/[smecontribs]/rpms/smeserver-phplist/contribs10/smeserver-phplist-0.2.1-sme10.patch
ViewVC logotype

Annotation of /rpms/smeserver-phplist/contribs10/smeserver-phplist-0.2.1-sme10.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.7 - (hide annotations) (download)
Thu Aug 4 04:03:03 2022 UTC (2 years, 3 months ago) by jpp
Branch: MAIN
CVS Tags: smeserver-phplist-0_2_1-3_el7_sme, HEAD
Changes since 1.6: +22 -0 lines 
* Wed Aug 03 2022 Jean-Philippe Pialasse <tests@pialasse.com> 0.2.1-3.sme
- make http auth not the default.
1 jpp 1.1 diff -Nur --no-dereference smeserver-phplist-0.2.1.old/createlinks smeserver-phplist-0.2.1/createlinks
2     --- smeserver-phplist-0.2.1.old/createlinks 2020-03-18 13:12:54.000000000 -0400
3 jpp 1.4 +++ smeserver-phplist-0.2.1/createlinks 2022-08-02 22:34:17.079000000 -0400
4 jpp 1.3 @@ -6,7 +6,7 @@
5     templates2events("/etc/phplist/config.php", qw/webapps-update bootstrap-console-save/);
6    
7     safe_symlink("/var/qmail/bin/qmail-newu", "root/etc/e-smith/events/webapps-update/S55phplist-qmail-assign");
8     -foreach my $event (qw/webapps-update ipasserelle-update bootstrap-ldap-save/){
9     +foreach my $event (qw/webapps-update bootstrap-ldap-save/){
10     event_link("phplist-create-pseudo", "$event", "55");
11     }
12    
13 jpp 1.4 @@ -15,13 +15,37 @@
14 jpp 1.1
15     safe_symlink("/var/qmail/alias/.qmail-phplistbounces", "root/var/qmail/alias/.qmail-phplistbounces-default");
16    
17     -safe_symlink("../daemontools" , 'root/etc/rc.d/init.d/supervise/phplist');
18     -safe_symlink("/var/service/phplist" , 'root/service/phplist');
19     -safe_touch("root/var/service/phplist/down");
20     safe_symlink("restart", "root/etc/e-smith/events/webapps-update/services2adjust/phplist");
21    
22     -service_link_enhanced('phplist', 'S98', '7');
23     -service_link_enhanced('phplist', 'K12', '6');
24     -service_link_enhanced('phplist', 'K12', '0');
25    
26     safe_touch("root/var/lib/phplist/bounces.mbox");
27     +
28 jpp 1.3 +my $event="smeserver-phplist-update";
29 jpp 1.1 +event_templates($event, qw(
30     +/etc/httpd/conf/httpd.conf
31     +/etc/opt/remi/php80/php-fpm.d/www.conf
32     +/etc/e-smith/sql/init/phplistdb
33     +/etc/phplist/config.php
34 jpp 1.3 +/etc/e-smith/sql/init/phplistdb
35 jpp 1.1 +));
36     +
37     +event_services($event, qw(
38     + php80-php-fpm restart
39     + httpd-e-smith restart
40     + phplist restart
41 jpp 1.3 + mysql.init restart
42 jpp 1.1 +));
43 jpp 1.4 +safe_symlink("/var/qmail/bin/qmail-newu", "root/etc/e-smith/events/$event/S93phplist-qmail-assign");
44 jpp 1.1 +
45     +event_actions($event, qw(
46 jpp 1.4 + phplist-initialise 92
47     + phplist-create-pseudo 93
48 jpp 1.1 + systemd-default 88
49     + systemd-reload 89
50     +));
51     +
52     +use esmith::Build::Backup qw(:all);
53     +backup_includes("smeserver-phplist-udpdate", qw(
54     +/var/lib/phplist
55     +/var/log/phplist
56     +));
57 jpp 1.4 diff -Nur --no-dereference smeserver-phplist-0.2.1.old/root/etc/e-smith/db/configuration/defaults/phplist/type smeserver-phplist-0.2.1/root/etc/e-smith/db/configuration/defaults/phplist/type
58     --- smeserver-phplist-0.2.1.old/root/etc/e-smith/db/configuration/defaults/phplist/type 2020-03-18 13:12:54.000000000 -0400
59     +++ smeserver-phplist-0.2.1/root/etc/e-smith/db/configuration/defaults/phplist/type 2022-08-02 22:37:07.129000000 -0400
60     @@ -1 +1 @@
61     -webapp
62     +service
63     diff -Nur --no-dereference smeserver-phplist-0.2.1.old/root/etc/e-smith/db/configuration/migrate/phplist-database smeserver-phplist-0.2.1/root/etc/e-smith/db/configuration/migrate/phplist-database
64     --- smeserver-phplist-0.2.1.old/root/etc/e-smith/db/configuration/migrate/phplist-database 2020-03-18 13:12:54.000000000 -0400
65 jpp 1.6 +++ smeserver-phplist-0.2.1/root/etc/e-smith/db/configuration/migrate/phplist-database 2022-08-03 01:53:26.239000000 -0400
66 jpp 1.4 @@ -24,4 +24,29 @@
67     }
68     $rec->set_prop('DbPassword', $pw);
69     }
70     + my $apw = $rec->prop('AdminPass');
71     + if (not $apw or length($apw) < 20){
72     + use MIME::Base64 qw(encode_base64);
73     + $apw = "not set due to error";
74     + if ( open( RANDOM, "/dev/urandom" ) ){
75     + my $buf;
76     + # 57 bytes is a full line of Base64 coding, and contains
77     + # 456 bits of randomness - given a perfectly random /dev/random
78     + if ( read( RANDOM, $buf, 20 ) != 20 ){
79     + warn("Short read from /dev/random: $!");
80     + }
81     + else{
82     + $apw = encode_base64($buf);
83     + chomp $apw;
84     + }
85     + close RANDOM;
86     + }
87     + else{
88     + warn "Could not open /dev/urandom: $!";
89     + }
90     + $rec->set_prop('AdminPass', $apw);
91     + }
92     + my $type = $rec->prop("type");
93     + $rec->set_prop("type","service") unless ($type eq "service");
94     +
95     }
96     diff -Nur --no-dereference smeserver-phplist-0.2.1.old/root/etc/e-smith/events/actions/phplist-initialise smeserver-phplist-0.2.1/root/etc/e-smith/events/actions/phplist-initialise
97     --- smeserver-phplist-0.2.1.old/root/etc/e-smith/events/actions/phplist-initialise 1969-12-31 19:00:00.000000000 -0500
98 jpp 1.6 +++ smeserver-phplist-0.2.1/root/etc/e-smith/events/actions/phplist-initialise 2022-08-03 01:53:25.976000000 -0400
99 jpp 1.4 @@ -0,0 +1,6 @@
100     +#!/bin/bash
101     +password=$(config getprop phplist AdminPass)
102     +domain=$(config get DomainName)
103     +ADMIN_PASSWORD=$password ADMIN_EMAIL=admin@$domain phplist -pinitialise
104     +phplist -pdbcheck
105     +phplist -pupgrade
106 jpp 1.1 diff -Nur --no-dereference smeserver-phplist-0.2.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98phplist smeserver-phplist-0.2.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98phplist
107     --- smeserver-phplist-0.2.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98phplist 2020-03-18 13:12:54.000000000 -0400
108 jpp 1.6 +++ smeserver-phplist-0.2.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98phplist 2022-08-03 01:53:26.722000000 -0400
109 jpp 1.3 @@ -6,11 +6,12 @@
110 jpp 1.1 my $alias = $phplist{'AliasOnPrimary'} || 'enabled';
111     my $ver = $sysconfig{'ReleaseVersion'} || '8.1';
112    
113     -my $allow = ( $access eq 'public' ) ? 'all' : "$localAccess $externalSSLAccess";
114     +my $allow = ( $access eq 'public' ) ? 'all granted' : "ip $localAccess $externalSSLAccess";
115     $alias = ($alias ne 'enabled') ? '' : 'Alias /lists /usr/share/phplist/www/';
116     $auth = ( $auth eq 'http' ) ? 'AuthName "phplist"' . "\n" .
117     " AuthType Basic\n" .
118 jpp 1.3 - " AuthExternal pwauth\n" . (($ver =~ m/^9/) ? " AuthBasicProvider external\n":'') .
119 jpp 1.4 + " AuthBasicProvider external\n".
120     + " AuthExternal pwauth\n".
121 jpp 1.3 " require valid-user\n" : '';
122    
123     if ($status eq 'enabled') {
124 jpp 1.5 @@ -22,44 +23,45 @@
125 jpp 1.1 Options None +FollowSymLinks
126     AllowOverride None
127     DirectoryIndex index.php
128     - AddType application/x-httpd-php .php .php3
129     - php_admin_value openbase_dir /usr/share/phplist:/var/lib/phplist:/tmp:/etc/phplist
130     - php_admin_flag file_uploads on
131     - php_admin_value upload_max_filesize 5M
132     - php_admin_value post_max_size 6M
133     - php_admin_value memory_limit 128M
134     - php_admin_value session.save_path /var/lib/phplist/tmp
135     - php_admin_value upload_tmp_dir /var/lib/phplist/tmp
136     + AddType application/x-httpd-php .php
137     <FilesMatch "\\.(php|inc)\$">
138     - Order allow,deny
139     - deny from all
140     + Require all denied
141     </FilesMatch>
142     <FilesMatch "(index.php|dl.php|ut.php|lt.php|download.php|connector.php)\$">
143     - Order allow,deny
144     - allow from all
145     + Require all granted
146     + SetHandler "proxy:unix:/var/run/php-fpm/php80-phplist.sock|fcgi://localhost"
147     </FilesMatch>
148     - Order deny,allow
149     - deny from all
150     - allow from $allow
151     + Require $allow
152     </Directory>
153    
154     # Admin section
155     <Directory /usr/share/phplist/www/admin>
156     SSLRequireSSL on
157     <FilesMatch "\\.(php|inc)\$">
158     - Order allow,deny
159     - Deny from all
160     + Require all denied
161     </FilesMatch>
162     <FilesMatch "(index.php|connector.php|upload.php)\$">
163     - Order allow,deny
164     - allow from all
165 jpp 1.4 + SetHandler "proxy:unix:/var/run/php-fpm/php80-phplist.sock|fcgi://localhost"
166 jpp 1.1 + Require all granted
167     </FilesMatch>
168     - order deny,allow
169     - deny from all
170     - allow from $allow
171     - $auth
172 jpp 1.5 + SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=\$1
173 jpp 1.1 + <RequireAll>
174     + Require $allow
175     + $auth
176     + </RequireAll>
177     </Directory>
178    
179 jpp 1.5 +<Directory /usr/share/phplist/www/admin/js>
180     + <RequireAny>
181     + Require $allow
182     + </RequireAny>
183     +</Directory>
184     +
185     +<Directory /usr/share/phplist/www/admin/ui>
186     + <RequireAny>
187     + Require $allow
188     + </RequireAny>
189     +</Directory>
190 jpp 1.1
191 jpp 1.5 EOF
192     }
193 jpp 1.1 diff -Nur --no-dereference smeserver-phplist-0.2.1.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15phplist smeserver-phplist-0.2.1/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15phplist
194     --- smeserver-phplist-0.2.1.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15phplist 1969-12-31 19:00:00.000000000 -0500
195 jpp 1.6 +++ smeserver-phplist-0.2.1/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/15phplist 2022-08-03 01:53:26.983000000 -0400
196 jpp 1.4 @@ -0,0 +1,66 @@
197 jpp 1.1 +{
198     +
199     +if ($PHP_VERSION eq '80'){
200     + if (($phplist{'status'} || 'disabled') eq 'enabled'){
201     + my $max_upload_size = ($phplist{MaxUploadSize} || '6M');
202     + $max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
203     + my $memory_limit = ($phplist{MemoryLimit} || '128M');
204     + $memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/);
205     + my $open_basedir= $phplist{PHPBaseDir} || '';
206 jpp 1.4 + $open_basedir = "/usr/share/phplist:/var/lib/phplist:/tmp:/etc/phplist:/var/log/phplist:/usr/share/php/auth_translation.php:$open_basedir";
207 jpp 1.3 + my $id = 'phplist';
208 jpp 1.1 + my $max_children = $phplist{'PHPmaxChildren'} || 20;
209     + my $min_spare_servers = $phplist{'PHPminServers'} || 4;
210     + my $start_servers = $phplist{'PHPstartServers'} || 6;
211     + my $max_spare_servers = $phplist{'PHPmaxServers'} || 8;
212     + my $max_requests = $phplist{'PHPmaxRequests'} || 1000;
213     + $min_spare_servers = ( $min_spare_servers > $max_spare_servers ) ? printf("%.0f",$max_spare_servers/2) : $min_spare_servers;
214     + $start_servers = ( $start_servers > $max_spare_servers ) ? printf("%.0f", $max_spare_servers /2 + $min_spare_servers/2 ) : $start_servers;
215     +
216     + $OUT .=<<_EOF;
217     +
218     +[php$PHP_VERSION-$id]
219     +user = www
220     +group = www
221     +listen.owner = root
222     +listen.group = www
223     +listen.mode = 0660
224     +listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock
225     +pm = dynamic
226     +pm.max_children = $max_children
227     +pm.start_servers = $start_servers
228     +pm.min_spare_servers = $min_spare_servers
229     +pm.max_spare_servers = $max_spare_servers
230     +pm.max_requests = $max_requests
231 jpp 1.4 +php_admin_value[auto_prepend_file] = /usr/share/php/auth_translation.php
232 jpp 1.1 +php_admin_value[session.save_path] = /var/lib/php/$id/session
233     +php_admin_value[session.gc_maxlifetime] = 86400
234     +php_admin_value[opcache.file_cache] = /var/lib/php/$id/opcache
235     +php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp
236     +php_admin_value[error_log] = /var/log/php/$id/error.log
237     +slowlog = /var/log/php/phplist/slow.log
238     +php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName }
239     +php_admin_flag[display_errors] = off
240     +php_admin_flag[log_errors] = on
241     +php_admin_value[error_log] = syslog
242     +php_admin_value[memory_limit] = $memory_limit
243     +php_admin_value[max_execution_time] = 3600
244     +php_admin_value[post_max_size] = $max_upload_size
245     +php_admin_value[upload_max_filesize] = $max_upload_size
246     +php_admin_value[disable_functions] = system, show_source, symlink, dl, passthru, phpinfo, escapeshellarg, escapeshellcmd
247     +php_admin_value[open_basedir] = $open_basedir
248     +php_admin_flag[allow_url_fopen] = on
249     +php_admin_flag[file_uploads] = on
250     +php_admin_flag[session.cookie_httponly] = on
251     +php_admin_flag[allow_url_include] = off
252     +php_admin_value[session.save_handler] = files
253     +php_admin_flag[output_buffering] = off
254     +
255     +_EOF
256     +
257     + }
258     + else{
259     + $OUT .= '; phplist is disabled';
260     + }
261     +}
262     +}
263     diff -Nur --no-dereference smeserver-phplist-0.2.1.old/root/usr/lib/systemd/system/phplist.service smeserver-phplist-0.2.1/root/usr/lib/systemd/system/phplist.service
264     --- smeserver-phplist-0.2.1.old/root/usr/lib/systemd/system/phplist.service 1969-12-31 19:00:00.000000000 -0500
265 jpp 1.4 +++ smeserver-phplist-0.2.1/root/usr/lib/systemd/system/phplist.service 2022-08-02 22:37:29.174000000 -0400
266 jpp 1.1 @@ -0,0 +1,13 @@
267     +[Unit]
268     +Description=phplist process queues
269     +After=network-online.target
270     +
271     +[Service]
272 jpp 1.4 +ExecStartPre=-/sbin/e-smith/service-status phplist
273 jpp 1.1 +ExecStart=/usr/sbin/e-smith/systemd/phplist
274     +Restart=always
275     +Restartsec=10s
276     +RemainAfterExit=yes
277     +
278     +[Install]
279     +WantedBy=sme-server.target
280 jpp 1.4 diff -Nur --no-dereference smeserver-phplist-0.2.1.old/root/usr/local/bin/phplist smeserver-phplist-0.2.1/root/usr/local/bin/phplist
281     --- smeserver-phplist-0.2.1.old/root/usr/local/bin/phplist 1969-12-31 19:00:00.000000000 -0500
282 jpp 1.6 +++ smeserver-phplist-0.2.1/root/usr/local/bin/phplist 2022-08-03 01:53:25.716000000 -0400
283 jpp 1.4 @@ -0,0 +1,2 @@
284     +#!/bin/bash
285     +/usr/bin/php80 /usr/share/phplist/www/admin/index.php -c /etc/phplist/config.php $*
286 jpp 1.1 diff -Nur --no-dereference smeserver-phplist-0.2.1.old/root/usr/sbin/e-smith/systemd/phplist smeserver-phplist-0.2.1/root/usr/sbin/e-smith/systemd/phplist
287     --- smeserver-phplist-0.2.1.old/root/usr/sbin/e-smith/systemd/phplist 1969-12-31 19:00:00.000000000 -0500
288 jpp 1.6 +++ smeserver-phplist-0.2.1/root/usr/sbin/e-smith/systemd/phplist 2022-08-03 01:53:26.456000000 -0400
289 jpp 1.1 @@ -0,0 +1,10 @@
290     +#!/bin/sh
291     +
292     +exec 2>&1
293     +
294 jpp 1.4 +cd /usr/local/bin/
295 jpp 1.1 +while true; do
296     + /usr/local/bin/setuidgid www ./phplist -pprocessbounces
297     + /usr/local/bin/setuidgid www ./phplist -pprocessqueue
298     + sleep 120
299     +done
300     diff -Nur --no-dereference smeserver-phplist-0.2.1.old/root/var/service/phplist/run smeserver-phplist-0.2.1/root/var/service/phplist/run
301     --- smeserver-phplist-0.2.1.old/root/var/service/phplist/run 2020-03-18 13:12:54.000000000 -0400
302     +++ smeserver-phplist-0.2.1/root/var/service/phplist/run 1969-12-31 19:00:00.000000000 -0500
303     @@ -1,10 +0,0 @@
304     -#!/bin/sh
305     -
306     -exec 2>&1
307     -
308     -cd /usr/share/phplist/bin
309     -while true; do
310     - /usr/local/bin/setuidgid www ./phplist -pprocessbounces
311     - /usr/local/bin/setuidgid www ./phplist -pprocessqueue
312     - sleep 120
313     -done
314 jpp 1.7 diff -Nur --no-dereference smeserver-phplist-0.2.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98phplist smeserver-phplist-0.2.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98phplist
315     --- smeserver-phplist-0.2.1.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98phplist 2022-08-03 23:57:58.473000000 -0400
316     +++ smeserver-phplist-0.2.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98phplist 2022-08-04 00:01:59.458000000 -0400
317     @@ -2,7 +2,7 @@
318    
319     my $status = $phplist{'status'} || 'disabled';
320     my $access = $phplist{'access'} || 'private';
321     -my $auth = $phplist{'Authentication'} || 'http';
322     +my $auth = $phplist{'Authentication'} || 'internal';
323     my $alias = $phplist{'AliasOnPrimary'} || 'enabled';
324     my $ver = $sysconfig{'ReleaseVersion'} || '8.1';
325    
326     diff -Nur --no-dereference smeserver-phplist-0.2.1.old/root/etc/e-smith/templates/etc/phplist/config.php/35Login smeserver-phplist-0.2.1/root/etc/e-smith/templates/etc/phplist/config.php/35Login
327     --- smeserver-phplist-0.2.1.old/root/etc/e-smith/templates/etc/phplist/config.php/35Login 2020-03-18 13:12:54.000000000 -0400
328     +++ smeserver-phplist-0.2.1/root/etc/e-smith/templates/etc/phplist/config.php/35Login 2022-08-04 00:01:27.839000000 -0400
329     @@ -1,5 +1,5 @@
330     $require_login = 1;
331     -$admin_auth_module = '{(($phplist{'Authentication'} || 'http') eq 'internal') ? 'phplist_auth.inc':'external_auth.inc'}';
332     +$admin_auth_module = '{(($phplist{'Authentication'} || 'internal') eq 'internal') ? 'phplist_auth.inc':'external_auth.inc'}';
333     define("REGISTER",0);
334     define("MANUALLY_PROCESS_QUEUE",0);
335     define('MAILQUEUE_THROTTLE',0.5);
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed