main.sh 22 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772
  1. # Internal variables
  2. DATE=$(date +%F)
  3. TIME=$(date +%T)
  4. SCRIPT=$(basename $0)
  5. A1=$1
  6. A2=$2
  7. A3=$3
  8. A4=$4
  9. A5=$5
  10. A6=$6
  11. A7=$7
  12. A8=$8
  13. A9=$9
  14. EVENT="DATE='$DATE' TIME='$TIME' CMD='$SCRIPT' A1='$A1' A2='$A2' A3='$A3'"
  15. EVENT="$EVENT A4='$A4' A5='$A5' A6='$A6' A7='$A7' A8='$A8' A9='$A9'"
  16. HOMEDIR='/home'
  17. BACKUP='/backup'
  18. BACKUP_GZIP=5
  19. BACKUP_DISK_LIMIT=95
  20. BACKUP_LA_LIMIT=5
  21. RRD_STEP=300
  22. RRD_IFACE_EXCLUDE=lo
  23. BIN=$VESTA/bin
  24. USER_DATA=$VESTA/data/users/$user
  25. WEBTPL=$VESTA/data/templates/web
  26. DNSTPL=$VESTA/data/templates/dns
  27. RRD=$VESTA/web/rrd
  28. # Return codes
  29. OK=0
  30. E_ARGS=1
  31. E_INVALID=2
  32. E_NOTEXIST=3
  33. E_EXISTS=4
  34. E_SUSPENDED=5
  35. E_UNSUSPENDED=6
  36. E_INUSE=7
  37. E_LIMIT=8
  38. E_PASSWORD=9
  39. E_FORBIDEN=10
  40. E_DISABLED=11
  41. E_PARSING=12
  42. E_DISK=13
  43. E_LA=14
  44. E_FTP=15
  45. E_SSH=16
  46. E_DB=17
  47. E_RRD=18
  48. E_UPDATE=19
  49. E_RESTART=20
  50. # Log event function
  51. log_event() {
  52. echo "RC='$1' $2" >> $VESTA/log/system.log
  53. }
  54. # Log user history
  55. log_history() {
  56. cmd=$1
  57. undo=${2-no}
  58. log_user=${3-$user}
  59. log=$VESTA/data/users/$log_user/history.log
  60. touch $log
  61. if [ '99' -lt "$(wc -l $log |cut -f 1 -d ' ')" ]; then
  62. tail -n 99 $log > $log.moved
  63. mv -f $log.moved $log
  64. chmod 660 $log
  65. fi
  66. curr_str=$(grep "ID=" $log | cut -f 2 -d \' | sort -n | tail -n1)
  67. id="$((curr_str +1))"
  68. echo "ID='$id' DATE='$DATE' TIME='$TIME' CMD='$cmd' UNDO='$undo'" >> $log
  69. }
  70. # Argument list checker
  71. check_args() {
  72. if [ "$1" -gt "$2" ]; then
  73. echo "Error: not enought arguments"
  74. echo "Usage: $SCRIPT $3"
  75. log_event "$E_ARGS" "$EVENT"
  76. exit $E_ARGS
  77. fi
  78. }
  79. # Subsystem checker
  80. is_system_enabled() {
  81. if [ -z "$1" ] || [ "$1" = no ]; then
  82. echo "Error: subsystem disabled"
  83. log_event "$E_DISABLED" "$EVENT"
  84. exit $E_DISABLED
  85. fi
  86. }
  87. # User package check
  88. is_package_full() {
  89. case "$1" in
  90. WEB_DOMAINS) used=$(wc -l $USER_DATA/web.conf|cut -f1 -d \ );;
  91. WEB_ALIASES) used=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |\
  92. awk -F "ALIAS='" '{print $2}' | cut -f 1 -d \' | tr ',' '\n' |\
  93. wc -l );;
  94. DNS_DOMAINS) used=$(wc -l $USER_DATA/dns.conf |cut -f1 -d \ );;
  95. DNS_RECORDS) used=$(wc -l $USER_DATA/dns/$domain.conf |cut -f1 -d \ );;
  96. MAIL_DOMAINS) used=$(wc -l $USER_DATA/mail.conf |cut -f1 -d \ );;
  97. MAIL_ACCOUNTS) used=$(wc -l $USER_DATA/mail/$domain.conf |\
  98. cut -f1 -d \ );;
  99. DATABASES) used=$(wc -l $USER_DATA/db.conf |cut -f1 -d \ );;
  100. CRON_JOBS) used=$(wc -l $USER_DATA/cron.conf |cut -f1 -d \ );;
  101. esac
  102. limit=$(grep "^$1=" $USER_DATA/user.conf | cut -f 2 -d \' )
  103. if [ "$used" -ge "$limit" ]; then
  104. echo "Error: Limit reached / Upgrade package"
  105. log_event "$E_LIMIT" "$EVENT"
  106. exit $E_LIMIT
  107. fi
  108. }
  109. # Random password generator
  110. gen_password() {
  111. matrix='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
  112. lenght=10
  113. while [ ${n:=1} -le $lenght ]; do
  114. pass="$pass${matrix:$(($RANDOM%${#matrix})):1}"
  115. let n+=1
  116. done
  117. echo "$pass"
  118. }
  119. # Package existance check
  120. is_package_valid() {
  121. if [ -z "$1" ]; then
  122. pkg_dir="$VESTA/data/packages"
  123. fi
  124. if [ ! -e "$pkg_dir/$package.pkg" ]; then
  125. echo "Error: package $package not exist"
  126. log_event "$E_NOTEXIST $EVENT"
  127. exit $E_NOTEXIST
  128. fi
  129. }
  130. # Validate system type
  131. is_type_valid() {
  132. if [ -z "$(echo $1 | grep -w $2)" ]; then
  133. echo "Error: $2 is unknown type"
  134. log_event "$E_INVALID" "$EVENT"
  135. exit $E_INVALID
  136. fi
  137. }
  138. # Check user backup settings
  139. is_backup_enabled() {
  140. BACKUPS=$(grep "^BACKUPS=" $USER_DATA/user.conf | cut -f2 -d \')
  141. if [ -z "$BACKUPS" ] || [[ "$BACKUPS" -le '0' ]]; then
  142. echo "Error: user backup disabled"
  143. log_event "$E_DISABLED" "$EVENT"
  144. exit $E_DISABLED
  145. fi
  146. }
  147. # Check if object is free and can be created
  148. is_object_free() {
  149. if [ $2 = 'USER' ]; then
  150. if [ -d "$USER_DATA" ]; then
  151. object="OK"
  152. fi
  153. else
  154. object=$(grep "$2='$3'" $USER_DATA/$1.conf)
  155. fi
  156. if [ ! -z "$object" ]; then
  157. echo "Error: $2 with value $3 exists"
  158. log_event "$E_EXISTS" "$EVENT"
  159. exit $E_EXISTS
  160. fi
  161. }
  162. # Check if object exists and can be used
  163. is_object_valid() {
  164. if [ $2 = 'USER' ]; then
  165. if [ -d "$VESTA/data/users/$user" ]; then
  166. sobject="OK"
  167. fi
  168. else
  169. if [ $2 = 'DBHOST' ]; then
  170. sobject=$(grep "HOST='$host'" $VESTA/conf/$type.conf)
  171. else
  172. sobject=$(grep "$2='$3'" $VESTA/data/users/$user/$1.conf)
  173. fi
  174. fi
  175. if [ -z "$sobject" ]; then
  176. echo "Error: $3 not exist"
  177. log_event "$E_NOTEXIST" "$EVENT"
  178. exit $E_NOTEXIST
  179. fi
  180. }
  181. # Check if object is supended
  182. is_object_suspended() {
  183. if [ $2 = 'USER' ]; then
  184. spnd=$(cat $USER_DATA/$1.conf|grep "SUSPENDED='yes'")
  185. else
  186. spnd=$(grep "$2='$3'" $USER_DATA/$1.conf|grep "SUSPENDED='yes'")
  187. fi
  188. if [ -z "$spnd" ]; then
  189. echo "Error: $1 $3 is not suspended"
  190. log_event "$E_SUSPENDED" "$EVENT"
  191. exit $E_SUSPENDED
  192. fi
  193. }
  194. # Check if object is unsupended
  195. is_object_unsuspended() {
  196. if [ $2 = 'USER' ]; then
  197. spnd=$(cat $USER_DATA/$1.conf|grep "SUSPENDED='yes'")
  198. else
  199. spnd=$(grep "$2='$3'" $USER_DATA/$1.conf|grep "SUSPENDED='yes'")
  200. fi
  201. if [ ! -z "$spnd" ]; then
  202. echo "Error: $1 $3 is already suspended"
  203. log_event "$E_UNSUSPENDED" "$EVENT"
  204. exit $E_UNSUSPENDED
  205. fi
  206. }
  207. # Check if object value is empty
  208. is_object_value_empty() {
  209. str=$(grep "$2='$3'" $USER_DATA/$1.conf)
  210. eval $str
  211. eval value=$4
  212. if [ ! -z "$value" ] && [ "$value" != 'no' ]; then
  213. echo "Error: ${4//$}=$value (not empty)"
  214. log_event "$E_EXISTS" "$EVENT"
  215. exit $E_EXISTS
  216. fi
  217. }
  218. # Check if object value is empty
  219. is_object_value_exist() {
  220. str=$(grep "$2='$3'" $USER_DATA/$1.conf)
  221. eval $str
  222. eval value=$4
  223. if [ -z "$value" ] || [ "$value" = 'no' ]; then
  224. echo "Error: ${4//$}=$value (not exist)"
  225. log_event "$E_NOTEXIST" "$EVENT"
  226. exit $E_NOTEXIST
  227. fi
  228. }
  229. # Get object value
  230. get_object_value() {
  231. object=$(grep "$2='$3'" $USER_DATA/$1.conf)
  232. eval "$object"
  233. eval echo $4
  234. }
  235. # Update object value
  236. update_object_value() {
  237. row=$(grep -n "$2='$3'" $USER_DATA/$1.conf)
  238. lnr=$(echo $row | cut -f 1 -d ':')
  239. object=$(echo $row | sed -e "s/^$lnr://")
  240. eval "$object"
  241. eval old="$4"
  242. old=$(echo "$old" | sed -e 's/\\/\\\\/g' -e 's/&/\\&/g' -e 's/\//\\\//g')
  243. new=$(echo "$5" | sed -e 's/\\/\\\\/g' -e 's/&/\\&/g' -e 's/\//\\\//g')
  244. sed -i "$lnr s/${4//$/}='${old//\*/\\*}'/${4//$/}='${new//\*/\\*}'/g" \
  245. $USER_DATA/$1.conf
  246. }
  247. # Search objects
  248. search_objects() {
  249. OLD_IFS="$IFS"
  250. IFS=$'\n'
  251. for line in $(grep $2=\'$3\' $USER_DATA/$1.conf); do
  252. eval $line
  253. eval echo \$$4
  254. done
  255. IFS="$OLD_IFS"
  256. }
  257. # Get user value
  258. get_user_value() {
  259. grep "^${1//$/}=" $USER_DATA/user.conf| cut -f 2 -d \'
  260. }
  261. # Update user value in user.conf
  262. update_user_value() {
  263. key="${2//$}"
  264. lnr=$(grep -n "^$key='" $VESTA/data/users/$1/user.conf |cut -f 1 -d ':')
  265. if [ ! -z "$lnr" ]; then
  266. sed -i "$lnr d" $VESTA/data/users/$1/user.conf
  267. sed -i "$lnr i\\$key='${3}'" $VESTA/data/users/$1/user.conf
  268. fi
  269. }
  270. # Increase user counter
  271. increase_user_value() {
  272. key="${2//$}"
  273. factor="${3-1}"
  274. conf="$VESTA/data/users/$1/user.conf"
  275. old=$(grep "$key=" $conf | cut -f 2 -d \')
  276. if [ -z "$old" ]; then
  277. old=0
  278. fi
  279. new=$((old + factor))
  280. sed -i "s/$key='$old'/$key='$new'/g" $conf
  281. }
  282. # Decrease user counter
  283. decrease_user_value() {
  284. key="${2//$}"
  285. factor="${3-1}"
  286. conf="$VESTA/data/users/$1/user.conf"
  287. old=$(grep "$key=" $conf | cut -f 2 -d \')
  288. if [ -z "$old" ]; then
  289. old=0
  290. fi
  291. if [ "$old" -le 1 ]; then
  292. new=0
  293. else
  294. new=$((old - factor))
  295. fi
  296. sed -i "s/$key='$old'/$key='$new'/g" $conf
  297. }
  298. # Json listing function
  299. json_list() {
  300. echo '{'
  301. fileds_count=$(echo $fields| wc -w )
  302. #for line in $(cat $conf); do
  303. while read line; do
  304. eval $line
  305. if [ -n "$data_output" ]; then
  306. echo -e ' },'
  307. fi
  308. i=1
  309. for field in $fields; do
  310. eval value=$field
  311. if [ $i -eq 1 ]; then
  312. (( ++i))
  313. echo -e "\t\"$value\": {"
  314. else
  315. if [ $i -lt $fileds_count ]; then
  316. (( ++i))
  317. echo -e "\t\t\"${field//$/}\": \"$value\","
  318. else
  319. echo -e "\t\t\"${field//$/}\": \"$value\""
  320. data_output=yes
  321. fi
  322. fi
  323. done
  324. done < $conf
  325. if [ "$data_output" = 'yes' ]; then
  326. echo -e ' }'
  327. fi
  328. echo -e '}'
  329. }
  330. # Shell listing function
  331. shell_list() {
  332. if [ -z "$nohead" ] ; then
  333. echo "${fields//$/}"
  334. for a in $fields; do
  335. echo -e "------ \c"
  336. done
  337. echo
  338. fi
  339. while read line ; do
  340. eval $line
  341. for field in $fields; do
  342. eval value=$field
  343. if [ -z "$value" ]; then
  344. value='NULL'
  345. fi
  346. echo -n "$value "
  347. done
  348. echo
  349. done < $conf
  350. }
  351. # Recalculate U_DISK value
  352. recalc_user_disk_usage() {
  353. u_usage=0
  354. if [ -f "$USER_DATA/web.conf" ]; then
  355. usage=0
  356. dusage=$(grep 'U_DISK=' $USER_DATA/web.conf |\
  357. awk -F "U_DISK='" '{print $2}' | cut -f 1 -d \')
  358. for disk_usage in $dusage; do
  359. usage=$((usage + disk_usage))
  360. done
  361. d=$(grep "U_DISK_WEB='" $USER_DATA/user.conf | cut -f 2 -d \')
  362. sed -i "s/U_DISK_WEB='$d'/U_DISK_WEB='$usage'/g" $USER_DATA/user.conf
  363. u_usage=$((u_usage + usage))
  364. fi
  365. if [ -f "$USER_DATA/mail.conf" ]; then
  366. usage=0
  367. dusage=$(grep 'U_DISK=' $USER_DATA/mail.conf |\
  368. awk -F "U_DISK='" '{print $2}' | cut -f 1 -d \')
  369. for disk_usage in $dusage; do
  370. usage=$((usage + disk_usage))
  371. done
  372. d=$(grep "U_DISK_MAIL='" $USER_DATA/user.conf | cut -f 2 -d \')
  373. sed -i "s/U_DISK_MAIL='$d'/U_DISK_MAIL='$usage'/g" $USER_DATA/user.conf
  374. u_usage=$((u_usage + usage))
  375. fi
  376. if [ -f "$USER_DATA/db.conf" ]; then
  377. usage=0
  378. dusage=$(grep 'U_DISK=' $USER_DATA/db.conf |\
  379. awk -F "U_DISK='" '{print $2}' | cut -f 1 -d \')
  380. for disk_usage in $dusage; do
  381. usage=$((usage + disk_usage))
  382. done
  383. d=$(grep "U_DISK_DB='" $USER_DATA/user.conf | cut -f 2 -d \')
  384. sed -i "s/U_DISK_DB='$d'/U_DISK_DB='$usage'/g" $USER_DATA/user.conf
  385. u_usage=$((u_usage + usage))
  386. fi
  387. usage=$(grep 'U_DIR_DISK=' $USER_DATA/user.conf | cut -f 2 -d "'")
  388. u_usage=$((u_usage + usage))
  389. old=$(grep "U_DISK='" $USER_DATA/user.conf | cut -f 2 -d \')
  390. sed -i "s/U_DISK='$old'/U_DISK='$u_usage'/g" $USER_DATA/user.conf
  391. }
  392. # Recalculate U_BANDWIDTH value
  393. recalc_user_bandwidth_usage() {
  394. usage=0
  395. bandwidth_usage=$(grep 'U_BANDWIDTH=' $USER_DATA/web.conf |\
  396. awk -F "U_BANDWIDTH='" '{print $2}'|cut -f 1 -d \')
  397. for bandwidth in $bandwidth_usage; do
  398. usage=$((usage + bandwidth))
  399. done
  400. old=$(grep "U_BANDWIDTH='" $USER_DATA/user.conf | cut -f 2 -d \')
  401. sed -i "s/U_BANDWIDTH='$old'/U_BANDWIDTH='$usage'/g" $USER_DATA/user.conf
  402. }
  403. # Get next cron job id
  404. get_next_cronjob() {
  405. if [ -z "$job" ]; then
  406. curr_str=$(grep "JOB=" $USER_DATA/cron.conf|cut -f 2 -d \'|\
  407. sort -n|tail -n1)
  408. job="$((curr_str +1))"
  409. fi
  410. }
  411. # Sort cron jobs by id
  412. sort_cron_jobs() {
  413. cat $USER_DATA/cron.conf |sort -n -k 2 -t \' > $USER_DATA/cron.tmp
  414. mv -f $USER_DATA/cron.tmp $USER_DATA/cron.conf
  415. }
  416. # Sync cronjobs with system cron
  417. sync_cron_jobs() {
  418. source $USER_DATA/user.conf
  419. rm -f /var/spool/cron/$user
  420. if [ "$CRON_REPORTS" = 'yes' ]; then
  421. echo "MAILTO=$CONTACT" > /var/spool/cron/$user
  422. fi
  423. while read line; do
  424. eval $line
  425. if [ "$SUSPENDED" = 'no' ]; then
  426. echo "$MIN $HOUR $DAY $MONTH $WDAY $CMD" |\
  427. sed -e "s/%quote%/'/g" -e "s/%dots%/:/g" \
  428. >> /var/spool/cron/$user
  429. fi
  430. done < $USER_DATA/cron.conf
  431. }
  432. ### Format Validators ###
  433. # Shell
  434. validate_format_shell() {
  435. if [ -z "$(grep -w $1 /etc/shells)" ]; then
  436. echo "Error: shell $1 is not valid"
  437. log_event "$E_INVALID" "$EVENT"
  438. exit $E_INVALID
  439. fi
  440. }
  441. # Password
  442. validate_format_password() {
  443. if [ "${#1}" -lt '6' ]; then
  444. echo "Error: password is too short"
  445. log_event "$E_INVALID" "$EVENT"
  446. exit $E_INVALID
  447. fi
  448. }
  449. # Integer
  450. validate_format_int() {
  451. if ! [[ "$1" =~ ^[0-9]+$ ]] ; then
  452. echo "Error: int $1 is not valid"
  453. log_event "$E_INVALID" "$EVENT"
  454. exit $E_INVALID
  455. fi
  456. }
  457. # Boolean
  458. validate_format_boolean() {
  459. if [ "$1" != 'yes' ] && [ "$1" != 'no' ]; then
  460. echo "Error: $2 $1 is not valid"
  461. log_event "$E_INVALID" "$EVENT"
  462. exit $E_INVALID
  463. fi
  464. }
  465. # Network interface
  466. validate_format_interface() {
  467. netdevices=$(cat /proc/net/dev | grep : | cut -f 1 -d : | tr -d ' ')
  468. if [ -z $(echo "$netdevices"| grep -x $1) ]; then
  469. echo "Error: intreface $1 is not valid"
  470. log_event "$E_INVALID" "$EVENT"
  471. exit $E_INVALID
  472. fi
  473. }
  474. # IP address
  475. validate_format_ip() {
  476. valid_octets=0
  477. for octet in ${1//./ }; do
  478. if [[ $octet =~ ^[0-9]{1,3}$ ]] && [[ $octet -le 255 ]]; then
  479. ((++valid_octets))
  480. fi
  481. done
  482. if [ "$valid_octets" -lt 4 ]; then
  483. echo "Error: ip $1 is not valid"
  484. log_event "$E_INVALID" "$EVENT"
  485. exit $E_INVALID
  486. fi
  487. }
  488. # IP address status
  489. validate_format_ip_status() {
  490. if [ -z "$(echo shared,dedicated | grep -w $1 )" ]; then
  491. echo "Error: ip_status $1 is not valid"
  492. log_event "$E_INVALID" "$EVENT"
  493. exit $E_INVALID
  494. fi
  495. }
  496. # Email address
  497. validate_format_email() {
  498. local_part=$(echo $1 | cut -s -f1 -d\@)
  499. remote_host=$(echo $1 | cut -s -f2 -d\@)
  500. mx_failed=1
  501. if [ ! -z "$remote_host" ] && [ ! -z "$local_part" ]; then
  502. /usr/bin/host -t mx "$remote_host" &> /dev/null
  503. mx_failed="$?"
  504. fi
  505. if [ "$mx_failed" -eq 1 ]; then
  506. echo "Error: email $1 is not valid"
  507. log_event "$E_INVALID" "$EVENT"
  508. exit $E_INVALID
  509. fi
  510. }
  511. # Username
  512. validate_format_username() {
  513. if ! [[ "$1" =~ ^[a-zA-Z0-9]+([\.|_][a-zA-Z0-9]+)?$ ]]; then
  514. echo "Error: $2 $1 is not valid"
  515. log_event "$E_INVALID" "$EVENT"
  516. exit $E_INVALID
  517. fi
  518. if [[ "${#1}" -gt 28 ]]; then
  519. echo "Error: $2 $1 is not valid"
  520. log_event "$E_INVALID" "$EVENT"
  521. exit $E_INVALID
  522. fi
  523. }
  524. # Domain
  525. validate_format_domain() {
  526. exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|_|/|\|\"|'|;|%|\`| ]"
  527. if [[ "$1" =~ $exclude ]] || [[ "$1" =~ "^[0-9]+$" ]]; then
  528. echo "Error: domain $1 is not valid"
  529. log_event "$E_INVALID" "$EVENT"
  530. exit $E_INVALID
  531. fi
  532. }
  533. # Domain alias
  534. validate_format_domain_alias() {
  535. exclude="[!|@|#|$|^|&|(|)|+|=|{|}|:|,|<|>|?|_|/|\|\"|'|;|%|\`| ]"
  536. if [[ "$1" =~ $exclude ]] || [[ "$1" =~ "^[0-9]+$" ]]; then
  537. echo "Error: domain alias $1 is not valid"
  538. log_event "$E_INVALID" "$EVENT"
  539. exit $E_INVALID
  540. fi
  541. }
  542. # Database
  543. validate_format_database() {
  544. exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|.|<|>|?|/|\|\"|'|;|%|\`| ]"
  545. if [[ "$1" =~ $exclude ]] || [ 17 -le ${#1} ]; then
  546. echo "Error: database $1 is not valid"
  547. log_event "$E_INVALID" "$EVENT"
  548. exit $E_INVALID
  549. fi
  550. }
  551. # DNS type
  552. validate_format_dns_type() {
  553. known_dnstype='A,AAAA,NS,CNAME,MX,TXT,SRV,DNSKEY,KEY,IPSECKEY,PTR,SPF'
  554. if [ -z "$(echo $known_dnstype | grep -w $1)" ]; then
  555. echo "Error: dnstype $1 is not valid"
  556. log_event "$E_INVALID" "$EVENT"
  557. exit $E_INVALID
  558. fi
  559. }
  560. # DKIM key size
  561. validate_format_key_size() {
  562. known_size='128,256,512,768,1024,2048'
  563. if [ -z "$(echo $known_size | grep -w $1)" ]; then
  564. echo "Error: key_size $1 is not valid"
  565. log_event "$E_INVALID" "$EVENT"
  566. exit $E_INVALID
  567. fi
  568. }
  569. # Minute / Hour / Day / Month / Day of Week
  570. validate_format_mhdmw() {
  571. limit=60
  572. check_format=''
  573. if [ "$2" = 'day' ]; then
  574. limit=31
  575. fi
  576. if [ "$2" = 'month' ]; then
  577. limit=12
  578. fi
  579. if [ "$2" = 'wday' ]; then
  580. limit=7
  581. fi
  582. if [ "$1" = '*' ]; then
  583. check_format='ok'
  584. fi
  585. if [[ "$1" =~ ^[\*]+[/]+[0-9] ]]; then
  586. if [ "$(echo $1 |cut -f 2 -d /)" -lt $limit ]; then
  587. check_format='ok'
  588. fi
  589. fi
  590. if [[ "$1" =~ ^[0-9]+$ ]] && [ "$1" -lt $limit ]; then
  591. check_format='ok'
  592. fi
  593. if [ "$check_format" != 'ok' ]; then
  594. echo "Error: $2 $1 is not valid"
  595. log_event "$E_INVALID" "$EVENT"
  596. exit $E_INVALID
  597. fi
  598. }
  599. # Nginx static extention or DNS record
  600. validate_format_common() {
  601. exclude="[!|#|$|^|&|(|)|+|=|{|}|:|<|>|?|/|\|\"|'|;|%|\`| ]"
  602. if [[ "$1" =~ $exclude ]] || [ 200 -le ${#1} ]; then
  603. echo "Error: $2 $1 is not valid"
  604. log_event "$E_INVALID" "$EVENT"
  605. exit $E_INVALID
  606. fi
  607. }
  608. # DNS record value
  609. validate_format_dvalue() {
  610. record_types="$(echo A,AAAA,NS,CNAME | grep -w "$rtype")"
  611. if [[ "$1" =~ [\ ] ]] && [ ! -z "$record_types" ]; then
  612. echo "Error: dvalue $1 is not valid"
  613. log_event "$E_INVALID" "$EVENT"
  614. exit $E_INVALID
  615. fi
  616. if [ "$rtype" = 'A' ]; then
  617. validate_format_ip "$1"
  618. fi
  619. if [ "$rtype" = 'NS' ]; then
  620. validate_format_domain "$1"
  621. fi
  622. if [ "$rtype" = 'MX' ]; then
  623. validate_format_domain "$1"
  624. validate_format_int "$priority"
  625. fi
  626. }
  627. # Date
  628. validate_format_date() {
  629. if ! [[ "$1" =~ ^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$ ]]; then
  630. echo "Error: date $1 is not valid"
  631. log_event "$E_INVALID" "$EVENT"
  632. exit $E_INVALID
  633. fi
  634. }
  635. # Autoreply
  636. validate_format_autoreply() {
  637. exclude="[$|\`]"
  638. if [[ "$1" =~ $exclude ]] || [ 10240 -le ${#1} ]; then
  639. echo "Error: autoreply is not valid"
  640. log_event "$E_INVALID" "$EVENT"
  641. exit $E_INVALID
  642. fi
  643. }
  644. # Format validation controller
  645. validate_format(){
  646. for arg_name in $*; do
  647. eval arg=\$$arg_name
  648. if [ -z "$arg" ]; then
  649. echo "Error: argument $arg_name is not valid (empty)"
  650. log_event "$E_INVALID" "$EVENT"
  651. exit $E_INVALID
  652. fi
  653. case $arg_name in
  654. account) validate_format_username "$arg" "$arg_name" ;;
  655. antispam) validate_format_boolean "$arg" 'antispam' ;;
  656. antivirus) validate_format_boolean "$arg" 'antivirus' ;;
  657. autoreply) validate_format_autoreply "$arg" ;;
  658. backup) validate_format_date "$arg" ;;
  659. charset) validate_format_username "$arg" "$arg_name" ;;
  660. charsets) validate_format_common "$arg" 'charsets' ;;
  661. database) validate_format_database "$arg" ;;
  662. day) validate_format_mhdmw "$arg" $arg_name ;;
  663. dbpass) validate_format_password "$arg" ;;
  664. dbuser) validate_format_database "$arg" ;;
  665. dkim) validate_format_boolean "$arg" 'dkim' ;;
  666. dkim_size) validate_format_key_size "$arg" ;;
  667. domain) validate_format_domain "$arg" ;;
  668. dom_alias) validate_format_domain_alias "$arg" ;;
  669. dvalue) validate_format_dvalue "$arg";;
  670. email) validate_format_email "$arg" ;;
  671. exp) validate_format_date "$arg" ;;
  672. extentions) validate_format_common "$arg" 'extentions' ;;
  673. fname) validate_format_username "$arg" "$arg_name" ;;
  674. forward) validate_format_email "$arg" ;;
  675. ftp_password) validate_format_password "$arg" ;;
  676. ftp_user) validate_format_username "$arg" "$arg_name" ;;
  677. host) validate_format_domain "$arg" "$arg_name" ;;
  678. hour) validate_format_mhdmw "$arg" $arg_name ;;
  679. id) validate_format_int "$arg" ;;
  680. interface) validate_format_interface "$arg" ;;
  681. ip) validate_format_ip "$arg" ;;
  682. ip_name) validate_format_domain "$arg" ;;
  683. ip_status) validate_format_ip_status "$arg" ;;
  684. job) validate_format_int "$arg" ;;
  685. key) validate_format_username "$arg" "$arg_name" ;;
  686. lname) validate_format_username "$arg" "$arg_name" ;;
  687. malias) validate_format_username "$arg" "$arg_name" ;;
  688. mask) validate_format_ip "$arg" ;;
  689. max_db) validate_format_int "$arg" ;;
  690. min) validate_format_mhdmw "$arg" $arg_name ;;
  691. month) validate_format_mhdmw "$arg" $arg_name ;;
  692. ns1) validate_format_domain "$arg" ;;
  693. ns2) validate_format_domain "$arg" ;;
  694. ns3) validate_format_domain "$arg" ;;
  695. ns4) validate_format_domain "$arg" ;;
  696. package) validate_format_username "$arg" "$arg_name" ;;
  697. password) validate_format_password "$arg" ;;
  698. port) validate_format_int "$arg" ;;
  699. quota) validate_format_int "$arg" ;;
  700. restart) validate_format_boolean "$arg" 'restart' ;;
  701. record) validate_format_common "$arg" 'record';;
  702. rtype) validate_format_dns_type "$arg" ;;
  703. shell) validate_format_shell "$arg" ;;
  704. soa) validate_format_domain "$arg" ;;
  705. stats_pass) validate_format_password "$arg" ;;
  706. stats_user) validate_format_username "$arg" "$arg_name" ;;
  707. template) validate_format_username "$arg" "$arg_name" ;;
  708. ttl) validate_format_int "$arg" ;;
  709. user) validate_format_username "$arg" "$arg_name" ;;
  710. wday) validate_format_mhdmw "$arg" $arg_name ;;
  711. esac
  712. done
  713. }