suexec
suexec_dir="`dirname "$suexec"`"
suexec_file="`basename "$suexec"`"
rpm_httpd_bin=/usr/sbin/httpd
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
# mode: shell-script
# vim: ft=sh
module_exists()
{
local dir
[ -n "$1" ] || return 1
test -e "${HTTPD_CONF_D}/mods-available/$1.load" && return
if [ -n "${additional_apache_modules_d}" ]; then
for dir in $additional_apache_modules_d; do
if [ -f "${dir}/mod_$1.so" ] ; then return ; fi
if [ -n "$2" -a -f "${dir}/$2" ] ; then return ; fi
done
fi
return 1
}
# Run before it
# read_conf
# # set_common_params
# set_apache_params
add_apache_module()
{
local module_name="$1"
local module_soname="$2" # optional
local config="$3" # optional
if ! module_exists $module_name "$module_soname"; then
p_echo "Load file ${HTTPD_CONF_D}/mods-available/$module_name.load for a2enmod not found"
return 1
fi
if [ -x /usr/sbin/a2enmod ]; then
/usr/sbin/a2enmod $module_name >> $product_log
else
warn "a2enmod utilily not found! Module $module_name was NOT enabled."
fi
}
# Run before it
# read_conf
# # set_common_params
# set_apache_params
remove_apache_module()
{
local module_name="$1"
local module_soname="$2" # optional
local config="$3" # optional
if [ -x /usr/sbin/a2dismod ]; then
/usr/sbin/a2dismod -f $module_name
else
warn "a2dismod utilily not found! Module $module_name was NOT disabled."
fi
}
httpdmng_reconfigure()
{
local httpdmng_tool="${PRODUCT_ROOT_D}/admin/sbin/httpdmng"
local what="$1"
shift
case "$what" in
all|server|webmail) : ;;
*) simply_die "Unexpected argument '$what' to httpdmng_reconfigure()" ;;
esac
if [ ! -x "$httpdmng_tool" ]; then
p_echo "Unable to do 'httpdmng --reconfigure-$what': the utility is not yet on its place. Maybe will attempt later."
return 1
fi
! "$httpdmng_tool" "--reconfigure-$what" -skip-removing -service-node local "$@" >> $product_log 2>&1 || return 0
# There are 2 well known possible reasons of webserver templates reconfiguration failure:
# 1. domain/server/webmail templates are well, but arbitrary domain unable to be configured due to the some reasons,
# for example broken vhost structure
# 2. broken domain/server/webmail templates
# STEP 1. try to rollback to the default templates
! httpdmng_reconfigure_rollback_to_default_templates "${what}" "$@" || return 0
if [ "all" = "${what}" ]; then
# STEP 2. ignore broken domains
pp_echo "Warning: web server configuration is broken. We will try to repair it. This operation can take a lot of time, please do not interrupt the process."
p_echo "Unable to rebuild web server configuration, possible there are broken domains"
local inten="reconfigure web-server configurations skipping broken domains"
echo_try "${inten}"
if "$httpdmng_tool" "--reconfigure-$what" "-skip-broken" -service-node local "$@" >> $product_log 2>&1; then
suc
return 0
else
# STEP 3. try to rollback to the default templates, broken domains are ignored (possibly problem are in the server/webmail configs)
warn "${inten}"
! httpdmng_reconfigure_rollback_to_default_templates "${what}" "-skip-broken" -service-node local "$@" || return 0
fi
fi
return 1
}
# NOTE: do not use function directly, it just helper for httpdmng_reconfigure !!!
# here we try to reconfigure webserver configs using default temnplates
httpdmng_reconfigure_rollback_to_default_templates()
{
local template_d="${PRODUCT_ROOT_D}/admin/conf/templates"
local inten="rebuild web server configs with default templates after reconfiguration failure"
local tmp_d=
local what="$1"
shift
[ -d "${template_d}/custom" ] || return 1
p_echo "Unable to rebuild web server configuration with currently active default templates"
echo_try "${inten}"
if ! tmp_d=`mktemp -d "${template_d}/broken_templates_XXXXXXXX" 2>>$product_log`; then
warn "${inten} - unable to create temporary directory for custom templates"
return 1
fi
if ! mv -f "${template_d}/custom/"* "${tmp_d}"; then
warn "${inten} - unable to move custom templates into ${tmp_d}"
return 1
fi
rm -rf "${template_d}/custom"
if ! "$httpdmng_tool" "--reconfigure-$what" -service-node local "$@" >> $product_log 2>&1; then
warn "${inten} - using default templates does not solve the problem, restore custom ones"
mv -f "${tmp_d}" "${template_d}/custom"
return 1
fi
suc
pp_echo "Custom templates which are breaking web server reconfiguration were moved to ${tmp_d}"
cat <<EOF >"${tmp_d}/README"
This directory contains broken custom webserver templates which are breaking web server reconfiguration.
Custom templates were moved here on `date` during product update or upgrade.
EOF
}
install_suexec()
{
local plesk_suexec="$suexec_storage/$PRODNAME-$suexec_file"
[ -f "$plesk_suexec" ] || return 0
p_echo "===> Installing $suexec replacement"
{
/usr/bin/update-alternatives --install "$suexec" suexec "$plesk_suexec" 90 \
--slave /usr/share/man/man8/suexec.8.gz suexec.8.gz /usr/share/man/man8/psa-suexec.8.gz
/usr/bin/update-alternatives --set suexec "$plesk_suexec"
} >> "$product_log" 2>&1
! selinux_is_active || selinux_relabel_dir "$suexec"
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
# vim:ft=sh:
chroot_warning_prgtype()
{
local prg type
prg="$1"
type="$2"
p_echo "$prg: $type"
p_echo "probably it will not work in chrooted accounts"
warn "register $prg in chrooted environment"
}
install_chroot_program()
{
local inten prg cp_update filetype libdir libdir64
inten="register $1 in chroot"
prg="$1"
libdir="$2"
libdir64="$3"
filetype=`file -ib "$prg"`
case "$filetype" in
application/x-executable*statically' 'linked*) ;;
application/x-executable*|application/x-sharedlib*|application/x-pie-executable*)
# sometimes 'file' say the executable is a shared library
# newer OSes also say just "executable" without distibguishind between static and dynamic
ldd "$prg" | awk '/not found/ { print; exit 1; }
/not a dynamic executable/ { exit 0; }
NR=4 && $1 !~ /^\// && $2=="=>" && $4 ~ /\(0x[[:xdigit:]]*\)/ {
if ($3 ~ /\/lib64\//) {
dir = DIR64;
} else {
dir = DIR;
}
if (system("cp -v -p " CP_UPDATE " " $3 " " dir "/" $1)!=0)
{ exit 1; }
}
' DIR="$libdir" DIR64="$libdir64" CP_UPDATE="$cp_update" >> "$product_log" 2>&1 || warn "$inten"
;;
application/octet-strea*)
;;
*)
chroot_warning_prgtype "$prg" "$filetype"
;;
esac
}
install_gunzip_chroot()
{
local path="$(readlink -e "$(which gunzip 2>/dev/null)")"
if [ -z "$path" ]; then
warn "unable to find gunzip"
return 0
fi
local chrooted_path="$bindir/gunzip"
case "$(file -ib "$path")" in
text/*)
# gunzip is a shell scripts which execs `gzip -d`
# but nobody promises that script won't be changed
echo_try "install gunzip script into chroot environment"
cat <<-'EOT' > "$chrooted_path"
#!/bin/sh
exec gzip -d "$@"
EOT
chmod a+x "$chrooted_path"
suc
;;
*)
cp -v -p "$path" "$chrooted_path" >> "$product_log" 2>&1
install_chroot_program "rooted_path" "$libdir" "$libdir64"
;;
esac
}
install_sftp_chroot()
{
echo_try "install sftp-server binary into chroot environment"
local sftp_path="$(awk '/^Subsystem[[:space:]]+sftp.*$/ {print $3}' < /etc/ssh/sshd_config)"
if [ "$sftp_path" = "internal-sftp" ]; then
p_echo "not required for builtin sftp"
return
fi
local sftp_dir="${sftp_path%/*}"
if [ -z "$sftp_dir" ]; then
p_echo "Warning: sftp-server binary not found"
p_echo "+ sftp connections will not be available for chrooted accounts"
else
mkdir -p "$CHROOT_ROOT_D$sftp_dir" >> "$product_log" 2>&1
cp -v -p "$sftp_path" "$CHROOT_ROOT_D$sftp_path" >> "$product_log" 2>&1
suc
install_chroot_program "$CHROOT_ROOT_D$sftp_path" "$libdir" "$libdir64"
fi
}
install_vi_chroot()
{
# vi is either an app or a shell script which execs vim if it exists or real vi app otherwise
local inten="install vi into chroot environment"
echo_try "$inten"
local path
local chrooted_path="$bindir/vi"
for path in $(whereis vi 2>/dev/null); do
path="$(readlink -e "$path")"
[ -n "$path" ] && [[ "$(file -ib $path)" = application/* ]] || continue
cp -v -p "$path" "$chrooted_path" >> "$product_log" 2>&1
suc
install_chroot_program "$chrooted_path" "$libdir" "$libdir64"
return 0
done
warn "unable to $inten: application not found"
}
install_chroot_base()
{
local bindir libdir libdir64
CHROOT_ROOT_D="$HTTPD_VHOSTS_D/chroot"
CHROOT_PROGRAMS="bash cat chmod cp grep head id less ln ls mkdir more \
mv pwd rm rmdir sash sh tail touch du true false scp groups \
wget zip unzip tar gzip curl unrar"
os=`uname -s`
if [ "${os}" != "Linux" ]; then
die "unknown system $os" ;
fi
cp_update=
bindir="$CHROOT_ROOT_D/`readlink -m /bin`"
libdir="$CHROOT_ROOT_D/`readlink -m /lib`"
syslibdir64="`readlink -f -m /lib64`"
libdir64="$CHROOT_ROOT_D/$syslibdir64"
copy="cp -v -p $cp_update"
echo_try "install chrooted environment"
# NOTE: previously during chroot upgrade all chroot environments in vhosts were removed and then added again via chrootmng.
# This behavior was removed to support remote SN. Not sure it is in fact needed.
# See also http://plesk-process.parallels.com/TargetProcess2/Project/Planning/UserStory/View.aspx?UserStoryID=70752
install -m 750 -d "$CHROOT_ROOT_D"
chown 0:0 "$CHROOT_ROOT_D"
mkdir -m 755 -p "$bindir"
mkdir -m 755 -p "$libdir"
[ -d "$syslibdir64" ] && mkdir -m 755 -p "$libdir64"
mkdir -m 755 -p "$CHROOT_ROOT_D/usr"
mkdir -m 755 -p "$CHROOT_ROOT_D/usr/lib"
# Create symlinks like /bin -> usr/bin if needed (CentOS/RedHat >= 7)
for dir in bin lib lib64; do
# return code is intentionally ignored ($dir_target will be empty if not a symlink)
local dir_target="`readlink "/$dir"`"
[ -z "$dir_target" ] || ln -snfT "$dir_target" "$CHROOT_ROOT_D/$dir"
done
[ -d /usr/libexec ] && mkdir -m 755 -p "$CHROOT_ROOT_D/usr/libexec"
[ -d /libexec ] && mkdir -m 755 -p "$CHROOT_ROOT_D/libexec"
mkdir -m 755 -p "$CHROOT_ROOT_D/etc"
mkdir -m 1777 -p "$CHROOT_ROOT_D/tmp"
mkdir -m 755 -p "$CHROOT_ROOT_D/var"
mkdir -m 1777 -p "$CHROOT_ROOT_D/var/tmp"
mkdir -m 755 -p "$CHROOT_ROOT_D/dev"
[ -e "$CHROOT_ROOT_D/dev/null" ] || mknod -m 666 "$CHROOT_ROOT_D/dev/null" c 1 3
chown root:root "$CHROOT_ROOT_D/dev/null"
[ -e "$CHROOT_ROOT_D/dev/random" ] || mknod -m 644 "$CHROOT_ROOT_D/dev/random" c 1 8
[ -e "$CHROOT_ROOT_D/dev/urandom" ] || mknod -m 644 "$CHROOT_ROOT_D/dev/urandom" c 1 9
chown root:root "$CHROOT_ROOT_D/dev/random" "$CHROOT_ROOT_D/dev/urandom"
cd "$bindir"
for f in $CHROOT_PROGRAMS; do
path=`which "$f" 2>/dev/null`
found=$?
if test $found -eq 0 -a -x "$path"; then
cp -v -p "$path" "$f" >> "$product_log" 2>&1
install_chroot_program "$f" "$libdir" "$libdir64"
fi
done
install_gunzip_chroot
install_sftp_chroot
install_vi_chroot
for l in lib lib64 usr/lib64 lib/i386-linux-gnu lib/x86_64-linux-gnu; do
[ -d "/$l" ] || continue
mkdir -p "$CHROOT_ROOT_D/$l"
! stat /$l/ld-linux* >/dev/null 2>&1 || $copy /$l/ld-linux* "$CHROOT_ROOT_D/$l"
! stat /$l/libnss_*.so.2 >/dev/null 2>&1 || $copy /$l/libnss_*.so.2 "$CHROOT_ROOT_D/$l"
done >> "$product_log" 2>&1
if test -r /etc/termcap; then
cp -v -p /etc/termcap "$CHROOT_ROOT_D/etc/termcap" >> "$product_log" 2>&1
fi
touch "$CHROOT_ROOT_D/etc/passwd"
touch "$CHROOT_ROOT_D/etc/group"
# /etc/resolv.conf may be a symlink on some systems (e.g., on Debian if resolvconf package is installed)
if [ -f "/etc/resolv.conf" ]; then
ln -v -f -T -L "/etc/resolv.conf" "$CHROOT_ROOT_D/etc/resolv.conf" || cp -p -L "/etc/resolv.conf" "$CHROOT_ROOT_D/etc/resolv.conf"
fi >> "$product_log" 2>&1
if test -d "$PRODUCT_ROOT_D/chroot"; then
cd "$PRODUCT_ROOT_D/chroot"
for f in *; do
tar cpf - -C "$f" . | tar xpf - -C "$CHROOT_ROOT_D" || warn "copy $f to chroot parttern"
find $d -type f -perm +111 | while read p; do
install_chroot_program "$p" "$libdir" "$libdir64"
done
done
fi
suc
selinux_relabel_dir -F "$CHROOT_ROOT_D"
selinux_relabel_dir -F "/etc/resolv.conf"
}
set_chrootsh_perms()
{
chgrp psacln $PRODUCT_ROOT_D/bin/chrootsh
chmod 4750 $PRODUCT_ROOT_D/bin/chrootsh
}
deferred_apache_restart()
{
touch "/var/lock/plesk_deferred_apache_restart"
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
# vim:ft=sh
# Usage: pleskrc <service> <action>
pleskrc()
{
[ 2 -le $# ] || die "Not enough arguments"
local service_name=${1//[-.@]/_}
local action=$2
local ret=0
local inten
shift
shift
# Now check redefined functions
if test "$machine" = "linux" && is_function "${service_name}_${action}_${machine}_${linux_distr}"; then
"${service_name}_${action}_${machine}_${linux_distr}" "$@"
return $?
elif is_function "${service_name}_${action}_${machine}"; then
"${service_name}_${action}_${machine}" "$@"
return $?
elif is_function "${service_name}_${action}"; then
"${service_name}_${action}" "$@"
return $?
fi
# Not redefined - call default action
eval "service=\$${service_name}_service"
[ -n "$service" ] || die "$action $service_name service (Empty service name for '$service_name')"
if [ "$action" = "name" ]; then
echo "${service}.service"
return 0
fi
inten="$action service $service"
pleskrc_is_failure_for_action_ok "$action" || echo_try "$inten"
if [ -x "/bin/systemctl" -a "$do_upgrade" = "1" -a ! -f "/var/lock/parallels-panel-bootstrapper-running.lock" -a -z "$SYSTEMD_DAEMON_RELOADED" ]; then
# reload systemd units if requested from an upgrade package script - in case a unit was changed
/bin/systemctl daemon-reload
SYSTEMD_DAEMON_RELOADED="yes"
fi
service_ctl "$action" "$service" "$service_name"
ret="$?"
pleskrc_is_failure_for_action_ok "$action" || {
if [ "$ret" -eq 0 ]; then
suc
else
if [ -x "/bin/systemctl" ]; then
p_echo "`/bin/systemctl -l status \"${service}.service\" | awk 'BEGIN {s=0} s==1 {s=2} /^$/ {s=1} s==2 {print}'`"
fi
warn "$inten failed"
fi
}
return $ret
}
pleskrc_is_failure_for_action_ok()
{
local action="$1"
case "$action" in
status|exists|is-active|is-enabled|is-failed) return 0 ;;
esac
return 1
}
# NOTE:
# Function service_ctl is just helper for pleskrc().
# Do not call it directly, use pleskrc()!!!
service_ctl()
{
local action=$1
local service=$2
local service_name=$3
if [ "$action" != "exists" ]; then
_service_exec $service exists
if [ "$?" != "0" ]; then
p_echo "attempt to ${inten} - service doesn't exist (missing unit file or not executable control script)"
return 1
fi
fi
case "$action" in
start)
pleskrc "$service_name" status || _service_exec "$service" "$action"
;;
stop)
! pleskrc "$service_name" status || _service_exec "$service" "$action"
;;
restart)
if pleskrc "$service_name" status; then
_service_exec "$service" "$action"
else
_service_exec "$service" start
fi
;;
reload)
! pleskrc "$service_name" status || _service_exec "$service" "$action"
;;
status)
_service_exec "$service" status
;;
try-restart)
if [ -x "/bin/systemctl" ]; then
_service_exec "$service" "$action"
else
! pleskrc "$service_name" status || _service_exec "$service" "restart"
fi
;;
try-reload)
! pleskrc "$service_name" status || _service_exec "$service" "reload"
;;
reload-or-restart)
if [ -x "/bin/systemctl" ]; then
_service_exec "$service" "$action"
elif pleskrc "$service_name" status; then
_service_exec "$service" "reload"
else
_service_exec "$service" "start"
fi
;;
*)
_service_exec "$service" "$action"
;;
esac >> "$product_log"
}
_service_exec()
{
# Keep in sync with pylibplesk/plesk_service.py
local service=$1
local action=$2
local action_cmd
local sysvinit_service="/etc/init.d/$service"
if [ -x "/bin/systemctl" ]; then
case "${action}" in
exists)
if /bin/systemctl cat "$service.service" >/dev/null 2>&1; then
return 0 # systemd unit
elif [ -f "/lib/systemd/system/$service.service" ]; then
/bin/systemctl daemon-reload
return 0 # systemd unit which exists but was changed and has not been reloaded before
elif [ -x "$sysvinit_service" ]; then
return 0 # sysvinit compat
fi
return 1 # not found
;;
status)
action="is-active"
;;
reload|graceful)
action='reload-or-try-restart'
;;
esac
/bin/systemctl "$action" "${service}.service"
else
warn "Cannot $action $service on this system: no executable /bin/systemctl"
return 1
fi
}
is_function()
{
local type_output=$(type -t "$1")
test "X${type_output}" = "Xfunction"
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
# echo message to product log and console (always visible)
pp_echo()
{
if [ -n "$product_log" ] ; then
echo "$@" >> "$product_log" 2>&1
fi
echo "$@" >&2
}
# echo message to product log, also to console in debug mode
p_echo()
{
if [ -n "$product_log" ] ; then
echo "$@" >> "$product_log" 2>&1
fi
if [ -n "$PLESK_INSTALLER_DEBUG" -o -n "$PLESK_INSTALLER_VERBOSE" -o -z "$product_log" ] ; then
echo "$@" >&2
fi
}
# same as p_echo, but without new line
pnnl_echo()
{
p_echo -n "$@"
}
int_err()
{
report_problem "internal" "Internal error: $@"
exit 1
}
p_see_product_log()
{
log_is_in_dev "${product_log}" || printf " (see log file: ${product_log})" >&2
}
die()
{
report_problem "fatal" "ERROR while trying to $@"
printf "Check the error reason" >&2
p_see_product_log
echo ", fix and try again" >&2
selinux_close
exit 1
}
simply_die()
{
report_problem "fatal" "$@"
exit 1
}
warn()
{
local inten="$1"
if [ -n "$PLESK_INSTALLER_DEBUG" -o -n "$PLESK_INSTALLER_VERBOSE" ]; then
p_echo
p_echo "WARNING!"
pnnl_echo "Some problems are found during $inten"
p_see_product_log
p_echo
p_echo "Continue..."
p_echo
fi
report_problem "warning" "Warning: $inten"
}
comm_err()
{
p_echo " Unfortunately, this situation has not yet been"
p_echo " resolved."
p_echo " Please, visit $support_contact for assistance."
p_echo
p_echo "Exiting..."
p_echo
exit 1
}
gid_err()
{
gid="$1"
p_echo
p_echo "ERROR: It seems there is a group with GID=$gid"
p_echo " in this system, but $PRODUCT_NAME needs the same GID"
p_echo " for its operation."
report_problem "error" "Error: group with GID=$gid already exists."
comm_err
}
group_err()
{
group="$1"
gid="$2"
p_echo
p_echo "ERROR: It seems that there is group $group"
p_echo " in your system. $PRODUCT_NAME uses the same group"
p_echo " name but with another group ID ($gid)."
report_problem "error" "Error: group $group exists, but it doesn't have GID=$gid."
comm_err
}
uid_err()
{
uid="$1"
p_echo
p_echo "ERROR: It seems there is a user with UID=$uid"
p_echo " in this system, but $PRODUCT_NAME needs the same UID"
p_echo " for its operation."
report_problem "error" "Error: user with UID=$uid already exists."
comm_err
}
logname_err()
{
user="$1"
uid="$2"
p_echo
p_echo "ERROR: It seems that there is a $user in your system"
p_echo " with a UID other than that used by $PRODUCT_NAME ($uid)"
p_echo " or the $user is in the primary group, but this"
p_echo " group is not the one that $PRODUCT_NAME uses."
report_problem "error" "Error: user $user exists, but it doesn't have UID=$uid or it belongs to wrong primary group."
comm_err
}
echo_try()
{
msg="$*"
pnnl_echo " Trying to $msg... "
}
suc()
{
p_echo "done"
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
reexec_with_clean_env()
{
# Usage: call this function as 'reexec_with_clean_env "$@"' at the start of a script.
# Don't use with scripts that require sensitive environment variables.
# Don't put the call under any input/output redirection.
# Purpose: make sure the script is executed with a sane environment.
local lc="`get_default_locale`"
export LANG="$lc" LC_MESSAGES="$lc" LC_ALL="$lc"
export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
umask 022
PLESK_SCRIPT_COMMAND_LINE="$0 $*"
[ -z "$PLESK_INSTALLER_ENV_CLEANED" ] || { unset PLESK_INSTALLER_ENV_CLEANED; return 0; }
[ -n "$BASH" ] || exec /bin/bash "$0" "$@"
# N.B.: the following code requires Bash. On Dash it would cause syntax error upon parse w/o eval.
eval '
local extra_vars=() # list of variables to preserve
for var in "${!PLESK_@}"; do # enumerate all PLESK_* variables
extra_vars+=("$var=${!var}")
done
extra_vars+=("PLESK_INSTALLER_ENV_CLEANED=1")
# Exec self with clean env except for extra_vars, shell opts, and arguments.
exec /usr/bin/env -i "${extra_vars[@]}" /bin/bash ${-:+-$-} "$0" "$@" || {
echo "Failed to reexec self ($0) with clean environment" >&2
exit 91 # Just some relatively unique error code
}
'
}
get_default_locale()
{
# Note that CentOS 7 typically doesn't have C.UTF-8
for lc in "C.UTF-8" "en_US.UTF-8" "C"; do
if [ -z "`LC_ALL=$lc locale 2>&1 >/dev/null`" ]; then
echo "$lc"
return 0
fi
done
echo "C"
}
# accumulates chown and chmod
set_ac()
{
local u_owner g_owner perms node
u_owner="$1"
g_owner="$2"
perms="$3"
node="$4"
# A very small optimization - replacing of two execs by one,
# it works only if the following conditions are observed:
# - u_owner is username (not UID);
# - g_owner is group (not GID);
# - perms is in octal mode.
# If some conditions aren't observed,
# optimization doesn't work,
# but it doesn't break function
[ "$(stat -c '%U:%G 0%a' $node)" != "$u_owner:$g_owner $perms" ] || return 0
chown $u_owner:$g_owner $node || die "chown $u_owner:$g_owner $node"
chmod $perms $node || die "chmod $perms $node"
}
detect_vz()
{
[ -z "$PLESK_VZ_RESULT" ] || return $PLESK_VZ_RESULT
PLESK_VZ_RESULT=1
PLESK_VZ=0
PLESK_VE_HW_NODE=0
PLESK_VZ_TYPE=
local issue_file="/etc/issue"
local vzcheck_file="/proc/self/status"
[ -f "$vzcheck_file" ] || return 1
local env_id=`sed -ne 's|^envID\:[[:space:]]*\([[:digit:]]\+\)$|\1|p' "$vzcheck_file"`
[ -n "$env_id" ] || return 1
if [ "$env_id" = "0" ]; then
# Either VZ/OpenVZ HW node or unjailed CloudLinux
PLESK_VE_HW_NODE=1
return 1
fi
if grep -q "CloudLinux" "$issue_file" >/dev/null 2>&1 ; then
return 1
fi
if [ -f "/proc/vz/veredir" ]; then
PLESK_VZ_TYPE="vz"
elif [ -d "/proc/vz" ]; then
PLESK_VZ_TYPE="openvz"
fi
PLESK_VZ=1
PLESK_VZ_RESULT=0
return 0
}
# detects lxc and docker containers
detect_lxc()
{
[ -z "$PLESK_LXC_RESULT" ] || return $PLESK_LXC_RESULT
PLESK_LXC_RESULT=1
PLESK_LXC=0
if { [ -f /proc/1/cgroup ] && grep -q 'docker\|lxc' /proc/1/cgroup; } || \
{ [ -f /proc/1/environ ] && cat /proc/1/environ | tr \\0 \\n | grep -q "container=lxc"; };
then
PLESK_LXC_RESULT=0
PLESK_LXC=1
fi
return "$PLESK_LXC_RESULT"
}
call_optional_function()
{
local type_output="`LC_ALL=C type \"$1\" 2>/dev/null | head -n 1`"
case "$type_output" in
*function)
"$@"
;;
*)
return 0
;;
esac
}
add_string()
{
local pattern string config
pattern="$1"
string="$2"
config="$3"
if ! grep -q "^$pattern\$" "$config"; then
echo "$string" >>"$config"
fi
}
configure_service_ssl_ciphers_protocols()
{
[ -x "$PRODUCT_ROOT_D/admin/sbin/sslmng" ] || return 0
local inten="configure SSL ciphers and protocols for: $1"
echo_try "$inten"
"$PRODUCT_ROOT_D/admin/sbin/sslmng" --service="$1" --set >> "$product_log" 2>&1 && suc && return 0
warn "$inten"
return 1
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
#-*- vim:syntax=sh
product_log_name_ex()
{
local aux_descr="$1"
local action="${CUSTOM_LOG_ACTION_NAME-installation}"
if [ -n "$aux_descr" ]; then
aux_descr="_${aux_descr}"
fi
if [ -n "$CUSTOM_LOG_NAME" ]; then
echo "${CUSTOM_LOG_NAME}${action:+_$action}${aux_descr}.log"
else
get_product_versions
echo "plesk_${product_this_version}${action:+_$action}${aux_descr}.log"
fi
}
product_log_name()
{
product_log_name_ex
}
product_problems_log_name()
{
product_log_name_ex "problems"
}
problems_log_tail()
{
[ -f "$product_problems_log" ] || return 0
{
tac "$product_problems_log" | awk '/^START/ { exit } { print }' | tac
} 2>/dev/null
}
product_log_tail()
{
[ -f "$product_log" ] || return 0
{
tac "$product_log" | awk '/^START/ { exit } { print }' | tac
} 2>/dev/null
}
product_and_problems_log_tail()
{
product_log_tail
[ "$product_log" = "$product_problems_log" ] || problems_log_tail
}
cleanup_problems_log()
{
[ -f "$product_problems_log" ] || return 0
touch "$product_problems_log.tmp"
chmod 0600 "$product_problems_log.tmp"
awk 'BEGIN { st = "" }
/^START/ && (st ~ /^START/) { print st; }
/^START/ { st=$0; next }
/^STOP/ && (st ~ /^START/) { st=""; next }
(st != "") { print st; st="" }
{ print }
' "$product_problems_log" > "$product_problems_log.tmp" && \
mv -f "$product_problems_log.tmp" "$product_problems_log" || \
rm -f "$product_problems_log.tmp"
if [ ! -s "$product_problems_log" ]; then
rm -f "$product_problems_log"
fi
}
mktemp_log()
{
local logname="$1"
local dir="$2"
if [ "${logname:0:1}" != "/" ]; then
logname="$dir/$logname"
fi
dir="`dirname $logname`"
if [ ! -d "$dir" ]; then
mkdir -p "$dir" || { echo "Unable to create log directory : $dir"; exit 1; }
if [ "$EUID" -eq "0" ]; then
set_ac root root 0700 "$dir"
fi
fi
if [ "${logname%XXX}" != "$logname" ]; then
mktemp "$logname"
else
echo "$logname"
fi
}
log_is_in_dev()
{
test "${1:0:5}" = "/dev/"
}
start_writing_logfile()
{
local logfile="$1"
local title="$2"
! log_is_in_dev "$logfile" || return 0
echo "START $title" >> "$logfile" || { echo "Cannot write installation log $logfile" >&2; exit 1; }
[ "$EUID" -ne "0" ] || set_ac root root 0600 "$logfile"
}
log_start()
{
true product_log_name product_problems_log_name mktemp_log
local title="$1"
local custom_log="$2"
local custom_problems_log="$3"
local product_log_dir="/var/log/plesk/install"
product_log="$product_log_dir/`product_log_name`"
product_problems_log="$product_log_dir/`product_problems_log_name`"
problems_occured=0
# init product log
[ ! -n "$custom_log" ] || product_log="$custom_log"
product_log=`mktemp_log "$product_log" "$product_log_dir"`
# init problems log
if [ -n "$custom_problems_log" ]; then
product_problems_log=`mktemp_log "$custom_problems_log" "$product_log_dir"`
elif [ -n "$custom_log" ]; then
product_problems_log="$product_log"
else
product_problems_log=`mktemp_log "$product_problems_log" "$product_log_dir"`
fi
# write starting message into logs
start_writing_logfile "$product_log" "$title"
if [ "$product_log" != "$product_problems_log" ]; then
start_writing_logfile "$product_problems_log" "$title"
fi
is_function profiler_setup && profiler_setup "$title" || :
}
log_transaction_start()
{
LOG_TRANSACTION_TITLE="$1"
LOG_TRANSACTION_SUBJECT="$2"
local log_transaction_custom_logfile="$3"
local log_transaction_custom_problems_logfile="$4"
transaction_begin autocommit
log_start "$LOG_TRANSACTION_TITLE" "$log_transaction_custom_logfile" "$log_transaction_custom_problems_logfile"
transaction_add_commit_action "log_transaction_stop"
transaction_add_rollback_action "log_transaction_stop"
}
log_transaction_stop()
{
log_stop "$LOG_TRANSACTION_TITLE" "$LOG_TRANSACTION_SUBJECT"
}
log_stop()
{
local title="$1"
local subject="$2"
if [ "$product_log" = "$product_problems_log" ] || \
log_is_in_dev "$product_problems_log"; then
[ -e "$product_log" ] && echo "STOP $title" >>"$product_log"
is_function profiler_stop && profiler_stop || :
return
fi
if [ -z "$subject" ]; then
subject="[${title}]"
fi
# check if problems are non-empty, check for problems_occured
local status
local problem_lines="`problems_log_tail | wc -l`"
if [ "$problem_lines" -eq 0 ]; then
status="completed successfully"
else
if [ $problems_occured -ne 0 ]; then
status="failed"
else
status="completed with warnings"
fi
fi
if [ -e "$product_log" ]; then
p_echo
p_echo "**** $subject $status."
p_echo
fi
if [ "$problem_lines" -ne 0 ]; then
[ ! -e "$product_log" ] || problems_log_tail >>"$product_log" 2>&1
problems_log_tail
fi
[ ! -e "$product_log" ] || echo "STOP $title" >>"$product_log"
if [ $problems_occured -ne 0 ]; then
echo "STOP $title: PROBLEMS FOUND" >>"$product_problems_log"
else
[ ! -s "$product_problems_log" ] || echo "STOP $title: OK" >>"$product_problems_log"
fi
if [ "X${PLESK_INSTALLER_KEEP_PROBLEMS_LOG}" = "X" ]; then
cleanup_problems_log
fi
is_function profiler_stop && profiler_stop || :
}
is_product_repair()
{
[ "$do_repair" = 1 -o -e /var/lock/plesk-panel-repair-mode.flag ]
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
construct_report_template()
{
local severity="${1:-error}"
local summary="$2"
local update_ticket="`get_update_ticket`"
set_error_report_source
set_error_report_component
set_error_report_params
set_error_report_environment
true construct_report_code construct_report_debug construct_report_message
cat <<-EOL
<?xml version="1.0" encoding="UTF-8" ?>
<error>
<source>$report_source</source>
<severity>$severity</severity>
<datetime>`date --iso-8601=seconds`</datetime>
<component>$report_component</component>
<summary><![CDATA[`echo "$summary" | sed -e 's/\]\]>/] ]>/g'`]]></summary>
<message encoding="base64">`construct_report_message | base64`</message>
<additional_info>
<component_params encoding="base64">$report_params</component_params>
<code encoding="base64">`construct_report_code | base64`</code>
<debug encoding="base64">`construct_report_debug | base64`</debug>
<environment encoding="base64">$report_environment</environment>
<update_ticket>$update_ticket</update_ticket>
</additional_info>
</error>
EOL
}
construct_report_code()
{
local call_level=${1:-5}
local func_level=$[call_level - 1]
local lineno_func=${BASH_LINENO[ $func_level ]}
local script_name=${BASH_SOURCE[ $[func_level + 1] ]}
echo "# Call of ${FUNCNAME[$func_level]}() from ${FUNCNAME[$[func_level + 1]]}() at `readlink -m $script_name`:${BASH_LINENO[$func_level]}"
head -n $[lineno_func + 4] "$script_name" 2>/dev/null | tail -n 8
}
construct_report_debug()
{
local call_level=${1:-5}
call_level=$[call_level-1]
# Generate calls stack trace.
for i in `seq $call_level ${#FUNCNAME[@]}`; do
[ "${FUNCNAME[$i]}" != "main" ] || break
local func_call="`sed -n -e "${BASH_LINENO[$i]}p" "${BASH_SOURCE[$[i+1]]}" 2>/dev/null |
sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//'`"
[ -n "$func_call" -a -z "${func_call##*${FUNCNAME[$i]}*}" ] || func_call="${FUNCNAME[$i]}"
echo "#$[i - $call_level] `readlink -m ${BASH_SOURCE[$[i+1]]}`(${BASH_LINENO[$i]}): $func_call"
done
}
construct_report_message()
{
product_and_problems_log_tail
echo ""
if [ -n "$report_context" ]; then
echo "Context: $report_context"
echo ""
fi
if [ -n "$RP_LOADED_PATCHES" ]; then
echo "Loaded runtime patches: $RP_LOADED_PATCHES"
echo ""
fi
}
# Construct report to send it to our errors tracker
construct_report()
{
local severity="${1:-error}"
local summary="$2"
[ -n "$summary" ] || int_err "Unable to send error report. Some parameters are not defined."
set_error_report_source
get_product_versions
construct_report_template "$severity" "$summary" \
| $PRODUCT_ROOT_D/admin/bin/send-error-report --version "$product_this_version" $report_source >/dev/null 2>&1
}
# Use this function to report failed actions.
# Typical report should contain
# - reason or problem description (example: file copying failed)
# - how to resolve or investigate problem (example: check file permissions, free disk space)
# - how to re-run action (example: perform specific command, restart bootstrapper script, run installation again)
report_problem()
{
local severity="${1:-error}"
# Get first string of error as a summary of report
shift
local summary="$1"
[ -n "$product_problems_log" ] || product_problems_log="/dev/stderr"
p_echo
if [ "0$problems_occured" -eq 0 ]; then
echo "***** $process problem report *****" >> "$product_problems_log" 2>&1
fi
for problem_message in "$@"; do
p_echo "$problem_message"
if [ "$product_log" != "$product_problems_log" ]; then
echo "$problem_message" >> "$product_problems_log" 2>&1
fi
done
p_echo
construct_report "$severity" "$summary"
[ -n "$PLESK_INSTALLER_DEBUG" -o -n "$PLESK_INSTALLER_VERBOSE" ] || \
product_log_tail
problems_occured=1
}
set_error_report_source()
{
[ -z "$1" ] || report_source="$1"
[ -n "$report_source" ] || {
if [ -n "$PACKAGE_ID" -o -n "$PACKAGE_ACTION" -o -n "$PACKAGE_NAME" -o -n "$PACKAGE_VERSION" ]; then
report_source="install"
else
report_source="backend"
fi
}
}
set_error_report_component()
{
local component="$1"
if [ "$report_source" = "install" ]; then
[ -n "$report_component" ] || report_component="$PACKAGE_ID"
return 0
fi
[ -z "$component" ] || report_component="$1"
[ -n "$report_component" ] || report_component="`basename $0`"
}
set_error_report_params()
{
if [ "$report_source" = "install" ]; then
[ -n "$report_params" ] || report_params="`echo "$PACKAGE_ACTION of $PACKAGE_NAME $PACKAGE_VERSION" | base64`"
return 0
fi
[ -z "$*" ] || report_params="`echo "$*" | base64`"
[ -n "$report_params" ] || report_params="`echo "$PLESK_SCRIPT_COMMAND_LINE" | base64`"
}
detect_virtualization()
{
detect_vz
detect_lxc
local is_docker="`[ -f "/.dockerenv" ] && echo yes || :`"
local systemd_detect_virt_ct="`/usr/bin/systemd-detect-virt -c 2>/dev/null | grep -v '^none$' || :`"
local systemd_detect_virt_vm="`/usr/bin/systemd-detect-virt -v 2>/dev/null | grep -v '^none$' || :`"
local virt_what="`/usr/sbin/virt-what 2>/dev/null | xargs || :`"
if [ -n "$is_docker" ]; then
echo "docker $virt_what"
elif [ "$PLESK_VZ" = "1" ]; then
echo "${PLESK_VZ_TYPE:-virtuozzo}"
elif [ "$PLESK_LXC" = "1" ]; then
echo "lxc $virt_what"
elif [ -n "$systemd_detect_virt_ct" ]; then
echo "$systemd_detect_virt_ct $systemd_detect_virt_vm"
elif [ -n "$virt_what" ]; then
echo "$virt_what"
elif [ -n "$systemd_detect_virt_vm" ]; then
echo "$systemd_detect_virt_vm"
fi
}
default_error_report_environment()
{
local virtualization="`detect_virtualization`"
if [ -n "$virtualization" ]; then
echo "virtualization: $virtualization"
fi
}
set_error_report_environment()
{
[ -z "$*" ] || report_environment="`echo "$*" | base64`"
[ -n "$report_environment" ] || report_environment="`default_error_report_environment | base64`"
}
get_update_ticket()
{
[ -r $PRODUCT_ROOT_D/var/update_ticket ] && cat $PRODUCT_ROOT_D/var/update_ticket | awk '{$1=$1};1'
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
#
# Support for runtime patching of shell scripts (including utilities and package scripts).
#
# --- Service functions ---
# Load and apply a patch in a relatively safe way
rp_safe_load_patch()
{
local patch_file="$1"
echo_try "load shell patch '$patch_file'"
/bin/sh -n "$RP_BASEDIR/$patch_file" &&
{
. "$RP_BASEDIR/$patch_file"
RP_LOADED_PATCHES="$RP_LOADED_PATCHES $patch_file"
} &&
suc
}
# Apply patches specific to the current context (e.g., depending on utility basename or package name)
# This is currently not implemented. This may be overriden by "spark".
rp_patch_runtime_context_specific()
{
:
}
# --- Main entry points ---
rp_patch_runtime()
{
# List of loaded patch files
RP_LOADED_PATCHES=
local RP_BASEDIR="$PRODUCT_BOOTSTRAPPER_DIR/rp"
[ -d "$RP_BASEDIR" ] || return 0
if [ -r "$RP_BASEDIR/spark" ]; then
rp_safe_load_patch "spark"
fi
call_optional_function rp_patch_runtime_context_specific "$@"
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
transaction_begin()
{
[ -n "$TRANSACTION_STARTED" ] && die "Another transaction in progress!"
TRANSACTION_STARTED="true"
TRANSACTION_ROLLBACK_FUNCS=
TRANSACTION_COMMIT_FUNCS=
local transaction_autocommit="$1"
if [ -n "$transaction_autocommit" ]; then
trap "transaction_commit_auto" EXIT
trap "transaction_rollback" HUP PIPE INT QUIT TERM
else
trap "transaction_rollback" HUP PIPE INT QUIT TERM EXIT
fi
}
transaction_rollback()
{
TRANSACTION_RETURN_CODE="${TRANSACTION_RETURN_CODE:-$?}"
[ -z "$TRANSACTION_STARTED" ] && die "Transaction is not started!"
# perform rollback actions
local f
for f in ${TRANSACTION_ROLLBACK_FUNCS}; do
"$f"
done
TRANSACTION_STARTED=
TRANSACTION_ROLLBACK_FUNCS=
TRANSACTION_COMMIT_FUNCS=
trap - HUP PIPE INT QUIT TERM EXIT
exit 1
}
transaction_commit()
{
TRANSACTION_RETURN_CODE="${TRANSACTION_RETURN_CODE:-$?}"
[ -z "$TRANSACTION_STARTED" ] && die "Transaction is not started!"
# perform commit actions
local f
for f in ${TRANSACTION_COMMIT_FUNCS}; do
"$f"
done
TRANSACTION_STARTED=
TRANSACTION_ROLLBACK_FUNCS=
TRANSACTION_COMMIT_FUNCS=
trap - HUP PIPE INT QUIT TERM EXIT
}
transaction_commit_auto()
{
TRANSACTION_RETURN_CODE="$?"
if [ "$TRANSACTION_RETURN_CODE" -eq 0 ]; then
transaction_commit "$@"
else
transaction_rollback "$@"
fi
}
transaction_add_rollback_action()
{
[ -z "$TRANSACTION_STARTED" ] && die "Transaction is not started!"
# LIFO rollback order
[ -z "$TRANSACTION_ROLLBACK_FUNCS" ] \
&& TRANSACTION_ROLLBACK_FUNCS="$1" \
|| TRANSACTION_ROLLBACK_FUNCS="$1 $TRANSACTION_ROLLBACK_FUNCS"
}
transaction_add_commit_action()
{
[ -z "$TRANSACTION_STARTED" ] && die "Transaction is not started!"
# FIFO commit order
[ -z "$TRANSACTION_COMMIT_FUNCS" ] \
&& TRANSACTION_COMMIT_FUNCS="$1" \
|| TRANSACTION_COMMIT_FUNCS="$TRANSACTION_COMMIT_FUNCS $1"
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
get_user_id()
{
local name="$1"
[ -n "$name" ] || int_err "Wrong value of argument 'name': $name"
getent passwd "$name" 2>/dev/null | awk -F':' '{print $3}'
}
get_group_id()
{
local name="$1"
[ -n "$name" ] || int_err "Wrong value of argument 'name': $name"
getent group "$name" 2>/dev/null | awk -F':' '{print $3}'
}
add_user_to_group()
{
local user group existing newlist
user="$1"
group="$2"
if [ -z "`get_group_id $group`" ]; then
p_echo " Group '$group' not exists"
p_echo " It is necessary to add group '$group'"
err
fi
inten="add supplementary group '$group' for user '$user'"
echo_try "$inten"
existing=`id -Gn "$user"|sed 's|[[:space:]]\+|,|g'`
if
test "`id -gn "$user"`" = "$group" \
|| echo "$existing" | grep -q "\\<$group\\>"
then
p_echo " already there"
return
fi
if test -z "$existing"; then
newlist="$group"
else
newlist="$existing,$group"
fi
usermod -G "$newlist" "$user" 2>>"$product_log" && suc || die "$inten"
}
group_op()
{
local group="$1"
local gid="$2"
local id_force="$3"
local gid_min="${4:-30}"
local gid_max="${5:-400}"
if [ "X$gid" = "Xsearch" ]; then
gid=`get_user_group_id "$group" "gid" $gid_min $gid_max`
fi
local inten="add group '$group'"
local group_id="`get_group_id $group`"
case "$id_force" in
true)
if [ -n "$group_id" ]; then
[ "$group_id" = "$gid" ] && p_echo " Group '$group' already exists" || group_err "$group" "$gid"
else
# We do not expect any created group with ID == $gid
getent group 2>/dev/null | grep -E -q "^[^:]*:[*x]*:$gid:" && gid_err "$gid" || :
echo_try "$inten"
groupadd -g "$gid" "$group" >> $product_log 2>&1 && suc || die $inten
fi
;;
false)
if [ -n "$group_id" ]; then
p_echo " Group '$group' already exists"
else
echo_try "$inten"
groupadd "$group" >> $product_log 2>&1 && suc || die $inten
fi
;;
*)
int_err "group_op: wrong last parameter -- must be 'true' or 'false'"
;;
esac
}
user_op()
{
user="$1"
uid="$2"
group="$3"
u_desc="$4"
u_home="$5"
u_shell="$6"
id_force="$7"
gid_force="$8"
local inten="add user $user"
if [ "X$uid" = "Xsearch" ]; then
uid=`get_user_group_id "$user" "uid" 30 400`
fi
p_echo " Checking for the user '$user'..."
user_id="`get_user_id $user`"
case "$id_force" in
true)
if [ -n "$user_id" ]; then
chk_res=`id "$user" 2>&1 | grep -E '(^uid=.*gid=.*)|(^id.*user)'`
if [ "X${gid_force}" = "Xfalse" ]; then
chk_uid=`echo "$chk_res" | grep -E "uid=""$uid""\(""$user""\)"`
else
chk_uid=`echo "$chk_res" | grep -E "uid=""$uid""\(""$user""\)" | grep -E "gid=[0-9]*\(""$group""\)"`
fi
case "$chk_uid" in
uid=*gid=*)
p_echo " User '$user' already exists"
;;
*) logname_err "$user" "$uid"
;;
esac
usermod -s "$u_shell" "$user" >> $product_log 2>&1
else
getent passwd 2>/dev/null | grep -E -q "^[^:]*:[^:]*:""$uid"":" && uid_err "$uid" || :
pnnl_echo " Trying to add user '$user'... "
useradd -r -u "$uid" -g "$group" -d "$u_home" -s "$u_shell" -c "$u_desc" "$user" >> $product_log 2>&1 &&
suc || die "$inten"
fi
;;
false)
if [ -n "$user_id" ]; then
p_echo " User '$user' already exists"
else
pnnl_echo " Trying to add user '$user'... "
useradd -r -g "$group" -d "$u_home" -s "$u_shell" -c "$u_desc" "$user" >> $product_log 2>&1 &&
suc || die "$inten"
fi
;;
*)
int_err "user_op: wrong last parameter -- must be 'true' or 'false'"
;;
esac
}
get_user_group_id()
{
local src
local name="$1"
local src_name="$2"
local min_num="$3"
local max_num="$4"
case "$src_name" in
uid)
src="passwd"
uid="`get_user_id $name`"
[ -n "$uid" ] && echo "$uid" && return 0 || :
;;
gid)
src="group"
gid="`get_group_id $name`"
[ -n "$gid" ] && echo "$gid" && return 0 || :
;;
*)
p_echo "$src_name for $name was not set"
die "detect uid/gid. Source file was not detect."
;;
esac
if [ $min_num -le 0 -o $min_num -ge $max_num ]; then
int_err "group_op(): wrong group ID's range to look for the empty ID: $gid_min ... $gid_max"
fi
# list of busy ids
nums="`getent $src 2>/dev/null | awk -F: '{print $3}' | sort -g | xargs echo -n`"
# Find an empty id
for num in `seq $min_num $max_num`; do
echo " $nums " | grep -q " $num " && continue
echo "$num"
return 0
done
p_echo "$src_name for $name was not set"
die "get free $src_name. Free $src_name not found."
}
add_login_shell()
{
local shell="$1"
p_echo " Checking that $shell registered as login shell..."
case $linux_distr in
debian)
add-shell $shell
;;
*)
if grep -q "^$shell\$" /etc/shells; then
p_echo "$shell already registered as a login shell"
else
echo "$shell" >> /etc/shells 2>> $product_log || die "register login shell $shell"
fi
;;
esac
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
# vim:ft=sh
initial_conf()
{
PRODNAME="psa"
PRODUCT_NAME="psa"
product=${PRODNAME}
PRODUCT_FULL_NAME="Plesk"
product_etc="/etc/${PRODNAME}"
prod_conf_t="/etc/psa/psa.conf"
support_contact="https://support.plesk.com/"
conceived_os_vendor=Ubuntu
conceived_os_version="24.04"
clients_group="psacln"
clients_GID="10001"
services_group="psaserv"
services_GID="10003"
product_suff="saved_by_${product}".`date "+%m.%d;%H:%M"`
product_suffo="saved_by_${product}"
# plesk default password
PRODUCT_DEFAULT_PASSWORD="setup"
}
read_conf()
{
[ -n "$prod_conf_t" ] || prod_conf_t=/etc/psa/psa.conf
if [ -s $prod_conf_t ]; then
tmp_var=`perl -e 'undef $/; $_=<>; s/#.*$//gm;
s/^\s*(\S+)\s*/$1=/mg;
print' $prod_conf_t`
eval $tmp_var
else
if ! is_product_installation; then
p_echo "Unable to find product configuration file: $prod_conf_t. Default values will be used."
return 1
fi
fi
return 0
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
# vim:ft=sh
selinux_is_active()
{
if [ -z "$SELINUX_ENFORCE" ]; then
selinux_getenforce
fi
case "$SELINUX_ENFORCE" in
Enforcing|Permissive) return 0;;
*) return 1;;
esac
}
selinux_support_is_installed()
{
# This function checks if Plesk SELinux support component is installed
set_selinux_params
[ -s "$selinux_module" ]
}
selinux_configuration_is_required()
{
# All public functions that modify SELinux state should check that this is true!
selinux_is_active && selinux_support_is_installed
}
selinux_get_mount_dir()
{
unset SELINUX_MOUNT_DIR
if awk '$2 == "/selinux"{exit(1)}' /proc/mounts && mkdir -p /selinux; then
SELINUX_MOUNT_DIR=/selinux
else
SELINUX_MOUNT_DIR="`mktemp -d /tmp/selinuxXXXXXX`"
fi >>"$product_log" 2>&1
}
selinux_getenforce()
{
if [ "$1" = "--check" -a -n "$SELINUX_ENFORCE" ]; then
return
fi
unset SELINUX_ENFORCE
if ! ( command -v selinuxenabled >/dev/null 2>&1 && selinuxenabled ); then
SELINUX_ENFORCE=Disabled
return
fi
if awk '$3 == "selinuxfs"{exit(1)}' /proc/mounts; then
selinux_get_mount_dir
mount -t selinuxfs none "$SELINUX_MOUNT_DIR"
fi
if ! command -v getenforce >/dev/null 2>&1; then
SELINUX_ENFORCE=Disabled
return
fi
SELINUX_ENFORCE="`getenforce`"
if test $? -ne 0; then
SELINUX_ENFORCE=Disabled
return
fi
}
selinux_close()
{
if [ -z "$SELINUX_ENFORCE" -o "$SELINUX_ENFORCE" = "Disabled" ]; then
return
fi
setenforce "$SELINUX_ENFORCE"
}
selinux_relabel_dir()
{
selinux_configuration_is_required || return 0
if ! command -v restorecon >/dev/null 2>&1; then
return
fi
local ret=0
if ! restorecon -i -R "$@" >>"$product_log" 2>&1; then
warn "Error while setting SELinux types. Command was: restorecon -i -R $*"
ret=1
fi
[ -z "$do_repair" ] || return $ret
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
# vim:ft=sh
set_selinux_params()
{
selinux_module="$PRODUCT_ROOT_D/etc/plesk.pp"
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
# vim:ft=sh:
#set_params
set_common_params()
{
common_var=0
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
LANG="`get_default_locale`"
export PATH LANG
unset GREP_OPTIONS
umask 022
ulimit -n 65535 2>/dev/null
get_product_versions
certificate_file="$PRODUCT_ETC_D/httpsd.pem"
services="/etc/services"
crontab="/usr/bin/crontab"
SYSTEM_RC_D="/etc/init.d"
PLESK_LIBEXEC_DIR="/usr/lib/plesk-9.0"
PLESK_DB_DIR="/var/lib/plesk"
PRODUCT_BOOTSTRAPPER_DIR="`printf "/opt/psa/bootstrapper/pp%s-bootstrapper" "$product_this_version"`"
AUTOGENERATED_CONFIGS="#ATTENTION!\n#\n#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,\n#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.\n"
AUTOGENERATED_CONFIGS_UPGRADE="#ATTENTION!\n#\n#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,\n#SO ALL YOUR CHANGES WILL BE LOST AFTER YOU UPGRADE PLESK.\n"
PRODUCT_LOGS_D="/var/log/plesk"
sendmail="/usr/sbin/sendmail"
ps="ps axw"
ifconfig="/sbin/ifconfig -a"
machine="linux"
if [ -f /etc/debian_version ]; then
linux_distr="debian"
else
linux_distr="redhat"
fi
dummy_home="/"
if [ -x /usr/sbin/nologin ]; then
dummy_shell="/usr/sbin/nologin"
else
dummy_shell="/bin/false"
fi
rp_patch_runtime
}
get_product_versions()
{
# Don't use global variables set elsewhere in this code. Use substitutions if needed.
local prod_root_d="/opt/psa"
product_name="psa"
if [ -z "$product_this_version" ]; then
# 1. Try to fetch version from file created by bootstrapper (should be 3-component).
product_this_version="`cat "/var/lock/plesk-target-version" 2>/dev/null`"
# 2. Fallback to $PRODUCT_ROOT_D/version (should be 3-component).
if [ -z "$product_this_version" -a -r "$prod_root_d/version" ]; then
product_this_version="`awk '{ print $1 }' "$prod_root_d/version"`"
fi
# 3. Fallback to hardcoded version (2-component). This may cause some other code to fail.
if [ -z "$product_this_version" ]; then
product_this_version="18.0"
echo "Unable to determine \$product_this_version, will use less precise value '$product_this_version'" >&2
fi
fi
product_version="$product_this_version"
if [ -z "$product_prev_version" ]; then
if [ -r "$prod_root_d/version.upg" ]; then
product_prev_version=`awk '{ print $1 }' "$prod_root_d/version.upg"`
elif [ -r "$prod_root_d/version" ]; then
product_prev_version=`awk '{ print $1 }' "$prod_root_d/version"`
else
product_prev_version="$product_this_version"
fi
fi
}
# Clean installation of the product is being performed
is_product_installation()
{
[ "X$do_upgrade" != "X1" -a ! -s "/opt/psa/version.upg" ]
}
### Copyright 1999-2025. WebPros International GmbH. All rights reserved.
#-*- vim:ft=sh
[ -z "$PLESK_INSTALLER_DEBUG" ] || set -x
[ -z "$PLESK_INSTALLER_STRICT_MODE" ] || set -e
reexec_with_clean_env "$@"
action="$1"
log_transaction_start "webserver.apache${*:+ $*}" "" "plesk-whc-installation.log" "plesk-whc-problems.log"
set_apache_accounts()
{
p_echo " Checking for the system groups and users necessary for Apache..."
group_op "$apache_group" "$apache_GID" false
user_op "$apache_user" "$apache_UID" "$apache_group" "Apache server" "$dummy_home" "$dummy_shell" false
}
apache_conf_add_dirindex()
{
index_str="^[[:space:]]*DirectoryIndex.*[[:space:]]$1\\(\$\\|[[:space:]]\\)"
if ! grep -q "$index_str" "$2"; then
case "$3" in
after) sed -e "s|^[[:space:]]*DirectoryIndex.*\$|& $1|" ;;
before) sed -e "s|^\\([[:space:]]*DirectoryIndex[[:space:]]*\\)\\(.*\\)|\\1$1 \\2|" ;;
*) false ;;
esac < "$2" > "$2.tmp" || die "insert $1 in DirectoryIndex directive into $2 file"
mv -f "$2.tmp" "$2" || die "replace initial $2 file"
fi
}
apache_conf_add_type_shtml()
{
local config="$1"
add_string 'AddType[[:space:]]*text/html[[:space:]]*\.shtml' \
"AddType text/html .shtml" "$config"
}
apache_conf_add_type_php()
{
local config="$1"
add_string 'AddType[[:space:]]*application/x-httpd-php[[:space:]]*\.php' \
"AddType application/x-httpd-php .php" "$config"
add_string 'AddType[[:space:]]*application/x-httpd-php-source[[:space:]]*\.phps' \
"AddType application/x-httpd-php-source .phps" "$config"
}
apache_conf_comment_AddDefaultCharset()
{
local config="$1"
sed -e "s/^\(AddDefaultCharset\)/#\1/g" \
< $config > $config.tmp
mv -f $config.tmp $config
}
apache_insert_include()
{
local target_conf="$1"
local include_str="Include[[:space:]]*conf/zz010_psa_httpd.conf"
if ! grep -q "$include_str" $target_conf; then
include_str="Include[[:space:]]*${apache_httpd_include}"
if ! grep -q "$include_str" $target_conf; then
include_str="*.conf"
if ! grep -q "$include_str" $target_conf; then
echo "" >> $target_conf
echo "Include ${apache_httpd_include}" >> $target_conf \
|| die "insert include directive into $target_conf file"
fi
fi
fi
}
apache_remove_include()
{
local target_conf="$1"
#remove old string
local include_str="Include[[:space:]]*(/etc.*)?/httpd.include"
grep -v -E "$include_str" $target_conf > $target_conf.tmp
mv -f $target_conf.tmp $target_conf
[ -f "$HTTPD_CONF_D/httpd.include.new" ] && rm -f "$HTTPD_CONF_D/httpd.include.new"
[ -f "$HTTPD_CONF_D/httpd.include" ] && mv -f "$HTTPD_CONF_D/httpd.include" "$HTTPD_CONF_D/httpd.include_old_plesk_config"
#remove new string
local include_str="Include[[:space:]]*conf/zz010_psa_httpd.conf"
grep -v "$include_str" $target_conf > $target_conf.tmp
mv -f $target_conf.tmp $target_conf
}
insert_load_module_logio()
{
local sysconfig_apache2='/etc/sysconfig/apache2'
local modules_d=`basename $apache_modules_d`
if [ -f "$sysconfig_apache2" ]; then
# If $sysconfig_apache2 exists, then we are on SLES,
# and the module has been added by the stub in psa.spec.
true
elif [ -d "${HTTPD_CONF_D}/mods-available" -a -d "${HTTPD_CONF_D}/mods-enabled" ]; then
# Debian
if [ -f "${HTTPD_CONF_D}/mods-available/logio.load" ]; then
ln -sf "${HTTPD_CONF_D}/mods-available/logio.load" \
"${HTTPD_CONF_D}/mods-enabled/logio.load"
fi # Otherwise, the logio module is built into Apache
else
if [ "$conceived_os_vendor" != "RedHat" ]; then
add_apache_module logio
fi # RedHat 9 and RHAS 3 don't have mod_logio.so, we ignore this
fi
}
apache_conf_addon()
{
local target_conf="$apache_httpd_conf"
apache_conf_add_dirindex index.shtml $target_conf after
apache_conf_add_dirindex index.cfm $target_conf after
apache_conf_add_dirindex index.php $target_conf after
apache_conf_add_dirindex index.htm $target_conf after
apache_conf_add_type_shtml $target_conf
apache_conf_add_type_php $target_conf
apache_conf_comment_AddDefaultCharset $target_conf
apache_insert_include $target_conf
}
apache2_conf_addon()
{
local target_conf="$apache_httpd_conf"
add_string 'GracefulShutDownTimeout[[:space:]]*[0-9]*' \
"GracefulShutDownTimeout 3" $target_conf
add_string 'AddOutputFilter[[:space:]]*INCLUDES[[:space:]]*\.shtml' \
"AddOutputFilter INCLUDES .shtml" $target_conf
apache_remove_include $target_conf
insert_load_module_logio $target_conf
# This must be the last statement in the function
apache_conf_addon
}
move_sitebuilder_conf()
{
if [ ! -f "$HTTPD_INCLUDE_D/zz011_sitebuilder.conf" -a -f "$HTTPD_INCLUDE_D/sitebuilder.conf" ]; then
mv -f "$HTTPD_INCLUDE_D/sitebuilder.conf" "$HTTPD_INCLUDE_D/zz011_sitebuilder.conf"
fi
if [ ! -f "$HTTPD_INCLUDE_D/zz011_sitebuilder.conf" -a -f "$HTTPD_CONF_D/sitebuilder.conf" ]; then
mv -f "$HTTPD_CONF_D/sitebuilder.conf" "$HTTPD_INCLUDE_D/zz011_sitebuilder.conf"
fi
}
install_apache()
{
p_echo
p_echo "===> Installing Apache Server"
pleskrc apache stop
apache2_conf_addon
# Insert things for other linux platforms
# for Debian
apache_listen_conf="$HTTPD_CONF_D/ports.conf"
local dir_index_conf="$HTTPD_CONF_D/mods-available/dir.conf"
if [ -f $dir_index_conf ]; then
apache_conf_add_dirindex at_domains_index.html $dir_index_conf before
apache_conf_add_dirindex index.shtml $dir_index_conf after
apache_conf_add_dirindex index.cfm $dir_index_conf after
apache_conf_add_dirindex index.php $dir_index_conf after
apache_conf_add_dirindex index.htm $dir_index_conf after
fi
suc
move_sitebuilder_conf
}
configure()
{
local ret=0
product_default_conf
initial_conf
set_common_params
read_conf
# FIXME: move to actions
set_apache_params
# Users
set_apache_accounts
# FIXME: services group if not exists
group_op "$services_group" "$services_GID" false
add_user_to_group "$apache_user" "$services_group"
# clients
found=`get_user_group_id "clients" "gid" $clients_GID $max_suexec_GID` || :
group_op $clients_group $found false || :
install_apache
install_suexec
# do not enable modules in case of upgrade (bug #130670):
if is_product_installation ; then
add_apache_module headers
add_apache_module include
add_apache_module rewrite
add_apache_module userdir
# For https proxy
add_apache_module proxy_http
add_apache_module cgi
add_apache_module proxy_wstunnel
remove_apache_module status
add_apache_module fcgid
add_apache_module suexec
# use mpm_event by default
if ! is_product_repair; then
"$PRODUCT_ROOT_D/admin/sbin/httpd_modules_ctl" --set-mpm "mpm_event" --no-restart
fi
add_apache_module ssl
configure_service_ssl_ciphers_protocols apache
fi # is_product_installation
if grep 'CloudLinux.*\s5' /etc/CloudLinux-release >/dev/null 2>&1 ; then
rm -f /etc/httpd/conf.d/fcgid.conf
# Bugfix 108468
fcgid_config=/etc/httpd/conf.d/mod_fcgid.conf
if [ -f "${fcgid_config}" ]; then
cat > "${fcgid_config}" << EOF
LoadModule fcgid_module modules/mod_fcgid.so
<IfModule mod_fcgid.c>
FcgidIPCDir /var/run/fcgid
</IfModule>
EOF
fi
fi
# apache2.4 + php-fpm support:
add_apache_module proxy
add_apache_module proxy_fcgi
# TODO: probably move to attach section
install_chroot_base || :
add_login_shell "$PRODUCT_ROOT_D/bin/chrootsh"
set_chrootsh_perms || :
configure_webmail || :
if [ -f /tmp/pp-bootstrapper-mode.flag ]; then
deferred_apache_restart
else
# Consider that if apache fails to restart then configuration is failed:
pleskrc apache start || ret=1
fi
return $ret
}
# HACK: proper conf
configure_webmail()
{
HORDE_ROOT_D="/usr/share/psa-horde"
mkdir -p $HORDE_ROOT_D
chmod 755 $HORDE_ROOT_D
:
}
upgrade_configuration()
{
product_default_conf
set_apache_params
httpdmng_reconfigure all
pleskrc apache start
}
deconfigure()
{
:
}
detach()
{
:
}
status()
{
:
}
case $action in
configure) configure ;;
attach) attach ;;
deconfigure) deconfigure ;;
detach) detach ;;
upgrade_configuration) upgrade_configuration ;;
status) status ;;
*) echo "Unknown action '$1'"; exit 1;;
esac
exit $?
Reference in New Issue View Git Blame Copy Permalink