--- /dev/null
+#!/bin/sh
+# gentoo-setup.sh
+#
+# Version 1.2
+#
+# A modified original Webmin setup.sh script to comply with Gentoo specifics
+#
+# Modification done by: PhobosK <phobosk@kbfx.net>
+#
+# This script runs after the webmin archive is installed, and in the pkg_config() phase.
+# It does setup the various config files of Webmin depending on if it is
+# a new install, an upgrade or a reset.
+
+LANG=
+export LANG
+
+if [ -z ${wadir} ]; then
+ echo "You can't run this script outside of the 'emerge --config app-admin/webmin' command."
+ exit 1
+fi
+
+# All things we do is from the Webmin install dir - $wadir
+cd $wadir
+
+
+# Are we hard resetting everything?
+# If yes, we do:
+# 1. Run the specific Webmin $wadir/run-uninstalls.pl
+# It runs all uninstall.pl files in every module's folder.
+# They delete all the set specific Webmin cron jobs.
+# If bumping you should go through these files using the command:
+# find . -name uninstall.pl -exec cat {} \; -print
+# 2. Delete the whole /etc/webmin content, keeping only the gentoo .keep_* files
+if [ "$reset" = "hard" ]; then
+ echo "Running Webmin's specific uninstall procedures.. (Please ignore any possible errors)"
+ (WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir LANG= "$wadir/run-uninstalls.pl")
+ echo "..done"
+ echo ""
+
+ echo "Deleting the content of user's config folder: $config_dir .."
+ find $config_dir ! -name '.keep_*' -delete 2>/dev/null
+ echo "..done"
+ echo ""
+fi
+
+
+# Are we soft resetting?
+# If yes we do:
+# - Delete the $config_dir/config file so we get new config values
+if [ "$reset" = "soft" ]; then
+ echo "Deleting the user's $config_dir/config file.."
+ if [ -f "$config_dir/config" ]; then
+ rm -f "$config_dir/config"
+ fi
+ echo "..done"
+ echo ""
+fi
+
+
+# Get all available modules of this version
+allmods=`echo */module.info | sed -e 's/\/module.info//g'`
+
+# Get current Webmin version
+ver=`cat "$wadir/version"`
+
+if [ -r "$config_dir/config" ]; then
+ upgrading=1
+fi
+
+
+# Check if upgrading from an old version
+if [ "$upgrading" = 1 ]; then
+ echo "Updating existant Webmin's config files.."
+
+ # Get current var path
+ if [ -r "$config_dir/var-path" ]; then
+ _var_dir=`cat $config_dir/var-path`
+ if [ -n ${_var_dir} ]; then
+ var_dir=${_var_dir}
+ fi
+ fi
+
+ # Get current perl path
+ if [ -r "$config_dir/perl-path" ]; then
+ _perl=`cat $config_dir/perl-path`
+ if [ -n ${_perl} ]; then
+ perl=${_perl}
+ fi
+ fi
+
+ # Get old os name and version
+ os_type=`grep "^os_type=" $config_dir/config | sed -e 's/os_type=//g'`
+ os_version=`grep "^os_version=" $config_dir/config | sed -e 's/os_version=//g'`
+ real_os_type=`grep "^real_os_type=" $config_dir/config | sed -e 's/real_os_type=//g'`
+ real_os_version=`grep "^real_os_version=" $config_dir/config | sed -e 's/real_os_version=//g'`
+
+ # Get port, ssl, no_ssl2, no_ssl3, ssl_redirect, no_sslcompression, ssl_honorcipherorder, no_tls1, no_tls1_1 and keyfile
+ port=`grep "^port=" $config_dir/miniserv.conf | sed -e 's/port=//g'`
+ ssl=`grep "^ssl=" $config_dir/miniserv.conf | sed -e 's/ssl=//g'`
+ no_ssl2=`grep "^no_ssl2=" $config_dir/miniserv.conf | sed -e 's/no_ssl2=//g'`
+ no_ssl3=`grep "^no_ssl3=" $config_dir/miniserv.conf | sed -e 's/no_ssl3=//g'`
+ ssl_redirect=`grep "^ssl_redirect=" $config_dir/miniserv.conf | sed -e 's/ssl_redirect=//g'`
+ ssl_honorcipherorder=`grep "^ssl_honorcipherorder=" $config_dir/miniserv.conf | sed -e 's/ssl_honorcipherorder=//g'`
+ no_sslcompression=`grep "^no_sslcompression=" $config_dir/miniserv.conf | sed -e 's/no_sslcompression=//g'`
+ no_tls1=`grep "^no_tls1=" $config_dir/miniserv.conf | sed -e 's/no_tls1=//g'`
+ no_tls1_1=`grep "^no_tls1_1=" $config_dir/miniserv.conf | sed -e 's/no_tls1_1=//g'`
+ keyfile=`grep "^keyfile=" $config_dir/miniserv.conf | sed -e 's/keyfile=//g'`
+
+ # Update ACLs
+ $perl "$wadir/newmods.pl" $config_dir $allmods
+
+ # Update miniserv.conf with new root directory, mime types file and server info
+ grep -v "^root=" $config_dir/miniserv.conf | grep -v "^mimetypes=" | grep -v "^server=" >$tempdir/$$.miniserv.conf
+ mv $tempdir/$$.miniserv.conf $config_dir/miniserv.conf
+ echo "root=$wadir" >> $config_dir/miniserv.conf
+ echo "mimetypes=$wadir/mime.types" >> $config_dir/miniserv.conf
+ echo "server=MiniServ/$ver" >> $config_dir/miniserv.conf
+ grep logout= $config_dir/miniserv.conf >/dev/null
+ if [ $? != "0" ]; then
+ echo "logout=$config_dir/logout-flag" >> $config_dir/miniserv.conf
+ fi
+
+ # Remove old cache of module infos
+ rm -f $config_dir/module.infos.cache
+ echo "..done"
+ echo ""
+else
+ # Create webserver's new config files
+ echo "Creating Webmin's new config files.."
+
+ echo $perl > $config_dir/perl-path
+ echo $var_dir > $config_dir/var-path
+
+ # Create a totally new conf file
+ cfile=$config_dir/miniserv.conf
+ echo "port=$port" > $cfile
+ echo "root=$wadir" >> $cfile
+ echo "mimetypes=$wadir/mime.types" >> $cfile
+ echo "addtype_cgi=internal/cgi" >> $cfile
+ echo "realm=Webmin Server" >> $cfile
+ echo "logfile=$var_dir/miniserv.log" >> $cfile
+ echo "errorlog=$var_dir/miniserv.error" >> $cfile
+ echo "pidfile=$pidfile" >> $cfile
+ echo "logtime=168" >> $cfile
+ echo "ppath=$ppath" >> $cfile
+ echo "ssl=$ssl" >> $cfile
+ echo "no_ssl2=$no_ssl2" >> $cfile
+ echo "no_ssl3=$no_ssl3" >> $cfile
+ echo "ssl_redirect=$ssl_redirect" >> $cfile
+ echo "ssl_honorcipherorder=$ssl_honorcipherorder" >> $cfile
+ echo "no_sslcompression=$no_sslcompression" >> $cfile
+ echo "no_tls1=$no_tls1" >> $cfile
+ echo "no_tls1_1=$no_tls1_1" >> $cfile
+ echo "keyfile=$keyfile" >> $cfile
+ echo "env_WEBMIN_CONFIG=$config_dir" >> $cfile
+ echo "env_WEBMIN_VAR=$var_dir" >> $cfile
+ echo "atboot=$atboot" >> $cfile
+ echo "logout=$config_dir/logout-flag" >> $cfile
+ echo "listen=10000" >> $cfile
+ echo "denyfile=\\.pl\$" >> $cfile
+ echo "log=1" >> $cfile
+ echo "blockhost_failures=5" >> $cfile
+ echo "blockhost_time=60" >> $cfile
+ echo "syslog=1" >> $cfile
+ echo "session=1" >> $cfile
+ echo "premodules=WebminCore" >> $cfile
+ echo "server=MiniServ/$ver" >> $cfile
+
+ # Append package-specific info to config file.
+ # miniserv-conf can be created by upstream or by us in src_install phase (see there).
+ if [ -f "$wadir/miniserv-conf" ]; then
+ cat "$wadir/miniserv-conf" >>$cfile
+ fi
+
+ # Create the default user allowed to login - root only
+ login="root"
+
+ if [ -r /etc/shadow ]; then
+ #crypt=`grep "^root:" /etc/shadow | cut -f 2 -d :`
+ crypt=x
+ else
+ crypt=`grep "^root:" /etc/passwd | cut -f 2 -d :`
+ fi
+
+ ufile=$config_dir/miniserv.users
+ echo "$login:$crypt:0" > $ufile
+ chmod 600 $ufile
+
+
+ echo "userfile=$ufile" >> $cfile
+ chmod 600 $cfile
+ echo "..done"
+ echo ""
+
+ echo "Creating access control file.."
+ afile=$config_dir/webmin.acl
+ echo "$login: $allmods" > $afile
+ chmod 600 $afile
+ echo "..done"
+ echo ""
+fi
+
+
+# Create start, stop, restart and reload Gentoo compliant Webmin scripts
+# We use sys-apps/openrc functions which is already pulled by sys-apps/baselayout
+# or systemctl if we run under systemd
+echo "Creating start and stop scripts.."
+rm -f $config_dir/{start,stop,restart,reload}
+
+# The start script in /etc/webmin (Gentoo compliant)
+cat <<END >>"$config_dir/start"
+#!/bin/sh
+
+if [ ! -f "${pidfile}" ]; then
+ if [[ -d /run/systemd/system ]] ; then
+ systemctl start webmin.service
+ else
+ rc-service --ifexists -- webmin start
+ fi
+fi
+END
+
+# The stop script in /etc/webmin (Gentoo compliant)
+cat <<END >>"$config_dir/stop"
+#!/bin/sh
+
+if [[ -d /run/systemd/system ]] ; then
+ systemctl stop webmin.service
+else
+ rc-service --ifexists -- webmin --ifstarted stop
+fi
+END
+
+# The restart script in /etc/webmin (Gentoo compliant)
+cat <<END >>"$config_dir/restart"
+#!/bin/sh
+
+if [[ -d /run/systemd/system ]] ; then
+ systemctl try-restart webmin.service
+else
+ rc-service --ifexists -- webmin --ifstarted restart
+fi
+END
+
+# The reload script in /etc/webmin (Gentoo compliant)
+cat <<END >>"$config_dir/reload"
+#!/bin/sh
+
+if [[ -d /run/systemd/system ]] ; then
+ systemctl reload-or-try-restart webmin.service
+else
+ rc-service --ifexists -- webmin --ifstarted reload
+fi
+END
+
+chmod 755 $config_dir/{start,stop,restart,reload}
+echo "..done"
+echo ""
+
+
+if [ "$upgrading" = 1 ]; then
+ echo "Updating other config files.."
+else
+ echo "Copying other config files.."
+fi
+
+# This just copies and merges the Webmin's release config files, with user's in the /etc/webmin folder
+newmods=`$perl "$wadir/copyconfig.pl" "$os_type/$real_os_type" "$os_version/$real_os_version" "$wadir" $config_dir "" $allmods`
+if [ "$upgrading" != 1 ]; then
+ # Store the OS and version
+ echo "os_type=$os_type" >> $config_dir/config
+ echo "os_version=$os_version" >> $config_dir/config
+ echo "real_os_type=$real_os_type" >> $config_dir/config
+ echo "real_os_version=$real_os_version" >> $config_dir/config
+
+ # Turn on logging by default
+ echo "log=1" >> $config_dir/config
+
+ # Disallow unknown referers by default
+ echo "referers_none=1" >>$config_dir/config
+else
+ # one-off hack to set log variable in config from miniserv.conf
+ grep log= $config_dir/config >/dev/null
+ if [ "$?" = "1" ]; then
+ grep log= $config_dir/miniserv.conf >> $config_dir/config
+ grep logtime= $config_dir/miniserv.conf >> $config_dir/config
+ grep logclear= $config_dir/miniserv.conf >> $config_dir/config
+ fi
+
+ # Disallow unknown referers if not set
+ grep referers_none= $config_dir/config >/dev/null
+ if [ "$?" != "0" ]; then
+ echo "referers_none=1" >>$config_dir/config
+ fi
+fi
+echo $ver > $config_dir/version
+echo "..done"
+echo ""
+
+# Set passwd_ fields in miniserv.conf from global config
+for field in passwd_file passwd_uindex passwd_pindex passwd_cindex passwd_mindex; do
+ grep $field= $config_dir/miniserv.conf >/dev/null
+ if [ "$?" != "0" ]; then
+ grep $field= $config_dir/config >> $config_dir/miniserv.conf
+ fi
+done
+grep passwd_mode= $config_dir/miniserv.conf >/dev/null
+if [ "$?" != "0" ]; then
+ echo passwd_mode=0 >> $config_dir/miniserv.conf
+fi
+
+grep ssl_honorcipherorder= $config_dir/miniserv.conf >/dev/null
+if [ "$?" != "0" ]; then
+ echo ssl_honorcipherorder=1 >> $config_dir/miniserv.conf
+fi
+
+# Disable SSL compression to defeat BEAST attack
+grep no_sslcompression= $config_dir/miniserv.conf >/dev/null
+if [ "$?" != "0" ]; then
+ echo no_sslcompression=1 >> $config_dir/miniserv.conf
+fi
+
+# Tighten SSL security
+grep no_ssl2= $config_dir/miniserv.conf >/dev/null
+if [ "$?" != "0" ]; then
+ echo no_ssl2=1 >> $config_dir/miniserv.conf
+fi
+
+grep no_ssl3= $config_dir/miniserv.conf >/dev/null
+if [ "$?" != "0" ]; then
+ echo no_ssl3=1 >> $config_dir/miniserv.conf
+fi
+
+grep no_tls1= $config_dir/miniserv.conf >/dev/null
+if [ "$?" != "0" ]; then
+ echo no_tls1=1 >> $config_dir/miniserv.conf
+fi
+
+grep no_tls1_1= $config_dir/miniserv.conf >/dev/null
+if [ "$?" != "0" ]; then
+ echo no_tls1_1=1 >> $config_dir/miniserv.conf
+fi
+
+# Make Perl crypt MD5 the default
+grep md5pass= $config_dir/config >/dev/null
+if [ "$?" != "0" ]; then
+ echo md5pass=1 >> $config_dir/config
+fi
+
+# Set a special theme if none was set before
+if [ "$theme" = "" ]; then
+ theme=`cat "$wadir/defaulttheme" 2>/dev/null`
+fi
+oldthemeline=`grep "^theme=" $config_dir/config`
+oldtheme=`echo $oldthemeline | sed -e 's/theme=//g'`
+if [ "$theme" != "" ] && [ "$oldthemeline" = "" ] && [ -d "$wadir/$theme" ]; then
+ themelist=$theme
+fi
+
+# Set a special overlay if none was set before
+if [ "$overlay" = "" ]; then
+ overlay=`cat "$wadir/defaultoverlay" 2>/dev/null`
+fi
+if [ "$overlay" != "" ] && [ "$theme" != "" ] && [ -d "$wadir/$overlay" ]; then
+ themelist="$themelist $overlay"
+fi
+
+# Apply the theme and maybe overlay
+if [ "$themelist" != "" ]; then
+ echo "theme=$themelist" >> $config_dir/config
+ echo "preroot=$themelist" >> $config_dir/miniserv.conf
+fi
+
+# If the old blue-theme is still in use, change it (new in 1.730)
+oldtheme=`grep "^theme=" $config_dir/config | sed -e 's/theme=//g'`
+if [ "$oldtheme" = "blue-theme" ]; then
+ sed -i -e 's/theme=blue-theme/theme=gray-theme/g' $config_dir/config
+ sed -i -e 's/preroot=blue-theme/preroot=gray-theme/g' $config_dir/miniserv.conf
+fi
+
+# Set the product field in the global config
+grep product= $config_dir/config >/dev/null
+if [ "$?" != "0" ]; then
+ echo product=webmin >> $config_dir/config
+fi
+
+# If password delays are not specifically disabled, enable them
+grep passdelay= $config_dir/miniserv.conf >/dev/null
+if [ "$?" != "0" ]; then
+ echo passdelay=1 >> $config_dir/miniserv.conf
+fi
+
+
+echo "Changing ownership and permissions.."
+# Make all config dirs non-world-readable
+for m in $newmods; do
+ chown -R root:root $config_dir/$m
+ chmod -R og-rw $config_dir/$m
+done
+
+# Make miniserv config files non-world-readable
+for f in miniserv.conf miniserv.users; do
+ chown -R root:root $config_dir/$f
+ chmod -R og-rw $config_dir/$f
+done
+chmod +r $config_dir/version
+
+# Fix up bad permissions from some older installs
+for m in ldap-client ldap-server ldap-useradmin mailboxes mysql postgresql servers virtual-server; do
+ if [ -d "$config_dir/$m" ]; then
+ chown root:root $config_dir/$m
+ chmod og-rw $config_dir/$m
+ chmod og-rw $config_dir/$m/config 2>/dev/null
+ fi
+done
+echo "..done"
+echo ""
+
+
+# This executes all postinstall.pl for every module
+# If you do bump, you should look at the specific changes they do with this command in root folder:
+# find . -name postinstall.pl -exec cat {} \; -print
+# Generally they are safe to run 'cause they change only user's config in /etc/webmin
+# or setup some cron jobs
+if [ "$nopostinstall" = "" ]; then
+ echo "Running postinstall scripts.. (Please ignore any possible errors)"
+ (cd "$wadir" ; WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir "$wadir/run-postinstalls.pl")
+ echo "..done"
+ echo ""
+fi
+
+# Enable background collection
+if [ "$upgrading" != 1 -a -r $config_dir/system-status/enable-collection.pl ]; then
+ echo "Enabling background status collection.. (Please ignore any possible errors)"
+ $config_dir/system-status/enable-collection.pl 5
+ echo "..done"
+ echo ""
+fi
projects / local / commitdiff