- patches for jailkit update feature, contributed by Timme Hosting

Marius Burkard · Marius Burkard · commit 06b26aa21920 · 2018-12-14T12:59:15.000+01:00
diff --git a/interface/web/sites/lib/lang/de_web_vhost_domain.lng b/interface/web/sites/lib/lang/de_web_vhost_domain.lng
@@ -155,4 +155,5 @@ $wb['error_server_change_not_possible'] = 'Der Server kann nicht geändert werde
 $wb['enable_pagespeed_txt'] = 'Enable PageSpeed';
 $wb['log_retention_txt'] = 'Log-Dateien Aufbewahrungszeit';
 $wb['log_retention_error_regex'] = 'Aufbewahrungszeit in Tagen (Erlaubte Werte: min. 0 - max. 9999)';
-$wb['jailkit_jkupdate_cron_txt'] = 'Automatisches jkupdate';
+$wb['jailkit_jkupdate_cron_txt'] = 'Automatisches Jailkit-Update';
+$wb['ttip_jailkit_jkupdate_cron_txt'] = 'Wenn diese Website mind. einen Jailkit-SSH-Benutzer hat, wird das Jailkit durch einen täglichen Cron Job aktuell gehalten.';
diff --git a/interface/web/sites/lib/lang/en_web_vhost_domain.lng b/interface/web/sites/lib/lang/en_web_vhost_domain.lng
@@ -161,4 +161,5 @@ $wb['error_domain_change_forbidden'] = 'The domain name cannot be changed. Pleas
 $wb['error_server_change_not_possible'] = 'The server cannot be changed.';
 $wb['log_retention_txt'] = 'Logfiles retention time';
 $wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
-$wb['jailkit_jkupdate_cron_txt'] = 'Automate jkupdate';
+$wb['jailkit_jkupdate_cron_txt'] = 'Automatic Jailkit update';
+$wb['ttip_jailkit_jkupdate_cron_txt'] = 'If this site has at least one Jailkit SSH user, the jailkit will be kept up to date through a daily cron job.';
diff --git a/interface/web/sites/templates/web_vhost_domain_advanced.htm b/interface/web/sites/templates/web_vhost_domain_advanced.htm
@@ -101,8 +101,8 @@ <h1><tmpl_var name="list_head_txt"></h1>
 				<b>{tmpl_var name="available_php_directive_snippets_txt"}</b><br><br>&nbsp;{tmpl_var name="php_directive_snippets_txt"}
 				</div>
             </div>
-	    <div class="form-group nginx">
-                <label for="jailkit_jkupdate_cron" class="col-sm-3 control-label">{tmpl_var name='jailkit_jkupdate_cron_txt'}</label>
+	    <div class="form-group">
+                <label for="jailkit_jkupdate_cron" class="col-sm-3 control-label">{tmpl_var name='jailkit_jkupdate_cron_txt'}{tmpl_if name="ttip_jailkit_jkupdate_cron_txt"}<div class="ttip" title="{tmpl_var name='ttip_jailkit_jkupdate_cron_txt'}" ></div>{/tmpl_if}</label>
                 <div class="col-sm-9">
                     {tmpl_var name='jailkit_jkupdate_cron'}
                 </div>
diff --git a/server/lib/classes/cron.d/500-jkupdate.inc.php b/server/lib/classes/cron.d/500-jkupdate.inc.php
@@ -53,27 +53,72 @@ public function onRunJob() {
 
 		$app->uses('getconf');
 		$jailkit_conf = $app->getconf->get_server_config($conf['server_id'], 'jailkit');
-		$jailkit_programs = explode(' ', $jailkit_conf['jailkit_chroot_app_programs']);
+		//$jailkit_programs = explode(' ', $jailkit_conf['jailkit_chroot_app_programs']);
+		$jailkit_programs = preg_split("/[\s,]+/", $jailkit_conf['jailkit_chroot_app_programs']);
+		$jailkit_sections = trim($jailkit_conf['jailkit_chroot_app_sections']);
 
-		$sites = $app->db->queryAllRecords('SELECT domain_id, document_root FROM web_domain WHERE jailkit_jkupdate_cron = \'y\'');
+		$sites = $app->db->queryAllRecords("SELECT domain_id, document_root, fastcgi_php_version FROM web_domain WHERE jailkit_jkupdate_cron = 'y' AND type = 'vhost' AND parent_domain_id = 0 AND document_root != '' ORDER BY domain_id");
 
 		foreach($sites as $site) {
-			$users = $app->db->queryOneRecord('SELECT COUNT(*) AS user_count FROM shell_user WHERE parent_domain_id = ? AND active=\'y\' AND chroot=\'jailkit\'', $site['domain_id']);
-			$crons = $app->db->queryOneRecord('SELECT COUNT(*) AS cron_count FROM cron WHERE parent_domain_id = ? AND active=\'y\' AND type=\'chrooted\'', $site['domain_id']);
+			$set_php_symlink = false;
+			
+			$users = $app->db->queryOneRecord("SELECT COUNT(*) AS user_count FROM shell_user WHERE parent_domain_id = ? AND active='y' AND chroot='jailkit'", intval($site['domain_id']));
+			$crons = $app->db->queryOneRecord("SELECT COUNT(*) AS cron_count FROM cron WHERE parent_domain_id = ? AND active='y' AND type='chrooted'", $site['domain_id']);
 			if ($users['user_count'] > 0 || $crons['cron_count'] > 0) {
+				
 				if (!is_dir($site['document_root'])) {
 					return;
 				}
+				
+				//$app->log('Running jailkit init for '.$site['document_root']);
+				//if($jailkit_sections != '') $this->run_jk_init($site['document_root'], $jailkit_sections);
 
 				$app->log('Running jailkit updates for '.$site['document_root']);
 
 				$this->run_jk_update($site['document_root']);
-				$this->run_jk_cp($site['document_root'], $jailkit_programs);
+				if(preg_match('@(\d\d?\.\d\d?\.\d\d?)@', $site['fastcgi_php_version'], $matches)){
+					if(!in_array('/opt/php-'.$matches[1].'/bin/php', $jailkit_programs)) $jailkit_programs[] = '/opt/php-'.$matches[1].'/bin/php';
+					if(!in_array('/opt/php-'.$matches[1].'/include', $jailkit_programs)) $jailkit_programs[] = '/opt/php-'.$matches[1].'/include';
+					if(!in_array('/opt/php-'.$matches[1].'/lib', $jailkit_programs)) $jailkit_programs[] = '/opt/php-'.$matches[1].'/lib';
+					if(!in_array('/opt/th-php-libs', $jailkit_programs)) $jailkit_programs[] = '/opt/th-php-libs';
+					
+					$set_php_symlink = true;
+					
+				}
+				if(is_array($jailkit_programs) && !empty($jailkit_programs)) $this->run_jk_cp($site['document_root'], $jailkit_programs);
+				
+				if($set_php_symlink){
+					// create symlink from /usr/bin/php to current PHP version
+					if(preg_match('@(\d\d?\.\d\d?\.\d\d?)@', $site['fastcgi_php_version'], $matches) && (!file_exists($site['document_root'].'/usr/bin/php') || is_link($site['document_root'].'/usr/bin/php'))){
+						@unlink($site['document_root'].'/usr/bin/php');
+						@symlink('/opt/php-'.$matches[1].'/bin/php', $site['document_root'].'/usr/bin/php');
+					}
+				}
 			}
 		}
+		
+		if(file_exists('/dev/tty')){
+			chmod('/dev/tty', 0666);
+		}
 
 		parent::onRunJob();
 	}
+	
+	private function run_jk_init($document_root, $sections){
+		global $app;
+		
+		$return_var = $this->exec_log('/usr/sbin/jk_init -f -k -c /etc/jailkit/jk_init.ini -j '.escapeshellarg($document_root).' '.$sections);
+		
+		if ($return_var > 0) {
+			$app->log('jk_init failed with -j, trying again without -j', LOGLEVEL_DEBUG);
+			
+			$return_var = $this->exec_log('/usr/sbin/jk_init -f -k -c /etc/jailkit/jk_init.ini '.escapeshellarg($document_root).' '.$sections);
+			
+			if ($return_var > 0) {
+				$app->log('jk_init failed (with and without -j parameter)', LOGLEVEL_WARN);
+			}
+		}
+	}
 
 	private function run_jk_update($document_root) {
 		global $app;
@@ -94,10 +139,14 @@ private function run_jk_cp($document_root, $programs) {
 		global $app;
 
 		foreach($programs as $program) {
+			$program = trim($program);
+			if($program == ''){
+				continue;
+			}
 			if (!file_exists($program)) {
 				continue;
 			}
-
+			
 			$return_var = $this->exec_log('/usr/sbin/jk_cp '.escapeshellarg($document_root).' '.escapeshellarg($program));
 
 			if ($return_var > 0) {
@@ -109,6 +158,10 @@ private function run_jk_cp($document_root, $programs) {
 				}
 			}
 		}
+		
+		if(file_exists($document_root.'/dev/tty')){
+			chmod($document_root.'/dev/tty', 0666);
+		}
 	}
 
 	private function exec_log($cmd) {
@@ -134,4 +187,4 @@ public function onAfterRun() {
 
 }
 
-?>
+?>
