smeserver-manager/sme10/smeserver-manager-0.1.0-remotax_users_logs.patch

diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Bugreport.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Bugreport.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Bugreport.pm        2020-01-24 18:57:07.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Bugreport.pm    2020-02-23 21:24:49.000000000 +0400
@@ -141,34 +141,37 @@
     $out .= sprintf "<PRE>";
 
     open (my $cfgrep, '<', $configreportfile) or die "Could not find temporary config report file!";
-    #open(REPORT, "/var/$report_type |");
 
     while (<$cfgrep>) {
        $out .= sprintf("%s", $_);
     }
-       
-    $out .= sprintf "</PRE>";
 
-    # that would be too easy!?
-    #$out .= sprintf("<a href=\"bugreport?action=download_config_report\"> %s </a>", $c->l('bugr_Download this report'));
+    $out .= sprintf "</PRE>";
 
     return $out;
 
 }
 
 sub download_config_report {
+
     my $c = shift;
-#    my $q = $c->{'cgi'};
+
+    my $filesize =-s $configreportfile;
+
     open (DLFILE, "<$configreportfile") or die "Could not access temporary file for config report!";
     my @fileholder = <DLFILE>;  
     close (DLFILE) || Error ('close', 'file'); 
+
     print "Content-Type:text/plain\n";#application/x-downloadn";
-    print "Content-Disposition:attachment;filename=" . basename($configreportfile);  
-   print "\n\n"; 
-   print @fileholder ;
+    print "Content-Disposition:attachment;filename=" . basename($configreportfile) . "\n";  
+    print "Content-Length:" . $filesize;
+    print "\n\n"; 
+    print @fileholder ;
+
    return ""; 
 
 }
 
+
 1;
 
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Ibays.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Ibays.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Ibays.pm    2020-01-25 20:23:22.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Ibays.pm        2020-02-29 20:00:29.000000000 +0400
@@ -6,10 +6,8 @@
 
 use Locale::gettext;
 use SrvMngr::I18N;
-use SrvMngr qw(theme_list init_session_cgi);
+use SrvMngr qw( theme_list init_session_cgi is_normal_password );
 
-#use esmith::FormMagick qw( validate_password );
-use CGI::FormMagick::Validator qw( call_fm_validation );
 use esmith::AccountsDB;
 use esmith::ConfigDB;
 use esmith::DomainsDB;
@@ -425,9 +423,7 @@
         return "OK";
     }
 
-#    $reason = CGI::FormMagick::validator->call_fm_validation('password', $pass, undef);
-#???    $reason = call_fm_validation('password', $pass, undef);
-
+    $reason = is_normal_password($c, $pass, undef);
     return $reason unless ($reason eq "OK");
     return "OK" unless ($strength eq "strong");
 
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Main.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Main.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Main.pm     2020-01-24 18:56:26.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Main.pm 2020-02-19 21:09:26.000000000 +0400
@@ -13,10 +13,10 @@
 
 sub whatever {
     my $c = shift;
-    $c->app->log->info($c->log_req);
-
     my $whatever = $c->param('whatever');
 
+    $c->app->log->info($c->log_req . ' ' . $whatever);
+
     $c->render(text => "whatever: /$whatever did not match.", status => 404);
 };
 
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Remoteaccess.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Remoteaccess.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Remoteaccess.pm     1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Remoteaccess.pm 2020-02-26 18:43:10.000000000 +0400
@@ -0,0 +1,497 @@
+package SrvMngr::Controller::Remoteaccess;
+
+use strict;
+use warnings;
+use Mojo::Base 'Mojolicious::Controller';
+
+use Locale::gettext;
+use SrvMngr::I18N;
+
+use SrvMngr qw(theme_list init_session_cgi ip_number);
+
+use esmith::ConfigDB;
+use esmith::util;
+#use esmith::cgi;
+use File::Basename;
+use Exporter;
+use Carp;
+use Socket qw( inet_aton );
+
+#our @ISA = qw(esmith::FormMagick Exporter);
+
+our @EXPORT = qw( networkAccess_list passwordLogin_list get_ssh_permit_root_login get_ssh_access get_telnet_mode
+               get_ftp_access get_pptp_sessions get_ftp_password_login_access
+               get_value get_prop get_ssh_password_auth
+               validate_network_and_mask ip_number_or_blank subnet_mask_or_blank
+               get_ipsecrw_sessions pptp_and_dhcp_range
+);
+
+our $db = esmith::ConfigDB->open || warn "Couldn't open configuration database";
+
+
+sub main {
+
+    my $c = shift;
+    $c->app->log->info($c->log_req);
+
+    my $title = $c->l('rma_FORM_TITLE');
+    my $notif = '';
+    my %rma_datas = ();
+
+    #$rma_datas{ipsecrwSess}  = $c->get_ipsecrw_sessions();
+    $rma_datas{pptpSessions} = $c->get_pptp_sessions();
+    $rma_datas{sshAccess} = $c->get_ssh_access();
+    $rma_datas{sshPermitRootLogin} = $c->get_ssh_permit_root_login();
+    $rma_datas{sshPasswordAuthentication} = $c->get_ssh_password_auth();
+    $rma_datas{sshTCPPort} = $c->get_ssh_port();
+    $rma_datas{ftpAccess} = $c->get_ftp_access();
+    $rma_datas{ftpPasswordAccess} = $c->get_ftp_password_login_access();
+    #$rma_datas{telnetAccess} = $c->get_telnet_access;
+
+    $c->stash( title => $title, notif => $notif, rma_datas => \%rma_datas );
+    $c->render(template => 'remoteaccess');
+
+};
+
+
+sub do_action {
+
+    my $c = shift;
+    $c->app->log->info($c->log_req);
+
+    my $title = $c->l('rma_FORM_TITLE');
+    my ($result, $res, $trt) = '';
+    my %rma_datas = ();
+
+    $rma_datas{ipsecrwSess}  = ($c->param ('IpsecrwSess') || '');
+    $rma_datas{ipsecrwReset}  = ($c->param ('IpsecrwReset') || '');
+
+    $rma_datas{pptpSessions} = ($c->param ('PptpSessions') || '0');
+
+    $rma_datas{validFromNetwork} = ($c->param ('ValidFromNetwork') || '');
+    $rma_datas{validFromMask} = ($c->param ('ValidFromMask') || '');
+##     my @remove = $q->param('validFromRemove');  ???????? the first one only !!
+    my @vals = $c->param ('Remove_nets');
+    $rma_datas{remove_nets} = join ',', @vals;
+
+    $rma_datas{sshaccess} = ($c->param ('SshAccess') || 'off');
+    $rma_datas{sshPermitRootLogin} = ($c->param ('SshPermitRootLogin') || 'no');
+    $rma_datas{sshPasswordAuthentication} = ($c->param ('SshPasswordAuthentication') || 'no');
+    $rma_datas{sshTCPPort} = ($c->param ('SshTCPPort') || '22');
+
+    $rma_datas{ftpAccess} = ($c->param ('FtpAccess') || 'off');
+    $rma_datas{ftpPasswordAccess} = ($c->param ('FtpPasswordAccess') || 'private');
+
+    $rma_datas{telnetAccess} = ($c->param ('TelnetAccess') || 'off');
+
+    # validate
+    my $v = $c->validation;
+    return $c->render('remoteaccess') unless $v->has_data;
+
+    $v->optional('PptpSessions')->num(0, 999)->is_valid;
+    $v->optional('ValidFromNetwork')->size(7, 15)->is_valid;
+    $v->optional('ValidFromMask')->size(7, 15)->is_valid;
+    $v->required('SshTCPPort')->num(1, 65535)->is_valid;
+
+    $result .= 'field validation error' if $v->has_error;
+
+    if ( ! $result ) {
+
+       # controls
+       $res = pptp_and_dhcp_range( $c, $rma_datas{pptpSessions} );
+       $result .= $res unless $res eq 'OK';
+
+       $res = ip_number_or_blank( $c, $rma_datas{validFromNetwork} );
+       $result .= $res unless $res eq 'OK';
+
+       $res = subnet_mask_or_blank( $c, $rma_datas{validFromMask} );
+       $result .= $res unless $res eq 'OK';
+
+       $res = validate_network_and_mask( $c, $rma_datas{validFromNetwork}, $rma_datas{validFromMask} );
+       $result .= $res unless $res eq 'OK';
+
+       #$result .= ' blocked for testing !' . $rma_datas{remove_nets};
+    }
+
+    if ( ! $result ) {
+        $res = change_settings( $c, %rma_datas );
+        $result .= $res unless $res eq 'OK';
+    }
+
+    if ( ! $result ) {
+        $result = $c->l('rma_ACTION_SUCCEEDED'); 
+        $trt = 'SUC';
+    }
+
+    $c->stash( title => $title, notif => $result, rma_datas => \%rma_datas );
+
+    if ( $trt ne 'SUC' ) {
+       return $c->render(template => 'remoteaccess');
+    }
+
+    $c->redirect_to('/remoteaccess');
+
+};
+
+
+sub networkAccess_list {
+    my $c = shift;
+    return  [[ $c->l('rma_NO_ACCESS') => 'off'], 
+           [ $c->l('NETWORKS_ALLOW_LOCAL') => 'private'], 
+           [ $c->l('NETWORKS_ALLOW_PUBLIC') => 'public']];
+}
+
+
+sub passwordLogin_list {
+    my $c = shift;
+    return  [[$c->l('rma_PASSWORD_LOGIN_PRIVATE') => 'private'],
+            [$c->l('rma_PASSWORD_LOGIN_PUBLIC') => 'public']];
+}
+
+
+sub get_prop {
+
+  my ($c, $item, $prop) = @_;
+  warn "You must specify a record key"    unless $item;
+  warn "You must specify a property name" unless $prop;
+  my $record = $db->get($item) or warn "Couldn't get record for $item";
+  return $record ? $record->prop($prop) : undef;
+}
+
+
+sub get_value {
+
+  my $c = shift;
+  my $item = shift;
+  return ($db->get($item)->value());
+}
+
+
+sub get_ftp_access {
+
+    my $status = get_prop('','ftp','status') || 'disabled';
+    return 'off' unless $status eq 'enabled';
+
+    my $access = get_prop('','ftp','access') || 'private';
+    return ($access  eq 'public') ? 'normal' : 'private';
+}
+
+
+sub get_pptp_sessions {
+
+  my $status = get_prop('','pptpd','status');
+  if (defined($status) && ($status eq 'enabled')) {
+    return(get_prop('','pptpd','sessions') || 'no');
+  }
+  else {
+    return('0');
+  }
+}
+
+
+sub get_ssh_permit_root_login {
+    return(get_prop('','sshd','PermitRootLogin') || 'no');
+}
+
+
+sub get_ssh_password_auth {
+    return(get_prop('','sshd','PasswordAuthentication') || 'yes');
+}
+
+
+sub get_ssh_access {
+
+  my $status = get_prop('','sshd','status');
+  if (defined($status) && ($status eq 'enabled')) {
+    my $access = get_prop('','sshd','access');
+    $access = ($access eq 'public') ? 'public' : 'private';
+    return($access);
+  }
+  else {
+    return('off');
+  }
+}
+
+
+sub get_ssh_port {
+    return(get_prop('$c','sshd','TCPPort') || '22');
+}
+
+
+sub get_ftp_password_login_access {
+
+    my $status = get_prop('','ftp','status') || 'disabled';
+    return 'private' unless $status eq 'enabled';
+
+    my $access = get_prop('','ftp','LoginAccess') || 'private';
+
+    return ($access  eq 'public') ? 'public' : 'private';
+}
+
+
+sub get_telnet_mode {
+
+  my $telnet = $db->get('telnet');
+  return('off') unless $telnet;
+  my $status = $telnet->prop('status') || 'disabled';
+  return('off') unless $status eq 'enabled';
+  my $access = $telnet->prop('access') || 'private';
+  return ($access eq "public") ? "public" : "private";
+}
+
+
+sub get_ipsecrw_sessions  {
+
+  my $status = $db->get('ipsec')->prop('RoadWarriorStatus');
+  if (defined($status) && ($status eq 'enabled')) {
+    return($db->get('ipsec')->prop('RoadWarriorSessions') || '0');
+  }
+  else {
+    return('0');
+  }
+}
+
+
+sub get_ipsecrw_status {
+
+  return undef unless ( $db->get('ipsec'));
+  return $db->get('ipsec')->prop('RoadWarriorStatus');
+
+}
+
+
+sub pptp_and_dhcp_range {
+
+  my $c = shift;
+  my $val = shift || 0;
+  my $dhcp_status     = $db->get_prop('dhcpd','status') || 'disabled';
+  my $dhcp_end        = $db->get_prop('dhcpd','end') || '';
+  my $dhcp_start      = $db->get_prop('dhcpd','start') || '';
+
+    if ( $dhcp_status eq 'enabled' ) {
+        my $ip_start     = unpack 'N', inet_aton($dhcp_start);
+        my $ip_end       = unpack 'N', inet_aton($dhcp_end);
+        my $ip_count     = $ip_end - $ip_start;
+        return 'OK' if( $val < $ip_count );
+        return $c->l('rma_NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE');
+    } else {
+        return 'OK';
+    }
+}
+
+
+sub _get_valid_from {
+
+       my $c = shift;
+
+       my $rec = $db->get('httpd-admin');
+       return undef unless($rec);
+       my @vals = (split ',', ($rec->prop('ValidFrom') || ''));
+       return @vals;
+}
+
+
+sub ip_number_or_blank {
+
+    my $c = shift;
+    my $ip = shift;
+
+    if (!defined($ip) || $ip eq "") {
+       return 'OK';
+    }
+    return ip_number($c, $ip);
+}
+
+
+sub subnet_mask_or_blank {
+
+    my $c = shift;
+    my $mask = shift;
+
+    if (ip_number_or_blank($c, $mask) eq 'OK') {
+        return "OK";
+    } 
+    return $c->l('rma_INVALID_SUBNET_MASK') . " (" . $mask . ")";
+}
+
+
+sub validate_network_and_mask {
+
+  my $c = shift;
+  my $net = shift  || "";
+  my $mask = shift || "";
+
+  if ($net xor $mask) {
+    return $c->l('rma_ERR_INVALID_PARAMS' . " (" . $net."/".$mask . ")");
+  }
+  return 'OK';
+}
+
+
+sub change_settings {
+
+    my ($c, %rma_datas) = @_;
+
+    #------------------------------------------------------------
+    # good; go ahead and change the access.
+    #------------------------------------------------------------
+
+    my $rec = $db->get('telnet');
+    if($rec) {
+       if ($rma_datas{telnetAccess} eq "off") {
+           $rec->set_prop('status','disabled');
+       } else {
+           $rec->set_prop('status','enabled');
+           $rec->set_prop('access', $rma_datas{telnetAccess});
+       }
+    }
+
+    $rec = $db->get('sshd') || $db->new_record('sshd', {type => 'service'});
+    $rec->set_prop('TCPPort', $rma_datas{sshTCPPort});
+    $rec->set_prop('status', ( $rma_datas{sshaccess} eq "off" ? 'disabled' : 'enabled'));
+    $rec->set_prop('access', $rma_datas{sshaccess});
+    $rec->set_prop('PermitRootLogin', $rma_datas{sshPermitRootLogin});
+    $rec->set_prop('PasswordAuthentication', $rma_datas{sshPasswordAuthentication});
+
+
+    $rec = $db->get('ftp');
+    if($rec) {
+       if ($rma_datas{ftpAccess} eq "off") {
+           $rec->set_prop('status', 'disabled');
+           $rec->set_prop('access', 'private');
+           $rec->set_prop('LoginAccess', 'private');
+       } elsif ($rma_datas{ftpAccess} eq "normal") {
+           $rec->set_prop('status', 'enabled');
+           $rec->set_prop('access', 'public');
+           $rec->set_prop('LoginAccess', $rma_datas{ftpPasswordAccess});
+       } else {
+           $rec->set_prop('status', 'enabled');
+           $rec->set_prop('access', 'private');
+           $rec->set_prop('LoginAccess', $rma_datas{ftpPasswordAccess});
+       }
+    }
+
+    if ($rma_datas{pptpSessions} == 0) {
+       $db->get('pptpd')->set_prop('status', 'disabled');
+    } else {
+       $db->get('pptpd')->set_prop('status', 'enabled');
+       $db->get('pptpd')->set_prop('sessions', $rma_datas{pptpSessions});
+    }
+
+    if ( $rma_datas{validFromNetwork} && $rma_datas{validFromMask} ) {
+       unless (add_new_valid_from( $c, $rma_datas{validFromNetwork}, $rma_datas{validFromMask} )) {
+           return $c->l('rma_ERROR_UPDATING_CONFIGURATION') . 'new net';
+       }
+    }
+
+
+    if ( $rma_datas{remove_nets} ) {
+       unless (remove_valid_from( $c, $rma_datas{remove_nets} )) {
+           return $c->l('rma_ERROR_UPDATING_CONFIGURATION') . 'del net';
+       }
+    }
+  
+    # reset ipsec roadwarrior CA,server,client certificates
+    if ($rma_datas{ipsecrwReset}) {
+       system('/sbin/e-smith/roadwarrior', 'reset_certs') == 0 or
+           return $c->l('rma_ERROR_UPDATING_CONFIGURATION') . 'rst ipsec';
+    }
+
+    if ( $rma_datas{ipsecrwSess} ) {
+       set_ipsecrw_sessions( $c, $rma_datas{ipsecrwSess} );
+    }
+
+    unless ( system( "/sbin/e-smith/signal-event", "remoteaccess-update" ) == 0 ) {
+        return $c->l('rma_ERROR_UPDATING_CONFIGURATION');
+    }
+
+    return 'OK';
+}
+
+
+sub set_ipsecrw_sessions {
+
+    my $c = shift;
+    my $sessions = shift;
+
+    if (defined $sessions) {
+       $db->get('ipsec')->set_prop('RoadWarriorSessions', $sessions);
+       if (int($sessions) > 0) {
+           $db->get('ipsec')->set_prop('RoadWarriorStatus', 'enabled');
+       }
+    }
+    return '';
+}
+
+
+sub add_new_valid_from {
+
+       my $c = shift;
+       my $net = shift;
+       my $mask = shift;
+
+       my $rec = $db->get('httpd-admin');
+       return $c->error('ERR_NO_RECORD') unless $rec;
+
+       my $prop = $rec->prop('ValidFrom') || '';
+
+       my @vals = split /,/, $prop;
+       return '' if (grep /^$net\/$mask$/, @vals); # already have this entry
+
+       if ($prop ne '') {
+               $prop .= ",$net/$mask";
+       } else {
+               $prop = "$net/$mask";
+       }
+
+       $rec->set_prop('ValidFrom', $prop);
+
+       return 1;
+}
+
+
+sub remove_valid_from {
+
+       my $c = shift;
+       my $remove_nets = shift;
+
+       my @remove = split /,/, $remove_nets;
+
+#      my @remove = $c->param('Remove_nets');
+       my @vals = $c->_get_valid_from();
+
+       foreach my $entry (@remove) {
+       
+           return undef unless $entry;
+
+           my ($net, $mask) = split (/\//, $entry);
+
+           unless (@vals)  {
+               print STDERR "ERROR: unable to load ValidFrom property from conf db\n";
+               return undef;
+           }
+
+           # what if we don't have a mask because someone added an entry from
+           # the command line? by the time we get here, the panel will have
+           # added a 32 bit mask, so we don't know for sure if the value in db
+           # is $net alone or $net/255.255.255.255. we have to check for both
+           # in this special case...
+           @vals = (grep { $entry ne $_ && $net ne $_ } @vals);
+       }
+
+       my $prop;
+       if (@vals) {
+           $prop = join ',',@vals;
+       } else {
+           $prop = '';
+       }
+
+       $db->get('httpd-admin')->set_prop('ValidFrom', $prop);
+
+       return 1;
+}
+
+
+1;
+
+
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Request.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Request.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Request.pm  2020-02-19 22:26:13.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Request.pm      2020-02-19 22:21:31.000000000 +0400
@@ -10,10 +10,12 @@
 use SrvMngr qw(theme_list init_session_cgi);
 
 # retrieve a configuration db record
-sub config {
+sub getconfig {
     my $c = shift;
-
     my $key = $c->param('key');
+
+    $c->app->log->info($c->log_req . ' ' . $key);
+
     if ($key) {
        use esmith::ConfigDB qw(open_ro);
        my $cdb = esmith::ConfigDB->open_ro;
@@ -23,23 +25,26 @@
 
 
 # retrieve an accounts db record, given its name
-sub account {
+sub getaccount {
     my $c = shift;
-
     my $key = $c->param('key');
+
+    $c->app->log->info($c->log_req . ' ' . $key);
+
     if ($key) {
        use esmith::AccountsDB qw(open_ro);
-       my $adb = esmith::Accounts->open_ro;
+       my $adb = esmith::AccountsDB->open_ro;
        return getdb( $c, $adb, $key);
     }
 }
 
 
 sub getdb {
+
     my ($c, $db, $key) = @_;
 
     if ( my $rec = $db->get($key) ) {
-        return $c->render(json => { $key => { $rec->props }} );
+       return $c->render(json => { $key => { $rec->props }} );
     }
     return undef;
 }
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Useraccounts.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Useraccounts.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Useraccounts.pm     1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Useraccounts.pm 2020-02-29 19:11:19.000000000 +0400
@@ -0,0 +1,950 @@
+package SrvMngr::Controller::Useraccounts;
+
+use strict;
+use warnings;
+use Mojo::Base 'Mojolicious::Controller';
+
+use Locale::gettext;
+use SrvMngr::I18N;
+use SrvMngr qw(theme_list init_session_cgi 
+       is_normal_password email_simple);
+
+#use esmith::FormMagick qw( validate_password );
+#use CGI::FormMagick::Validator qw( call_fm_validation );
+
+use esmith::AccountsDB;
+use esmith::ConfigDB;
+use esmith::util;
+
+#use esmith::FormMagick;
+#use esmith::cgi;
+#use File::Basename;
+#use Exporter;
+#use Carp qw(verbose);
+
+#use esmith::FormMagick::Panel::useraccounts;
+
+our $adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
+our $cdb = esmith::ConfigDB->open() || die "Couldn't open config db";
+
+sub main {
+
+    my $c = shift;
+    $c->app->log->info($c->log_req);
+
+    my $notif = '';
+    my %usr_datas = ();
+    my $title = $c->l('usr_FORM_TITLE');
+
+    $usr_datas{'trt'} = 'LIST';
+
+    my @users = $adb->get('admin');
+    push @users, $adb->users();
+
+    $c->stash( title => $title, notif => $notif, usr_datas => \%usr_datas, users => \@users );
+    $c->render(template => 'useraccounts');
+
+};
+
+
+sub do_display {
+
+    my $c = shift;
+
+    my $rt = $c->current_route;
+    my $trt = ($c->param('trt') || 'ADD');
+    my $user = ($c->param('user') || '');
+
+    my %usr_datas = ();
+    my $title = $c->l('usr_FORM_TITLE');
+    my ($notif, $modul) = '';
+
+    $usr_datas{'trt'} = $trt;
+
+        if ( $trt eq 'ADD' ) {
+
+           $usr_datas{user} = '';
+           $usr_datas{firstname} = '';
+           $usr_datas{lastname} = '';
+           $usr_datas{dept}    = $c->get_ldap_value('Dept');
+           $usr_datas{company} =  $c->get_ldap_value('Company');
+           $usr_datas{street}  =  $c->get_ldap_value('Street');
+           $usr_datas{city}    =  $c->get_ldap_value('City');
+           $usr_datas{phone}   =  $c->get_ldap_value('Phone');
+        }
+
+        if ( $trt eq 'UPD' or $trt eq 'UPS' ) {
+
+           my $rec = $adb->get($user);
+           my $type = ( $trt eq 'UPS' ) ? 'system' : 'user';
+           if ($rec and $rec->prop('type') eq $type) {
+               $usr_datas{user}        =  $user;
+               $usr_datas{firstname}   =  $rec->prop('FirstName');
+               $usr_datas{lastname}    =  $rec->prop('LastName');
+               $usr_datas{vpnclientaccess}     =  $rec->prop('VPNClientAccess');
+               $usr_datas{emailforward}        =  $rec->prop('EmailForward');
+               $usr_datas{forwardaddress}      =  $rec->prop('ForwardAddress');
+               if ( $trt eq 'UPD' ) {
+                   $usr_datas{dept}    =  $rec->prop('Dept');
+                   $usr_datas{company} =  $rec->prop('Company');
+                   $usr_datas{street}  =  $rec->prop('Street');
+                   $usr_datas{city}    =  $rec->prop('City');
+                   $usr_datas{phone}   =  $rec->prop('Phone');
+               }
+           }
+        }
+
+        if ( $trt eq 'DEL' ) {
+
+           my $rec = $adb->get($user);
+           if ($rec and $rec->prop('type') eq 'user') {
+               $usr_datas{user} = $user;
+               $usr_datas{name} = $c->get_user_name($user);
+           }
+
+        }
+
+        if ( $trt eq 'PWD' or $trt eq 'PWS' ) {
+
+           my $rec = $adb->get($user);
+           my $type = ( $trt eq 'PWS' ) ? 'system' : 'user';
+           if ($rec and $rec->prop('type') eq $type) {
+               $usr_datas{user} = $user;
+               $usr_datas{name} = $c->get_user_name($user);
+           }
+
+        }
+
+        if ( $trt eq 'LCK' ) {
+
+           my $rec = $adb->get($user);
+           if ($rec and $rec->prop('type') eq 'user') {
+               $usr_datas{user} = $user;
+               $usr_datas{name} = $c->get_user_name($user);
+           }
+
+        }
+
+        if ( $trt eq 'LIST' ) {
+           my @useraccounts;
+           if ($adb)
+           {
+               @useraccounts = $adb->useraccounts();
+           }
+            $c->stash( useraccounts => \@useraccounts );
+
+       }
+
+    $c->stash( title => $title, notif => $notif, usr_datas => \%usr_datas );
+    $c->render( template => 'useraccounts' );
+
+};
+
+
+sub do_update {
+
+    my $c = shift;
+    $c->app->log->info($c->log_req);
+
+    my $rt = $c->current_route;
+    my $trt = ($c->param('trt') || 'LIST');
+    my $user = ($c->param('user') || '');
+    my $name = ($c->param('name') || '');
+
+    my %usr_datas = ();
+    $usr_datas{trt} = $trt;
+
+    my $title = $c->l('usr_FORM_TITLE');
+
+
+    my ($res, $result) = '';
+
+
+    if ( $trt eq 'ADD' ) {
+
+       # controls
+
+       my $first = $c->param('FirstName');
+       my $last  = $c->param('LastName');
+        my $mail  = $c->param('ForwardAddress');
+       
+        unless ( $first ) {
+            $result .= $c->l('FM_NONBLANK') . ' - ';
+       }
+        unless ( $last ) {
+            $result .= $c->l('FM_NONBLANK') . ' - ';
+       }
+        #unless ( $mail ) {
+        #    $result .= $c->l('FM_NONBLANK') . ' - ';
+       #}
+
+       $res = $c->validate_acctName( $user );
+       $result .= $res unless $res eq 'OK';
+
+       $res = $c->validate_acctName_length( $user );
+       $result .= $res unless $res eq 'OK';
+
+       $res = $c->validate_acctName_conflict( $user );
+       $result .= $res unless $res eq 'OK';
+
+       $res = $c->pseudonym_clash( $first );
+       $result .= $res unless $res eq 'OK';
+
+       if ( $mail ) {
+           $res = $c->emailforward( $mail );
+           $result .= $res unless $res eq 'OK';
+       }
+
+       #$result .= 'Blocked for testing';
+
+       if ( ! $result ) {
+           $res = create_user( $c, $user ); 
+           $result .= $res unless $res eq 'OK';
+           if ( ! $result ) { 
+               $result = $c->l('usrUSER_CREATED') . ' ' . $user; 
+               $usr_datas{trt} = 'SUC';
+           }
+       }
+    }
+
+
+    if ( $trt eq 'UPD' or $trt eq 'UPS') {
+
+       # controls
+       
+       my $first = $c->param('FirstName');
+       my $last  = $c->param('LastName');
+        my $mail  = $c->param('ForwardAddress');
+
+        unless ( $first ) {
+            $result .= $c->l('FM_NONBLANK') . ' - ';
+       }
+        unless ( $last ) {
+            $result .= $c->l('FM_NONBLANK') . ' - ';
+       }
+
+        #unless ( $mail ) {
+        #    $result .= $c->l('FM_NONBLANK') . ' - ';
+       #}
+
+       $res = $c->pseudonym_clash( $first );
+       $result .= $res unless $res eq 'OK';
+
+       if ( $mail ) {
+           $res = $c->emailforward( $mail );
+           $result .= $res unless $res eq 'OK';
+       }
+
+
+       
+       #$result .= 'Blocked for testing';
+
+       if ( ! $result ) {
+           if ( $trt eq 'UPS' ) {
+               $res = $c->modify_admin(); 
+           } else {
+               $res = $c->modify_user( $user ); 
+           }
+           $result .= $res unless $res eq 'OK';
+           if ( ! $result ) { 
+               $result = $c->l('usr_USER_MODIFIED') . ' ' . $user; 
+               $usr_datas{trt} = 'SUC';
+           }
+       }
+    }
+
+
+    if ( $trt eq 'PWD' ) {
+
+        my $pass1 = $c->param('newPass');
+        my $pass2 = $c->param('newPassVerify');
+
+       # controls
+        unless ($pass1) {
+            $result .= $c->l('FM_NONBLANK') . ' - ';
+       }
+        unless ($pass1 eq $pass2) {
+            $result .= $c->l('PASSWORD_VERIFY_ERROR') . ' - ';
+       }
+
+       if ( ! $result ) {
+           $res = check_password( $c, $pass1 );
+           $result .= $res unless $res eq 'OK';
+       }
+
+       if ( $user eq 'admin' ) {
+           $result .= "System password  should not be reset here !";
+       }
+       #$result .= 'Blocked for testing';
+       
+       if ( ! $result ) {
+           my $res = $c->reset_password( $user, $pass1 );
+           $result .= $res unless $res eq 'OK';
+           if ( ! $result ) { 
+               $result = $c->l('usr_PASSWORD_CHANGE_SUCCEEDED', $user);
+               $usr_datas{trt} = 'SUC';
+           }
+       }
+    }
+
+    if ( $trt eq 'PWS' ) {             # system password reset (admin)
+
+        my $curpass = $c->param('CurPass');
+        my $pass1 = $c->param('Pass');
+        my $pass2 = $c->param('PassVerify');
+
+       # controls
+        if ($curpass) {
+           $res = $c->system_authenticate_password( $curpass );
+           $result .= $res unless $res eq 'OK';
+       } else {
+            $result .= $c->l('FM_NONBLANK') . ' - ';
+       }
+
+        unless ($pass1 and $pass2) {
+            $result .= $c->l('FM_NONBLANK') . ' - ';
+       }
+
+        unless ($pass1 eq $pass2) {
+            $result .= $c->l('usr_SYSTEM_PASSWORD_VERIFY_ERROR') . ' - ';
+       }
+
+       if ( ! $result ) {
+           $res = $c->system_validate_password( $pass1 );
+           $result .= $res unless $res eq 'OK';
+
+           $res = $c->system_check_password( $pass1 );
+           $result .= $res unless $res eq 'OK';
+       }
+
+       #$result .= 'Blocked for testing';
+       
+       if ( ! $result ) {
+           my $res = $c->system_change_password();
+           $result .= $res unless $res eq 'OK';
+           if ( ! $result ) { 
+               $result = $c->l('usr_SYSTEM_PASSWORD_CHANGED', $user);
+               $usr_datas{trt} = 'SUC';
+           }
+       }
+    }
+
+
+    if ( $trt eq 'LCK' ) {
+
+       # controls
+
+       #$res = xxxxxxxxxxx();
+       #$result .= $res unless $res eq 'OK';
+       
+       #$result .= 'Blocked for testing';
+
+       if ( ! $result ) {
+           my $res = $c->lock_account( $user );
+           $result .= $res unless $res eq 'OK';
+           if ( ! $result ) { 
+               $result = $c->l('usr_LOCKED_ACCOUNT', $user);
+               $usr_datas{trt} = 'SUC';
+           }
+       }
+    }
+
+    if ( $trt eq 'DEL' ) {
+    
+       # controls
+
+       #$res = xxxxxxxxxxx();
+       #$result .= $res unless $res eq 'OK';
+
+       #$result .= 'Blocked for testing';
+
+       if ( ! $result ) {
+           my $res = $c->remove_account( $user );
+           $result .= $res unless $res eq 'OK';
+           if ( ! $result ) { 
+               $result = $c->l('usr_SUCCESSFULLY_DELETED_USER') . ' ' . $user; 
+               $usr_datas{trt} = 'SUC';
+           }
+       }
+    }
+
+    $usr_datas{'user'} = $user;
+    $usr_datas{'name'} = $name;
+
+    $c->stash( title => $title, notif => $result, usr_datas => \%usr_datas );
+    if ($usr_datas{trt} ne 'SUC') {
+       return $c->render(template => 'useraccounts');
+    }
+    $c->redirect_to('/useraccounts');
+
+};
+
+
+sub lock_account {
+    my $c = shift;
+    
+    my $user = $c->param('user');
+    my $acct = $adb->get($user);
+    if ($acct->prop('type') eq "user") {
+        undef $adb;
+
+       # Untaint the username before use in system()
+       $user =~ /^(\w[\-\w_\.]*)$/;
+       $user = $1;
+        if (system("/sbin/e-smith/signal-event", "user-lock", $user)) {
+            $adb = esmith::AccountsDB->open();
+            return $c->l("usr_ERR_OCCURRED_LOCKING");
+        }
+        $adb = esmith::AccountsDB->open();
+       return 'OK';
+    } else {
+        return $c->l('NO_SUCH_USER', $user);
+    }
+}
+
+
+sub remove_account {
+    my ($c) = @_;
+    my $user = $c->param('user');
+
+    my $acct = $adb->get($user);
+    if ($acct->prop('type') eq 'user') {
+        $acct->set_prop('type', 'user-deleted');
+
+        undef $adb;
+
+       # Untaint the username before use in system()
+       $user =~ /^(\w[\-\w_\.]*)$/;
+       $user = $1;
+        if (system ("/sbin/e-smith/signal-event", "user-delete", $user))
+        {
+            $adb = esmith::AccountsDB->open();
+            return $c->l("ERR_OCCURRED_DELETING");
+        }
+
+        $adb = esmith::AccountsDB->open();
+        $adb->get($user)->delete;
+       return 'OK';
+    } else {
+        return $c->l('NO_SUCH_USER', $user);
+    }
+}
+
+
+sub reset_password {
+    my ($c, $user, $passw1) = @_;
+
+    unless (($user) = ($user =~ /^(\w[\-\w_\.]*)$/)) {
+        return $c->l('usr_TAINTED_USER');
+    }
+    $user = $1;
+
+    my $acct = $adb->get($user);
+
+    if ( $acct->prop('type') eq "user") {
+        esmith::util::setUserPassword ($user, $passw1);
+
+        $acct->set_prop("PasswordSet", "yes");
+        undef $adb;
+
+        if (system("/sbin/e-smith/signal-event", "password-modify", $user))
+        {
+            $adb = esmith::AccountsDB->open();
+            return $c->l("usr_ERR_OCCURRED_MODIFYING_PASSWORD");
+        }
+        $adb = esmith::AccountsDB->open();
+
+        return 'OK';
+    } else {
+        return $c->l('NO_SUCH_USER', $user);
+    }
+}
+
+
+
+sub check_password {
+    my $c = shift;
+    my $pass1 = shift;
+
+    my $check_type;
+    my $rec = $cdb->get('passwordstrength');
+    $check_type = ($rec ? ($rec->prop('Users') || 'none') : 'none');
+
+    return validate_password($c, $check_type, $pass1);
+}
+
+
+sub validate_password {
+    my ($c, $strength, $pass) = @_;
+
+    use Crypt::Cracklib;
+
+    my $reason;
+
+    if ($strength eq "none") {
+        return $c->l("Passwords must be at least 7 characters long") unless (length($pass) > 6);
+        return "OK";
+    }
+
+    $reason = is_normal_password($c, $pass, undef);
+
+    return $reason unless ($reason eq "OK");
+    return "OK" unless ($strength eq "strong");
+
+    if ( -f '/usr/lib64/cracklib_dict.pwd' ) {
+        $reason = fascist_check($pass, '/usr/lib64/cracklib_dict');
+    } else {
+        $reason = fascist_check($pass, '/usr/lib/cracklib_dict');
+    }
+    $reason ||= "Software error: password check failed";
+
+    return "OK" if ($reason eq "ok");
+
+    return $c->l("Bad Password Choice") . ": "
+       . $c->l("The password you have chosen is not a good choice, because")
+       . " " . $c->($reason) . ".";
+}
+
+
+sub emailForward_list {
+    my $c = shift;
+
+    return [[ $c->l('usr_DELIVER_EMAIL_LOCALLY') => 'local'], 
+            [ $c->l('usr_FORWARD_EMAIL') => 'forward'],
+            [ $c->l('usr_DELIVER_AND_FORWARD') => 'both']];
+}
+
+
+sub max_user_name_length {
+
+    my ($c, $data) = @_;
+
+    $cdb->reload();
+    my $max = $cdb->get('maxuserNameLength')->value;
+
+    if (length($data) <= $max) {
+        return "OK";
+    } else {
+        return $c->l('usr_MAX_user_NAME_LENGTH_ERROR', $data, $max, $max);
+    }
+}
+
+
+sub validate_acctName {
+
+    my ($c, $acctName) = @_;
+
+    unless ($adb->validate_account_name($acctName)) {
+        return $c->l('usrACCT_NAME_HAS_INVALID_CHARS', $acctName);
+    }
+    return "OK";
+}
+
+sub validate_acctName_length {
+
+    my $c        = shift;
+    my $acctName = shift;
+
+    my $maxAcctNameLength = ($cdb->get('maxAcctNameLength') 
+        ? $cdb->get('maxAcctNameLength')->prop('type') : "") || 12;
+
+    if ( length $acctName > $maxAcctNameLength ) {
+        return $c->l('usrACCOUNT_TOO_LONG', $maxAcctNameLength);
+    } else {
+        return ('OK');
+    }
+}
+
+sub validate_acctName_conflict {
+
+    my $c        = shift;
+    my $acctName = shift;
+
+    my $account = $adb->get($acctName);
+    my $type;
+
+    if (defined $account) {
+        $type = $account->prop('type');
+    } elsif (defined getpwnam($acctName) || defined getgrnam($acctName)) {
+        $type = "system";
+    } else {
+        return('OK');
+    }
+    return $c->l('usrACCOUNT_CONFLICT', $acctName, $type);
+
+}
+
+
+
+sub get_user_name {
+
+    my ($c, $acctName) = @_;
+
+    my $usr = $adb->get($acctName);
+
+    return '' unless $usr;
+
+    return $usr->prop('FirstName') ." ". $usr->prop('LastName');
+
+}
+
+
+sub get_ldap_value {
+    my ($c, $field) = @_;
+
+    # don't do the lookup if this is a modification of an existing user
+    if ($c->param('user')) {
+        return $c->param($field);
+    }
+
+    my %CGIParam2DBfield = (
+        Dept    => 'defaultDepartment',
+        Company => 'defaultCompany',
+        Street  => 'defaultStreet',
+        City    => 'defaultCity',
+        Phone   => 'defaultPhoneNumber'
+    );
+
+    return $cdb->get('ldap')->prop($CGIParam2DBfield{$field});
+}
+
+sub get_pptp_value {
+    return $cdb->get('pptpd')->prop('AccessDefault') || 'no';
+}
+
+
+sub pseudonym_clash {
+    my ($c, $first) = @_;
+    $first ||= "";
+    my $last     = $c->param('LastName') || "";
+    my $acctName = $c->param('user') || "";
+
+    my $up = "$first $last";
+
+    $up =~ s/^\s+//;    
+    $up =~ s/\s+$//;   
+    $up =~ s/\s+/ /g; 
+    $up =~ s/\s/_/g;         
+
+    my $dp = $up; 
+    $dp =~ s/_/./g;
+
+    $dp = $adb->get($dp);
+    $up = $adb->get($up);
+
+    my $da = $dp->prop('Account') if $dp;
+    my $ua = $up->prop('Account') if $up;
+    if ($dp and $da and $da ne $acctName) {
+        return $c->l('usr_PSEUDONYM_CLASH', 
+            $acctName, $da, $dp->key);
+    } elsif ($up and $ua and $ua ne $acctName) {
+        return $c->l('usr_PSEUDONYM_CLASH', 
+            $acctName, $ua, $up->key );
+    } else {
+        return "OK";
+    }
+}
+
+
+sub emailforward {
+    my ($c, $data) = @_;
+    my $response = $c->email_simple($data);
+    if ($response eq "OK") {
+        return "OK";
+    } elsif ($data eq "") {
+        # Blank is ok, only if we're not forwarding, which means that the
+        # EmailForward param must be set to 'local'.
+        my $email_forward = $c->param('EmailForward') || '';
+        $email_forward =~ s/^\s+|\s+$//g;
+        return 'OK' if $email_forward eq 'local';
+        return $c->l('usr_CANNOT_CONTAIN_WHITESPACE');
+    } else {
+        return $c->l('usr_CANNOT_CONTAIN_WHITESPACE')
+            if ( $data =~ /\s+/ );
+        # Permit a local address.
+        return "OK" if $data =~ /^[a-zA-Z][a-zA-Z0-9\._\-]*$/;
+        return $c->l('usr_UNACCEPTABLE_CHARS');
+    }
+}
+
+
+sub get_groups {
+    my ($c) = shift;
+
+    my @groups = $adb->groups();
+    return \@groups;
+}
+
+
+sub ipsec_for_acct {
+
+    my $c = shift;
+
+    # Don't show ipsecrw setting unless the status property exists
+    return '' unless ($cdb->get('ipsec') 
+        && $cdb->get('ipsec')->prop('RoadWarriorStatus'));
+
+    # Don't show ipsecrw setting unless /sbin/e-smith/roadwarrior exists
+    return '' unless -x '/sbin/e-smith/roadwarrior';
+
+    my $user = $c->param('user');
+    return '' unless $user;
+
+    my $rec = $adb->get($user);
+    if ( $rec ) { 
+       my $pwset = $rec->prop('PasswordSet') || 'no';
+       my $VPNaccess = $rec->prop('VPNClientAccess') || 'no';
+       if ($pwset eq 'yes' and $VPNaccess eq 'yes') {
+           return 'OK';
+       }
+    }
+    return '';
+}
+
+
+sub is_user_in_group {
+
+    my $c = shift;
+    my $user = shift || '';
+    my $group = shift || '';
+
+    return '' unless ( $user and $group );
+
+    return ( $adb->is_user_in_group($user, $group) ) ? 'OK' : '';
+
+}
+
+
+sub get_ipsec_client_cert {
+    my $c = shift;
+    my $user = $c->param('user');
+    ($user) = ($user =~ /^(.*)$/);
+
+    die "Invalid user: $user\n" unless getpwnam($user);
+
+    open (KID, "/sbin/e-smith/roadwarrior get_client_cert $user |")
+        or die "Can't fork: $!";
+    my $certfile = <KID>;
+    close KID;
+
+    require File::Basename;
+    my $certname = File::Basename::basename($certfile);
+
+    print "Expires: 0\n";
+    print "Content-type: application/x-pkcs12\n";
+    print "Content-disposition: inline; filename=$certname\n";
+    print "\n";
+
+    open (CERT, "<$certfile");
+    while (<CERT>)
+    {
+        print;
+    }
+    close CERT;
+
+    return '';
+}
+
+
+sub modify_user {
+    my ($c) = @_;
+    my $acctName = $c->param('user');
+
+    unless (($acctName) = ($acctName =~ /^(\w[\-\w_\.]*)$/)) {
+        return $c->l('usr_TAINTED_USER', $acctName);
+    }
+    # Untaint the username before use in system()
+    $acctName = $1;
+
+    my $acct = $adb->get($acctName);
+    my $acctType = $acct->prop('type');
+
+    if ($acctType eq "user")
+    {
+        $adb->remove_user_auto_pseudonyms($acctName);
+        my %newProperties = (
+            'FirstName'      => $c->param('FirstName'),
+            'LastName'       => $c->param('LastName'),
+            'Phone'          => $c->param('Phone'),
+            'Company'        => $c->param('Company'),
+            'Dept'           => $c->param('Dept'),
+            'City'           => $c->param('City'),
+            'Street'         => $c->param('Street'),
+            'EmailForward'   => $c->param('EmailForward'),
+            'ForwardAddress' => $c->param('ForwardAddress'),
+            'VPNClientAccess'=> $c->param('VPNClientAccess'),
+        );
+
+        $acct->merge_props(%newProperties);
+
+        $adb->create_user_auto_pseudonyms($acctName);
+
+        my @old_groups = $adb->user_group_list($acctName);
+        my @new_groups = $c->param("groupMemberships");
+
+    $c->app->log->info($c->dumper("groups: Old " . @old_groups .' New '. @new_groups));
+
+        $adb->remove_user_from_groups($acctName, @old_groups);
+        $adb->add_user_to_groups($acctName, @new_groups);
+
+        undef $adb;
+
+        unless (system ("/sbin/e-smith/signal-event", "user-modify", 
+                        $acctName) == 0) {
+            $adb = esmith::AccountsDB->open();
+            return $c->l('usr_CANNOT_MODIFY_USER');
+        }
+        $adb = esmith::AccountsDB->open();
+    }
+    return 'OK';
+}
+
+
+sub create_user {
+
+    my $c = shift;
+
+    my $acctName = $c->param('user');
+    my %userprops;
+
+    foreach my $field ( qw( FirstName LastName Phone Company Dept
+        City Street EmailForward ForwardAddress VPNClientAccess) )
+    {
+        $userprops{$field} = $c->param($field);
+    }
+    $userprops{'PasswordSet'} = "no";
+    $userprops{'type'}        = 'user';
+
+    my $acct = $adb->new_record($acctName)
+        or warn "Can't create new account for $acctName (does it already exist?)\n";
+    $acct->reset_props(%userprops);
+    $adb->create_user_auto_pseudonyms($acctName);
+    my @groups = $c->param("groupMemberships");
+
+    $adb->add_user_to_groups($acctName, @groups);
+
+    undef $adb;
+
+    # Untaint the username before use in system()
+    $acctName =~ /^(\w[\-\w_\.]*)$/;
+    $acctName = $1;
+
+    if (system ("/sbin/e-smith/signal-event", "user-create", $acctName)) 
+    {
+        $adb = esmith::AccountsDB->open();
+        return $c->l("usr_ERR_OCCURRED_CREATING");
+    }
+
+    $adb = esmith::AccountsDB->open();
+
+    $c->set_groups();
+    return 'OK';
+
+}
+
+
+sub set_groups {
+
+    my $c = shift;
+
+    my $acctName = $c->param('user');
+
+    my @groups = $c->param('groupMemberships');
+    $adb->set_user_groups($acctName, @groups);
+
+}
+
+
+sub modify_admin {
+
+    my ($c) = @_;
+
+    my $acct = $adb->get('admin');
+
+    my %newProperties = (
+        'FirstName'      => $c->param('FirstName'),
+        'LastName'       => $c->param('LastName'),
+        'EmailForward'   => $c->param('EmailForward'),
+        'ForwardAddress' => $c->param('ForwardAddress'),
+        'VPNClientAccess'=> $c->param('VPNClientAccess'),
+    );
+
+    $acct->merge_props(%newProperties);
+
+    undef $adb;
+
+    my $status = 
+        system ("/sbin/e-smith/signal-event", "user-modify-admin", 'admin');
+
+    $adb = esmith::AccountsDB->open();
+
+    if ($status == 0) {
+        return 'OK';
+    } else {
+        return$c->l('usr_CANNOT_MODIFY_USER', 'First');
+    }
+}
+
+
+sub system_validate_password {
+
+    my $c = shift;
+    my $pass1 = shift;
+    # If the password contains one or more printable character
+    if ($pass1 =~ /^([ -~]+)$/) {
+        return('OK');
+    } else {
+        return $c->l('usr_SYSTEM_PASSWORD_UNPRINTABLES_IN_PASS');
+    }
+}
+
+
+sub system_check_password {
+
+    my $c = shift;
+    my $pass1 = shift;
+
+    use esmith::ConfigDB;
+    my $conf = esmith::ConfigDB->open();
+    my ($check_type, $rec);
+    if ($conf) {
+        $rec = $conf->get('passwordstrength');
+    }
+    $check_type = ($rec ? ($rec->prop('Admin') || 'strong') : 'strong');
+
+    return $c->validate_password($check_type, $pass1);
+}
+
+
+sub system_authenticate_password {
+
+    my $c = shift;
+    my $pass = shift;
+
+    if (esmith::util::authenticateUnixPassword( ($cdb->get_value("AdminIsNotRoot") eq 'enabled') ? 'admin' : 'root', $pass)) {
+        return "OK";
+    } else {
+        return $c->l("usr_SYSTEM_PASSWORD_AUTH_ERROR");
+    }
+}
+
+
+sub system_change_password {
+
+    my ($c) = @_;
+    my $pass = $c->param('Pass');
+
+    ($cdb->get_value("AdminIsNotRoot") eq 'enabled') ? esmith::util::setUnixPassword('admin',$pass) : esmith::util::setUnixSystemPassword($pass);
+    esmith::util::setServerSystemPassword($pass);
+
+    my $result = system("/sbin/e-smith/signal-event password-modify admin");
+
+    if ($result == 0) {
+        return 'OK';
+    } else {
+        return $c->l("Error occurred while modifying password for admin.", 'First');
+    }
+}
+
+
+1
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Viewlogfiles.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Viewlogfiles.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Viewlogfiles.pm     1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Viewlogfiles.pm 2020-02-26 17:04:40.000000000 +0400
@@ -0,0 +1,332 @@
+package SrvMngr::Controller::Viewlogfiles;
+
+use strict;
+use warnings;
+use Mojo::Base 'Mojolicious::Controller';
+
+#use esmith::FormMagick qw(gen_locale_date_string);
+
+use Locale::gettext;
+use SrvMngr::I18N;
+use SrvMngr qw(theme_list init_session_cgi);
+
+use esmith::ConfigDB;
+use Time::TAI64;
+use File::Basename;
+use HTML::Entities;
+use esmith::FormMagick qw(gen_locale_date_string);
+
+use constant TRUE  => 1;
+use constant FALSE => 0;
+
+our $cdb = esmith::ConfigDB->open() || die "Couldn't open config db";
+
+our @logfiles = ();    # with array
+
+
+sub main {
+    my $c = shift;
+    $c->app->log->info($c->log_req);
+
+    my %log_datas = ();
+    my $title = $c->l('log_FORM_TITLE');
+    my $notif = '';
+
+    $log_datas{default_op} = 
+       ($cdb->get('viewlogfiles')->prop('DefaultOperation')) || 'view';
+
+    $c->stash( title => $title, notif => $notif, log_datas => \%log_datas);
+    $c->render(template => 'viewlogfiles');
+};
+
+
+sub do_action {
+    my $c = shift;
+    $c->app->log->info($c->log_req);
+
+    my $title = $c->l('log_FORM_TITLE');
+    my $notif = '';
+    my $result = "";
+    my %log_datas = ();
+
+    $log_datas{filename} = $c->param('Filename');
+    $log_datas{matchpattern} = $c->param('Matchpattern');
+    $log_datas{highlightpattern} = $c->param('Highlightpattern');
+    $log_datas{operation} = $c->param('Operation');
+    if ($log_datas{operation} eq 'download') {
+       $log_datas{'trt'} = "DOWN"
+    } else {
+       $log_datas{'trt'} = "SHOW"
+    }
+
+
+    if ($log_datas{filename} =~ /^([\S\s]+)$/) {
+       $log_datas{filename} = $1;
+    } elsif ($log_datas{filename} =~ /^$/) {
+       $log_datas{filename} = "messages";
+    } else {
+       $result .= $c->l("log_FILENAME_ERROR", $log_datas{filename} )
+           . " ";
+    }
+    
+    if ($log_datas{matchpattern} =~ /^(\S+)$/) {
+       $log_datas{matchpattern} = $1; 
+    } else {
+       $log_datas{matchpattern} = ".";
+    }
+    
+    if ($log_datas{highlightpattern} =~ /^(\S+)$/) {
+       $log_datas{highlightpattern} = $1;
+    } else {
+       $log_datas{highlightpattern} = '';
+    }
+
+    my $fullpath = "/var/log/$log_datas{filename}";
+    if (-z $fullpath) {
+        $result .= $c->l("log_LOG_FILE_EMPTY", "$log_datas{filename}" );
+    }
+
+    if ($log_datas{trt} eq "SHOW") {
+        if ( ! $result ) {
+           $result = $c->render_to_string(inline => showlogFile( $c, %log_datas ));
+       }
+
+       if ( $result ) {
+           $c->stash(title => $title, modul => $result, log_datas => \%log_datas);
+           return $c->render(template => 'viewlogfiles2');
+       }
+    }
+
+
+    if ( $log_datas{trt} eq 'DOWN' ) {
+
+       my $modul = 'Log file download';
+       
+       $notif = download_logFile( $c, %log_datas );
+    }
+
+    $c->stash( title => $title, notif => $notif, log_datas => \%log_datas);
+    $c->render(template => 'viewlogfiles');
+
+};
+
+
+sub timestamp2local
+{
+    $_ = shift;
+    if (/^(\@[0-9a-f]{24})(.*)/s)
+    {
+       return Time::TAI64::tai64nlocal($1) . $2;
+    }
+    elsif (/^([0-9]{10}\.[0-9]{3})(.*)/s)
+    {
+       return localtime($1) . $2;
+    }
+    return $_;
+}
+
+
+sub findlogFiles {
+
+    my $c = shift;
+
+    use File::Find;
+    sub findlogfiles
+    {
+        my $path = $File::Find::name;
+
+        if (-f)
+        {
+            # Remove leading /var/log/messages
+            $path =~ s:^/var/log/::;
+            # don't bother to collect files known to be non-text
+            # or not log files
+            foreach (qw(
+                lastlog
+                btmp$
+                wtmp
+                lock
+                (?<!qpsmtpd/)state
+                httpd/ssl_mutex.\d*
+                httpd/ssl_scache.pag
+                httpd/ssl_scache.dir
+                \/config$
+            ))
+            {
+                return if $path =~ /$_/;
+            }
+
+            my ($file_base, $file_path, $file_type) = fileparse($path);
+
+            if ( $file_base =~ /@.*/ )
+            {
+                #$logfiles{$path} = $file_path . timestamp2local($file_base);
+               push @logfiles, [ $file_path . timestamp2local($file_base), $path  ];
+            }
+            else
+            {
+                #$logfiles{$path} = $path;
+               push @logfiles, [ $path, $path ];
+            }
+        }
+    }
+
+    # Now go and find all the files under /var/log
+    find({wanted => \&findlogfiles, no_chdir => 1}, '/var/log');
+
+    my @logf = sort { $a->[0] cmp $b->[0] } @logfiles;
+
+    return \@logf;
+}
+
+
+sub showlogFile {
+
+    my ($c, %log_datas) = @_;
+
+    my $fullpath = "/var/log/$log_datas{filename}";
+    my $out = '';
+
+    $out .= sprintf("$fullpath: \n");
+
+    $out .= sprintf($c->l("log_VIEWING_TIME", $c->gen_locale_date_string() ));
+
+    unless ( $log_datas{matchpattern} eq '.' )
+    {
+        #$out .= sprintf("<p>\n");
+        $out .= sprintf($c->l("log_MATCH_HEADER", $log_datas{matchpattern}  ));
+    }
+
+    if ( $log_datas{highlightpattern} )
+    {
+        #$out .= sprintf("<p>\n");
+        $out .= sprintf($c->l("log_HIGHLIGHT_HEADER", "$log_datas{highlightpattern}" ));
+    }
+
+    if ($log_datas{filename} =~ /\.gz$/) {
+        my $pid = open(LOGFILE, "-|");
+        die "Couldn't fork: $!" unless defined $pid;
+        unless ($pid) {
+            # Child
+            exec("/bin/zcat", $fullpath)
+            || die "Can't exec zcat: $!";
+            # NOTREACHED
+        }
+    } else {
+        open(LOGFILE, "$fullpath");
+    }
+
+    my $somethingMatched = 0;
+    my $fileEmpty = 1;
+    $out .= sprintf("<PRE>");
+    while(<LOGFILE>)
+    {
+        $fileEmpty = 0;
+        next unless /$log_datas{matchpattern}/;
+        $somethingMatched = 1;
+
+        $_ = timestamp2local($_);
+        $_ = HTML::Entities::encode_entities($_);
+        ($log_datas{highlightpattern} && /$log_datas{highlightpattern}/)
+           ? $out .= sprintf( "<b>$_</b>" )
+           : $out .= sprintf("$_");
+    }
+    $out .= sprintf("</PRE>");
+
+    if ($fileEmpty) {
+        $out .= sprintf("<p>\n");
+        $out .= sprintf($c->l("log_LOG_FILE_EMPTY"));
+    } else {
+        unless ($somethingMatched)
+        {
+            $out .= sprintf("<p>\n");
+            $out .= sprintf($c->l("log_NO_MATCHING_LINES"));
+        }
+    }
+
+    close LOGFILE;
+
+    return $out;
+}
+
+
+sub download_logFile {
+
+    my ($c, %log_datas) = @_;
+
+    my $fullpath = "/var/log/$log_datas{filename}";
+
+    # Save this information for later.
+
+    $cdb->get('viewlogfiles')->merge_props('DefaultOperation', $log_datas{operation});
+
+    # If the client is on windows, we must handle this a little differently.
+    my $win32 = FALSE;
+    my $mac   = FALSE;
+    my $agent = $ENV{HTTP_USER_AGENT} || "";
+    if ($agent =~ /win32|windows/i) {
+        $win32 = TRUE;
+    }  elsif ($agent =~ /mac/i) {
+        $mac = TRUE;
+    }
+
+    # Check for errors first. Once we start sending the file it's too late to
+    # report them.
+    my $error = "";
+    unless (-f $fullpath)  {
+        $error = $c->l("log_ERR_NOEXIST_FILE") . $fullpath;
+    }
+
+    local *FILE;
+    open(FILE, "<$fullpath")
+        or $error = $c->l("log_ERR_NOOPEN_FILE");
+    # Put other error checking here. 
+    return $error if $error;
+
+    # Fix the filename, as it might have a directory prefixed to it. 
+    my $filename = $log_datas{filename};
+    if ( $filename =~ m#/# ) {
+        $filename = (split /\//, $filename)[-1];
+    }
+
+    # And send the file.
+    my $nl = "\n";
+    if ($win32)  { $nl = "\r\n" }
+    elsif ($mac) { $nl = "\r" }
+
+    # Otherwise, send the file. Start with the headers.
+    # Note: The Content-disposition must be attachment, or IE will view the
+    # file inline like it's told. It ignores the Content-type, but it likes
+    # the Content-disposition (an officially unsupported header) for some
+    # reason. Yay Microsoft.
+
+    # compute file size first for the header !!
+
+    my @fileholder = ();
+    my $filesize = 0;
+
+    while (my $line = <FILE>) {
+        chomp $line;
+        my $linew = timestamp2local($line) . $nl;
+        $filesize += length($linew);
+        push @fileholder, $linew;
+    }
+    close(FILE);
+
+    # print header
+    print <<"EOF";
+Expires: 0
+Content-Type:application/octet-stream
+Content-Disposition:attachment;filename=$filename
+Content-Length:$filesize
+
+
+EOF
+    print @fileholder ;
+
+    return undef;
+}
+
+
+1;
+
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/I18N/en.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/I18N/en.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/I18N/en.pm     2020-02-16 00:27:54.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/I18N/en.pm 2020-02-26 23:05:47.000000000 +0400
@@ -964,7 +964,7 @@
 'hos_HOSTNAME_VALIDATOR_ERROR' => 'Error: unexpected characters in host name: "[_1]". The host name should contain only 
 letters, numbers, and hyphens and must start with a letter or a number. ',
 
-'log_View log files' => 'View log files',
+'log_FORM_TITLE' => 'View log files',
 'log_FIRSTPAGE_DESC' => 'This panel allows you to view or download the log files generated
 by the services running on your server.',
 'log_LOG_FILE_SELECT_DESC' => 'Choose a log file to view',
@@ -1003,6 +1003,755 @@
 will appear.',
 'log_DOWNLOAD_FILE' => 'Preparing to download the logfile [_1].',
 
+
+'bac_BACKUP_TITLE' => 'Backup or restore server data',
+'bac_BACKUP_DESC' => '<P>The server provides two ways to back up and restore
+your server: using your local desktop or a tape drive.</P>
+<P>The first method creates a copy of your server configuration and user
+data files, and downloads it to your local desktop via your web browser.
+Currently your configuration and data files total approximately
+<b>$tarsize</b>. The backup file will be somewhat less than this,
+depending on how compressible the data are. The \"Verify desktop backup
+file\" option can be used to check the integrity of a desktop backup
+file.</P>
+<P>The tape backup method uses a software package called <I>$module</I>
+to back up your entire hard disk to tape every night. This requires a
+supported tape drive and a tape that is not write-protected. The backup
+is performed automatically at the selected time every night (with a
+reminder automatically e-mailed to the administrator during the day).
+Currently your hard disk contains <b>$dumpsize</b> of data.</P>
+<P>Both restore methods allow you to restore your configuration and user
+data files. <b>Ideally, the restore should be performed on a freshly
+installed server</b>.</P>',
+'bac_BACKUP_DESC_DAR' => '<P>Three ways are provided to back up and restore your 
+server: using a tape drive, using a network share or a local 
+removable disk, or using your local desktop.</P>
+<P>Tape Backup. This method uses a software package called <I>$module</I>
+to back up your entire hard disk to tape every night. This requires a
+supported tape drive and a tape that is not write-protected. The backup
+is performed automatically at the selected time every night (with a
+reminder automatically e-mailed to the administrator during the day).
+Currently your hard disk contains <b>$dumpsize</b> of data.</P>
+<P>Workstation backup. This method uses a software package called <I>dar</I>
+to back up your server configuration and data files to a network share 
+or a local removable disk such as a USB disk. 
+You can manage how many rotating sets of backups are kept,
+and how many incremental backups to have in each set. 
+The backup is performed automatically at the selected time every day. Currently 
+configuration and data files total approximately <b>$tarsize</b> uncompressed.
+Twice the compressed data size must be available on the backup share.</P>
+<P>Backup to Desktop. This method creates a copy of your server 
+configuration and user data files, and downloads it to your 
+local desktop via your web browser.
+Currently your configuration and data files total approximately
+<b>$tarsize</b>. The backup file will be somewhat less than this,
+depending on how much the data can be compressed. 
+This file can be used to restore the server from the console if you 
+copy it to a local removable disk such as a USB disk.</P>
+<P>All backup methods allow you to restore your configuration and user
+data files. Workstation backup provides individual file restore. <b>Ideally, 
+full restore should be performed on a freshly installed server</b>.</P>',
+'bac_BACKUP_CONFIG_STATUS' => 'Backup configuration and status',
+'bac_TAPE_BACKUPS_ENABLED' => 'Tape backups are currently <b>enabled</b>.',
+'bac_BACKUPS_RUN_AT' => 'Regular tape backups will run at: ',
+'bac_REMINDER_MESSAGE_AT' => 'Reminder messages will be sent at: ',
+'bac_TAPE_BACKUPS_DISABLED' => 'Tape backups are <b>disabled</b>',
+'bac_DESKTOP_BACKUP' => 'Backup to desktop',
+'bac_DESKTOP_RESTORE' => 'Restore from desktop',
+'bac_DESKTOP_VERIFY' => 'Verify desktop backup file',
+'bac_TAPE_CONFIGURE' => 'Configure tape backup',
+'bac_TAPE_RESTORE' => 'Restore from tape',
+'bac_RESTORE_IN_PROGRESS_BEGAN_AT' => 'A system restore is in progress. It began at: ',
+'bac_REFRESH_THIS_DISPLAY' => 'Refresh this display',
+'bac_CONFIGURE_TAPE_BACKUP' => 'Configure tape backup',
+'bac_RESTORE_COMPLETED' => 'A system restore has completed',
+'bac_STARTED_AT' => 'It began at: ',
+'bac_FINISHED_AT' => 'and finished at: ',
+'bac_YOU_MUST_REBOOT' => 'You must reboot the server to activate any configuration changes that were
+made as a result of this restore.',
+'bac_REBOOT' => 'Reboot',
+'bac_SELECT_AN_ACTION' => 'Select an action',
+'bac_X_BACKUP_OR_RESTORE' => 'X Backup or restore server data',
+'bac_ERR_PRE_BACKUP' => 'Error occurred during pre-backup actions.',
+'bac_ERR_PRE_RESTORE' => 'Error occurred during pre-restore actions.',
+'bac_ERR_POST_BACKUP' => 'Error occurred during post-backup actions.',
+'bac_RESTORE_SERVER_CONFIG' => 'Restore server configuration',
+'bac_DESKTOP_RESTORE_DESC' => 'This process will upload a server backup file from your local desktop to your server and restore the configuration and user data files. <B>The restore should be performed on a freshly installed server</B>.',
+'bac_FREE_SPACE' => 'You have approximately $tmpfree free space on the server.
+Check that desktop backup file is less than $halffree before
+commencing the restore.',
+'bac_MUST_REBOOT_AFTER_RESTORE' => 'After the restore completes you must reboot the server.',
+'bac_FILE_TO_RESTORE' => 'Backup file to restore from',
+'bac_VERIFY_BACKUP_DESC' => '
+<p>This option will display the names of all files
+in a previously created desktop backup file. You
+can use this option to verify the contents of the
+backup file.</p> ',
+'bac_SELECT_BACKUP_FILE' => 'Select backup file',
+'bac_VERIFY' => 'Verify',
+'bac_RESTORE_CANNOT_PROCEED' => 'Unable to proceed with restore of server configuration',
+'bac_ANOTHER_RESTORE_IN_PROGRESS' => 'Another restore is in progress. Please try again later.',
+'bac_RESTORE_IN_PROGRESS' => 'Restore in progress',
+'bac_RESTORE_IN_PROGRESS_DESC' => 'After the restore completes you must reboot the server. Your restore is
+complete when the words "Restore complete" appear at the bottom of your screen.
+',
+'bac_FILES_HAVE_BEEN_RESTORED' => 'The following files and directories have been restored:',
+'bac_RESTORE_FAILED_MSG' => 'Restore failed! There was an error in reading the backup file.',
+'bac_RESTORE_COMPLETE' => 'Restore complete',
+'bac_ERR_RESTORING_GID' => 'Error occurred while restoring gid of \'www\'',
+'bac_ERR_RESTORING_INITIAL_GRP' => 'Error occurred while restoring initial group of \'www\'.',
+'bac_RESTORE_FAILED' => 'Restore failed! The backup file was incomplete.',
+'bac_COULD_NOT_EXEC_PIPELINE' => 'Could not execute backup pipeline: ',
+'bac_COULD_NOT_DECODE' => 'Could not decode backup file: ',
+'bac_FILES_IN_BACKUP' => 'The following files are considered in the backup :',
+'bac_VERIFY_COMPLETE' => 'Verification is complete',
+'bac_BACKUP_FILE_INCOMPLETE' => 'The backup file was incomplete',
+'bac_ERR_READING_FILE' => 'There was an error in reading the backup file.',
+'bac_ENABLE_DISABLE_TAPE' => 'Enable/Disable Nightly Tape Backup',
+'bac_TAPE_CONFIG_DESC' => '<p>Select whether you wish to enable nightly backups. Then indicate the
+desired times for the backup and the load tape reminder.</p> <p>The tape
+backup requires a supported tape drive. A warning message will be sent to
+the administrator at the designated reminder time if the tape drive is
+empty.</p>',
+'bac_ENABLE_TAPE_BACKUP' => 'Enable tape backup',
+'bac_TAPE_BACKUP_TIME' => 'Tape backup time of day (hour/min)',
+'bac_LOAD_TAPE_REMINDER_TIME' => 'Load tape reminder time of day (hour/min)',
+'bac_AM/PM' => 'AM/PM',
+'bac_AM' => 'AM',
+'bac_PM' => 'PM',
+'bac_UPDATE_CONF' => 'Update',
+'bac_UPDATING_TAPE_CONF' => 'Updating tape backup configuration',
+'bac_ERR_INVALID_HOUR' => 'Error: invalid backup hour: ',
+'bac_BETWEEN_0_AND_12' => 'Please choose an hour between 0 and 12.',
+'bac_ERR_INVALID_MINUTE' => 'Error: invalid backup minute: ',
+'bac_BETWEEN_0_AND_59' => 'Please choose a minute between 0 and 59.',
+'bac_ERR_INVALID_REMINDER_HOUR' => 'Error: invalid reminder hour: ',
+'bac_ERR_INVALID_REMINDER_MINUTE' => 'Error: invalid reminder minute: ',
+'bac_ERR_CONF_BACKUP' => 'Error occurred during conf-backup event.',
+'bac_SUCCESSFULLY_ENABLED_TAPE' => 'Successfully enabled tape backups',
+'bac_WITH_BACKUP_TIME' => 'with backup time: ',
+'bac_WITH_REMINDER_TIME' => 'and load tape reminder time: ',
+'bac_SUCCESSFULLY_DISABLED' => 'Successfully disabled tape backups',
+'bac_RESTORE_CONF_FROM_TAPE' => 'Restore server configuration from tape backup',
+'bac_RESTORE_CONF_FROM_TAPE_DESC' => '<P>This process will restore the configuration and user data files from a
+server tape backup. <B>The restore should be performed on a freshly installed server</B>.</P>
+<P>Ensure that you have loaded the desired backup tape into the tape drive
+before proceeding.</P>
+<P>After the restore completes you must reboot the server.</P>',
+'bac_RESTORE_FROM_TAPE' => 'Restore From Tape',
+'bac_UNABLE_TO_RESTORE_CONF' => 'Unable to restore server configuration',
+'bac_RESTORING_FROM_TAPE' => 'Restoring From Tape',
+'bac_NOW_RESTORING_FROM_TAPE' => 'Your server configuration and user data
+files are now being restored from tape.',
+'bac_ERR_RESTORING_FROM_TAPE' => 'Error occurred restoring files from tape.',
+'bac_ERR_UPDATING_CONF_AFTER_TAPE_RESTORE' => 'Error occurred while updating system configuration after tape 
+restore.',
+'bac_COULD_NOT_FORK' => 'Could not fork: ',
+'bac_SERVER_REBOOT' => 'Server reboot',
+'bac_SERVER_WILL_REBOOT' => 'Your server will now reboot.',
+'bac_NO_UID_FOR_NAME' => 'Could not get uid for user named: ',
+'bac_PAGE_REFRESH_IN' => 'This page will refresh to the status display in {$sec} seconds, or
+click <a href="/server-manager/cgi-bin/backup">here</a>.',
+'bac_Backup or restore' => 'Backup or restore',
+'bac_BACKUP_DESKTOP_TOO_BIG' => '<div class="error">
+Your server has too much data for a reliable backup to desktop.
+</div>',
+'bac_WORKSTN_BACKUPS_DISABLED' => 'Workstation backups are <b>disabled</b>',
+'bac_WORKSTN_BACKUPS_ENABLED' => 'Workstation backups are currently <b>enabled</b>.',
+'bac_WKBACKUPS_RUN_AT' => 'Regular workstation backups will run at: ',
+'bac_WORKSTN_CONFIGURE' => 'Configure workstation backup',
+'bac_WORKSTN_VERIFY' => 'Verify workstation backup',
+'bac_WORKSTN_RESTORE' => 'Restore from workstation',
+'bac_CONFIGURE_WORKSTN_BACKUP' => 'Configure Workstation Backup',
+'bac_ENABLE_DISABLE_WORKSTN' => 'Enable/Disable Daily Workstation Backup',
+'bac_ENABLE_WORKSTN_BACKUP' => 'Enable Workstation Backup',
+'bac_WORKSTN_BACKUP_TIME' => 'Workstation backup time of day (hour/min)',
+'bac_UPDATING_WORKSTN_CONF' => 'Updating workstation backup configuration',
+'bac_SUCCESSFULLY_ENABLED_WORKSTN' => 'Successfully enabled workstation backups',
+'bac_SUCCESSFULLY_DISABLED_WORKSTN' => 'Successfully disabled workstation backups',
+'bac_VERIFY_WORKSTN_BACKUP_FILE' => 'Verify workstation backup',
+'bac_VERIFY_WORKSTN_BACKUP_DESC' => '<p>This option will display the names of all files
+in a previously created workstation daily backup. You
+can use this option to verify the contents of the
+backup.<b>You must choose the backup you want to verify</b></p>
+<p>Only files flagged with [Saved] are contained in the backup.</p>
+<br/>Backup files are verified from shared folder :',
+'bac_RESTORE_CONF_FROM_WORKSTN' => 'Restore server configuration from workstation backup',
+'bac_RESTORE_CONF_FROM_WORKSTN_DESC' => '<p>This process will restore the configuration and user data files from a
+Server workstation backup. <b>The restore
+should be performed on a freshly installed Server</b>.</p>
+<p>Ensure that choose the right backup to restore below
+before proceeding.</p>
+<p>After the restore completes you must reboot the server.</p>
+Backup will be restored from : ',
+'bac_RESTORE_FROM_WORKSTN' => 'Restore From Workstation',
+'bac_RESTORING_FROM_WORKSTN' => 'Restoring From Workstation',
+'bac_NOW_RESTORING_FROM_WORKSTN' => 'Your server configuration and user data
+files are now being restored from workstation shared folder.',
+'bac_ERR_RESTORING_FROM_WORKSTN' => 'Error occurred restoring files from workstation.',
+'bac_ERR_UPDATING_CONF_AFTER_WORKSTN_RESTORE' => 'Error occurred while updating system configuration after workstation 
+restore.',
+'bac_WORKSTN_NAME' => 'Workstation IP or hostname',
+'bac_WORKSTN_BACKUP_SETTINGS' => 'Workstation Backup Settings',
+'bac_SHARED_FOLDER_NAME' => 'Backup share',
+'bac_WORKSTN_LOGIN' => 'Login name',
+'bac_WORKSTATION_BACKUP_DEST' => 'Backup workstation settings',
+'bac_CONFIGURE_WORKSTN_BACKUP_DESC' => 'You can set the number of 
+successive backup sets to keep on the workstation, with automatic rotation. 
+Each set may contain saved data for several consecutive days.
+In this case first backup of the set is full backup, others daily backups are 
+incremental. You can also set a time limit for each backup session or for incremental 
+backups only. When this limit occurs, backup is cleanly stopped and the next 
+incremental backup will safely continue with unsaved and modified datas.',
+'bac_ERR_INVALID_WORKSTN' => 'Invalid Workstation IP or Hostname ',
+'bac_ERR_INVALID_FOLDER' => 'Invalid share name',
+'bac_ERR_INVALID_LOGIN' => 'Invalid Login',
+'bac_ERR_INVALID_PASSWORD' => 'Invalid Password',
+'bac_ERR_ALREADY_MOUNTED' => 'Backup directory is already mounted',
+'bac_ERR_MOUNTING_SMBSHARE' => 'Unable to mount workstation shared folder',
+'bac_ERR_NOT_MOUNTED' => 'Backup directory is not mounted',
+'bac_WORKSTN_NOT_SET' => 'You must first correctly configure your workstation backup',
+'bac_NO_BACKUPS_TO_RESTORE' => 'There is no backup set on configured workstation shared folder. Verify your configuration settings.',
+'bac_NUMBER_OF_SETS' => 'Number of rotating backup sets',
+'bac_NUMBER_OF_FILES_IN_SET' => 'Daily backups in each set',
+'bac_ERR_INVALID_SETS_NUMBER' => 'Sets number must be 1 or greater',
+'bac_ERR_INVALID_FILES_IN_SET_NUMBER' => 'This number must be 1 or greater. First backup in set is <b>full</b> others are <b>incrementals</b>',
+'bac_WORKSTN_TIMEOUT' => 'Optional backup session timeout (hours)',
+'bac_INC_ONLY_TIMEOUT' => 'Don\'t timeout full backup sessions',
+'bac_ERR_INVALID_TIMEOUT' => 'Maximum backup time must be set between 1 and 24 hours',
+'bac_ERR_NO_HOST_DIR' => 'No directory for your host in shared folder. Maybe your host name is different from backup ones',
+'bac_ERROR_READING_FILE' => 'Error while reading files from',
+'bac_WORKSTN_SEL_RESTORE' => 'Selective file restore from workstation',
+'bac_WORKSTN_SELECTIVE_RESTORE' => 'Workstation selective file restore',
+'bac_ALL_BACKUPS' => 'All backups',
+'bac_WORKSTN_SEL_REST_DESC' => 'This process will restore only specified files and directories. You must first choose 
+the backup from which the files will be restored. If you don\'t know in which backup 
+are the required files, you can select \'All backups\' option. <br/><br/>
+The next panel will display available files and directories, 
+so you can choose the ones to restore. To restrict the number of files and directories 
+displayed in this panel, you have the option to give now a filtering expression, 
+applied as a regular expression to the displayed names.<br/><br/>
+You have the responsibility not to restore files which could break the
+functioning of your server.<br/> <br/>Currently, files will be restored from :',
+'bac_BACKUP_CHOICE' => 'Selecting files to display',
+'bac_SELECT_DATE_BEFORE' => 'Restore most recent before',
+'bac_FILTER_EXPRESSION' => 'Names filtered by',
+'bac_READ_COMPLETE' => 'You can choose all the directories and files you want to restore in the displayed list 
+(use ctrl or shift for multiple selection). <br/> <b>Warning :</b> If you select a directory, 
+all contained files and directories will be restored.<p/>
+By default the most recent version of selected files is restored, but if you specify a date 
+in the format <i>[ [ [yyyy/]mm/]dd-]hh:mm[:ss]</i> the process 
+will restore only the most recent version modified <b>before the given date</b>.',
+'bac_ERR_INVALID_SELDATE' => 'Date format is invalid, must be [ [ [yyyy/]mm/]dd-]hh:mm[:ss]. ie: 2005/12/31-08:23:32 or 
+10-08:32 or 08:32',
+'bac_SELECT_FILES_TO_RESTORE' => 'Select files to restore',
+'bac_ERR_WHILE_UNMOUNTING' => 'Error occurs when unmounting distant share',
+'bac_ERR_DAR_CATALOG' => 'Error when using Dar catalog',
+'bac_COMPRESSION_LEVEL' => 'Backup compression level [0-9]',
+'bac_FULL_ONLY_ON' => 'Full backup is allowed on',
+'bac_ERR_INVALID_COMPRESSION' => 'Compression level must be set between 0 (no compression) and 9 (maximum compression)',
+'bac_DOW' => 'Sunday Monday Tuesday Wednesday Thursday Friday Saturday Everyday',
+'bac_CONFIGURATION_TO_BE_DONE' => 'Please configure the backup settings.',
+'bac_WORKSTN_BACKUP_DESC' => '<p>This panel displays the present workstation backup configuration. You can 
+change it in this panel and the next one.</p><p/>',
+'bac_WORKSTN_BACKUP_NOT_CONFIGURED' => '<p>Presently, workstation backup is not configured. You can set this configuration
+with this panel and the next one.</p><p/>',
+'bac_WORKSTN_BACKUP_ENABLED' => 'Backup is ',
+'bac_WORKSTN_BACKUP_USB' => 'Backup is made on local removable disk',
+'bac_WORKSTN_BACKUP_MNT' => 'Backup is made on mounted disk',
+'bac_WORKSTN_BACKUP_HOST' => 'Backup is made on LAN workstation ',
+'bac_WORKSTN_BACKUP_VFSTYPE' => ' via ',
+'bac_WORKSTN_BACKUP_SHARE' => 'Destination backup share folder is ',
+'bac_WORKSTN_BACKUP_TOD' => 'Daily backup occurs at ',
+'bac_LOGIN' => 'Login is ',
+'bac_PASSWORD' => 'Password is ',
+'bac_WORKSTN_BACKUP_SETSNUM' => 'Number of rotating backup sets is ',
+'bac_WORKSTN_BACKUP_DAYSINSET' => 'Number of daily backups contained in each set is ',
+'bac_WORKSTN_BACKUP_COMPRESSION' => 'Compression level (0-9) of backup is ',
+'bac_WORKSTN_BACKUP_TIMEOUT' => 'Each daily backup session is cleanly timed out after ',
+'bac_WORKSTN_BACKUP_INCONLY_TIMEOUT' => 'except full backups which are cleanly timed out after 24 hours',
+'bac_WORKSTN_FULL_BACKUP_EVERYDAY' => 'Full backup sessions (new backup set) are allowed everyday',
+'bac_WORKSTN_FULL_BACKUP_DAY' => 'Full backup session (new backup sets) is allowed only on',
+'bac_WORKSTATION_BACKUP_SETCONF' => 'Create or modify workstation backup configuration',
+'bac_SELECT_VFS_TYPE' => 'Select the type of share for backup destination',
+'bac_ERR_NO_USB_DISK' => 'Error : No removable disk available. Please connect a removable disk or select another type of workstation backup.',
+'bac_ERR_NO_MOUNTED_DISK' => 'Error : No mounted disk available. Please mount a disk or select another type of workstation backup.',
+'bac_HOURS' => 'hours.',
+'bac_ERR_NO_FULL_BACKUP' => 'Aborting restore because needed full backup is missing or unreadable.',
+'bac_ERR_NO_INC_BACKUP' => 'Aborting restore because the set has missing or unreadable incremental backup number',
+'bac_CHECK_TO_VERIFY_FULL_RESTORE' => 'Check here to test integrity of all backups needed for a full restore with the selected backup ',
+'bac_TESTING_NEEDED_BACKUPS_FOR_RESTORE' => 'Testing all backups needed for a full restore with selected backup',
+'bac_TESTED_BACKUP' => 'Testing integrity of backup',
+'bac_RESTORE_VERIFY_FAILED' => 'Verify integrity failed',
+'bac_CHECK_INTEGRITY_WARNING' => 'Warning : For large backups, checking integrity may be a long task and should be made with daily workstation backup disabled.',
+'bac_cifs' => 'cifs',
+'bac_nfs' => 'nfs',
+'bac_local removable disk' => 'Local removable disk',
+'bac_Mounted disk' => 'Mounted disk',
+'bac_ERROR_WHEN_TESTING_REMOTE_SERVER' => 'The parameters have been saved, however the remote host is not reachable, please check your settings.',
+
+
+'mai_FORM_TITLE' => 'E-mail settings',
+'mai_E-mail' => 'E-mail',
+'mai_SUCCESS' => 'The new e-mail settings have been saved.',
+'mai_NEVER' => 'not at all',
+'mai_EVERY5MIN' => 'Every 5 minutes',
+'mai_EVERY15MIN' => 'Every 15 minutes',
+'mai_EVERY30MIN' => 'Every 30 minutes',
+'mai_EVERYHOUR' => 'Every hour',
+'mai_EVERY2HRS' => 'Every 2 hours',
+'mai_STANDARD' => 'Standard (SMTP)',
+'mai_ETRN' => 'ETRN (SMTP with client request)',
+'mai_DEFAULT' => 'Default',
+'mai_SPECIFY_BELOW' => 'Specify below',
+'mai_MULTIDROP' => 'multi-drop',
+'mai_LABEL_MODE' => 'E-mail retrieval mode',
+'mai_DESC_MODE' => 'The e-mail retrieval mode can be set to
+standard (for dedicated Internet connections), ETRN (recommended
+for dialup connections), or multi-drop (for dialup connections if
+ETRN is not supported by your Internet provider). Note that
+multi-drop mode is the only option available when the server is
+configured in private server and gateway mode.',
+'mai_LABEL_DELEGATE' => 'Address of internal mail server',
+'mai_DESC_DELEGATE' => '<hr class="sectionbar" /><h2>Delegate mail servers</h2> Your
+server includes a complete, full-featured e-mail server. However,
+if for some reason you wish to delegate e-mail processing to
+another system, specify the IP address of the delegate system
+here. For normal operation, leave this field blank.',
+'mai_LABEL_SECONDARY' => 'Secondary mail server',
+'mai_DESC_SECONDARY' => '<hr class="sectionbar" /><h2>ETRN or multi-drop settings</h2> For
+ETRN or multi-drop, specify the hostname or IP address of your
+secondary mail server. (If using the standard e-mail setup, this
+field can be left blank.)',
+'mai_DESC_FETCH_PERIOD' => 'For ETRN or multi-drop, you can control how frequently this server
+contacts your secondary e-mail server to fetch e-mail. More
+frequent connections mean that you receive your e-mail more
+quickly, but also cause Internet requests to be sent more often,
+possibly increasing your phone and Internet charges.',
+'mai_LABEL_FETCH_PERIOD' => 'During office hours (8:00 AM to 6:00 PM) on weekdays',
+'mai_LABEL_FETCH_PERIOD_NIGHTS' => 'Outside office hours (6:00 PM to 8:00 AM) on weekdays',
+'mai_LABEL_FETCH_PERIOD_WEEKENDS' => 'During the weekend',
+'mai_DESC_POP_ACCOUNT' => 'For multi-drop e-mail, specify the POP user account and password.
+(If using standard or ETRN e-mail, these fields can be blank.)
+Also, for multi-drop, you can either use the default mail sorting
+method, or you can specify a particular message header to use for
+mail sorting.',
+'mai_LABEL_POP_PASS' => 'POP user password (for multi-drop)',
+'mai_LABEL_POP_ACCOUNT' => 'POP user account (for multi-drop)',
+'mai_LABEL_SORT_METHOD' => 'Select sort method (for multi-drop)',
+'mai_LABEL_SORT_HEADER' => 'Select sort header (for multi-drop)',
+'mai_LABEL_FETCH_PROTO' => 'Protocol (for multi-drop)',
+'mai_LABEL_FETCH_SECURE' => 'Tunnel over SSL (for multi-drop)',
+'mai_AUTO' => 'Automatic',
+'mai_ENABLED_BOTH' => 'Allow both HTTP and HTTPS',
+'mai_ENABLED_SECURE_ONLY' => 'Allow HTTPS (secure)',
+'mai_ONLY_LOCAL_NETWORK_SSL' => 'Allow HTTPS (secure) from local networks',
+'mai_INSECURE_POP3' => 'Allow both POP3 and POP3S',
+'mai_ALLOW_PRIVATE' => 'Allow private',
+'mai_SECURE_POP3' => 'Allow private and public (secure POP3S)',
+'mai_INSECURE_IMAP' => 'Allow both IMAP and IMAPS',
+'mai_SECURE_IMAP' => 'Allow private and public (secure IMAPS)',
+'mai_INSECURE_SMTP' => 'Allow both SMTP and SSMTP',
+'mai_SECURE_SMTP' => 'Allow SSMTP (secure)',
+'mai_LABEL_POP_ACCESS_CONTROL' => 'POP3 server access',
+'mai_LABEL_IMAP_ACCESS_CONTROL' => 'IMAP server access',
+'mai_LABEL_SMTP_AUTH_CONTROL' => 'SMTP authentication',
+'mai_FORWARD_TO_ADMIN' => 'Send to administrator',
+'mai_FORWARD_TO' => 'Send to',
+'mai_RETURN_TO_SENDER' => 'Reject',
+'mai_LABEL_UNKNOWN' => 'E-mail to unknown users',
+'mai_DESC_UNKNOWN' => '<h2>Unknown Users</h2>
+Selecting Reject (recommended setting) will configure the server to only
+accept mail for valid email addresses (for example users, groups, pseudonyms).
+Mail for other addresses will be rejected.',
+'mai_LABEL_SMARTHOST' => 'Address of Internet provider\'s mail server',
+'mai_DESC_SMARTHOST' => '<hr class="sectionbar" /><h2>SMTP server</h2>
+The server can deliver outgoing messages directly to their
+destination (recommended in most cases) or can deliver them via
+your Internet provider\'s SMTP server (recommended if you have an
+unreliable Internet connection or are using a residential Internet
+service). If using your Internet provider\'s SMTP server, specify
+its hostname or IP address below. Otherwise leave this field
+blank.',
+'mai_INVALID_SMARTHOST' => 'The smarthost name you entered is not a valid internet domain name
+and is not blank',
+'mai_DESC_POP_ACCESS_CONTROL' => 'You can control POP3 server access. The setting \'Allow access
+only from local networks\' allows POP3 access only from your
+local network(s). The POP3S setting can be used to provide
+encrypted external access to your POP3 server. We recommend
+leaving this setting \'Allow access only from local networks\'
+unless you have a specific reason to do otherwise.',
+'mai_DESC_IMAP_ACCESS_CONTROL' => 'You can control IMAP server access. The setting \'Allow access
+only from local networks\' allows IMAP access only from your
+local network(s). The IMAPS setting can be used to provide
+encrypted external access to your IMAP server. We recommend
+leaving this setting \'Allow access only from local networks\'
+unless you have a specific reason to do otherwise.',
+'mai_DESC_SMTP_AUTH_CONTROL' => 'You can provide authenticated access to your SMTP server, or 
+set it to Disabled.
+The SSMTP setting requires <b>all</b> users to use SSL/TLS 
+authentication. The SMTP and SSMTP option additionally allows 
+STARTTLS to be used to ensure secure authentication.',
+'mai_DESC_WEBMAIL' => 'You can enable or disable webmail on this system. Webmail allows
+users to access their mail through a regular web browser by
+pointing the browser to https://{$FQDN}/webmail,and 
+ logging in to their account.',
+'mai_LABEL_WEBMAIL' => 'Webmail access',
+'mai_LABEL_BLOCK_EXECUTABLE_CONTENT' => 'Executable content blocking',
+'mai_LABEL_CONTENT_TO_BLOCK' => 'Content to block',
+'mai_DESC_BLOCK_EXECUTABLE_CONTENT' => 'You can block executable content in e-mail attachments
+by highlighting the executable attachment types you wish to
+block. E-mail containing these attachment types will 
+be automatically returned to the sender.',
+'mai_UNACCEPTABLE_CHARS' => 'This field requires a valid e-mail address, which must include
+the @ symbol and a domain name.',
+'mai_DESC_STATE_ACCESS' => '<h2>E-mail access</h2>',
+'mai_DESC_STATE_ACCESS_BUTTON' => '<a class="button-like"
+href="emailsettings?page=0&page_stack=&Next=Next&wherenext=EMAIL_PAGE_ACCESS">Change e-mail access settings</a>',
+'mai_DESC_STATE_RECEPTION' => '<hr class="sectionbar" /><h2>E-mail reception</h2>',
+'mai_DESC_STATE_RECEPTION_BUTTON' => '<a class="button-like"
+href="emailsettings?page=0&page_stack=&Next=Next&wherenext=EMAIL_PAGE_RECEPTION">Change e-mail reception settings</a>',
+'mai_DESC_STATE_DELIVERY' => '<hr class="sectionbar" /><h2>E-mail delivery</h2>',
+'mai_DESC_STATE_DELIVERY_BUTTON' => '<a class="button-like"
+href="emailsettings?page=0&page_stack=&Next=Next&wherenext=EMAIL_PAGE_DELIVERY">Change e-mail delivery settings</a>',
+'mai_DESC_STATE_FILTERING_BUTTON' => '<a class="button-like"
+href="emailsettings?page=0&page_stack=&Next=Next&wherenext=EMAIL_PAGE_FILTERING">Change e-mail filtering settings</a>',
+'mai_LABEL_VIRUS_SCAN' => 'Virus scanning',
+'mai_DESC_VIRUS_SCAN' => 'You can scan incoming and outgoing e-mail for viruses. If scanning is enabled and a virus is detected, the e-mail will be rejected and returned to the
+sender.',
+'mai_LABEL_SPAM_SCAN' => 'Spam filtering',
+'mai_DESC_SPAM_SCAN' => 'You can scan e-mail for spam. If Spam filtering is
+enabled, an X-Spam-Status: header is added to each
+message, which can be used for filtering spam.
+You can adjust the sensitivity of the Spam detection
+process from the default of medium. For fine-grained
+control, you can set the Spam sensitivity to Custom
+and then choose a custom tagging level, and 
+optionally a level at which to reject the message.',
+'mai_LABEL_SPAM_SUBJECT' => 'SPAM subject prefix',
+'mai_DESC_SPAM_SUBJECT' => 'You can enable to add a tag to the subject of each
+message that is classified as SPAM.
+The value for this tag can be defined below.',
+'mai_LABEL_SPAM_SENSITIVITY' => 'Spam sensitivity',
+'mai_LABEL_SPAM_TAGLEVEL' => 'Custom spam tagging level',
+'mai_LABEL_SPAM_REJECTLEVEL' => 'Custom spam rejection level',
+'mai_LABEL_SPAM_SUBJECTTAG' => 'Modify subject of spam messages',
+'mai_LABEL_SORTSPAM' => 'Sort spam into junkmail folder',
+'mai_VERYHIGH' => 'Very high',
+'mai_HIGH' => 'High',
+'mai_MEDIUM' => 'Medium',
+'mai_LOW' => 'Low',
+'mai_VERYLOW' => 'Very low',
+'mai_CUSTOM' => 'Custom',
+'mai_LABEL_SMARTHOST_SMTPAUTH_STATUS' => 'SMTP Authentication for Internet provider',
+'mai_LABEL_SMARTHOST_SMTPAUTH_USERID' => 'Mail server user id',
+'mai_LABEL_SMARTHOST_SMTPAUTH_PASSWD' => 'Mail server password',
+'mai_VALIDATION_SMTPAUTH_NONBLANK' => 'This field cannot be left blank if SMTP Authentication is
+enabled.',
+
+'yum_Software installer' => 'Software installer',
+'yum_SUCCESS' => 'The new settings have been saved.',
+'yum_LABEL_YUM_STATUS' => 'Check for updates',
+'yum_LABEL_YUM_AUTOINSTALLUPDATES' => 'Automatically install updates',
+'yum_LABEL_YUM_AUTOINSTALLUPDATES_DESCRIPTION' => 'If enabled this will take precedence over the simple check for updates notification and predownload features. Instead it will install the available updates from enabled repositories. For more information refer to yum and yum-cron manual page.',
+'yum_LABEL_YUM_PACKAGEFUNCTIONS' => 'Manage individual packages',
+'yum_DESC_YUM_PACKAGEFUNCTIONS' => 'The software installer can manage groups of 
+related package or individual packages. By 
+default, only groups of packages are presented.
+If you wish to manage individual packages, 
+enable this option. This should only be done 
+by experienced administrators.',
+'yum_LABEL_ENABLED_REPOSITORIES' => 'Enabled repositories',
+'yum_DESC_ENABLED_REPOSITORIES' => 'The software installer can install software
+from any of enabled repositories. To enable
+a repository, select it from the list. 
+To disable a repository, de-select it from the list.
+By default, only stable, tested software is available
+for installation.',
+'yum_DESC_UPTODATE' => '<div class="success">
+<h2>This system is up to date.</h2>
+All updates have been installed.
+</div>',
+'yum_DESC_UPDATES_AVAILABLE' => '<div class="success">
+<h2>Updates Available</h2>
+There are updates available for your system. These updates 
+should be installed as soon as possible.
+</div>',
+'yum_LABEL_AVAILABLE_UPDATES' => 'Updates available',
+'yum_DESC_AVAILABLE_UPDATES' => 'The following updates are available for your system. 
+You should normally install all available updates. 
+If there are updates you do not wish to install, de-select
+them from the list below.',
+'yum_INSTALL_UPDATES' => 'Install selected updates',
+'yum_DESC_BUTTON_INSTALL_UPDATES' => '<a class="button-like"
+href="yum?page=0&page_stack=&Next=Next&wherenext=YUM_PAGE_INSTALL_UPDATES">List available updates</a>',
+'yum_HEADER_AVAILABLE_SOFTWARE' => 'The following software is available to be installed 
+onto your system. You should only install additional
+software onto this system if you are aware
+of the consequences of doing so.',
+'yum_DESC_AVAILABLE_GROUPS' => 'You can select software groups
+to install from the list below.',
+'yum_LABEL_AVAILABLE_GROUPS' => 'Available groups',
+'yum_DESC_AVAILABLE_PACKAGES' => 'You can also select individual packages 
+to install from the list below.',
+'yum_LABEL_AVAILABLE_PACKAGES' => 'Available packages',
+'yum_INSTALL_SOFTWARE' => 'Install',
+'yum_HEADER_INSTALLED_SOFTWARE' => 'The following software is installed 
+on this system. You should only remove
+software from this system if you are aware
+of the consequences of doing so.',
+'yum_DESC_INSTALLED_GROUPS' => 'You can select software groups
+to remove from the list below.',
+'yum_LABEL_INSTALLED_GROUPS' => 'Installed groups',
+'yum_DESC_INSTALLED_PACKAGES' => 'You can also select individual packages 
+you wish to remove from the list below.',
+'yum_LABEL_INSTALLED_PACKAGES' => 'Installed packages',
+'yum_DESC_BUTTON_CONFIGURATION' => '<a class="button-like"
+href="yum?page=0&page_stack=&Next=Next&wherenext=YUM_PAGE_CONFIGURATION">Change software installer settings</a>
+',
+'yum_DESC_BUTTON_INSTALL_AVAILABLE' => '<a class="button-like"
+href="yum?page=0&page_stack=&Next=Next&wherenext=YUM_PAGE_INSTALL_AVAILABLE">Install additional software</a>',
+'yum_DESC_BUTTON_REMOVE' => '<a class="button-like"
+href="yum?page=0&page_stack=&Next=Next&wherenext=YUM_PAGE_REMOVE">Remove installed software</a>',
+'yum_HEADER_POSTUPGRADE_REQUIRED' => ' The system needs to be reconfigured
+ after adding or removing software,
+ or applying updates. 
+<p>
+Please click on the Reconfigure button at the bottom of
+this page to start the reconfiguration process.
+ <b>An automatic reboot will be
+ initiated as part of this reconfiguration process</b>
+</p> ',
+'yum_SYSTEM_BEING_RECONFIGURED' => 'Your system is being automatically rebooted to 
+complete the reconfiguraton process.',
+'yum_1DAILY' => 'Daily',
+'yum_2WEEKLY' => 'Weekly',
+'yum_3MONTHLY' => 'Monthly',
+'yum_LABEL_YUM_DELTARPMPROCESS' => 'Delta Rpm Update',
+'yum_LABEL_YUM_DELTARPM' => 'A deltarpm contains the difference between an old and a new version of a rpm, 
+ which can save bandwith. The drawback is that update 
+ operations consume considerably more CPU cycles',
+'yum_LABEL_YUM_DOWNLOADONLY' => 'Predownload updates',
+'yum_LABEL_YUM_DOWNLOADONLY_DESCRIPTION' => 'The rpm updates can be downloaded during the night, 
+ this will ease and give faster the yum update process 
+ (only enabled repositories will be used).',
+
+
+'rma_FORM_TITLE' => 'Change remote access settings',
+'rma_DESCRIPTION' => 'For each of the options below, the private setting allows anyone
+from your local network to access your server. The
+public setting allows access from anywhere on the Internet. The no
+access setting disables access. To understand the security
+implications of changing these options from the default settings, you
+should read the user\'s guide section on remote access.',
+'rma_SUCCESS' => 'The new remote access settings have been saved.',
+'rma_NO_ACCESS' => 'No Access',
+'rma_PASSWORD_LOGIN_PRIVATE' => 'Accept passwords only from local networks',
+'rma_PASSWORD_LOGIN_PUBLIC' => 'Accept passwords from anywhere',
+'rma_LABEL_TELNET_ACCESS' => 'Telnet access',
+'rma_LABEL_FTP_ACCESS' => 'FTP access',
+'rma_LABEL_FTP_LOGIN' => 'FTP password access',
+'rma_LABEL_PPTP' => 'Number of PPTP clients',
+ 'rma_NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE' => 
+ 'The number of pptp clients is greater than the number of reserved IP for DHCP. You should take a smaller number.',
+'rma_LABEL_SSH_PORT' => 'TCP Port for secure shell access',
+'rma_LABEL_SSH' => 'Secure shell access',
+'rma_LABEL_SSH_ADMIN' => 'Allow administrative command line access over secure shell',
+'rma_LABEL_SSH_PASSWORD_ACCESS' => 'Allow secure shell access using standard passwords',
+'rma_TITLE_SSH' => 'Secure Shell Settings',
+'rma_DESC_SSH' => 'You can control Secure Shell access to your server.
+The public setting should only be enabled by 
+experienced administrators 
+for remote problem diagnosis and resolution. 
+We recommend leaving this
+parameter set to "No Access"
+unless you have a specific reason to do otherwise.',
+'rma_TITLE_FTP_ACCESS' => 'FTP Settings',
+'rma_DESC_FTP_ACCESS' => 'You can also control <b>FTP</b> access to your server. We
+recommend leaving this parameter set to \'no access\' unless you
+have a specific reason to do otherwise.
+<p>
+Note: these settings limit access to the server and override other 
+settings, including those for individual information bays.</p>',
+'rma_DESC_FTP_LOGIN' => 'You can also control authenticated FTP access to information
+bays and user accounts. We strongly recommend leaving this
+parameter set to private unless you have a specific reason to
+do otherwise.
+<p>
+Note: a secure shell sftp client can also be used to access the
+server, if remote access via the secure shell is enabled.
+This method of access protects the
+passwords and data of the FTP session, whereas standard FTP
+provides no protection.</p>',
+'rma_TITLE_PPTP' => 'PPTP Settings',
+'rma_DESC_PPTP' => 'You can allow PPTP access to your server. 
+You should leave this feature disabled by setting the value 
+to the number 0 unless you require PPTP access.',
+'rma_VALUE_ZERO_OR_POSITIVE' => 'Value must be zero or a positive integer',
+'rma_REMOTE_MANAGEMENT' => 'Remote Management',
+'rma_VALIDFROM_TITLE' => '[_1]',
+'rma_VALIDFROM_DESC' => 'It is possible to allow hosts on remote networks to access the
+server manager by entering those networks here. Use a subnet
+mask of 255.255.255.255 to limit the access to the specified host.
+Any hosts within the specified range will be able to access the
+server manager using HTTPS.',
+'rma_DESC_VALID_FROM_ENTRIES' => 'To add a new remote management network, 
+enter the details below.',
+'rma_SUBNET_MASK' => 'Subnet mask',
+'rma_NUM_OF_HOSTS' => 'Number of hosts',
+'rma_NO_ENTRIES_YET' => 'There are no entries yet',
+'rma_INVALID_SUBNET_MASK' => 'Invalid subnet mask',
+'rma_ERR_INVALID_PARAMS' => 'Either provide both a network and subnet mask, or leave both
+fields blank.',
+'rma_ERR_NO_RECORD' => 'Unable to locate httpd-admin record in configuration db',
+'rma_Remote access' => 'Remote access',
+'rma_LABEL_SERIAL_CONSOLE_ACCESS' => 'Serial console',
+'rma_DESC_SERIAL_CONSOLE_ACCESS' => ' <hr class="sectionbar" /><h2>Serial console</h2>
+You can allow access to the server console from a terminal
+connected to a server serial port.',
+'rma_PORT1_ENABLED' => 'Enabled on serial port 1',
+'rma_PORT2_ENABLED' => 'Enabled on serial port 2',
+'rma_LABEL_PPTP_ACCESS' => 'PPTP default user access',
+'rma_TITLE_TELNET_ACCESS' => 'Telnet Settings',
+'rma_DESC_TELNET_ACCESS' => 'WARNING:Telnet is currently enabled, but this feature is
+no longer supported.Telnet is inherently insecure and should only
+be used in circumstances where no practical alternative exists. You
+should change option to {$NO_ACCESS} and use
+secure shell if remote access is
+required.Once disabled, telnet will no longer appear on this 
+screen. ',
+'rma_TITLE_IPSECRW' => 'IPSEC Client (Roadwarrior) Settings',
+'rma_DESC_IPSECRW' => 'You can allow IPSEC client access to your server, authenticated by
+digital certificates. You should leave this feature disabled by setting the value 
+to the number 0 unless you require IPSEC client access.',
+'rma_LABEL_IPSECRW_SESS' => 'Number of IPSEC clients',
+'rma_DESC_IPSECRW_RESET' => 'If you wish to reset all digital certificates, you
+can do so here.<br>Any old certificates will no longer
+authenticate against the server, so <b><i>all IPSEC clients will
+need to import a new certificate!</i></b>.',
+'rma_LABEL_IPSECRW_RESET' => 'Reset digital certificates',
+
+'usr_FORM_TITLE' => 'Create, modify, or remove user accounts',
+'usr_FIRSTPAGE_DESC' => '<p>
+You can modify, lock or remove any account or reset the
+account\'s password by clicking on the
+corresponding command next to the account. 
+</p>
+<p>
+If the account is marked as locked, that means that the
+user\'s password needs to be reset. Please note
+that newly created accounts are automatically locked until
+the password is changed. 
+</p>',
+'usr_P2_TITLE' => 'Create or modify',
+'usr_CREATE_MODIFY_DESC' => '<p>
+The account name should contain only lower-case
+letters, numbers, hyphens, periods, underscores and should start with a
+lower-case letter. For example "betty",
+"hjohnson", and "mary-jane" are all valid account names,
+but "3friends", "John Smith", and "henry:miller" are not. 
+</p>
+<p>
+Note that two special pseudonyms will be created for each
+new account. These pseudonyms provide the ability to have
+alternative mail accounts for that
+user which include their first name and last name
+separated with a period (.) and underscore (_). So, for
+the account "betty" with first name "Betty" and
+last name "Rubble" two pseudonyms are created as
+betty.rubble and betty_rubble. 
+</p>
+<p>
+The directory information (department, company, etc.)
+can be changed from the defaults shown below. The
+changes will apply only to this user. 
+</p>',
+'usr_ADD_USER' => 'Add user account',
+'usr_MODIFY_ADMIN_TITLE' => 'Modify the admin account',
+'usr_USER_CREATED' => 'Successfully created user account. ',
+'usr_USER_MODIFIED' => 'Successfully modified user account. ',
+'usr_CANNOT_MODIFY_USER' => 'Error: an internal error occurred while attempting to modify
+the user "[_1]".', 
+'usr_CANNOT_MODIFY_USER_GROUPS' =>'Error: an internal error occurred while attempting to modify
+the group "[_1]" for user "[_2]".',
+'usr_TAINTED_USER' => 'The account name "[_1]" contains invalid characters.',
+'usr_ACCOUNT_NAME' => 'Account name',
+'usr_FIRSTNAME' => 'First name',
+'usr_LASTNAME' => 'Last name',
+'usr_DEPARTMENT' => 'Department',
+'usr_COMPANY' => 'Company',
+'usr_STREET_ADDRESS' => 'Street address',
+'usr_CITY' => 'City',
+'usr_PHONE_NUMBER' => 'Phone number',
+'usr_EMAIL_DELIVERY' => 'Email delivery',
+'usr_DELIVER_EMAIL_LOCALLY' => 'Deliver email locally',
+'usr_FORWARD_EMAIL' => 'Forward email to address below',
+'usr_DELIVER_AND_FORWARD' => 'Both deliver locally and forward',
+'usr_FORWARDING_ADDRESS' => 'Forwarding address',
+'usr_GROUP_MEMBERSHIPS' => 'Group memberships',
+'usr_RESET_DESC' => 'You are about to change the password for the user account "[_1]" ([_2])',
+'usr_RESET_DESC2' => 'Enter the new password in the fields below',
+'usr_ERR_OCCURRED_MODIFYING_PASSWORD' => 'An error occurred while updating the password',
+'usr_PASSWORD_CHANGE_SUCCEEDED' => 'Successfully changed password for user "[_1]".',
+'usr_LOCK_DESC' => 'You are about to lock the user account "[_1]" ([_2])',
+'usr_LOCKED_ACCOUNT' => 'Successfully locked account for user "[_1]".',
+'usr_NO_SUCH_USER' => 'Error: the user account "[_1]" does not exist.',
+'usr_PSEUDONYM_CLASH' => 'Error: the pseudonym "[_1]" is already taken by the
+existing user account "[_1]".To differentiate, add
+initials to this field.',
+'usr_LOCK_ACCOUNT' => 'Lock account',
+'usr_LOCK_ACCOUNT_TITLE' => 'Lock user account',
+'usr_LOCK_DESC2' => '
+This user account will be locked. This means that this user
+will not be able to log in, and will not be able
+to collect e-mail. Any e-mail arriving will still be stored
+and/or forwarded to an external e-mail address,
+as configured. The account may be activated in the future by
+setting a new password. The current
+password will not be retained.
+</p>
+<p>
+<b>Are you sure you wish to lock this account?</b>',
+'usr_REMOVE_ACCOUNT_TITLE' => 'Remove user account',
+'usr_REMOVE_DESC' => 'You are about to remove the user account "[_1]" ([_2])',
+'usr_REMOVE_DESC2' => 'All files belonging to this user account will be deleted.
+Also, any e-mail for this user account still
+remaining on the server (i.e. that has not yet been
+retrieved by the user) will be discarded.
+</p><p>
+<b>Are you sure you wish to remove this account?</b>',
+'usr_LOCK' => 'Lock',
+'usr_NO_USER_ACCOUNTS' => 'There are no user accounts on this system.',
+'usr_Users' => 'Users',
+'usr_ACCT_NAME_HAS_INVALID_CHARS' => 'The account name "[_1]" contains invalid characters.
+Account names must start with a lower case letter and contain
+only lower case letters, numbers, hyphens, periods and underscores.',
+'usr_ACCOUNT_TOO_LONG' => 'Error: account name is too long. The maximum is [_1]
+characters.',
+'usr_ACCOUNT_CONFLICT' => 'Error: the account "[_1]" can\'t be created because
+there is already a [_1] account of that name.',
+'usr_ERR_OCCURRED_CREATING' => 'An error occurred creating the user.',
+'usr_CANNOT_CONTAIN_WHITESPACE' => 'This field cannot contain white-space',
+'usr_UNACCEPTABLE_CHARS' => '
+This field must contain only letters, numbers, dots, hypens and
+underscores and start with a letter',
+'usr_MEMBER' => 'Member?',
+'usr_VPN_CLIENT_ACCESS' => 'VPN Client Access',
+'usr_SYSTEM_PASSWORD_FORM_TITLE' => 'Change system password',
+'usr_SYSTEM_PASSWORD_DESCRIPTION' => 'Certain services on this server installation require a
+username and password (for example this web page for the server manager
+application). The username is always admin. You can change the system
+password using the fields below.',
+'usr_SYSTEM_PASSWORD_UNPRINTABLES_IN_PASS' => 'Password must contain only printable characters',
+'usr_SYSTEM_PASSWORD_VERIFY_ERROR' => 'The two passwords are not identical.',
+'usr_SYSTEM_PASSWORD_AUTH_ERROR' => 'The current password is incorrect.',
+'usr_SYSTEM_PASSWORD_CHANGED' => 'The system password has been changed.',
+'usr_CURRENT_SYSTEM_PASSWORD' => 'Current system password',
+'usr_NEW_SYSTEM_PASSWORD' => 'New system password',
+'usr_NEW_SYSTEM_PASSWORD_VERIFY' => 'New system password (verify)',
+'usr_LABEL_IPSECRW_DOWNLOAD' => 'Download digital certificate to IPSec client',
+'usr_ERR_OCCURRED_DELETING' => 'An error occurred while trying to delete the user.',
+
 );
 
 
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr.pm     2020-01-24 23:45:10.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr.pm 2020-02-29 18:37:52.000000000 +0400
@@ -18,7 +18,8 @@
 
 our @ISA = qw(Exporter);
 
-our @EXPORT_OK = qw( init_session_cgi get_mod_url theme_list getNavigation );
+our @EXPORT_OK = qw( init_session_cgi get_mod_url theme_list 
+       getNavigation ip_number is_normal_password email_simple);
 
 
 my $config = plugin( 'Config' => { files => './conf/srvmngr.conf' });
@@ -248,4 +249,59 @@
 
 }
 
+
+sub ip_number {
+
+#  from CGI::FormMagick::Validator qw( ip_number );
+
+    my ($c, $data) = @_;
+
+    return undef unless defined $data;
+
+    return $c->l('FM_IP_NUMBER1') . " (" . $data . ")" unless $data =~ /^[\d.]+$/;
+
+    my @octets = split /\./, $data;
+    my $dots = ($data =~ tr/.//);
+
+    return $c->l('FM_IP_NUMBER2') unless (scalar @octets == 4 and $dots == 3);
+
+    foreach my $octet (@octets) {
+        return $c->l("FM_IP_NUMBER3", $octet) if $octet > 255;
+    }
+
+    return 'OK';
+}
+
+
+sub is_normal_password {
+
+#  from CGI::FormMagick::Validator qw( password );
+
+    my ($c, $data) = @_;
+    $_ = $data;
+    if (not defined $_) {
+        return $c->l("FM_PASSWORD1");
+    } elsif (/\d/ and /[A-Z]/ and /[a-z]/ and /\W|_/ and length($_) > 6) {
+        return "OK";
+    } else {
+        return $c->l("FM_PASSWORD2");
+    }
+}
+
+
+sub email_simple {
+    my ($c, $data) = @_;
+
+    use Mail::RFC822::Address;
+
+    if (not defined $data ) {
+        return $c->l("FM_EMAIL_SIMPLE1");
+       } elsif (Mail::RFC822::Address::valid($data)) {
+        return "OK";
+    } else {
+        return $c->l("FM_EMAIL_SIMPLE2");
+    }
+}
+
+
 1;
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/script/srvmngr.pl smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/script/srvmngr.pl
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/script/srvmngr.pl  2020-02-19 22:43:47.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/script/srvmngr.pl      2020-02-29 21:24:25.000000000 +0400
@@ -57,6 +57,7 @@
 $r->namespaces(['SrvMngr::Controller']);
 
 $r->get('/')->to('initial#main')->name('initial');
+
 $r->get('/bugreport')->to('bugreport#main')->name('bugreport');
 $r->post('/bugreport')->to('bugreport#do_report')->name('bugreport2');
 $r->post('/bugreportD')->to('bugreport#download_config_report')->name('bugreportD');
@@ -132,14 +133,23 @@
 $r->get('/reboot')->to('reboot#main')->name('reboot');
 $r->post('/reboot')->to('reboot#do_action')->name('rebootact');
 
+$r->get('/remoteaccess')->to('remoteaccess#main')->name('remoteaccess');
+$r->post('/remoteaccess')->to('remoteaccess#do_action')->name('remoteaccessact');
+
 $r->get('/review')->to('review#main')->name('review');
 $r->get('/starterwebsite')->to('starterwebsite#main')->name('starterwebsite');
 $r->post('/starterwebsite')->to('starterwebsite#do_site')->name('starterwebsite2');
 $r->get('/support')->to('support#main')->name('support');
 $r->post('/swttheme')->to('swttheme#main')->name('swttheme');
 
+$r->get('/useraccounts')->to('useraccounts#main')->name('useraccounts');
+$r->post('/useraccounts')->to('useraccounts#do_display')->name('useraccountadd');
+$r->get('/useraccountd')->to('useraccounts#do_display')->name('useraccountdis');
+$r->post('/useraccountd')->to('useraccounts#do_update')->name('useraccountupd');
+
 $r->get('/viewlogfiles')->to('viewlogfiles#main')->name('viewlogfiles');
 $r->post('/viewlogfiles')->to('viewlogfiles#do_action')->name('viewlogfiles2');
+$r->get('/viewlogfileR')->to('viewlogfiles#do_action')->name('viewlogfileR');
 
 $r->get('/wbl')->to('wbl#main')->name('wbl');
 $r->post('/wbl')->to('wbl#do_display')->name('wbldis');
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/public/css/styles.css smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/public/css/styles.css
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/public/css/styles.css       2020-02-19 22:44:47.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/public/css/styles.css   2020-02-29 20:40:32.000000000 +0400
@@ -52,8 +52,8 @@
     border-style: solid;
     border-color: red ; 
     padding: 2px;
-    margin-left: 20px;
-    margin-right: 20px;
+    margin-left: 10px;
+    margin-right: 10px;
     margin-top:0px;
     margin-bottom:0px;
 }
@@ -67,19 +67,6 @@
     position: fixed;
     margin-left: 40%;
 }
-/*
-label{
-       display: inline-block;
-       float: left;
-       clear: left;
-       width: 200px;
-       text-align: right;
-}
-data2 {
-       display: inline-block;
-       float: left;
-}
-*/
 
 label.field-with-error {
        color: #dd7e5e
@@ -90,38 +77,39 @@
 }
 
 span.label {
+    display: inline-block;
     font-weight: bold;
-    width: 20%;
+    background-color: #e8f3e1; /*lightgreen;*/
+    width: 30%;
+    text-align: right;
 }
 
 span.data {
     padding: 2px;
     font-weight: bold;
     margin-left: 0%;
-    background-color: lightblue;
+/*    background-color: lightblue;*/
 }
 
 span.data2 {
     padding: 2px;
     font-weight: bold;
-    background-color: lightblue;
+/*    background-color: lightblue; */
 }
 
 input.action {
     margin-left: 0px;
-    color: green;
-    background-color: lightgreen;
+    color: darkgreen;
+    background-color: #bee6a2; /*lightgreen;*/
 }
 #modul.desc {
     padding: 3px;
     background-color: grey;
 }
 
-/* #modul form .input  */
-
 [type = 'text'] {
     margin-left: 0px;
-    background-color: lightblue;
+    /*background-color: lightblue;*/
 }
 
 .a, .return {
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/not_found.development.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/not_found.development.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/not_found.development.html.ep     2020-01-22 21:59:41.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/not_found.development.html.ep 2020-02-19 20:55:48.000000000 +0400
@@ -1,4 +1,4 @@
-% layout 'default', title => 'Sme server 2 - Error D', share_dir => '';
+% layout 'defaultlight', title => 'Sme server 2 - Error D', share_dir => '';
 
 % content_for 'module' => begin
 
@@ -8,7 +8,7 @@
         "<%= $self->req->url->path || '/' %>"
         could not be found.
     <br>dev<br>
-       %= link_to Initial => '/'
+       %= link_to Initial => '/Initial'
     </p>
 </div>
 
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/not_found.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/not_found.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/not_found.html.ep 2020-01-22 15:34:30.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/not_found.html.ep     2020-02-19 20:56:00.000000000 +0400
@@ -1,4 +1,4 @@
-% layout 'default', title => 'Sme server 2 - Error P', share_dir => '';
+% layout 'defaultlight', title => 'Sme server 2 - Error P', share_dir => '';
 <div id="central">
     <p><br><br>
         The page you were requesting
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_del.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_del.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_del.html.ep 1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_del.html.ep     2020-02-27 23:04:11.000000000 +0400
@@ -0,0 +1,28 @@
+<div id='usr_del'>
+
+    %  my $btn = l('REMOVE');
+
+    %= form_for '/useraccountd' => (method => 'POST') => begin
+       <p>
+       <h2>
+       %=l 'usr_REMOVE_ACCOUNT_TITLE'
+       </h2>
+       
+       <br>
+       %= $c->l('usr_REMOVE_DESC', $usr_datas->{user}, $usr_datas->{name} );
+       <br>
+       %= $c->render_to_string(inline => $c->l('usr_REMOVE_DESC2'))
+       </p>
+
+       <p>
+       <br>
+       %= submit_button "$btn", class => 'action'
+       </p>
+
+       %= hidden_field 'trt' => $usr_datas->{trt}
+       %= hidden_field 'user' => $usr_datas->{user}
+       %= hidden_field 'name' => $usr_datas->{name}
+       
+    % end    
+
+</div>
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_list.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_list.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_list.html.ep        1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_list.html.ep    2020-02-29 19:22:59.000000000 +0400
@@ -0,0 +1,92 @@
+<div id='usr_list'>
+
+
+    % my $btn = l('usr_ADD_USER');
+
+    %= form_for '/useraccounts' => (method => 'POST') => begin
+
+       <p>
+       <br>
+       %= submit_button "$btn", class => 'action'
+       </p>
+
+    % end    
+
+       <p>
+       %= $c->render_to_string(inline => $c->l('usr_FIRSTPAGE_DESC'))
+       <br>
+       </p>
+       
+    %  my $numUsers = @$users;
+    %  if ($numUsers == 0){
+        %=l 'usr_NO_USER_ACCOUNTS'
+    %  } else {
+       <table class="sme-border"><tbody>
+       <tr>
+           <th class='sme-border'>
+           %=l 'ACCOUNT'
+           </th>
+           <th class='sme-border'>
+           %=l 'USER_NAME'
+           </th>
+           <th class='sme-border'>
+           %=l 'usr_VPN_CLIENT_ACCESS'
+           </th>
+           <th class='sme-border'>
+           %=l 'usr_FORWARDING_ADDRESS'
+           </th>
+           <th class='sme-border' colspan='4'>
+           %=l 'ACTION'
+           </th>
+       </tr>
+       
+    %    foreach my $user (sort @$users) {
+
+    %        my $username = $user->key();
+    %        my $first    = $user->prop('FirstName');
+    %        my $last     = $user->prop('LastName');
+    %        my $lockable = $user->prop('Lockable') || 'yes';
+    %        my $removable = $user->prop('Removable') || 'yes';
+    %        my $fwd       = (($user->prop('EmailForward') || 'local') =~ m/^forward|both$/) ?
+    %                       $user->prop('ForwardAddress') : '';
+    %        my $vpnaccess = $user->prop('VPNClientAccess') || 'no';
+    %        $vpnaccess = $vpnaccess eq 'yes' ? $c->l('YES') : $c->l('NO');
+    %        my $password_set = $user->prop('PasswordSet');
+
+        <tr>
+            %= t td => (class => 'sme-border') => $username
+            %= t td => (class => 'sme-border') => "$first  $last"
+            %= t td => (class => 'sme-border') => $vpnaccess
+            %= t td => (class => 'sme-border') => $fwd
+    %      my ($actionModify, $actionLock, $actionResetPw, $actionRemove) = '&nbsp;';
+    %      if ($username eq 'admin')  { 
+    %          $actionModify = "<a href='useraccountd?trt=UPS&user=" . $username . "'>" . l('MODIFY') . "</a>"; 
+    %          $actionResetPw = "<a href='useraccountd?trt=PWS&user=" . $username . "'>" . l('PASSWORD_RESET') . "</a>"; 
+    %      } else {
+    %          $actionModify = "<a href='useraccountd?trt=UPD&user=" . $username . "'>" . l('MODIFY') . "</a>"; 
+    %          if ($password_set ne 'yes') {
+    %                  $actionLock = l('ACCOUNT_LOCKED'); 
+    %                  $actionResetPw = "<a href='useraccountd?trt=PWD&user=" . $username . "' class='error'>" . l('PASSWORD_RESET') . "</a>"; 
+    %          } else {
+    %                  $actionLock = "<a href='useraccountd?trt=LCK&user=" . $username . "'>" . l('usr_LOCK_ACCOUNT') . "</a>"; 
+    %                  $actionResetPw = "<a href='useraccountd?trt=PWD&user=" . $username . "'>" . l('PASSWORD_RESET') . "</a>"; 
+    %          }
+    %          if ( $removable eq 'yes' )  { 
+    %                  $actionRemove = "<a href='useraccountd?trt=DEL&user=" . $username . "'>" . l('REMOVE') . "</a>"; 
+    %          }
+    %      }
+           <td class='sme-border'><%= $c->render_to_string(inline => $actionModify) %></td>
+           <td class='sme-border'><%= $c->render_to_string(inline => $actionResetPw) %></td>
+           <td class='sme-border'><%= $c->render_to_string(inline => $actionLock) %></td>
+           <td class='sme-border'><%= $c->render_to_string(inline => $actionRemove) %></td>
+
+       </tr>
+    %    }
+       </tbody>
+       </table>
+
+       <%} %>
+
+        %= hidden_field 'trt' => $usr_datas->{trt}
+
+</div>
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_lock.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_lock.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_lock.html.ep        1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_lock.html.ep    2020-02-27 23:03:55.000000000 +0400
@@ -0,0 +1,28 @@
+<div id='usr_lock'>
+
+    %  my $btn = l('usr_LOCK');
+
+    %= form_for '/useraccountd' => (method => 'POST') => begin
+       <p>
+       <h2>
+       %=l 'usr_LOCK_ACCOUNT_TITLE'
+       </h2>
+       
+       <br>
+       %= $c->l('usr_LOCK_DESC', $usr_datas->{user}, $usr_datas->{name} );
+       <br>
+       %= $c->render_to_string(inline => $c->l('usr_LOCK_DESC2'))
+       </p>
+
+       <p>
+       <br>
+       %= submit_button "$btn", class => 'action'
+       </p>
+
+       %= hidden_field 'trt' => $usr_datas->{trt}
+       %= hidden_field 'user' => $usr_datas->{user}
+       %= hidden_field 'name' => $usr_datas->{name}
+       
+    % end    
+
+</div>
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_pwd.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_pwd.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_pwd.html.ep 1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_pwd.html.ep     2020-02-26 22:49:00.000000000 +0400
@@ -0,0 +1,44 @@
+<div id='usr_pwd'>
+
+    %  my $btn = l('SAVE');
+
+    %= form_for '/useraccountd' => (method => 'POST') => begin
+       <p>
+       <h2>
+       %=l 'RESET_PASSWORD_TITLE'
+       </h2>
+       
+       <br>
+       %= $c->l('usr_RESET_DESC', $usr_datas->{user}, $usr_datas->{name} );
+       <br>
+       %= l 'usr_RESET_DESC2'
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'PASSWORD_NEW', class => 'label'
+       </span><span class=data>
+       %= password_field 'newPass', class => 'input'
+       </span>
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'PASSWORD_VERIFY_NEW', class => 'label'
+       </span><span class=data>
+       %= password_field 'newPassVerify', class => 'input'
+       </span>
+       </p>
+
+       <p>
+       <br><br>
+       %= submit_button "$btn", class => 'action'
+       </p>
+
+       %= hidden_field 'trt' => $usr_datas->{trt}
+       %= hidden_field 'user' => $usr_datas->{user}
+       %= hidden_field 'name' => $usr_datas->{name}
+       
+    % end    
+
+</div>
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_pwds.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_pwds.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_pwds.html.ep        1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_pwds.html.ep    2020-02-29 18:18:12.000000000 +0400
@@ -0,0 +1,62 @@
+<div id='usr_pwds'>
+
+    %  my $btn = l('SAVE');
+
+    %= form_for '/useraccountd' => (method => 'POST') => begin
+       <p>
+       %= l 'usr_SYSTEM_PASSWORD_DESCRIPTION'
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'usr_CURRENT_SYSTEM_PASSWORD', class => 'label'
+       </span><span class=data>
+       %= password_field 'CurPass', class => 'input'
+       </span>
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'usr_NEW_SYSTEM_PASSWORD', class => 'label'
+       </span><span class=data>
+       %= password_field 'Pass', class => 'input'
+       </span>
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'usr_NEW_SYSTEM_PASSWORD_VERIFY', class => 'label'
+       </span><span class=data>
+       %= password_field 'PassVerify', class => 'input'
+       </span>
+       </p>
+
+       <p>
+       <br><br>
+       %= submit_button "$btn", class => 'action'
+       </p>
+
+       %= hidden_field 'trt' => $usr_datas->{trt}
+       %= hidden_field 'user' => $usr_datas->{user}
+       %= hidden_field 'name' => $usr_datas->{name}
+       
+    % end
+
+</div>
+<!--
+    <page name="SystemPassword" pre-event="turn_off_buttons()" 
+        post-event="system_change_password" >
+        <description>SYSTEM_PASSWORD_DESCRIPTION</description>
+
+        <field type="password" id="curpass" validation="nonblank, system_authenticate_password">
+            <label>CURRENT_SYSTEM_PASSWORD</label>
+        </field>
+        <field type="password" id="pass" validation="nonblank, system_check_password">
+            <label>NEW_SYSTEM_PASSWORD</label>
+        </field>
+        <field type="password" id="passVerify" validation="system_password_compare">
+            <label>NEW_SYSTEM_PASSWORD_VERIFY</label>
+        </field>
+        <subroutine src="print_button('SAVE')" />
+    </page>
+-->
\ Pas de fin de ligne à la fin du fichier
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_upd.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_upd.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_upd.html.ep 1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_upd.html.ep     2020-02-29 19:46:22.000000000 +0400
@@ -0,0 +1,183 @@
+<div id='usr_upd'>
+
+
+       % my $btn = l('ADD');
+
+    %= form_for '/useraccountd' => (method => 'POST') => begin
+       <p>
+       <h2>
+       %=l 'usr_P2_TITLE'
+       </h2>
+       <br>
+       %= $c->render_to_string(inline => l ('usr_CREATE_MODIFY_DESC'))
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'usr_ACCOUNT_NAME'
+       </span><span class=data>
+       % if ( $usr_datas->{trt} eq 'ADD' ) {
+           % param 'user' => $usr_datas->{user} unless param 'user';
+           %= text_field 'user', class => 'input'
+       % } else {
+           % $btn = l('SAVE');
+           %= $usr_datas->{user}, class => 'data'
+       % }
+       </span>
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'usr_FIRSTNAME'
+       </span><span class=data>
+       % param 'FirstName' => $usr_datas->{firstname} unless param 'FirstName';
+       %= text_field 'FirstName', class => 'input'
+       </span>
+       </p>
+       <p>
+       <span class=label>
+       %=l 'usr_LASTNAME'
+       </span><span class=data>
+       % param 'LastName' => $usr_datas->{lastname} unless param 'LastName';
+       %= text_field 'LastName', class => 'input'
+       </span>
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'usr_DEPARTMENT'
+       </span><span class=data>
+       % param 'Dept' => $usr_datas->{dept} unless param 'Dept';
+       %= text_field 'Dept', class => 'input'
+       </span>
+       </p>
+       <p>
+       <span class=label>
+       %=l 'usr_COMPANY'
+       </span><span class=data>
+       % param 'Company' => $usr_datas->{company} unless param 'Company';
+       %= text_field 'Company', class => 'input'
+       </span>
+       </p>
+       <p>
+       <span class=label>
+       %=l 'usr_STREET_ADDRESS'
+       </span><span class=data>
+       % param 'Street' => $usr_datas->{street} unless param 'Street';
+       %= text_field 'Street', class => 'input'
+       </span>
+       </p>
+       <p>
+       <span class=label>
+       %=l 'usr_CITY'
+       </span><span class=data>
+       % param 'City' => $usr_datas->{city} unless param 'City';
+       %= text_field 'City', class => 'input'
+       </span>
+       </p>
+       <p>
+       <span class=label>
+       %=l 'usr_PHONE_NUMBER'
+       </span><span class=data>
+       % param 'Phone' => $usr_datas->{phone} unless param 'Phone';
+       %= text_field 'Phone', class => 'input'
+       </span>
+       </p>
+       <p>
+       <span class=label>
+       %=l 'usr_EMAIL_DELIVERY'
+       </span><span class=data>
+       % param 'EmailForward' => $usr_datas->{emailforward} unless param 'EmailForward';
+       %= select_field 'EmailForward' => $c->emailForward_list(), class => 'input'
+       </span>
+       </p>
+       <p>
+       <span class=label>
+       %=l 'usr_FORWARDING_ADDRESS'
+       </span><span class=data>
+       % param 'ForwardAddress' => $usr_datas->{forwardaddress} unless param 'ForwardAddress';
+       %= text_field 'ForwardAddress', class => 'input'
+       </span>
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'usr_VPN_CLIENT_ACCESS'
+       </span><span class=data>
+       % param 'VPNClientAccess' => $usr_datas->{vpnclientaccess} unless param 'VPNClientAccess';
+       %= select_field 'VPNClientAccess' => [[ (l 'NO') => 'no'], [ (l 'YES') => 'yes']], class => 'input'
+       </span>
+       </p>
+
+    %  if (  $usr_datas->{trt} eq 'UPD' and $c->ipsec_for_acct eq 'OK' ) {
+    %  my $url = '/useraccountd?TRT=CRT&user=' . $usr_datas->{user};
+    %  my $btn2 = $c->l('DOWNLOAD');
+       %= form_for $url => (method => 'GET') => begin
+       <p>
+       <span class=label>
+       %=l 'usr_LABEL_IPSECRW_DOWNLOAD'
+       </span><span class=data>
+       %= submit_button $btn2, class => 'action'
+       </span>
+       </p>
+       %end
+    %  }
+
+    %  my @groups = @{$c->get_groups()};
+    %  if ( @groups ) {
+       <p>
+       <span class=label>
+       %=l 'usr_GROUP_MEMBERSHIPS'
+       </span>
+       <span class=data>
+       <table class="sme-border"><tbody>
+       <tr><th class='sme-border'>
+           %=l 'usr_MEMBER'
+           </th><th class='sme-border'>
+           %=l 'GROUP'
+           </th><th class='sme-border'>
+           %=l 'DESCRIPTION'
+       </th></tr>
+       
+    %    foreach my $g ( @groups) {
+    %       my $user = $usr_datas->{user};
+    %        my $groupname     = $g->key();
+    %        my $description   = $g->prop('Description');
+    %        my $checked = '';
+    %        if ( $user and $c->is_user_in_group($user, $groupname) ) {
+    %            $checked = 'checked';
+    %        }
+        <tr>
+
+           <td>
+           % if ( $checked eq 'checked' ) {
+               <!-- % = check_box 'groupMemberships', value => $groupname, checked => $checked -->
+               <input type='checkbox' name='groupMemberships' checked value='<%= $groupname %>'>
+           %} else {
+               %= check_box 'groupMemberships' => $groupname
+           %}
+           </td>
+            <!-- t td => (class => 'sme-border') => (check_box ' groupMemberships' => $groupname  $checked) -->
+            %= t td => (class => 'sme-border') => $groupname
+            %= t td => (class => 'sme-border') => "$description"
+       </tr>
+    %    }
+       </tbody>
+       </table>
+       </span>
+       </p>
+    %  }
+
+       <p>
+       <br><br>
+       %= submit_button $btn, class => 'action'
+       </p>
+
+       %= hidden_field 'trt' => $usr_datas->{trt}
+       % if ( $usr_datas->{trt} eq 'UPD' ) {
+           %= hidden_field 'user' => $usr_datas->{user}
+       % }
+       
+    % end
+
+</div>
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_upds.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_upds.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_upds.html.ep        1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_usr_upds.html.ep    2020-02-29 18:21:10.000000000 +0400
@@ -0,0 +1,118 @@
+<div id='usr_upds'>
+
+       % my $btn = l('SAVE');
+
+    %= form_for '/useraccountd' => (method => 'POST') => begin
+       <p>
+       <h2>
+       %=l 'usr_MODIFY_ADMIN_TITLE'
+       </h2><br>
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'usr_ACCOUNT_NAME'
+       </span><span class=data>
+       % $btn = l('SAVE');
+       %= $usr_datas->{user}, class => 'data'
+       </span>
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'usr_FIRSTNAME'
+       </span><span class=data>
+       % param 'FirstName' => $usr_datas->{firstname} unless param 'FirstName';
+       %= text_field 'FirstName', class => 'input'
+       </span>
+       </p>
+       <p>
+       <span class=label>
+       %=l 'usr_LASTNAME'
+       </span><span class=data>
+       % param 'LastName' => $usr_datas->{lastname} unless param 'LastName';
+       %= text_field 'LastName', class => 'input'
+       </span>
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'usr_EMAIL_DELIVERY'
+       </span><span class=data>
+       % param 'EmailForward' => $usr_datas->{emailforward} unless param 'EmailForward';
+       %= select_field 'EmailForward' => $c->emailForward_list(), class => 'input'
+       </span>
+       </p>
+       <p>
+       <span class=label>
+       %=l 'usr_FORWARDING_ADDRESS'
+       </span><span class=data>
+       % param 'ForwardAddress' => $usr_datas->{forwardaddress} unless param 'ForwardAddress';
+       %= text_field 'ForwardAddress', class => 'input'
+       </span>
+       </p>
+
+       <p>
+       <span class=label>
+       %=l 'usr_VPN_CLIENT_ACCESS'
+       </span><span class=data>
+       % param 'VPNClientAccess' => $usr_datas->{vpnclientaccess} unless param 'VPNClientAccess';
+       %= select_field 'VPNClientAccess' => [[ (l 'NO') => 'no'], [ (l 'YES') => 'yes']], class => 'input'
+       </span>
+       </p>
+
+    %  if ( $c->ipsec_for_acct eq 'OK' ) {
+    %  my $url = '/useraccountd?TRT=CRT&user=' . $usr_datas->{user};
+    %  my $btn2 = $c->l('DOWNLOAD');
+       %= form_for $url => (method => 'GET') => begin
+       <p>
+       <span class=label>
+       %=l 'usr_LABEL_IPSECRW_DOWNLOAD'
+       </span><span class=data>
+       %= submit_button $btn2, class => 'action'
+       </span>
+       </p>
+       %end
+    %  }
+
+       <p>
+       <br>
+       %= submit_button $btn, class => 'action'
+       </p>
+
+       %= hidden_field 'trt' => $usr_datas->{trt}
+       %= hidden_field 'user' => $usr_datas->{user}
+       
+    % end
+
+</div>
+<!--
+    <page name="ModifyAdmin" pre-event="turn_off_buttons()" post-event="modify_admin()">
+        <title>MODIFY_ADMIN_TITLE</title> 
+        <subroutine src="print_acctName_field()" />
+        <field type="text" id="FirstName" validation="nonblank, pseudonym_clash">
+            <label>FIRSTNAME</label>
+        </field>
+        <field type="text" id="LastName" validation="nonblank">
+            <label>LASTNAME</label>
+        </field>
+        <field type="select" id="EmailForward" options="'local' =>
+            'DELIVER_EMAIL_LOCALLY', 'forward' => 'FORWARD_EMAIL',
+            'both' => 'DELIVER_AND_FORWARD'" validation="nonblank" value='local'
+            display="display_email_forwarding()"
+            >
+            <label>EMAIL_DELIVERY</label>
+        </field>
+        <field type="text" id="ForwardAddress" validation="emailforward()"
+            display="display_email_forwarding()"
+            >
+            <label>FORWARDING_ADDRESS</label>
+        </field>
+        <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
+            'no' => 'NO'" validation="nonblank" value="get_pptp_value()">
+            <label>VPN_CLIENT_ACCESS</label>
+        </field>  
+        <subroutine src="print_ipsec_client_section()" />
+        <subroutine src="print_button('SAVE')" />
+    </page>
+-->
\ Pas de fin de ligne à la fin du fichier
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/remoteaccess.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/remoteaccess.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/remoteaccess.html.ep      1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/remoteaccess.html.ep  2020-02-26 17:38:24.000000000 +0400
@@ -0,0 +1,234 @@
+% layout 'default', title => "Sme server 2 - remoteaccess", share_dir => './';
+
+% content_for 'module' => begin
+<div id="module">
+
+    % if ($config->{debug} == 1) {
+       <p>
+       %= dumper $c->current_route
+       %= dumper $rma_datas
+       </p>
+    % }
+    <h1><%= $title%></h1>
+    % if ( $notif ) {
+       <br>
+       <span class=sme-error>
+       <%= $c->render_to_string(inline => $notif) %>
+       </span>
+    %}
+
+    <hr class='sectionbar' />
+
+    <%         my $btn = l('SAVE'); %>
+
+    %= form_for 'remoteaccess' => (method => 'POST') => begin
+
+    % my $ipsec = $c->get_ipsecrw_status();
+    % if ( $ipsec ) {
+       <p>
+       <h2>
+       %=l 'rma_TITLE_IPSECRW'
+       </h2><br>
+
+       %=l 'rma_DESC_IPSECRW'
+       <br>
+
+       <span class=label>
+       %=l 'rma_LABEL_IPSECRW_SESS'
+       </span><span class=data>
+       % param 'IpsecrwSess' => $c->get_ipsecrw_sessions unless param 'IpsecrwSess';
+       %= text_field 'IpsecrwSess', class => 'input'
+       </span>
+       <br>
+
+       %= $c->render_to_string(inline => $c->l('rma_DESC_IPSECRW_RESET'));
+       <br>
+       <span class=label>
+       %=l 'rma_LABEL_IPSECRW_RESET'
+       </span><span class=data>
+       %= check_box 'IpsecrwReset',class => 'input'
+       </span>
+       <br><br>
+
+       <hr class='sectionbar' />
+
+       </p>
+    %}
+
+       <p><h2>
+       %=l 'rma_TITLE_PPTP'
+       </h2><br>
+       %=l 'rma_DESC_PPTP'
+       <br>
+       <span class=label>
+       %=l 'rma_LABEL_PPTP'
+       </span><span class=data>
+       % param 'PptpSessions' => $c->get_pptp_sessions unless param 'PptpSessions';
+       %= text_field 'PptpSessions' =>  $c->get_pptp_sessions(), class => 'input'
+       </span>
+       </p>
+
+       <hr class='sectionbar' />
+
+       <p><h2>
+       %= $c->l('rma_VALIDFROM_TITLE', $c->l('rma_REMOTE_MANAGEMENT'));
+       </h2><br>
+       %=l 'rma_VALIDFROM_DESC'
+       <br><br>
+
+    % my @vals = $self->_get_valid_from();
+    % if (@vals) {
+       <table class="sme-border"><tbody>
+       <tr><th class='sme-border'>
+           %=l 'NETWORK'
+           </th><th class='sme-border'>
+           %=l 'SUBNET_MASK'
+           </th><th class='sme-border'>
+           %=l 'NUM_OF_HOSTS'
+           </th><th class='sme-border'>
+           %=l 'REMOVE'
+       </th></tr>
+
+    %    foreach my $val ( @vals )
+    %    {
+    %        my ($net, $mask) = split '/', $val;
+    %        $mask = '255.255.255.255' unless ($mask);
+    %        my ($numhosts,$a,$b) = esmith::util::computeHostRange($net,$mask);
+        <tr>
+            %= t td => (class => 'sme-border') => $net
+            %= t td => (class => 'sme-border') => $mask
+            %= t td => (class => 'sme-border') => $numhosts
+            <td class='sme-border'><input type='checkbox' name='Remove_nets' value='<%= $net.'/'.$mask %>'> </td>
+       </tr>
+    %    }
+
+       </tbody>
+       </table>    
+
+       <!-- my @cbGroup = $q->checkbox_group(-name => 'validFromRemove',
+               -values => [@vals], -labels => { map {$_ => ''} @vals });
+           foreach my $val (@vals)
+               { esmith::cgi::genSmallCell($q, shift(@cbGroup), } -->
+    % } else {
+       <br><b>
+        %= l('rma_NO_ENTRIES_YET');
+       </b>
+    %}
+       </p>
+
+       <p>
+       %=l 'rma_DESC_VALID_FROM_ENTRIES'
+       <br><br>
+       <span class=label>
+       %=l 'NETWORK'
+       </span><span class=data>
+       %= text_field 'ValidFromNetwork', class => 'input'
+       </span>
+       <br>
+       <span class=label>
+       %=l 'rma_SUBNET_MASK'
+       </span><span class=data>
+       %= text_field 'ValidFromMask', class => 'input'
+       </span>
+       </p>
+
+       <hr class='sectionbar' />
+
+       <p><h2>
+       %=l 'rma_TITLE_SSH'
+       </h2><br>
+       %=l 'rma_DESC_SSH'
+       <br><br>
+       <span class=label>
+       %=l 'rma_LABEL_SSH'
+       </span><span class=data>
+       % param 'SshAccess' => $c->get_ssh_access() unless param 'SshAccess';
+       %= select_field 'SshAccess' => $c->networkAccess_list(), class => 'input'
+       </span>
+       <br>
+       
+       <span class=label>
+       %=l 'rma_LABEL_SSH_ADMIN'
+       </span><span class=data>
+       % param 'SshPermitRootLogin' => $rma_datas->{sshPermitRootLogin} unless param 'SshPermitRootLogin';
+       %= select_field 'SshPermitRootLogin' => [[(l 'NO'), 'no'], [(l 'YES'), 'yes']], class => 'input'
+       </span>
+       <br>
+
+       <span class=label>
+       %=l 'rma_LABEL_SSH_PASSWORD_ACCESS'
+       </span><span class=data>
+       % param 'SshPasswordAuthentication' => $c->get_ssh_password_auth() unless param 'SshPasswordAuthentication';
+       %= select_field 'SshPasswordAuthentication' => [[(l 'NO'), 'no'], [(l 'YES'), 'yes']], class => 'input'
+       </span>
+       <br>
+
+       <span class=label>
+       %=l 'rma_LABEL_SSH_PORT'
+       </span><span class=data>
+       % param 'SshTCPPort' => $c->get_ssh_port() unless param 'SshTCPPort';
+       %= text_field 'SshTCPPort', class => 'input'
+       </span>
+       <br>
+       </p>
+
+       <hr class='sectionbar' />
+
+       <p><h2>
+       %=l 'rma_TITLE_FTP_ACCESS'
+       </h2><br>
+       %= $c->render_to_string(inline => $c->l('rma_DESC_FTP_ACCESS'));
+
+       <br>
+       <span class=label>
+       %=l 'rma_LABEL_FTP_ACCESS'
+       </span><span class=data>
+       % param 'FtpAccess' => $c->get_ftp_access() unless param 'FtpAccess';
+       %= select_field 'FtpAccess' => $c->networkAccess_list(), class => 'input'
+       </span>
+       <br>
+
+       <br>
+       %= $c->render_to_string(inline => $c->l('rma_DESC_FTP_LOGIN'));
+       <br>
+       <span class=label>
+       %=l 'rma_LABEL_FTP_LOGIN'
+       </span><span class=data>
+       % param 'FtpPasswordAccess' => $c->get_ftp_password_login_access() unless param 'FtpPasswordAccess';
+       %= select_field 'FtpPasswordAccess' => $c->passwordLogin_list(), class => 'input'
+       </span>
+       <br>
+       </p>
+
+    % my $mode = $c->get_telnet_mode();
+    % if ( $mode ne 'off') {
+       <p>
+       <hr class='sectionbar' />
+
+       <h2>
+       %=l 'rma_TITLE_TELNET_ACCESS'
+       </h2><br>
+
+       <span class=sme-error>
+       %=l 'rma_DESC_TELNET_ACCESS'
+       </span>
+       <br><br>
+
+       <span class=label>
+       %=l 'rma_LABEL_TELNET_ACCESS'
+       </span><span class=data>
+       % param 'TelnetAccess' => $mode unless param 'TelnetAccess';
+       %= select_field 'TelnetAccess' => $c->networkAccess_list(), class => 'input'
+       </span>
+       <br>
+
+       </p>
+    %}
+
+       %= submit_button "$btn", class => 'action'
+
+    % end
+
+</div>
+
+% end
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/useraccounts.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/useraccounts.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/useraccounts.html.ep      1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/useraccounts.html.ep  2020-02-29 01:47:50.000000000 +0400
@@ -0,0 +1,40 @@
+% layout 'default', title => "Sme server 2 - useraccounts", share_dir => './';
+
+% content_for 'module' => begin
+<div id="module">
+
+    % if ($config->{debug} == 1) {
+       <p>
+       %= dumper $c->current_route
+       %= dumper $usr_datas
+       </p>
+    % }
+    
+    <h1><%= $title%></h1>
+
+    % if ( $notif ) {
+       <br>
+       <span class=sme-error>
+       <%= $c->render_to_string(inline => $notif) %>
+       </span>
+    %}
+
+    % if ($usr_datas->{trt} eq 'ADD' or $usr_datas->{trt} eq 'UPD') {
+       %= include 'partials/_usr_upd'
+    %} elsif ($usr_datas->{trt} eq 'DEL') {
+       %= include 'partials/_usr_del'
+    %} elsif ($usr_datas->{trt} eq 'LCK') {
+       %= include 'partials/_usr_lock'
+    %} elsif ($usr_datas->{trt} eq 'PWD') {
+        %= include 'partials/_usr_pwd'
+    %} elsif ($usr_datas->{trt} eq 'PWS') {
+        %= include 'partials/_usr_pwds'
+    %} elsif ($usr_datas->{trt} eq 'UPS') {
+        %= include 'partials/_usr_upds'
+    %} else {
+        %= include 'partials/_usr_list'
+    %}
+
+</div>
+%end
+
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/viewlogfiles2.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/viewlogfiles2.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/viewlogfiles2.html.ep     1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/viewlogfiles2.html.ep 2020-02-21 23:39:07.000000000 +0400
@@ -0,0 +1,32 @@
+% layout 'default', title => 'Sme server 2 - View log files 2';
+
+% content_for 'module' => begin
+
+<div id="module">
+
+    % if ($config->{debug} == 1) {
+       <p>
+       (DBG)route: <%= $c->current_route %><br>
+       (DBG)trt: <%= $log_datas->{trt} %><br>
+       </p>
+    % }
+
+    <h1><%= $title %></h1>
+
+    <br><%= $modul %><br>
+
+    <p>
+    <% my $btn = l('log_REFRESH'); %>
+
+    %= form_for 'viewlogfileR' => (method => 'GET') => begin
+       %= submit_button "$btn", class => 'action'
+       %= hidden_field 'trt' => $log_datas->{trt}
+       %= hidden_field 'Filename' => $log_datas->{filename}
+       %= hidden_field 'Matchpattern' => $log_datas->{matchpattern}
+       %= hidden_field 'Highlightpattern' => $log_datas->{highlightpattern}
+       %= hidden_field 'Operation' => $log_datas->{operation}
+    % end
+
+</div>
+
+%end
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/viewlogfiles.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/viewlogfiles.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/viewlogfiles.html.ep      1970-01-01 04:00:00.000000000 +0400
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/viewlogfiles.html.ep  2020-02-16 00:31:47.000000000 +0400
@@ -0,0 +1,68 @@
+% layout 'default', title => "Sme server 2 - viewlogfiles", share_dir => './';
+
+% content_for 'module' => begin
+<div id="module">
+    %if ($config->{debug} == 1) {
+       <p>
+       (DBG)route: <%= $c->current_route %><br>
+       </p>
+    %}
+    <h1><%= $title %></h1>
+    <br>
+    <%= $notif %>
+    <%         my $btn = l('NEXT'); %>
+
+    %= form_for 'viewlogfiles' => (method => 'POST') => begin
+       <p>
+       %=l 'log_FIRSTPAGE_DESC'
+       <br>
+       <span class=label>
+       %=l 'log_LOG_FILE_SELECT_DESC'
+       </span><span class=data>
+       % param 'Filename' => 'messages';
+       <!-- select_field 'Filename' => [['toto'], ['tata']], class => 'input' -->
+       %= select_field 'Filename' => $c->findlogFiles(), class => 'input'
+       </span>
+       </p>
+
+       <p>
+       %=l 'log_FILTER_PATTERN_DESC'
+       <br>
+       <span class=label>
+       %=l 'log_FILTER_PATTERN_LABEL'
+       </span><span class=data>
+       %= text_field 'Matchpattern', class => 'input'
+       </span>
+       </p>
+
+       <p>
+       %=l 'log_MATCH_PATTERN_DESC'
+       <br>
+       <span class=label>
+       %=l 'log_MATCH_PATTERN_LABEL'
+       </span><span class=data>
+       %= text_field 'Highlightpattern', class => 'input'
+       </span>
+       </p>
+
+       <p>
+       %=l 'log_OP_DESC'
+       <br>
+       <span class=label>
+       %=l 'log_OP_LABEL'
+       </span><span class=data>
+       %if ($log_datas->{'default_op'} eq 'download') {
+           % param 'Operation' => 'download';
+       %}
+       %= select_field 'Operation' => [[(l 'log_VIEW') => 'view'],[(l 'DOWNLOAD') => 'download']], class => 'input'
+       </span>
+       </p>
+
+       <p>
+       %=l 'log_END_DESC'
+       </p>
+
+       %= submit_button "$btn", class => 'action'
+    % end
+</div>
+%end