/[gentoo-x86]/app-admin/webmin/files/gentoo-setup
Gentoo

Contents of /app-admin/webmin/files/gentoo-setup

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.3 - (show annotations) (download)
Sat Jun 7 11:29:32 2014 UTC (3 years, 4 months ago) by hwoarang
Branch: MAIN
Changes since 1.2: +22 -5 lines
Version bump. Fixes bug #511624 thanks to PhobosK <phobosk@fastmail.fm> and Pacho Ramos <pacho@gentoo.org>

(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key 09BF4F54C2BA7F3C!)

1 #!/bin/sh
2 # gentoo-setup.sh
3 #
4 # Version 1.2
5 #
6 # A modified original Webmin setup.sh script to comply with Gentoo specifics
7 #
8 # Modification done by: PhobosK <phobosk@kbfx.net>
9 #
10 # This script runs after the webmin archive is installed, and in the pkg_config() phase.
11 # It does setup the various config files of Webmin depending on if it is
12 # a new install, an upgrade or a reset.
13
14 LANG=
15 export LANG
16
17 if [ -z ${wadir} ]; then
18 echo "You can't run this script outside of the 'emerge --config app-admin/webmin' command."
19 exit 1
20 fi
21
22 # All things we do is from the Webmin install dir - $wadir
23 cd $wadir
24
25
26 # Are we hard resetting everything?
27 # If yes, we do:
28 # 1. Run the specific Webmin $wadir/run-uninstalls.pl
29 # It runs all uninstall.pl files in every module's folder.
30 # They delete all the set specific Webmin cron jobs.
31 # If bumping you should go through these files using the command:
32 # find . -name uninstall.pl -exec cat {} \; -print
33 # 2. Delete the whole /etc/webmin content, keeping only the gentoo .keep_* files
34 if [ "$reset" = "hard" ]; then
35 echo "Running Webmin's specific uninstall procedures.. (Please ignore any possible errors)"
36 (WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir LANG= "$wadir/run-uninstalls.pl")
37 echo "..done"
38 echo ""
39
40 echo "Deleting the content of user's config folder: $config_dir .."
41 find $config_dir ! -name '.keep_*' -delete 2>/dev/null
42 echo "..done"
43 echo ""
44 fi
45
46
47 # Are we soft resetting?
48 # If yes we do:
49 # - Delete the $config_dir/config file so we get new config values
50 if [ "$reset" = "soft" ]; then
51 echo "Deleting the user's $config_dir/config file.."
52 if [ -f "$config_dir/config" ]; then
53 rm -f "$config_dir/config"
54 fi
55 echo "..done"
56 echo ""
57 fi
58
59
60 # Get all available modules of this version
61 allmods=`echo */module.info | sed -e 's/\/module.info//g'`
62
63 # Get current Webmin version
64 ver=`cat "$wadir/version"`
65
66 if [ -r "$config_dir/config" ]; then
67 upgrading=1
68 fi
69
70
71 # Check if upgrading from an old version
72 if [ "$upgrading" = 1 ]; then
73 echo "Updating existant Webmin's config files.."
74
75 # Get current var path
76 if [ -r "$config_dir/var-path" ]; then
77 _var_dir=`cat $config_dir/var-path`
78 if [ -n ${_var_dir} ]; then
79 var_dir=${_var_dir}
80 fi
81 fi
82
83 # Get current perl path
84 if [ -r "$config_dir/perl-path" ]; then
85 _perl=`cat $config_dir/perl-path`
86 if [ -n ${_perl} ]; then
87 perl=${_perl}
88 fi
89 fi
90
91 # Get old os name and version
92 os_type=`grep "^os_type=" $config_dir/config | sed -e 's/os_type=//g'`
93 os_version=`grep "^os_version=" $config_dir/config | sed -e 's/os_version=//g'`
94 real_os_type=`grep "^real_os_type=" $config_dir/config | sed -e 's/real_os_type=//g'`
95 real_os_version=`grep "^real_os_version=" $config_dir/config | sed -e 's/real_os_version=//g'`
96
97 # Get port, ssl, ssl_redirect, no_sslcompression and keyfile
98 port=`grep "^port=" $config_dir/miniserv.conf | sed -e 's/port=//g'`
99 ssl=`grep "^ssl=" $config_dir/miniserv.conf | sed -e 's/ssl=//g'`
100 ssl_redirect=`grep "^ssl_redirect=" $config_dir/miniserv.conf | sed -e 's/ssl_redirect=//g'`
101 no_sslcompression=`grep "^no_sslcompression=" $config_dir/miniserv.conf | sed -e 's/no_sslcompression=//g'`
102 keyfile=`grep "^keyfile=" $config_dir/miniserv.conf | sed -e 's/keyfile=//g'`
103
104 # Update ACLs
105 $perl "$wadir/newmods.pl" $config_dir $allmods
106
107 # Update miniserv.conf with new root directory, mime types file and server info
108 grep -v "^root=" $config_dir/miniserv.conf | grep -v "^mimetypes=" | grep -v "^server=" >$tempdir/$$.miniserv.conf
109 mv $tempdir/$$.miniserv.conf $config_dir/miniserv.conf
110 echo "root=$wadir" >> $config_dir/miniserv.conf
111 echo "mimetypes=$wadir/mime.types" >> $config_dir/miniserv.conf
112 echo "server=MiniServ/$ver" >> $config_dir/miniserv.conf
113 grep logout= $config_dir/miniserv.conf >/dev/null
114 if [ $? != "0" ]; then
115 echo "logout=$config_dir/logout-flag" >> $config_dir/miniserv.conf
116 fi
117
118 # Remove old cache of module infos
119 rm -f $config_dir/module.infos.cache
120 echo "..done"
121 echo ""
122 else
123 # Create webserver's new config files
124 echo "Creating Webmin's new config files.."
125
126 echo $perl > $config_dir/perl-path
127 echo $var_dir > $config_dir/var-path
128
129 # Create a totally new conf file
130 cfile=$config_dir/miniserv.conf
131 echo "port=$port" > $cfile
132 echo "root=$wadir" >> $cfile
133 echo "mimetypes=$wadir/mime.types" >> $cfile
134 echo "addtype_cgi=internal/cgi" >> $cfile
135 echo "realm=Webmin Server" >> $cfile
136 echo "logfile=$var_dir/miniserv.log" >> $cfile
137 echo "errorlog=$var_dir/miniserv.error" >> $cfile
138 echo "pidfile=$pidfile" >> $cfile
139 echo "logtime=168" >> $cfile
140 echo "ppath=$ppath" >> $cfile
141 echo "ssl=$ssl" >> $cfile
142 echo "ssl_redirect=$ssl_redirect" >> $cfile
143 echo "no_sslcompression=$no_sslcompression" >> $cfile
144 echo "keyfile=$keyfile" >> $cfile
145 echo "env_WEBMIN_CONFIG=$config_dir" >> $cfile
146 echo "env_WEBMIN_VAR=$var_dir" >> $cfile
147 echo "atboot=$atboot" >> $cfile
148 echo "logout=$config_dir/logout-flag" >> $cfile
149 echo "listen=10000" >> $cfile
150 echo "denyfile=\\.pl\$" >> $cfile
151 echo "log=1" >> $cfile
152 echo "blockhost_failures=5" >> $cfile
153 echo "blockhost_time=60" >> $cfile
154 echo "syslog=1" >> $cfile
155 echo "session=1" >> $cfile
156 echo "premodules=WebminCore" >> $cfile
157 echo "server=MiniServ/$ver" >> $cfile
158
159 # Append package-specific info to config file.
160 # miniserv-conf can be created by upstream or by us in src_install phase (see there).
161 if [ -f "$wadir/miniserv-conf" ]; then
162 cat "$wadir/miniserv-conf" >>$cfile
163 fi
164
165 # Create the default user allowed to login - root only
166 login="root"
167
168 if [ -r /etc/shadow ]; then
169 #crypt=`grep "^root:" /etc/shadow | cut -f 2 -d :`
170 crypt=x
171 else
172 crypt=`grep "^root:" /etc/passwd | cut -f 2 -d :`
173 fi
174
175 ufile=$config_dir/miniserv.users
176 echo "$login:$crypt:0" > $ufile
177 chmod 600 $ufile
178
179
180 echo "userfile=$ufile" >> $cfile
181 chmod 600 $cfile
182 echo "..done"
183 echo ""
184
185 echo "Creating access control file.."
186 afile=$config_dir/webmin.acl
187 echo "$login: $allmods" > $afile
188 chmod 600 $afile
189 echo "..done"
190 echo ""
191 fi
192
193
194 # Create start, stop, restart and reload Gentoo compliant Webmin scripts
195 # We use sys-apps/openrc functions which is already pulled by sys-apps/baselayout
196 # or systemctl if we run under systemd
197 echo "Creating start and stop scripts.."
198 rm -f $config_dir/{start,stop,restart,reload}
199
200 # The start script in /etc/webmin (Gentoo compliant)
201 cat <<END >>"$config_dir/start"
202 #!/bin/sh
203
204 if [ ! -f "${pidfile}" ]; then
205 if [[ -d /run/systemd/system ]] ; then
206 systemctl start webmin.service
207 else
208 rc-service --ifexists -- webmin start
209 fi
210 fi
211 END
212
213 # The stop script in /etc/webmin (Gentoo compliant)
214 cat <<END >>"$config_dir/stop"
215 #!/bin/sh
216
217 if [[ -d /run/systemd/system ]] ; then
218 systemctl stop webmin.service
219 else
220 rc-service --ifexists -- webmin --ifstarted stop
221 fi
222 END
223
224 # The restart script in /etc/webmin (Gentoo compliant)
225 cat <<END >>"$config_dir/restart"
226 #!/bin/sh
227
228 if [[ -d /run/systemd/system ]] ; then
229 systemctl try-restart webmin.service
230 else
231 rc-service --ifexists -- webmin --ifstarted restart
232 fi
233 END
234
235 # The reload script in /etc/webmin (Gentoo compliant)
236 cat <<END >>"$config_dir/reload"
237 #!/bin/sh
238
239 if [[ -d /run/systemd/system ]] ; then
240 systemctl reload-or-try-restart webmin.service
241 else
242 rc-service --ifexists -- webmin --ifstarted reload
243 fi
244 END
245
246 chmod 755 $config_dir/{start,stop,restart,reload}
247 echo "..done"
248 echo ""
249
250
251 if [ "$upgrading" = 1 ]; then
252 echo "Updating other config files.."
253 else
254 echo "Copying other config files.."
255 fi
256
257 # This just copies and merges the Webmin's release config files, with user's in the /etc/webmin folder
258 newmods=`$perl "$wadir/copyconfig.pl" "$os_type/$real_os_type" "$os_version/$real_os_version" "$wadir" $config_dir "" $allmods`
259 if [ "$upgrading" != 1 ]; then
260 # Store the OS and version
261 echo "os_type=$os_type" >> $config_dir/config
262 echo "os_version=$os_version" >> $config_dir/config
263 echo "real_os_type=$real_os_type" >> $config_dir/config
264 echo "real_os_version=$real_os_version" >> $config_dir/config
265
266 # Turn on logging by default
267 echo "log=1" >> $config_dir/config
268
269 # Disallow unknown referers by default
270 echo "referers_none=1" >>$config_dir/config
271 else
272 # one-off hack to set log variable in config from miniserv.conf
273 grep log= $config_dir/config >/dev/null
274 if [ "$?" = "1" ]; then
275 grep log= $config_dir/miniserv.conf >> $config_dir/config
276 grep logtime= $config_dir/miniserv.conf >> $config_dir/config
277 grep logclear= $config_dir/miniserv.conf >> $config_dir/config
278 fi
279
280 # Disallow unknown referers if not set
281 grep referers_none= $config_dir/config >/dev/null
282 if [ "$?" != "0" ]; then
283 echo "referers_none=1" >>$config_dir/config
284 fi
285 fi
286 echo $ver > $config_dir/version
287 echo "..done"
288 echo ""
289
290 # Set passwd_ fields in miniserv.conf from global config
291 for field in passwd_file passwd_uindex passwd_pindex passwd_cindex passwd_mindex; do
292 grep $field= $config_dir/miniserv.conf >/dev/null
293 if [ "$?" != "0" ]; then
294 grep $field= $config_dir/config >> $config_dir/miniserv.conf
295 fi
296 done
297 grep passwd_mode= $config_dir/miniserv.conf >/dev/null
298 if [ "$?" != "0" ]; then
299 echo passwd_mode=0 >> $config_dir/miniserv.conf
300 fi
301
302 # Disable SSL compression to defeat BEAST attack
303 grep no_sslcompression= $config_dir/miniserv.conf >/dev/null
304 if [ "$?" != "0" ]; then
305 echo no_sslcompression=1 >> $config_dir/miniserv.conf
306 fi
307
308 # Make Perl crypt MD5 the default
309 echo md5pass=1 >> $config_dir/config
310
311
312 # Set a special theme if none was set before
313 if [ "$theme" = "" ]; then
314 theme=`cat "$wadir/defaulttheme" 2>/dev/null`
315 fi
316 oldthemeline=`grep "^theme=" $config_dir/config`
317 oldtheme=`echo $oldthemeline | sed -e 's/theme=//g'`
318 if [ "$theme" != "" ] && [ "$oldthemeline" = "" ] && [ -d "$wadir/$theme" ]; then
319 themelist=$theme
320 fi
321
322 # Set a special overlay if none was set before
323 if [ "$overlay" = "" ]; then
324 overlay=`cat "$wadir/defaultoverlay" 2>/dev/null`
325 fi
326 if [ "$overlay" != "" ] && [ "$theme" != "" ] && [ -d "$wadir/$overlay" ]; then
327 themelist="$themelist $overlay"
328 fi
329
330 # Apply the theme and maybe overlay
331 if [ "$themelist" != "" ]; then
332 echo "theme=$themelist" >> $config_dir/config
333 echo "preroot=$themelist" >> $config_dir/miniserv.conf
334 fi
335
336 # Set the product field in the global config
337 grep product= $config_dir/config >/dev/null
338 if [ "$?" != "0" ]; then
339 echo product=webmin >> $config_dir/config
340 fi
341
342 # If password delays are not specifically disabled, enable them
343 grep passdelay= $config_dir/miniserv.conf >/dev/null
344 if [ "$?" != "0" ]; then
345 echo passdelay=1 >> $config_dir/miniserv.conf
346 fi
347
348
349 echo "Changing ownership and permissions.."
350 # Make all config dirs non-world-readable
351 for m in $newmods; do
352 chown -R root:root $config_dir/$m
353 chmod -R og-rw $config_dir/$m
354 done
355
356 # Make miniserv config files non-world-readable
357 for f in miniserv.conf miniserv.users; do
358 chown -R root:root $config_dir/$f
359 chmod -R og-rw $config_dir/$f
360 done
361 chmod +r $config_dir/version
362
363 # Fix up bad permissions from some older installs
364 for m in ldap-client ldap-server ldap-useradmin mailboxes mysql postgresql servers virtual-server; do
365 if [ -d "$config_dir/$m" ]; then
366 chown root:root $config_dir/$m
367 chmod og-rw $config_dir/$m
368 chmod og-rw $config_dir/$m/config 2>/dev/null
369 fi
370 done
371 echo "..done"
372 echo ""
373
374
375 # This executes all postinstall.pl for every module
376 # If you do bump, you should look at the specific changes they do with this command in root folder:
377 # find . -name postinstall.pl -exec cat {} \; -print
378 # Generally they are safe to run 'cause they change only user's config in /etc/webmin
379 # or setup some cron jobs
380 if [ "$nopostinstall" = "" ]; then
381 echo "Running postinstall scripts.. (Please ignore any possible errors)"
382 (cd "$wadir" ; WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir "$wadir/run-postinstalls.pl")
383 echo "..done"
384 echo ""
385 fi
386
387 # Enable background collection
388 if [ "$upgrading" != 1 -a -r $config_dir/system-status/enable-collection.pl ]; then
389 echo "Enabling background status collection.. (Please ignore any possible errors)"
390 $config_dir/system-status/enable-collection.pl 5
391 echo "..done"
392 echo ""
393 fi

  ViewVC Help
Powered by ViewVC 1.1.20