[ SEA-GHOST MINI SHELL]
Path : /scripts/ |
|
Current File : //scripts/initquotas |
#!/usr/local/cpanel/3rdparty/bin/perl
# cpanel - scripts/initquotas Copyright 2022 cPanel, L.L.C.
# All rights reserved.
# copyright@cpanel.net http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited
package scripts::initquotas;
use strict;
use warnings;
use IPC::Open3 ();
use Cpanel::ArrayFunc::Uniq ();
use Cpanel::Quota::Filesys ();
use Quota ();
use Cpanel::TimeHiRes ();
use Cpanel::ConfigFiles ();
use Cpanel::Backup::Config ();
use Cpanel::FileUtils::TouchFile ();
use Cpanel::Binaries ();
use Cpanel::FindBin ();
use Cpanel::Filesys::Info ();
use Cpanel::Filesys::FindParse ();
use Cpanel::Filesys::Mounts ();
use Cpanel::SafeRun::Simple ();
use Cpanel::SafeRun::Errors ();
use Cpanel::Transaction::File::Raw ();
use Cpanel::Config::LoadWwwAcctConf ();
use Cpanel::Unix::PID::Tiny ();
use Cpanel::OS ();
use Cpanel::Quota::Cache ();
use Cpanel::SysQuota::Cache ();
use Cpanel::MysqlUtils::Dir ();
use Try::Tiny;
my %cmd = (
'quota' => undef,
'quotaon' => undef,
'quotaoff' => undef,
'quotacheck' => undef,
'convertquota' => undef,
);
our $FSTAB_FILE = '/etc/fstab';
my $ENABLE_QUOTA = 1;
my $DISABLE_QUOTA = 0;
my $pidfile = '/var/run/initquotas.pid';
my @ALL_QUOTA_FILES = ( 'quota.user', 'aquota.user', 'quota.group', 'aquota.group' );
my $supported_file_system_regex = 'ext[234]|reiserfs';
my $journaled_supported_file_system_regex = 'ext[34]|reiserfs';
my $do_quotacheck = ( grep( m/skipquotacheck/i, @ARGV ) || -d '/proc/vz/vzaquota' ) ? 0 : 1;
my $supports_journaled_quota = supports_journaled_quota();
my $mountkeyword = 'remount';
if ( Cpanel::OS::has_quota_support_for_xfs() ) {
$supported_file_system_regex .= '|xfs';
}
my $DEFAULT_MYSQL_DATADIR = '/var/lib/mysql';
if ( !caller() ) {
local $| = 1;
my $upid = Cpanel::Unix::PID::Tiny->new();
# Check for running instances of initquotas.
if ( !$upid->pid_file($pidfile) ) {
my $pid = $upid->get_pid_from_pidfile($pidfile);
print "Another instance of initquotas appears to be running at PID '$pid'.\n";
exit 1;
}
# Check for running instance of quotacheck.
if ( my $pid = $upid->is_pidfile_running('/var/run/quotacheck.pid') ) {
print "An instance of quotacheck appears to be running at PID '$pid'.\n";
exit 1;
}
my $ok = __PACKAGE__->run();
exit( $ok ? 0 : 1 );
}
sub run {
if ( !verify_all_quota_binaries_are_in_place() ) {
return 0;
}
chmod oct(4755), $cmd{'quota'};
my @mount_output = split( /\n/, Cpanel::SafeRun::Simple::saferun('mount') );
my $has_filesystems_with_quota = grep( /with\s+quotas|usrj?quota/, @mount_output ) ? 1 : 0;
my $mount_point_config = get_mount_point_config();
# Modify fstab as needed
my ( $fses_to_convert_arrayref, $mount_cmds_ref, $need_quotacheck ) = setup_quotas($mount_point_config);
# Don't run quotacheck if none of our file systems use it.
$do_quotacheck &&= $need_quotacheck;
if ( @$mount_cmds_ref || $do_quotacheck ) {
local $ENV{'LANG'} = 'C';
my $quota_off = Cpanel::SafeRun::Errors::saferunnoerror( $cmd{'quotaoff'}, '-a' );
foreach my $line ( split( /\n/, $quota_off ) ) {
next if $line =~ /no\s+such\s+process/i;
print "Running quotaoff failed!\n";
Cpanel::SafeRun::Errors::saferunnoerror( $cmd{'quotaon'}, '-a' );
exit 1;
}
}
# Now actually remount the file systems with or without quotas based on the logic above.
# So /etc/fstab matches what is actually going on
foreach my $data ( @{$mount_cmds_ref} ) {
my ( $cmdref, $fstab, $journaled ) = @{$data}{qw/cmd fstab journaled/};
my $result = Cpanel::SafeRun::Errors::saferunallerrors( @{$cmdref} );
if ($result) {
my $cmd = join( " ", @{$cmdref} );
print "Warning: mount failure while executing $cmd: $result\n";
if ($journaled) {
print "Trying non-journaled quotas instead for $cmdref->[-1]\n";
_update_fstab_line( \$fstab, $DISABLE_QUOTA, $journaled );
_update_fstab_line( \$fstab, $ENABLE_QUOTA, 0 );
rebuild_fstab( sub { $data->{'fstab'} eq $_[0] ? $fstab : $_[0] } );
$result = Cpanel::SafeRun::Errors::saferunallerrors( @{$cmdref} );
print "Warning: mount failure while executing $cmd: $result\n" if $result;
}
if ($result) {
print "Disabling quotas for $cmdref->[-1]\n";
_update_fstab_line( \$fstab, $DISABLE_QUOTA, 0 );
rebuild_fstab( sub { $data->{'fstab'} eq $_[0] ? $fstab : $_[0] } );
}
}
}
if ( !$do_quotacheck ) {
Cpanel::SafeRun::Errors::saferunnoerror( $cmd{'quotaon'}, '-a' );
if ( !$need_quotacheck ) {
print "Quotas have been enabled and updated.\n";
}
else {
print "Quotas have been enabled, however they may not be up to date as quotacheck has been skipped.\n";
}
exit 0;
}
purge_quotas($fses_to_convert_arrayref);
Cpanel::Filesys::Mounts::clear_mounts_cache();
run_quota_check();
convert_quotas($fses_to_convert_arrayref);
Cpanel::SafeRun::Errors::saferunnoerror( $cmd{'quotaon'}, '-a' );
reset_quota_caches();
Cpanel::Filesys::Mounts::clear_mounts_cache();
print "Quotas have been enabled and updated.\n";
return 1;
}
sub reset_quota_caches {
Cpanel::SysQuota::Cache::purge_cache();
try {
Cpanel::Quota::Cache::update_quota_cache_dir();
};
# No reason to catch as update_quota_cache_dir
# has already logged the error.
return;
}
sub purge_quotas {
my $fses_to_purge_arrayref = shift;
foreach my $mntpoint (@$fses_to_purge_arrayref) {
_purge_quota_files($mntpoint);
}
return;
}
sub convert_quotas {
my $fses_to_convert_arrayref = shift;
foreach my $mntpoint (@$fses_to_convert_arrayref) {
Cpanel::SafeRun::Errors::saferunnoerror( $cmd{'convertquota'}, $mntpoint ) unless $supports_journaled_quota;
_set_quota_file_perms($mntpoint);
}
return;
}
sub run_quota_check {
my $fs = Cpanel::Quota::Filesys->new();
my $paths_ref = $fs->get_devices_with_quotas_enabled();
print 'Updating Quota Files......';
foreach my $dev ( sort keys %$paths_ref ) {
next if index( $paths_ref->{$dev}{'fstype'}, 'xfs' ) > -1;
next if index( $paths_ref->{$dev}{'mode'}, 'quota' ) == -1;
my ($format) = $paths_ref->{$dev}{'mode'} =~ m{jqfmt=([a-z0-9]+)};
if ( $paths_ref->{$dev}{'mode'} =~ m{usrjquota}i ) {
$format ||= 'vfsv1';
}
my @args = ( '--create-files', '--user', '--group', '--verbose', '--force', '--use-first-dquot', '--no-remount' );
if ($format) {
quotarun( $cmd{'quotacheck'}, @args, '--format=' . $format, $dev );
}
else {
# Cannot detect so do all three
quotarun( $cmd{'quotacheck'}, @args, '--format=vfsold', $dev );
quotarun( $cmd{'quotacheck'}, @args, '--format=vfsv0', $dev );
quotarun( $cmd{'quotacheck'}, @args, '--format=vfsv1', $dev );
}
}
print '....Done' . "\n";
return;
}
sub quotarun {
my (@CMD) = @_;
print "\n\t";
my $empty_dir = q{/var/cpanel/empty_directory};
if ( !-d $empty_dir ) {
die "Cannot create directory '$empty_dir': $!" unless mkdir( $empty_dir, 0700 );
}
local $ENV{'LD_PRELOAD'} = "$Cpanel::ConfigFiles::CPANEL_ROOT/lib/quotacheck_virtfs_wrapper.so";
print "Running Task: “@CMD”.\n";
my $start_time = Cpanel::TimeHiRes::time();
my $qout_fh;
my $pid = IPC::Open3::open3( '>/dev/null', $qout_fh, $qout_fh, @CMD );
while ( read( $qout_fh, $_, 1 ) ) {
syswrite( STDOUT, $_ eq "\n" ? "\n\t" : $_ );
}
print "\n";
close($qout_fh);
waitpid( $pid, 0 );
my $end_time = Cpanel::TimeHiRes::time();
my $exec_time = sprintf( "%.3f", ( $end_time - $start_time ) );
print "Completed Task: “@CMD” in $exec_time second(s).\n";
return;
}
sub _purge_quota_files {
my $mntpoint = shift;
my @files_to_purge = map { ( "$_.new", $_ ) } @ALL_QUOTA_FILES;
foreach my $quota_file (@files_to_purge) {
if ( -e $mntpoint . '/' . $quota_file ) { unlink( $mntpoint . '/' . $quota_file ) }
}
return;
}
sub _set_quota_file_perms {
my $mntpoint = shift;
foreach my $quota_file (@ALL_QUOTA_FILES) {
if ( -e $mntpoint . '/' . $quota_file ) { chmod 0644, $mntpoint . '/' . $quota_file }
}
return;
}
sub wall {
my $wall_txt = shift;
my $wall_cmd = Cpanel::Binaries::path('wall');
-x $wall_cmd
or return;
if ( open( my $wall_fh, '|-' ) || exec($wall_cmd ) ) {
print {$wall_fh} $wall_txt;
close($wall_fh);
}
return;
}
sub rebuild_fstab {
my ($changeref) = @_;
my @CFILE;
my $trans = _get_fstab_transaction();
my $fstab_sr = $trans->get_data();
foreach my $fstab_line ( split( m{^}, $$fstab_sr ) ) {
push @CFILE, &$changeref($fstab_line);
}
my $data = join( '', @CFILE );
$trans->set_data( \$data );
$trans->save_and_close_or_die();
return;
}
sub _get_fstab_transaction {
return Cpanel::Transaction::File::Raw->new( 'path' => $FSTAB_FILE, 'permissions' => 0644, 'restore_original_permissions' => 1 );
}
#
# Cycle though the fstab and add usrquota to all supported filesystems
# and remove from filesystems that should not have them
#
sub setup_quotas { ## no critic(Subroutines::ProhibitExcessComplexity) -- Refactoring this function is a project, not a bug fix
my $mount_point_config = shift;
my @CFILE;
my @MOUNT_CMDS;
my @NEED_CONVERT;
my $wwwacct_ref = Cpanel::Config::LoadWwwAcctConf::loadwwwacctconf();
my $home = $wwwacct_ref->{'HOMEDIR'} || '/home';
my $trans = _get_fstab_transaction();
my $fstab_sr = $trans->get_data();
my $need_quotacheck = 0;
LINE:
foreach my $fstab_line ( split( m{^}, $$fstab_sr ) ) {
if ( $fstab_line =~ /^(\S+)\s*(\S+)/ ) {
if ( $fstab_line =~ /^#/ ) {
push @CFILE, $fstab_line;
next LINE;
}
my ( $dsk, $mntpoint, $fstype, $options, $dump, $pass, @opts ) = split( /\s+/, $fstab_line );
my @options = split( /\s*\,\s*/, $options || '' );
if ( grep( /^(?:ro|noauto|loop)/, @options ) ) {
push @CFILE, $fstab_line;
next LINE;
}
if ( grep( /^noquota/, @options ) ) {
print "The system will leave quotas disabled on $mntpoint because the noquota option was specified in the fstab file.\n";
push @CFILE, $fstab_line;
next LINE;
}
my $has_usr_quota = ( $fstab_line =~ /\bu(srj?)?quota\b/ ? 1 : 0 );
$dsk =~ s/^LABEL=//g;
if ( $fstab_line =~ /\s*$supported_file_system_regex/ ) {
foreach my $quota_file (@ALL_QUOTA_FILES) {
if ( -l $mntpoint . '/' . $quota_file ) {
push( @CFILE, $fstab_line );
next LINE; #openvz
}
}
my $use_journaled = $fstab_line =~ /\s*$journaled_supported_file_system_regex/ ? $supports_journaled_quota : 0;
my $mountpnt_can_do_quota = ( $mntpoint =~ /^(?:\/boot|\/tmp)/ ? 0 : 1 );
$need_quotacheck ||= ( $fstype ne 'xfs' || Cpanel::OS::has_quota_support_for_xfs() ) && $mountpnt_can_do_quota;
my $config = $mount_point_config->{$mntpoint} // {};
$mountpnt_can_do_quota = 0 if $config->{'disable'};
if ( !$mountpnt_can_do_quota && $has_usr_quota ) {
print_config_messages( $config, 'action' );
print "$dsk (removing " . ( $use_journaled ? 'journaled ' : '' ) . "quotas)\n";
_update_fstab_line( \$fstab_line, $DISABLE_QUOTA, $use_journaled );
push @MOUNT_CMDS, { 'cmd' => [ 'mount', '-o', $mountkeyword, $mntpoint ], 'fstab' => $fstab_line, 'journaled' => $use_journaled };
}
elsif ( $mountpnt_can_do_quota && !$has_usr_quota ) {
print_config_messages( $config, 'action' );
print "$dsk (enabling " . ( $use_journaled ? 'journaled ' : '' ) . "quotas)\n";
_update_fstab_line( \$fstab_line, $ENABLE_QUOTA, $use_journaled );
push @MOUNT_CMDS, { 'cmd' => [ 'mount', '-o', $mountkeyword, $mntpoint ], 'fstab' => $fstab_line, 'journaled' => $use_journaled };
}
else {
print_config_messages( $config, 'inaction' );
print "$dsk (already configured quotas = $has_usr_quota).\n";
}
if ( $mountpnt_can_do_quota && $fstype ne 'xfs' ) {
_set_quota_file_perms($mntpoint);
foreach my $quota_file (@ALL_QUOTA_FILES) {
my $quota_file_with_path = $mntpoint eq '/' ? $mntpoint . $quota_file : $mntpoint . '/' . $quota_file;
if ( !-e $quota_file_with_path ) {
Cpanel::FileUtils::TouchFile::touchfile($quota_file_with_path);
}
}
_set_quota_file_perms($mntpoint);
push @NEED_CONVERT, $mntpoint;
}
}
}
push( @CFILE, $fstab_line );
}
my $data = join( '', @CFILE );
$trans->set_data( \$data );
$trans->save_and_close_or_die();
return ( \@NEED_CONVERT, \@MOUNT_CMDS, $need_quotacheck );
}
sub get_mount_point_config {
my %mounts;
# If a mount point exactly matches the MySQL datadir it should be skipped (CPANEL-28760)
my $mysql_datadir = get_mysql_datadir();
my $mysql_datadir_mount = get_mount_point($mysql_datadir);
if ( $mysql_datadir_mount eq $mysql_datadir ) {
$mounts{$mysql_datadir_mount} = {
disable => 1,
message => {
action => "The system will disable quotas on $mysql_datadir_mount because it is a MySQL or MariaDB data directory.",
inaction => "The system will leave quotas disabled on $mysql_datadir_mount because it is a MySQL or MariaDB data directory.",
},
};
}
#NOTE:: QUOTAS CAN BE ON A BACKUP DISK SINCE ALL FILES ARE ALWAYS OWNED BY ROOT -- HOWEVER IT IS SLOW
for my $backup_mount ( @{ get_backup_dir_mount_points() } ) {
if ( $backup_mount eq '/' ) {
$mounts{$backup_mount} = {
disable => 0,
message => {
always => "Warning : Your system does not have a separate filesystem for backups. This may cause performance degradation during the backup process.",
},
};
}
else {
$mounts{$backup_mount} = {
disable => 1,
message => {
action => "The system will disable quotas on $backup_mount in order to prevent performance degradation.",
inaction => "The system will leave quotas disabled on $backup_mount in order to prevent performance degradation.",
},
};
}
}
return \%mounts;
}
# Scans the backup configuraiton for fses that are set to be backup fses that have
# quotas enabled on them and disables them. Returns a hashref list of backup fses that exist
#
sub get_backup_dir_mount_points {
my @mountpoints;
my $backup_dir_ref = Cpanel::Backup::Config::get_backup_dirs();
foreach my $backup_dir ( Cpanel::ArrayFunc::Uniq::uniq( @{$backup_dir_ref} ) ) {
print "checking out $backup_dir\n";
my $backup_mount = get_mount_point($backup_dir);
push @mountpoints, $backup_mount;
}
return \@mountpoints;
}
sub supports_journaled_quota {
require Cpanel::LoadFile;
if ( Cpanel::LoadFile::loadfile('/sbin/quotaon') =~ m/usrjquota/ ) {
print "journaled quota support: kernel supports, user space tools supports (available)\n";
return 1;
}
print "journaled quota support: kernel supports, user space tools not updated (disabled)\n";
return 0;
}
sub _update_fstab_line {
my ( $fstab_line_ref, $action, $supports_journaled_quota ) = @_;
my ( $device, $mntpoint, $fstype, $options, $dump, $pass, @opts ) = split( /\s+/, $$fstab_line_ref );
my @options_list = split( m/\s*,\s*/, $options );
if ( $action == $DISABLE_QUOTA ) {
@options_list = grep( !m/(?:quota|jqfmt)/, @options_list );
push @options_list, 'defaults' if scalar @options_list == 0;
}
else {
@options_list = grep( !m/(?:u(srj?)?quota|jqfmt)/, @options_list );
if ($supports_journaled_quota) {
@options_list = grep( !m/^defaults$/, @options_list ); #defaults seems to cause usrjquota to break on some systems
push @options_list, 'usrjquota=quota.user', 'jqfmt=vfsv1';
}
else {
unshift @options_list, 'defaults' if !grep( m/^defaults$/, @options_list );
my $usrquota = 'usrquota';
if ( Cpanel::OS::has_quota_support_for_xfs() && $$fstab_line_ref =~ m{\bxfs\b} ) {
print "The system will configure quotas on the “$device” which is using the “xfs” filesystem.\n";
print "A reboot will be required to enable quotas on xfs.\n";
$usrquota = 'uquota';
}
push @options_list, $usrquota;
}
}
$options = join( ',', @options_list );
$$fstab_line_ref = join( "\t", $device, $mntpoint, $fstype, $options, $dump, $pass, @opts ) . "\n";
return 1;
}
sub verify_all_quota_binaries_are_in_place {
my @missing_cmds;
foreach my $cmd_name ( keys %cmd ) {
$cmd{$cmd_name} = Cpanel::FindBin::findbin($cmd_name);
if ( !( $cmd{$cmd_name} && -x $cmd{$cmd_name} ) ) {
push @missing_cmds, $cmd_name;
}
}
if ( scalar @missing_cmds ) {
print "Incomplete quota kit: unable to initialize quotas.\n";
print 'Missing commands: ', join( ', ', sort @missing_cmds ), "\n";
return 0;
}
return 1;
}
sub get_mount_point {
my $dir = shift;
my $filesys_ref = Cpanel::Filesys::Info::_all_filesystem_info();
return Cpanel::Filesys::FindParse::find_mount( $filesys_ref, $dir );
}
sub get_mysql_datadir {
my $datadir = Cpanel::MysqlUtils::Dir::getmysqldir() // $DEFAULT_MYSQL_DATADIR;
$datadir =~ s{/$}{}; # Remove any trailing slash.
return $datadir;
}
sub get_config_messages {
my ( $ref, @selections ) = @_;
unshift @selections, 'always' unless grep { $_ eq 'always' } @selections;
return map { $ref->{'message'}->{$_} } grep { exists $ref->{'message'}->{$_} && length $ref->{'message'}->{$_} } @selections;
}
sub print_config_messages {
return unless my @messages = get_config_messages(@_);
print join( "\n", @messages ) . "\n";
return;
}
1;
SEA-GHOST - SHELL CODING BY SEA-GHOST