--- rpms/smeserver-cacti/contribs10/smeserver-cacti-1.1.19-sme10.patch	2022/07/26 04:53:30	1.3
+++ rpms/smeserver-cacti/contribs10/smeserver-cacti-1.1.19-sme10.patch	2022/07/27 19:00:37	1.4
@@ -237,3 +237,569 @@ diff -Nur --no-dereference smeserver-cac
 +UID="root"
  GID="www"
  PERMS=0640
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/createlinks smeserver-cacti-1.1.19/createlinks
+--- smeserver-cacti-1.1.19.old/createlinks	2014-06-16 11:53:01.000000000 -0400
++++ smeserver-cacti-1.1.19/createlinks	2022-07-27 14:55:50.939000000 -0400
+@@ -5,6 +5,7 @@
+ for my $event (qw(
+     post-upgrade
+     bootstrap-console-save
++    console-save
+ 	))
+ {
+     templates2events("/etc/cacti/db.php", $event);
+@@ -22,3 +23,32 @@
+ }
+ 
+ templates2events("/etc/e-smith/sql/init/80cacti", "post-upgrade");
++
++my $event="smeserver-cacti-update";
++event_templates($event, qw(
++  /etc/cacti/db.php
++  /etc/httpd/conf/httpd.conf
++  /etc/crontab
++  /etc/opt/remi/php74/php-fpm.d/www.conf
++  /etc/e-smith/sql/init/80cacti
++));
++
++event_services($event, 
++  'crond' => 'restart',
++  'mysql.init' => 'restart',
++  'httpd-e-smith' => 'sigusr1',
++  'php74-php-fpm' => 'reload-or-restart'
++);
++
++event_actions($event,
++'cacti-conf' => '50',
++'cacti-ldap' => '95'
++);
++
++
++#backup ?
++#use esmith::Build::Backup qw(:all);
++#backup_includes("smeserver-cacti", qw(
++#
++#));
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/db/configuration/migrate/80cacti smeserver-cacti-1.1.19/root/etc/e-smith/db/configuration/migrate/80cacti
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/db/configuration/migrate/80cacti	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/db/configuration/migrate/80cacti	2022-07-27 14:46:58.425000000 -0400
+@@ -0,0 +1,72 @@
++{
++    use MIME::Base64 qw(encode_base64);
++
++    my $service;
++    my $rec;
++    my $pw;
++
++    # Store the cacti password in the configuration database (if not already there)
++    $service = 'cacti';
++
++    $rec = $DB->get($service) || $DB->new_record($service, {type => 'service'});
++
++    $pw = $rec->prop('DbPassword');
++    
++
++	if (! $pw)
++    	{
++		
++		if ( open( RANDOM, "/dev/urandom" ) )
++	    	{
++        		my $buf;
++		        # 57 bytes is a full line of Base64 coding, and contains
++		        # 456 bits of randomness - given a perfectly random /dev/random
++	       		if ( read( RANDOM, $buf, 57 ) != 57 )
++	        	{
++	        	    warn("Short read from /dev/random: $!");
++	        	}
++	        	else
++	        	{
++	            		$pw = encode_base64($buf);
++	        	    chomp $pw;
++	        	}
++	        	close RANDOM;
++	    	}
++	    	else
++	    	{
++	    	    warn "Could not open /dev/urandom: $!";
++	    	}
++		
++	    	$rec->set_prop('DbPassword', $pw);
++	}
++    $pwa = $rec->prop('AdminPassword');
++        if (! $pwa)
++        {
++
++                if ( open( RANDOM, "/dev/urandom" ) )
++                {
++                        my $buf;
++                        # 57 bytes is a full line of Base64 coding, and contains
++                        # 456 bits of randomness - given a perfectly random /dev/random
++                        if ( read( RANDOM, $buf, 15 ) != 15 )
++                        {
++                            warn("Short read from /dev/random: $!");
++                        }
++                        else
++                        {
++                                $pwa = encode_base64($buf);
++                            chomp $pwa;
++                        }
++                        close RANDOM;
++                }
++                else
++                {
++                    warn "Could not open /dev/urandom: $!";
++                }
++
++                $rec->set_prop('AdminPassword', $pwa);
++        }
++
++
++
++}
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-conf smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-conf
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-conf	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-conf	2022-07-27 14:46:58.891000000 -0400
+@@ -0,0 +1,16 @@
++#!/bin/bash
++
++#easy configuration of what is needed for cacti to work correctly
++something=0;
++psomething=0;
++#check if something already set, if not let's do it
++
++/sbin/e-smith/config getprop mariadb TmpTableSize 1>/dev/null || ( config setprop mariadb TmpTableSize 32M ; echo "setting mariadb TmpTableSize 32M" ; something=1)
++/sbin/e-smith/config getprop mariadb MaxHeapTableSize 1>/dev/null || ( config setprop mariadb MaxHeapTableSize 32M ; echo "setting mariadb MaxHeapTableSize 32M" ; something=1)
++/sbin/e-smith/config getprop mariadb JoinBufferSize 1>/dev/null || ( config setprop mariadb JoinBufferSize 62M ; echo "setting mariadb JoinBufferSize 62M" ; something=1)
++
++#/sbin/e-smith/config getprop php74 MemoryLimit  1>/dev/null || ( config setprop  php74 MemoryLimit 800M ; echo "setting php74 memory_limit 800M" ; psomething=1)
++# install detect cli for php not php74 even if $php_path is set
++
++[ $something == 1 ] && /usr/sbin/e-smith/expand-template /etc/my.cnf  && /usr/bin/systemctl restart mariadb.service
++#[ $psomething == 1 ] && /usr/sbin/e-smith/expand-template /etc/opt/remi/php74/php.ini && /usr/bin/systemctl restart php74-php-fpm.service 
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-ldap smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-ldap
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/events/actions/cacti-ldap	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/events/actions/cacti-ldap	2022-07-27 14:46:58.663000000 -0400
+@@ -0,0 +1,44 @@
++#!/bin/bash
++
++#use esmith::ConfigDB;
++#use esmith::util;
++#my $cdb = esmith::ConfigDB->open_ro();
++#my $domain = $cdb->get_value('DomainName');
++#my $baseDN = esmith::util::ldapBase($cdb->get_value('DomainName'));
++#print $baseDN . "\n";
++
++db=$(config getprop cacti DbDatabase || echo 'cacti_sme');
++user=$(config getprop cacti DbUser || echo 'cacti');
++pass=$(config getprop cacti DbPassword || echo 'changeme');
++adminpass=$(config getprop cacti AdminPassword || echo 'changeme');
++domain=$(config get DomainName)
++DN=$(perl  -Mesmith::util  -e "print esmith::util::ldapBase(\"$domain\");")
++
++
++# set ldap auth with optional group
++#ldap_group_require 	'on' or ''
++# then set our admin password
++/usr/bin/mysql <<EOF
++UPDATE ${db}.settings SET value='memberUid' WHERE name='ldap_group_attrib';
++UPDATE ${db}.settings SET value='uid=cactigroup,ou=Groups,$DN' WHERE name='ldap_group_dn';
++
++UPDATE ${db}.settings SET value='0' WHERE name='ldap_tls_certificate';
++UPDATE ${db}.settings SET value='3' WHERE name='ldap_version';
++UPDATE ${db}.settings SET value='localhost' WHERE name='ldap_server';
++UPDATE ${db}.settings SET value='objectClass=inetOrgPerson' WHERE name='ldap_search_filter';
++UPDATE ${db}.settings SET value='ou=Users,$DN' WHERE name='ldap_search_base';
++UPDATE ${db}.settings SET value='0' WHERE name='ldap_referrals';
++UPDATE ${db}.settings SET value='636' WHERE name='ldap_port_ssl';
++UPDATE ${db}.settings SET value='389' WHERE name='ldap_port';
++UPDATE ${db}.settings SET value='0' WHERE name='ldap_mode';
++UPDATE ${db}.settings SET value='0' WHERE name='ldap_encryption';
++UPDATE ${db}.settings SET value='uid=<username>,ou=Users,$DN' WHERE name='ldap_dn';
++UPDATE ${db}.settings SET value='3' WHERE name='auth_method';
++UPDATE ${db}.settings SET value='cn' WHERE name='cn_full_name';
++UPDATE ${db}.settings SET value='mail' WHERE name='cn_email';
++
++
++# set password of admin
++UPDATE ${db}.user_auth SET email_address='admin@${domain}', must_change_password='',password=md5('$adminpass'), enabled='on'  WHERE username='admin' and id='1';
++EOF
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/10DB smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/10DB
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/10DB	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/10DB	2022-07-27 14:46:55.823000000 -0400
+@@ -0,0 +1,54 @@
++<?php
++/*
++ +-------------------------------------------------------------------------+
++ | Copyright (C) 2004 Ian Berry                                            |
++ |                                                                         |
++ | This program is free software; you can redistribute it and/or           |
++ | modify it under the terms of the GNU General Public License             |
++ | as published by the Free Software Foundation; either version 2          |
++ | of the License, or (at your option) any later version.                  |
++ |                                                                         |
++ | This program is distributed in the hope that it will be useful,         |
++ | but WITHOUT ANY WARRANTY; without even the implied warranty of          |
++ | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
++ | GNU General Public License for more details.                            |
++ +-------------------------------------------------------------------------+
++ | cacti: a php-based graphing solution                                    |
++ +-------------------------------------------------------------------------+
++ | Most of this code has been designed, written and is maintained by       |
++ | Ian Berry. See about.php for specific developer credit. Any questions   |
++ | or comments regarding this code should be directed to:                  |
++ | - iberry@raxnet.net                                                     |
++ +-------------------------------------------------------------------------+
++ | - raXnet - http://www.raxnet.net/                                       |
++ +-------------------------------------------------------------------------+
++*/
++
++/* make sure these values refect your actual database/host/user/password */
++$database_type = "mysql";
++$database_default = "{$cacti{'DbDatabase'}}";
++$database_hostname = "localhost";
++$database_username = "{$cacti{'DbUser'}}";
++$database_password =  "{$cacti{'DbPassword'}}";
++$database_port = "3306";
++
++/* 
++ * Server is a remote poller, then these entries point to
++ * the main cacti server. Otherwise, these variables have no use and
++ * must remain commented out.
++ */
++
++#$rdatabase_type     = 'myql';
++#$rdatabase_default  = 'cacti';
++#$rdatabase_hostname = 'localhost';
++#$rdatabase_username = 'cactiuser';
++#$rdatabase_password = 'cactiuser';
++#$rdatabase_port     = '3306';
++#$rdatabase_retries  = 5;
++#$rdatabase_ssl      = false;
++#$rdatabase_ssl_key  = '';
++#$rdatabase_ssl_cert = '';
++#$rdatabase_ssl_ca   = '';
++
++
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/12poller_id	2022-07-27 14:46:56.040000000 -0400
+@@ -0,0 +1,7 @@
++/*
++ * The poller_id of this system.  set to `1` for the main cacti web server.
++ * Otherwise, you this value should be the poller_id for the remote poller.
++ */
++
++$poller_id = 1;
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/15urlpath	2022-07-27 14:46:56.287000000 -0400
+@@ -0,0 +1,9 @@
++/*
++ * Set the $url_path to point to the default URL of your cacti install.
++ * For exmaple if your cacti install as at `https://serverip/cacti/` this
++ * would be set to `/cacti/`.
++ */
++
++$url_path = '/cacti/';
++
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/25session smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/25session
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/25session	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/25session	2022-07-27 14:46:56.522000000 -0400
+@@ -0,0 +1,19 @@
++/*
++ * Default session name - session name must contain alpha characters
++ */
++
++$cacti_session_name = 'Cacti';
++
++/*
++ * Default Cookie domain - The cookie domain to be used for Cacti
++ */
++
++//$cacti_cookie_domain = 'cacti.net';
++
++/*
++ * Save sessions to a database for load balancing
++ */
++
++$cacti_db_session = false;
++
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/30log smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/30log
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/30log	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/30log	2022-07-27 14:46:56.771000000 -0400
+@@ -0,0 +1,6 @@
++/*
++ * Disable log rotation settings for packagers
++ */
++
++$disable_log_rotation = true;
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/40input smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/40input
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/40input	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/40input	2022-07-27 14:46:57.012000000 -0400
+@@ -0,0 +1,18 @@
++/*
++ * Optional parameters to define scripts and resource paths. These
++ * variables become important when using remote poller installs when the
++ * scripts and resource files are not in the main Cacti web server path.
++ */
++
++//$scripts_path = '/var/www/html/cacti/scripts';
++//$resource_path = '/var/www/html/cacti/resource/';
++
++/*
++ * Optional parameter to define a data input whitelist command string. This
++ * whitelist file will help protect cacti from unauthorized changes to Cacti
++ * data input command string.
++ */
++
++//$input_whitelist = '/usr/local/etc/cacti/input_whitelist.json';
++
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/50php smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/50php
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/50php	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/50php	2022-07-27 14:46:57.268000000 -0400
+@@ -0,0 +1,6 @@
++/*
++ * Optional parameter to give explicit path to PHP
++ */
++$php_path = '/usr/bin/php74';
++
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/60snmp smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/60snmp
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/60snmp	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/60snmp	2022-07-27 14:46:57.504000000 -0400
+@@ -0,0 +1,8 @@
++/*
++ * Optional parameter to disable the PHP SNMP extension. If not set, defaults
++ * to class_exists('SNMP').
++ */
++
++//$php_snmp_support = false;
++
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/70csrf smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/70csrf
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/70csrf	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/70csrf	2022-07-27 14:46:57.727000000 -0400
+@@ -0,0 +1,8 @@
++/*
++ * Optional parameter to define the path of the csrf_secret.php path.  This
++ * variable is for packagers who wish to specify an alternate location of
++ * the CRSF secret file.
++ */
++
++$path_csrf_secret = '/var/lib/cacti/csrf/csrf-secret.php';
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/90DEBUG	2022-07-27 14:46:57.957000000 -0400
+@@ -0,0 +1,30 @@
++/*
++ * The following are optional variables for debugging low level system
++ * functions that are generally only used by Cacti Developers to help
++ * identify potential issues in commonly used functions
++ *
++ * To use them, uncomment and the equivalent field will be set in the
++ * $config variable allowing for instant on but still allowing the
++ * ability to fine turn and turn them off.
++ */
++
++/*
++ * Debug the read_config_option program flow
++ */
++# define('DEBUG_READ_CONFIG_OPTION', true);
++
++/*
++ * Automatically suppress the DEBUG_READ_CONFIG_OPTION
++ */
++# define('DEBUG_READ_CONFIG_OPTION_DB_OPEN', true);
++
++/*
++ * Always write the SQL command to the cacti log file
++ */
++# define('DEBUG_SQL_CMD', true);
++
++/*
++ * Debug the flow of calls to the db_xxx functions that
++ * are defined in lib/database.php
++ */
++# define('DEBUG_SQL_FLOW', true);
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/95end smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/95end
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/cacti/db.php/95end	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/cacti/db.php/95end	2022-07-27 14:46:58.190000000 -0400
+@@ -0,0 +1 @@
++?>
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti	2019-12-11 14:46:28.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/e-smith/sql/init/80cacti	2022-07-27 14:46:55.114000000 -0400
+@@ -1,22 +1,34 @@
+ {
+-    my $db = $cacti{DbName} || 'cacti_sme';
++    my $db = $cacti{DbDatabase} || 'cacti_sme';
+     my $user = $cacti{DbUser} || 'cacti';
+     my $pass = $cacti{DbPassword} || 'changeme';
+     $OUT .= <<END
+-#! /bin/sh
++#!/bin/bash
+     if [ -d /var/lib/mysql/$db ]; then
++      /usr/bin/mysql <<EOF
++    use $db;
++    use mysql;
++    ALTER DATABASE $db  COLLATE = 'utf8mb4_unicode_ci';
++    GRANT ALL PRIVILEGES ON $db.* TO $user\@localhost
++            IDENTIFIED BY '$pass';
++    GRANT SELECT ON mysql.time_zone_name TO '$user'\@'localhost';
++    flush privileges;
++EOF
++
++
+       exit
+     fi
+     /usr/bin/mysql <<EOF
+-    CREATE DATABASE $db DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
++    CREATE DATABASE $db DEFAULT CHARACTER SET utf8mb4 COLLATE utf8_unicode_ci;
+     use $db;
+     use mysql;
+     GRANT ALL PRIVILEGES ON $db.* TO $user\@localhost
+             IDENTIFIED BY '$pass';
+-    GRANT SELECT ON `mysql`.`time_zone_name` TO '$user'@'localhost';
++    GRANT SELECT ON mysql.time_zone_name TO '$user'\@'localhost';
+     flush privileges;
+ EOF
+     /usr/bin/mysql_tzinfo_to_sql /usr/share/zoneinfo/ 2>/dev/null |/usr/bin/mysql mysql
+-    /usr/bin/mysql $db < /etc/e-smith/db/configuration/migrate/80cacti_sme.sql
++    /usr/bin/mysql $db < \$(rpm -ql cacti|grep cacti.sql) 
++    #/usr/bin/mysql $db < /etc/e-smith/db/configuration/migrate/80cacti_sme.sql
+ END
+-}
+\ Pas de fin de ligne à la fin du fichier
++}
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti	2014-06-16 11:53:00.000000000 -0400
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86Cacti	2022-07-26 00:30:15.300000000 -0400
+@@ -5,32 +5,19 @@
+     SSLRequireSSL 
+     Options -Indexes
+     AllowOverride None
+-    order deny,allow
+-    deny from all
+-
+-{
+-    my $cactiaxs = $cacti{'access'} || "private";
+-    if ($cactiaxs eq "private")
+-    {
+-        $OUT .= "    allow from $localAccess $externalSSLAccess";
+-    } else {
+-	$OUT .= "    allow from all";
+-    }
+-}
+-    Satisfy all
+-    AddType application/x-httpd-php .php .php3
+-    php_flag  magic_quotes_gpc  on
+-    php_flag  track_vars        on
++    Require { (($cacti{'access'} ||"private") eq "public") ? "all granted" : "ip $localAccess $externalSSLAccess"; } 
++    AddType application/x-httpd-php .php
++    <FilesMatch \.php$ >
++      SetHandler "proxy:unix:/var/run/php-fpm/php74-cacti.sock|fcgi://localhost"
++    </FilesMatch>
+ </Directory>
+ 
+ 
+ 
+ <Directory /usr/share/cacti/log>
+-                Order deny,allow
+-                Deny from all
++     Require all denied
+ </Directory>
+ <Directory /usr/share/cacti/rra>
+-                Order deny,allow
+-                Deny from all
++     Require all denied
+ </Directory>
+ 							
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti	1969-12-31 19:00:00.000000000 -0500
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15cacti	2022-07-27 14:46:55.335000000 -0400
+@@ -0,0 +1,68 @@
++{
++
++if ($PHP_VERSION eq '74'){
++  if (($cacti{'status'} || 'disabled') eq 'enabled'){
++    my $max_upload_size = ($cacti{MaxUploadSize} || '4096');
++    $max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
++    my $memory_limit = ($cacti{MemoryLimit} || '5555500M');
++    $memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/);
++    my $open_basedir= $cacti{PHPBaseDir} || '';
++    $open_basedir = "/tmp/:/share/:/var/log/cacti:/etc/cacti/db.php:/usr/share/cacti:/var/lib/cacti:/var/log/cacti.log:/var/lib/php/cacti:/home/e-smith/files/cacti:/dev/urandom:/proc/meminfo:$open_basedir";
++    my $id = 'cacti';
++    my $max_children = $cacti{'PHPmaxChildren'} || 20;
++    my $min_spare_servers = $cacti{'PHPminServers'} || 4;
++    my $start_servers = $cacti{'PHPstartServers'} || 6;
++    my $max_spare_servers = $cacti{'PHPmaxServers'} || 8;
++    my $max_requests = $cacti{'PHPmaxRequests'} || 1000;
++    $min_spare_servers = ( $min_spare_servers > $max_spare_servers ) ? printf("%.0f",$max_spare_servers/2) : $min_spare_servers;
++    $start_servers = ( $start_servers > $max_spare_servers ) ? printf("%.0f", $max_spare_servers /2 +  $min_spare_servers/2  ) : $start_servers;
++
++    $OUT .=<<_EOF;
++
++[php$PHP_VERSION-$id]
++user = www
++group = www
++listen.owner = root
++listen.group = www
++listen.mode = 0660
++listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock
++pm = dynamic
++pm.max_children = $max_children
++pm.start_servers = $start_servers
++pm.min_spare_servers = $min_spare_servers
++pm.max_spare_servers = $max_spare_servers
++pm.max_requests = $max_requests
++php_admin_value[session.save_path] = /var/lib/php/$id/session
++php_admin_value[session.gc_maxlifetime] = 86400
++;php_admin_value[opcache.file_cache]  = /var/lib/php/$id/opcache
++php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp
++php_admin_value[error_log] = /var/log/php/$id/error.log
++slowlog = /var/log/php/cacti/slow.log
++php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName }
++php_admin_flag[display_errors] = off
++php_admin_flag[log_errors] = on
++php_admin_value[error_log] = syslog
++php_admin_value[memory_limit] = $memory_limit
++php_admin_value[max_execution_time] = 3600
++php_admin_value[post_max_size] = $max_upload_size
++php_admin_value[upload_max_filesize] = $max_upload_size
++;php_admin_value[disable_functions] = system, show_source, symlink, dl, passthru, phpinfo, escapeshellarg, escapeshellcmd
++;php_admin_value[open_basedir] = $open_basedir
++php_admin_flag[allow_url_fopen] = on
++php_admin_flag[file_upload] = on
++;php_admin_flag[session.cookie_httponly] = on
++;php_admin_flag[allow_url_include] = off
++;php_admin_value[session.save_handler] = files
++;php_admin_flag[output_buffering] = off
++
++_EOF
++
++  }
++  else{
++    $OUT .= '; Cacti is disabled';
++  }
++}
++}
++
++
++
+diff -Nur --no-dereference smeserver-cacti-1.1.19.old/root/etc/e-smith/templates.metadata/etc/cacti/db.php smeserver-cacti-1.1.19/root/etc/e-smith/templates.metadata/etc/cacti/db.php
+--- smeserver-cacti-1.1.19.old/root/etc/e-smith/templates.metadata/etc/cacti/db.php	2014-06-16 11:53:01.000000000 -0400
++++ smeserver-cacti-1.1.19/root/etc/e-smith/templates.metadata/etc/cacti/db.php	2022-07-26 00:44:20.988000000 -0400
+@@ -1,3 +1,3 @@
+-UID="cacti"
++UID="root"
+ GID="www"
+ PERMS=0640