mirror of
https://github.com/lucaspalomodevelop/core.git
synced 2026-03-16 09:34:39 +00:00
src: varetc_path gone; now we're getting somewhere...
This commit is contained in:
Franco Fichtner
parent
fffc9000b1
commit
7773bb31cd
@ -212,7 +212,7 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
|
||||
else
|
||||
$message = 0;
|
||||
|
||||
include("{$g['varetc_path']}/captiveportal-{$cpzone}-logout.html");
|
||||
include("/var/etc/captiveportal-{$cpzone}-logout.html");
|
||||
|
||||
} else {
|
||||
// TODO: remove? should be handled by login page
|
||||
@ -422,7 +422,7 @@ function captiveportal_configure_zone($cpcfg) {
|
||||
$htmltext = get_default_captive_portal_html();
|
||||
}
|
||||
|
||||
$fd = @fopen("{$g['varetc_path']}/captiveportal_{$cpzone}.html", "w");
|
||||
$fd = @fopen("/var/etc/captiveportal_{$cpzone}.html", "w");
|
||||
if ($fd) {
|
||||
// Special case handling. Convert so that we can pass this page
|
||||
// through the PHP interpreter later without clobbering the vars.
|
||||
@ -450,7 +450,7 @@ function captiveportal_configure_zone($cpcfg) {
|
||||
$errtext = get_default_captive_portal_html();
|
||||
}
|
||||
|
||||
$fd = @fopen("{$g['varetc_path']}/captiveportal-{$cpzone}-error.html", "w");
|
||||
$fd = @fopen("/var/etc/captiveportal-{$cpzone}-error.html", "w");
|
||||
if ($fd) {
|
||||
// Special case handling. Convert so that we can pass this page
|
||||
// through the PHP interpreter later without clobbering the vars.
|
||||
@ -510,7 +510,7 @@ document.location.href="<?=\$my_redirurl;?>";
|
||||
EOD;
|
||||
}
|
||||
|
||||
$fd = @fopen("{$g['varetc_path']}/captiveportal-{$cpzone}-logout.html", "w");
|
||||
$fd = @fopen("/var/etc/captiveportal-{$cpzone}-logout.html", "w");
|
||||
if ($fd) {
|
||||
fwrite($fd, $logouttext);
|
||||
fclose($fd);
|
||||
@ -553,9 +553,9 @@ EOD;
|
||||
killbypid("/var/run/lighty-{$cpzone}-CaptivePortal.pid");
|
||||
killbypid("/var/run/lighty-{$cpzone}-CaptivePortal-SSL.pid");
|
||||
killbypid("/var/run/cp_prunedb_{$cpzone}.pid");
|
||||
@unlink("{$g['varetc_path']}/captiveportal_{$cpzone}.html");
|
||||
@unlink("{$g['varetc_path']}/captiveportal-{$cpzone}-error.html");
|
||||
@unlink("{$g['varetc_path']}/captiveportal-{$cpzone}-logout.html");
|
||||
@unlink("/var/etc/captiveportal_{$cpzone}.html");
|
||||
@unlink("/var/etc/captiveportal-{$cpzone}-error.html");
|
||||
@unlink("/var/etc/captiveportal-{$cpzone}-logout.html");
|
||||
|
||||
captiveportal_radius_stop_all();
|
||||
|
||||
@ -637,7 +637,7 @@ function captiveportal_init_webgui_zone($cpcfg)
|
||||
}
|
||||
|
||||
system_generate_lighty_config(
|
||||
"{$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal-SSL.conf",
|
||||
"/var/etc/lighty-{$cpzone}-CaptivePortal-SSL.conf",
|
||||
$crt,
|
||||
$key,
|
||||
$ca,
|
||||
@ -658,7 +658,7 @@ function captiveportal_init_webgui_zone($cpcfg)
|
||||
}
|
||||
|
||||
system_generate_lighty_config(
|
||||
"{$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal.conf",
|
||||
"/var/etc/lighty-{$cpzone}-CaptivePortal.conf",
|
||||
"",
|
||||
"",
|
||||
"",
|
||||
@ -672,12 +672,12 @@ function captiveportal_init_webgui_zone($cpcfg)
|
||||
|
||||
@unlink("{$g['varrun']}/lighty-{$cpzone}-CaptivePortal.pid");
|
||||
/* attempt to start lighttpd */
|
||||
$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal.conf");
|
||||
$res = mwexec("/usr/local/sbin/lighttpd -f /var/etc/lighty-{$cpzone}-CaptivePortal.conf");
|
||||
|
||||
/* fire up https instance */
|
||||
if (isset($cpcfg['httpslogin'])) {
|
||||
@unlink("{$g['varrun']}/lighty-{$cpzone}-CaptivePortal-SSL.pid");
|
||||
$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal-SSL.conf");
|
||||
$res = mwexec("/usr/local/sbin/lighttpd -f /var/etc/lighty-{$cpzone}-CaptivePortal-SSL.conf");
|
||||
}
|
||||
}
|
||||
|
||||
@ -1318,9 +1318,9 @@ function portal_reply_page($redirurl, $type = null, $message = null, $clientmac
|
||||
header("Location: {$redirurl}");
|
||||
return;
|
||||
} else if ($type == "login")
|
||||
$htmltext = get_include_contents("{$g['varetc_path']}/captiveportal_{$cpzone}.html");
|
||||
$htmltext = get_include_contents("/var/etc/captiveportal_{$cpzone}.html");
|
||||
else
|
||||
$htmltext = get_include_contents("{$g['varetc_path']}/captiveportal-{$cpzone}-error.html");
|
||||
$htmltext = get_include_contents("/var/etc/captiveportal-{$cpzone}-error.html");
|
||||
|
||||
$cpcfg = $config['captiveportal'][$cpzone];
|
||||
|
||||
|
||||
@ -37,7 +37,6 @@ $g = array(
|
||||
"factory_shipped_password" => "opnsense",
|
||||
"dhcpd_chroot_path" => "/var/dhcpd",
|
||||
"unbound_chroot_path" => "/var/unbound",
|
||||
"varetc_path" => "/var/etc",
|
||||
"admin_group" => "admins",
|
||||
"product_name" => "OPNsense",
|
||||
"product_website" => "https://opnsense.org",
|
||||
|
||||
@ -98,8 +98,8 @@ if (!$username || !$password) {
|
||||
/* Replaced by a sed with propper variables used below(ldap parameters). */
|
||||
//<template>
|
||||
|
||||
if (file_exists("{$g['varetc_path']}/openvpn/{$modeid}.ca")) {
|
||||
putenv("LDAPTLS_CACERT={$g['varetc_path']}/openvpn/{$modeid}.ca");
|
||||
if (file_exists("/var/etc/openvpn/{$modeid}.ca")) {
|
||||
putenv("LDAPTLS_CACERT=/var/etc/openvpn/{$modeid}.ca");
|
||||
putenv("LDAPTLS_REQCERT=never");
|
||||
}
|
||||
|
||||
|
||||
@ -367,10 +367,9 @@ function openvpn_add_custom(& $settings, & $conf) {
|
||||
}
|
||||
}
|
||||
|
||||
function openvpn_add_keyfile(& $data, & $conf, $mode_id, $directive, $opt = "") {
|
||||
global $g;
|
||||
|
||||
$fpath = $g['varetc_path']."/openvpn/{$mode_id}.{$directive}";
|
||||
function openvpn_add_keyfile(&$data, &$conf, $mode_id, $directive, $opt = '')
|
||||
{
|
||||
$fpath = "/var/etc/openvpn/{$mode_id}.{$directive}";
|
||||
openvpn_create_dirs();
|
||||
file_put_contents($fpath, base64_decode($data));
|
||||
//chown($fpath, 'nobody');
|
||||
@ -530,7 +529,7 @@ function openvpn_reconfigure($mode, $settings)
|
||||
// See ticket #1417
|
||||
if (!empty($ip) && !empty($mask) && ($cidr < 30)) {
|
||||
$conf .= "server {$ip} {$mask}\n";
|
||||
$conf .= "client-config-dir {$g['varetc_path']}/openvpn-csc\n";
|
||||
$conf .= "client-config-dir /var/etc/openvpn-csc\n";
|
||||
if(is_ipaddr($ipv6))
|
||||
$conf .= "server-ipv6 {$ipv6}/{$prefix}\n";
|
||||
}
|
||||
@ -557,7 +556,7 @@ function openvpn_reconfigure($mode, $settings)
|
||||
$conf .= "server {$ip} {$mask}\n";
|
||||
if(is_ipaddr($ipv6))
|
||||
$conf .= "server-ipv6 {$ipv6}/{$prefix}\n";
|
||||
$conf .= "client-config-dir {$g['varetc_path']}/openvpn-csc\n";
|
||||
$conf .= "client-config-dir /var/etc/openvpn-csc\n";
|
||||
} else {
|
||||
if ($settings['serverbridge_dhcp']) {
|
||||
if ((!empty($settings['serverbridge_interface'])) && (strcmp($settings['serverbridge_interface'], "none"))) {
|
||||
@ -565,7 +564,7 @@ function openvpn_reconfigure($mode, $settings)
|
||||
$biface_sm=gen_subnet_mask(get_interface_subnet($settings['serverbridge_interface']));
|
||||
if (is_ipaddrv4($biface_ip) && is_ipaddrv4($settings['serverbridge_dhcp_start']) && is_ipaddrv4($settings['serverbridge_dhcp_end'])) {
|
||||
$conf .= "server-bridge {$biface_ip} {$biface_sm} {$settings['serverbridge_dhcp_start']} {$settings['serverbridge_dhcp_end']}\n";
|
||||
$conf .= "client-config-dir {$g['varetc_path']}/openvpn-csc\n";
|
||||
$conf .= "client-config-dir /var/etc/openvpn-csc\n";
|
||||
} else {
|
||||
$conf .= "mode server\n";
|
||||
}
|
||||
@ -611,7 +610,7 @@ function openvpn_reconfigure($mode, $settings)
|
||||
|
||||
// The management port to listen on
|
||||
// Use unix socket to overcome the problem on any type of server
|
||||
$conf .= "management {$g['varetc_path']}/openvpn/{$mode_id}.sock unix\n";
|
||||
$conf .= "management /var/etc/openvpn/{$mode_id}.sock unix\n";
|
||||
//$conf .= "management 127.0.0.1 {$settings['local_port']}\n";
|
||||
|
||||
if ($settings['maxclients'])
|
||||
@ -663,7 +662,7 @@ function openvpn_reconfigure($mode, $settings)
|
||||
$conf .= "lport 0\n";
|
||||
|
||||
// Use unix socket to overcome the problem on any type of server
|
||||
$conf .= "management {$g['varetc_path']}/openvpn/{$mode_id}.sock unix\n";
|
||||
$conf .= "management /var/etc/openvpn/{$mode_id}.sock unix\n";
|
||||
|
||||
// The remote server
|
||||
$conf .= "remote {$settings['server_addr']} {$settings['server_port']}\n";
|
||||
@ -691,7 +690,7 @@ function openvpn_reconfigure($mode, $settings)
|
||||
}
|
||||
|
||||
if ($settings['auth_user'] && $settings['auth_pass']) {
|
||||
$up_file = "{$g['varetc_path']}/openvpn/{$mode_id}.up";
|
||||
$up_file = "/var/etc/openvpn/{$mode_id}.up";
|
||||
$conf .= "auth-user-pass {$up_file}\n";
|
||||
$userpass = "{$settings['auth_user']}\n";
|
||||
$userpass .= "{$settings['auth_pass']}\n";
|
||||
@ -701,10 +700,10 @@ function openvpn_reconfigure($mode, $settings)
|
||||
if ($settings['proxy_addr']) {
|
||||
$conf .= "http-proxy {$settings['proxy_addr']} {$settings['proxy_port']}";
|
||||
if ($settings['proxy_authtype'] != "none") {
|
||||
$conf .= " {$g['varetc_path']}/openvpn/{$mode_id}.pas {$settings['proxy_authtype']}";
|
||||
$conf .= " /var/etc/openvpn/{$mode_id}.pas {$settings['proxy_authtype']}";
|
||||
$proxypas = "{$settings['proxy_user']}\n";
|
||||
$proxypas .= "{$settings['proxy_passwd']}\n";
|
||||
file_put_contents("{$g['varetc_path']}/openvpn/{$mode_id}.pas", $proxypas);
|
||||
file_put_contents("/var/etc/openvpn/{$mode_id}.pas", $proxypas);
|
||||
}
|
||||
$conf .= " \n";
|
||||
}
|
||||
@ -787,18 +786,18 @@ function openvpn_reconfigure($mode, $settings)
|
||||
openvpn_add_custom($settings, $conf);
|
||||
|
||||
openvpn_create_dirs();
|
||||
$fpath = "{$g['varetc_path']}/openvpn/{$mode_id}.conf";
|
||||
$fpath = "/var/etc/openvpn/{$mode_id}.conf";
|
||||
file_put_contents($fpath, $conf);
|
||||
unset($conf);
|
||||
$fpath = "{$g['varetc_path']}/openvpn/{$mode_id}.interface";
|
||||
$fpath = "/var/etc/openvpn/{$mode_id}.interface";
|
||||
file_put_contents($fpath, $interface);
|
||||
//chown($fpath, 'nobody');
|
||||
//chgrp($fpath, 'nobody');
|
||||
@chmod("{$g['varetc_path']}/openvpn/{$mode_id}.conf", 0600);
|
||||
@chmod("{$g['varetc_path']}/openvpn/{$mode_id}.interface", 0600);
|
||||
@chmod("{$g['varetc_path']}/openvpn/{$mode_id}.key", 0600);
|
||||
@chmod("{$g['varetc_path']}/openvpn/{$mode_id}.tls-auth", 0600);
|
||||
@chmod("{$g['varetc_path']}/openvpn/{$mode_id}.conf", 0600);
|
||||
@chmod("/var/etc/openvpn/{$mode_id}.conf", 0600);
|
||||
@chmod("/var/etc/openvpn/{$mode_id}.interface", 0600);
|
||||
@chmod("/var/etc/openvpn/{$mode_id}.key", 0600);
|
||||
@chmod("/var/etc/openvpn/{$mode_id}.tls-auth", 0600);
|
||||
@chmod("/var/etc/openvpn/{$mode_id}.conf", 0600);
|
||||
}
|
||||
|
||||
function openvpn_restart($mode, $settings)
|
||||
@ -833,7 +832,7 @@ function openvpn_restart($mode, $settings)
|
||||
}
|
||||
|
||||
/* start the new process */
|
||||
$fpath = $g['varetc_path']."/openvpn/{$mode_id}.conf";
|
||||
$fpath = "/var/etc/openvpn/{$mode_id}.conf";
|
||||
openvpn_clear_route($mode, $settings);
|
||||
mwexec_bg("/usr/local/sbin/openvpn --config " . escapeshellarg($fpath));
|
||||
|
||||
@ -870,7 +869,7 @@ function openvpn_delete($mode, & $settings)
|
||||
mwexec("/sbin/ifconfig " . escapeshellarg($devname) . " name " . escapeshellarg($tunname));
|
||||
|
||||
/* remove the configuration files */
|
||||
@array_map('unlink', glob("{$g['varetc_path']}/openvpn/{$mode_id}.*"));
|
||||
@array_map('unlink', glob("/var/etc/openvpn/{$mode_id}.*"));
|
||||
}
|
||||
|
||||
function openvpn_cleanup_csc($common_name)
|
||||
@ -878,10 +877,11 @@ function openvpn_cleanup_csc($common_name)
|
||||
@unlink('/var/etc/openvpn-csc/' . basename($common_name));
|
||||
}
|
||||
|
||||
function openvpn_resync_csc(& $settings) {
|
||||
function openvpn_resync_csc(&$settings)
|
||||
{
|
||||
global $g, $config;
|
||||
|
||||
$fpath = $g['varetc_path']."/openvpn-csc/".$settings['common_name'];
|
||||
$fpath = "/var/etc/openvpn-csc/{$settings['common_name']}";
|
||||
|
||||
if (isset($settings['disable'])) {
|
||||
@unlink($fpath);
|
||||
@ -1034,7 +1034,7 @@ function openvpn_get_active_servers($type="multipoint") {
|
||||
$server['conns'] = array();
|
||||
$server['vpnid'] = $settings['vpnid'];
|
||||
$server['mgmt'] = "server{$server['vpnid']}";
|
||||
$socket = "unix://{$g['varetc_path']}/openvpn/{$server['mgmt']}.sock";
|
||||
$socket = "unix:///var/etc/openvpn/{$server['mgmt']}.sock";
|
||||
list($tn, $sm) = explode('/', $settings['tunnel_network']);
|
||||
|
||||
if ((($server['mode'] == "p2p_shared_key") || ($sm >= 30) ) && ($type == "p2p"))
|
||||
@ -1136,7 +1136,7 @@ function openvpn_get_active_clients() {
|
||||
|
||||
$client['vpnid'] = $settings['vpnid'];
|
||||
$client['mgmt'] = "client{$client['vpnid']}";
|
||||
$socket = "unix://{$g['varetc_path']}/openvpn/{$client['mgmt']}.sock";
|
||||
$socket = "unix:///var/etc/openvpn/{$client['mgmt']}.sock";
|
||||
$client['status']="down";
|
||||
|
||||
$clients[] = openvpn_get_client_status($client, $socket);
|
||||
@ -1255,7 +1255,7 @@ function openvpn_refresh_crls() {
|
||||
if (!empty($settings['crlref'])) {
|
||||
$crl = lookup_crl($settings['crlref']);
|
||||
crl_update($crl);
|
||||
$fpath = $g['varetc_path']."/openvpn/server{$settings['vpnid']}.crl-verify";
|
||||
$fpath = "/var/etc/openvpn/server{$settings['vpnid']}.crl-verify";
|
||||
file_put_contents($fpath, base64_decode($crl['text']));
|
||||
@chmod($fpath, 0644);
|
||||
}
|
||||
|
||||
@ -34,7 +34,6 @@ require_once("vpn.inc");
|
||||
require_once("vslb.inc");
|
||||
require_once("gwlb.inc");
|
||||
|
||||
|
||||
if (!function_exists('get_services')) {
|
||||
|
||||
function get_services() {
|
||||
@ -386,7 +385,7 @@ if (!function_exists('service_control_start')) {
|
||||
$vpnmode = isset($extras['vpnmode']) ? htmlspecialchars($extras['vpnmode']) : htmlspecialchars($extras['mode']);
|
||||
if (($vpnmode == "server") || ($vpnmode == "client")) {
|
||||
$id = isset($extras['vpnid']) ? htmlspecialchars($extras['vpnid']) : htmlspecialchars($extras['id']);
|
||||
$configfile = "{$g['varetc_path']}/openvpn/{$vpnmode}{$id}.conf";
|
||||
$configfile = "/var/etc/openvpn/{$vpnmode}{$id}.conf";
|
||||
if (file_exists($configfile))
|
||||
openvpn_restart_by_vpnid($vpnmode, $id);
|
||||
}
|
||||
@ -530,7 +529,7 @@ if (!function_exists('service_control_restart')) {
|
||||
$vpnmode = htmlspecialchars($extras['vpnmode']);
|
||||
if ($vpnmode == "server" || $vpnmode == "client") {
|
||||
$id = htmlspecialchars($extras['id']);
|
||||
$configfile = "{$g['varetc_path']}/openvpn/{$vpnmode}{$id}.conf";
|
||||
$configfile = "/var/etc/openvpn/{$vpnmode}{$id}.conf";
|
||||
if (file_exists($configfile))
|
||||
openvpn_restart_by_vpnid($vpnmode, $id);
|
||||
}
|
||||
|
||||
@ -304,7 +304,7 @@ function services_radvd_configure($blacklist = array())
|
||||
}
|
||||
|
||||
/* write radvd.conf */
|
||||
if (!@file_put_contents("{$g['varetc_path']}/radvd.conf", $radvdconf)) {
|
||||
if (!@file_put_contents("/var/etc/radvd.conf", $radvdconf)) {
|
||||
log_error("Error: cannot open radvd.conf in services_radvd_configure().\n");
|
||||
if (file_exists("/var/run/booting"))
|
||||
printf("Error: cannot open radvd.conf in services_radvd_configure().\n");
|
||||
@ -1919,7 +1919,7 @@ function services_snmpd_configure()
|
||||
echo gettext("Starting SNMP daemon... ");
|
||||
|
||||
/* generate snmpd.conf */
|
||||
$fd = fopen("{$g['varetc_path']}/snmpd.conf", "w");
|
||||
$fd = fopen("/var/etc/snmpd.conf", "w");
|
||||
if (!$fd) {
|
||||
printf(gettext("Error: cannot open snmpd.conf in services_snmpd_configure().%s"),"\n");
|
||||
return 1;
|
||||
@ -2092,7 +2092,7 @@ EOD;
|
||||
}
|
||||
|
||||
/* run bsnmpd */
|
||||
mwexec("/usr/sbin/bsnmpd -c {$g['varetc_path']}/snmpd.conf" .
|
||||
mwexec("/usr/sbin/bsnmpd -c /var/etc/snmpd.conf" .
|
||||
"{$bindlan} -p /var/run/snmpd.pid");
|
||||
|
||||
if (file_exists("/var/run/booting"))
|
||||
@ -2143,7 +2143,7 @@ function services_dnsupdate_process($int = '', $updatehost = '', $forced = false
|
||||
/* write private key file
|
||||
this is dumb - public and private keys are the same for HMAC-MD5,
|
||||
but nsupdate insists on having both */
|
||||
$fd = fopen("{$g['varetc_path']}/K{$i}{$keyname}+157+00000.private", "w");
|
||||
$fd = fopen("/var/etc/K{$i}{$keyname}+157+00000.private", "w");
|
||||
$privkey = <<<EOD
|
||||
Private-key-format: v1.2
|
||||
Algorithm: 157 (HMAC)
|
||||
@ -2165,7 +2165,7 @@ EOD;
|
||||
$proto = 2;
|
||||
}
|
||||
|
||||
$fd = fopen("{$g['varetc_path']}/K{$i}{$keyname}+157+00000.key", "w");
|
||||
$fd = fopen("/var/etc/K{$i}{$keyname}+157+00000.key", "w");
|
||||
fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$dnsupdate['keydata']}\n");
|
||||
fclose($fd);
|
||||
|
||||
@ -2218,13 +2218,13 @@ EOD;
|
||||
$upinst .= "\n"; /* mind that trailing newline! */
|
||||
|
||||
if ($need_update) {
|
||||
@file_put_contents("{$g['varetc_path']}/nsupdatecmds{$i}", $upinst);
|
||||
@file_put_contents("/var/etc/nsupdatecmds{$i}", $upinst);
|
||||
unset($upinst);
|
||||
/* invoke nsupdate */
|
||||
$cmd = "/usr/local/bin/nsupdate -k {$g['varetc_path']}/K{$i}{$keyname}+157+00000.key";
|
||||
$cmd = "/usr/local/bin/nsupdate -k /var/etc/K{$i}{$keyname}+157+00000.key";
|
||||
if (isset($dnsupdate['usetcp']))
|
||||
$cmd .= " -v";
|
||||
$cmd .= " {$g['varetc_path']}/nsupdatecmds{$i}";
|
||||
$cmd .= " /var/etc/nsupdatecmds{$i}";
|
||||
mwexec_bg($cmd);
|
||||
unset($cmd);
|
||||
}
|
||||
@ -2380,5 +2380,3 @@ function install_cron_job($command, $active=false, $minute="0", $hour="*", $mont
|
||||
}
|
||||
configure_cron();
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
@ -549,13 +549,13 @@ function system_staticroutes_configure($interface = "", $update_dns = false) {
|
||||
array_unique($filterdns_list);
|
||||
foreach ($filterdns_list as $hostname)
|
||||
$hostnames .= "cmd {$hostname} '/usr/local/opnsense/service/configd_ctl.py \"routedns reload\"'\n";
|
||||
file_put_contents("{$g['varetc_path']}/filterdns-route.hosts", $hostnames);
|
||||
file_put_contents("/var/etc/filterdns-route.hosts", $hostnames);
|
||||
unset($hostnames);
|
||||
|
||||
if (isvalidpid('/var/run/filterdns-route.pid')) {
|
||||
killbypid('/var/run/filterdns-route.pid', 'HUP');
|
||||
} else {
|
||||
mwexec("/usr/local/sbin/filterdns -p /var/run/filterdns-route.pid -i {$interval} -c {$g['varetc_path']}/filterdns-route.hosts -d 1");
|
||||
mwexec("/usr/local/sbin/filterdns -p /var/run/filterdns-route.pid -i {$interval} -c /var/etc/filterdns-route.hosts -d 1");
|
||||
}
|
||||
} else {
|
||||
killbypid('/var/run/filterdns-route.pid');
|
||||
@ -744,7 +744,7 @@ EOD;
|
||||
EOD;
|
||||
}
|
||||
/* write syslog.conf */
|
||||
if (!@file_put_contents("{$g['varetc_path']}/syslog.conf", $syslogconf)) {
|
||||
if (!@file_put_contents("/var/etc/syslog.conf", $syslogconf)) {
|
||||
printf(gettext("Error: cannot open syslog.conf in system_syslogd_start().%s"), "\n");
|
||||
unset($syslogconf);
|
||||
return 1;
|
||||
@ -771,7 +771,7 @@ EOD;
|
||||
}
|
||||
}
|
||||
|
||||
$syslogd_extra = "-f {$g['varetc_path']}/syslog.conf {$sourceip}";
|
||||
$syslogd_extra = "-f /var/etc/syslog.conf {$sourceip}";
|
||||
}
|
||||
|
||||
if (isvalidpid('/var/run/syslog.pid')) {
|
||||
@ -845,7 +845,7 @@ function system_webgui_start()
|
||||
}
|
||||
|
||||
/* generate lighttpd configuration */
|
||||
system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
|
||||
system_generate_lighty_config("/var/etc/lighty-webConfigurator.conf",
|
||||
$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/",
|
||||
"cert.pem", "ca.pem");
|
||||
|
||||
@ -858,7 +858,7 @@ function system_webgui_start()
|
||||
mwexec('/usr/local/etc/rc.php_ini_setup');
|
||||
|
||||
/* attempt to start lighthttpd and return true if ok */
|
||||
return !mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
|
||||
return !mwexec("/usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf");
|
||||
}
|
||||
|
||||
function system_generate_lighty_config(
|
||||
@ -1088,9 +1088,9 @@ EOD;
|
||||
$lighty_config .= "\n";
|
||||
$lighty_config .= "## ssl configuration\n";
|
||||
$lighty_config .= "ssl.engine = \"enable\"\n";
|
||||
$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
|
||||
$lighty_config .= "ssl.pemfile = \"/var/etc/{$cert_location}\"\n\n";
|
||||
if($ca <> "")
|
||||
$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
|
||||
$lighty_config .= "ssl.ca-file = \"/var/etc/{$ca_location}\"\n\n";
|
||||
}
|
||||
$lighty_config .= " }\n";
|
||||
|
||||
@ -1142,30 +1142,30 @@ EOD;
|
||||
$ca = str_replace("\n\n", "\n", $ca);
|
||||
|
||||
if($cert <> "" and $key <> "") {
|
||||
$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
|
||||
$fd = fopen("/var/etc/{$cert_location}", "w");
|
||||
if (!$fd) {
|
||||
printf(gettext("Error: cannot open cert.pem in system_webgui_start().%s"), "\n");
|
||||
return 1;
|
||||
}
|
||||
chmod("{$g['varetc_path']}/{$cert_location}", 0600);
|
||||
chmod("/var/etc/{$cert_location}", 0600);
|
||||
fwrite($fd, $cert);
|
||||
fwrite($fd, "\n");
|
||||
fwrite($fd, $key);
|
||||
fclose($fd);
|
||||
if(!(empty($ca) || (strlen(trim($ca)) == 0))) {
|
||||
$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
|
||||
$fd = fopen("/var/etc/{$ca_location}", "w");
|
||||
if (!$fd) {
|
||||
printf(gettext("Error: cannot open ca.pem in system_webgui_start().%s"), "\n");
|
||||
return 1;
|
||||
}
|
||||
chmod("{$g['varetc_path']}/{$ca_location}", 0600);
|
||||
chmod("/var/etc/{$ca_location}", 0600);
|
||||
fwrite($fd, $ca);
|
||||
fclose($fd);
|
||||
}
|
||||
$lighty_config .= "\n";
|
||||
$lighty_config .= "## " . gettext("ssl configuration") . "\n";
|
||||
$lighty_config .= "ssl.engine = \"enable\"\n";
|
||||
$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
|
||||
$lighty_config .= "ssl.pemfile = \"/var/etc/{$cert_location}\"\n\n";
|
||||
|
||||
// Harden SSL a bit for PCI conformance testing
|
||||
$lighty_config .= "ssl.use-sslv2 = \"disable\"\n";
|
||||
@ -1192,7 +1192,7 @@ EOD;
|
||||
}
|
||||
|
||||
if(!(empty($ca) || (strlen(trim($ca)) == 0)))
|
||||
$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
|
||||
$lighty_config .= "ssl.ca-file = \"/var/etc/{$ca_location}\"\n\n";
|
||||
}
|
||||
|
||||
// Add HTTP to HTTPS redirect
|
||||
|
||||
@ -60,7 +60,7 @@ function voucher_expire($voucher_received) {
|
||||
continue; // seems too short to be a voucher!
|
||||
|
||||
unset($output);
|
||||
$_gb = exec("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher_{$cpzone}.cfg -k {$g['varetc_path']}/voucher_{$cpzone}.public -- $v", $output);
|
||||
$_gb = exec("/usr/local/bin/voucher -c /var/etc/voucher_{$cpzone}.cfg -k /var/etc/voucher_{$cpzone}.public -- $v", $output);
|
||||
list($status, $roll, $nr) = explode(" ", $output[0]);
|
||||
if ($status == "OK") {
|
||||
// check if we have this ticket on a registered roll for this ticket
|
||||
@ -165,7 +165,7 @@ function voucher_auth($voucher_received, $test = 0) {
|
||||
if (strlen($voucher) < 3)
|
||||
continue; // seems too short to be a voucher!
|
||||
|
||||
$result = exec("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher_{$cpzone}.cfg -k {$g['varetc_path']}/voucher_{$cpzone}.public -- $v");
|
||||
$result = exec("/usr/local/bin/voucher -c /var/etc/voucher_{$cpzone}.cfg -k /var/etc/voucher_{$cpzone}.public -- $v");
|
||||
list($status, $roll, $nr) = explode(" ", $result);
|
||||
if ($status == "OK") {
|
||||
if (!$first_voucher) {
|
||||
@ -303,7 +303,7 @@ function voucher_configure_zone($sync = false)
|
||||
|
||||
/* write public key used to verify vouchers */
|
||||
$pubkey = base64_decode($config['voucher'][$cpzone]['publickey']);
|
||||
$fd = fopen("{$g['varetc_path']}/voucher_{$cpzone}.public", "w");
|
||||
$fd = fopen("/var/etc/voucher_{$cpzone}.public", "w");
|
||||
if (!$fd) {
|
||||
captiveportal_syslog("Voucher error: cannot write voucher.public\n");
|
||||
unlock($voucherlck);
|
||||
@ -311,10 +311,10 @@ function voucher_configure_zone($sync = false)
|
||||
}
|
||||
fwrite($fd, $pubkey);
|
||||
fclose($fd);
|
||||
@chmod("{$g['varetc_path']}/voucher_{$cpzone}.public", 0600);
|
||||
@chmod("/var/etc/voucher_{$cpzone}.public", 0600);
|
||||
|
||||
/* write config file used by voucher binary to decode vouchers */
|
||||
$fd = fopen("{$g['varetc_path']}/voucher_{$cpzone}.cfg", "w");
|
||||
$fd = fopen("/var/etc/voucher_{$cpzone}.cfg", "w");
|
||||
if (!$fd) {
|
||||
captiveportal_syslog(gettext("Error: cannot write voucher.cfg") . "\n");
|
||||
unlock($voucherlck);
|
||||
@ -322,7 +322,7 @@ function voucher_configure_zone($sync = false)
|
||||
}
|
||||
fwrite($fd, "{$config['voucher'][$cpzone]['rollbits']},{$config['voucher'][$cpzone]['ticketbits']},{$config['voucher'][$cpzone]['checksumbits']},{$config['voucher'][$cpzone]['magic']},{$config['voucher'][$cpzone]['charset']}\n");
|
||||
fclose($fd);
|
||||
@chmod("{$g['varetc_path']}/voucher_{$cpzone}.cfg", 0600);
|
||||
@chmod("/var/etc/voucher_{$cpzone}.cfg", 0600);
|
||||
unlock($voucherlck);
|
||||
|
||||
if (!$sync) {
|
||||
|
||||
@ -183,8 +183,7 @@ function relayd_configure($kill_first=false) {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$fd = fopen("{$g['varetc_path']}/relayd.conf", "w");
|
||||
$fd = fopen('/var/etc/relayd.conf', 'w');
|
||||
$conf .= "log updates \n";
|
||||
|
||||
/* Global timeout, interval and prefork settings
|
||||
@ -355,13 +354,13 @@ function relayd_configure($kill_first=false) {
|
||||
if (is_process_running('relayd')) {
|
||||
if (! empty($vs_a)) {
|
||||
if ($kill_first) {
|
||||
mwexec('pkill relayd');
|
||||
killbyname('relayd');
|
||||
/* Remove all active relayd anchors now that relayd is no longer running. */
|
||||
cleanup_lb_anchor("*");
|
||||
mwexec("/usr/local/sbin/relayd -f {$g['varetc_path']}/relayd.conf");
|
||||
cleanup_lb_anchor('*');
|
||||
mwexec('/usr/local/sbin/relayd -f /var/etc/relayd.conf');
|
||||
} else {
|
||||
// it's running and there is a config, just reload
|
||||
mwexec("/usr/local/sbin/relayctl reload");
|
||||
mwexec('/usr/local/sbin/relayctl reload');
|
||||
}
|
||||
} else {
|
||||
/*
|
||||
@ -371,7 +370,7 @@ function relayd_configure($kill_first=false) {
|
||||
* mwexec('/usr/local/sbin/relayctl stop');
|
||||
* returns "command failed"
|
||||
*/
|
||||
mwexec('pkill relayd');
|
||||
killbyname('relayd');
|
||||
/* Remove all active relayd anchors now that relayd is no longer running. */
|
||||
cleanup_lb_anchor("*");
|
||||
}
|
||||
@ -379,8 +378,8 @@ function relayd_configure($kill_first=false) {
|
||||
if (! empty($vs_a)) {
|
||||
// not running and there is a config, start it
|
||||
/* Remove all active relayd anchors so it can start fresh. */
|
||||
cleanup_lb_anchor("*");
|
||||
mwexec("/usr/local/sbin/relayd -f {$g['varetc_path']}/relayd.conf");
|
||||
cleanup_lb_anchor('*');
|
||||
mwexec('/usr/local/sbin/relayd -f /var/etc/relayd.conf');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user