[HOME]

Path : /scripts/
Upload :
Current File : //scripts/initquotas

#!/usr/local/cpanel/3rdparty/bin/perl

# cpanel - scripts/initquotas                      Copyright 2022 cPanel, L.L.C.
#                                                           All rights reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited

package scripts::initquotas;

use strict;
use warnings;

use IPC::Open3                      ();
use Cpanel::ArrayFunc::Uniq         ();
use Cpanel::Quota::Filesys          ();
use Quota                           ();
use Cpanel::TimeHiRes               ();
use Cpanel::ConfigFiles             ();
use Cpanel::Backup::Config          ();
use Cpanel::FileUtils::TouchFile    ();
use Cpanel::Binaries                ();
use Cpanel::FindBin                 ();
use Cpanel::Filesys::Info           ();
use Cpanel::Filesys::FindParse      ();
use Cpanel::Filesys::Mounts         ();
use Cpanel::SafeRun::Simple         ();
use Cpanel::SafeRun::Errors         ();
use Cpanel::Transaction::File::Raw  ();
use Cpanel::Config::LoadWwwAcctConf ();
use Cpanel::Unix::PID::Tiny         ();
use Cpanel::OS                      ();
use Cpanel::Quota::Cache            ();
use Cpanel::SysQuota::Cache         ();
use Cpanel::MysqlUtils::Dir         ();
use Try::Tiny;

my %cmd = (
    'quota'        => undef,
    'quotaon'      => undef,
    'quotaoff'     => undef,
    'quotacheck'   => undef,
    'convertquota' => undef,
);

our $FSTAB_FILE = '/etc/fstab';
my $ENABLE_QUOTA                          = 1;
my $DISABLE_QUOTA                         = 0;
my $pidfile                               = '/var/run/initquotas.pid';
my @ALL_QUOTA_FILES                       = ( 'quota.user', 'aquota.user', 'quota.group', 'aquota.group' );
my $supported_file_system_regex           = 'ext[234]|reiserfs';
my $journaled_supported_file_system_regex = 'ext[34]|reiserfs';
my $do_quotacheck                         = ( grep( m/skipquotacheck/i, @ARGV ) || -d '/proc/vz/vzaquota' ) ? 0 : 1;
my $supports_journaled_quota              = supports_journaled_quota();
my $mountkeyword                          = 'remount';

if ( Cpanel::OS::has_quota_support_for_xfs() ) {
    $supported_file_system_regex .= '|xfs';
}
my $DEFAULT_MYSQL_DATADIR = '/var/lib/mysql';

if ( !caller() ) {
    local $| = 1;
    my $upid = Cpanel::Unix::PID::Tiny->new();

    # Check for running instances of initquotas.

    if ( !$upid->pid_file($pidfile) ) {
        my $pid = $upid->get_pid_from_pidfile($pidfile);
        print "Another instance of initquotas appears to be running at PID '$pid'.\n";
        exit 1;
    }

    # Check for running instance of quotacheck.

    if ( my $pid = $upid->is_pidfile_running('/var/run/quotacheck.pid') ) {
        print "An instance of quotacheck appears to be running at PID '$pid'.\n";
        exit 1;
    }

    my $ok = __PACKAGE__->run();
    exit( $ok ? 0 : 1 );
}

sub run {

    if ( !verify_all_quota_binaries_are_in_place() ) {
        return 0;
    }

    chmod oct(4755), $cmd{'quota'};

    my @mount_output               = split( /\n/, Cpanel::SafeRun::Simple::saferun('mount') );
    my $has_filesystems_with_quota = grep( /with\s+quotas|usrj?quota/, @mount_output ) ? 1 : 0;
    my $mount_point_config         = get_mount_point_config();

    # Modify fstab as needed
    my ( $fses_to_convert_arrayref, $mount_cmds_ref, $need_quotacheck ) = setup_quotas($mount_point_config);

    # Don't run quotacheck if none of our file systems use it.
    $do_quotacheck &&= $need_quotacheck;

    if ( @$mount_cmds_ref || $do_quotacheck ) {
        local $ENV{'LANG'} = 'C';
        my $quota_off = Cpanel::SafeRun::Errors::saferunnoerror( $cmd{'quotaoff'}, '-a' );

        foreach my $line ( split( /\n/, $quota_off ) ) {
            next if $line =~ /no\s+such\s+process/i;
            print "Running quotaoff failed!\n";
            Cpanel::SafeRun::Errors::saferunnoerror( $cmd{'quotaon'}, '-a' );
            exit 1;
        }
    }

    # Now actually remount the file systems with or without quotas based on the logic above.
    # So /etc/fstab matches what is actually going on
    foreach my $data ( @{$mount_cmds_ref} ) {
        my ( $cmdref, $fstab, $journaled ) = @{$data}{qw/cmd fstab journaled/};
        my $result = Cpanel::SafeRun::Errors::saferunallerrors( @{$cmdref} );
        if ($result) {
            my $cmd = join( " ", @{$cmdref} );
            print "Warning: mount failure while executing $cmd: $result\n";
            if ($journaled) {
                print "Trying non-journaled quotas instead for $cmdref->[-1]\n";
                _update_fstab_line( \$fstab, $DISABLE_QUOTA, $journaled );
                _update_fstab_line( \$fstab, $ENABLE_QUOTA,  0 );
                rebuild_fstab( sub { $data->{'fstab'} eq $_[0] ? $fstab : $_[0] } );
                $result = Cpanel::SafeRun::Errors::saferunallerrors( @{$cmdref} );
                print "Warning: mount failure while executing $cmd: $result\n" if $result;
            }
            if ($result) {
                print "Disabling quotas for $cmdref->[-1]\n";
                _update_fstab_line( \$fstab, $DISABLE_QUOTA, 0 );
                rebuild_fstab( sub { $data->{'fstab'} eq $_[0] ? $fstab : $_[0] } );
            }
        }
    }

    if ( !$do_quotacheck ) {
        Cpanel::SafeRun::Errors::saferunnoerror( $cmd{'quotaon'}, '-a' );
        if ( !$need_quotacheck ) {
            print "Quotas have been enabled and updated.\n";
        }
        else {
            print "Quotas have been enabled, however they may not be up to date as quotacheck has been skipped.\n";
        }
        exit 0;
    }

    purge_quotas($fses_to_convert_arrayref);

    Cpanel::Filesys::Mounts::clear_mounts_cache();

    run_quota_check();

    convert_quotas($fses_to_convert_arrayref);

    Cpanel::SafeRun::Errors::saferunnoerror( $cmd{'quotaon'}, '-a' );

    reset_quota_caches();

    Cpanel::Filesys::Mounts::clear_mounts_cache();

    print "Quotas have been enabled and updated.\n";

    return 1;
}

sub reset_quota_caches {
    Cpanel::SysQuota::Cache::purge_cache();

    try {
        Cpanel::Quota::Cache::update_quota_cache_dir();
    };

    # No reason to catch as update_quota_cache_dir
    # has already logged the error.
    return;
}

sub purge_quotas {
    my $fses_to_purge_arrayref = shift;

    foreach my $mntpoint (@$fses_to_purge_arrayref) {
        _purge_quota_files($mntpoint);
    }
    return;
}

sub convert_quotas {
    my $fses_to_convert_arrayref = shift;

    foreach my $mntpoint (@$fses_to_convert_arrayref) {
        Cpanel::SafeRun::Errors::saferunnoerror( $cmd{'convertquota'}, $mntpoint ) unless $supports_journaled_quota;
        _set_quota_file_perms($mntpoint);
    }
    return;
}

sub run_quota_check {

    my $fs        = Cpanel::Quota::Filesys->new();
    my $paths_ref = $fs->get_devices_with_quotas_enabled();
    print 'Updating Quota Files......';
    foreach my $dev ( sort keys %$paths_ref ) {
        next if index( $paths_ref->{$dev}{'fstype'}, 'xfs' ) > -1;
        next if index( $paths_ref->{$dev}{'mode'},   'quota' ) == -1;
        my ($format) = $paths_ref->{$dev}{'mode'} =~ m{jqfmt=([a-z0-9]+)};
        if ( $paths_ref->{$dev}{'mode'} =~ m{usrjquota}i ) {
            $format ||= 'vfsv1';
        }
        my @args = ( '--create-files', '--user', '--group', '--verbose', '--force', '--use-first-dquot', '--no-remount' );
        if ($format) {
            quotarun( $cmd{'quotacheck'}, @args, '--format=' . $format, $dev );
        }
        else {
            # Cannot detect so do all three
            quotarun( $cmd{'quotacheck'}, @args, '--format=vfsold', $dev );
            quotarun( $cmd{'quotacheck'}, @args, '--format=vfsv0',  $dev );
            quotarun( $cmd{'quotacheck'}, @args, '--format=vfsv1',  $dev );
        }
    }
    print '....Done' . "\n";
    return;
}

sub quotarun {
    my (@CMD) = @_;
    print "\n\t";

    my $empty_dir = q{/var/cpanel/empty_directory};
    if ( !-d $empty_dir ) {
        die "Cannot create directory '$empty_dir': $!" unless mkdir( $empty_dir, 0700 );
    }

    local $ENV{'LD_PRELOAD'} = "$Cpanel::ConfigFiles::CPANEL_ROOT/lib/quotacheck_virtfs_wrapper.so";
    print "Running Task: “@CMD”.\n";

    my $start_time = Cpanel::TimeHiRes::time();
    my $qout_fh;

    my $pid = IPC::Open3::open3( '>/dev/null', $qout_fh, $qout_fh, @CMD );
    while ( read( $qout_fh, $_, 1 ) ) {
        syswrite( STDOUT, $_ eq "\n" ? "\n\t" : $_ );
    }
    print "\n";
    close($qout_fh);
    waitpid( $pid, 0 );
    my $end_time  = Cpanel::TimeHiRes::time();
    my $exec_time = sprintf( "%.3f", ( $end_time - $start_time ) );
    print "Completed Task: “@CMD” in $exec_time second(s).\n";

    return;
}

sub _purge_quota_files {
    my $mntpoint       = shift;
    my @files_to_purge = map { ( "$_.new", $_ ) } @ALL_QUOTA_FILES;
    foreach my $quota_file (@files_to_purge) {
        if ( -e $mntpoint . '/' . $quota_file ) { unlink( $mntpoint . '/' . $quota_file ) }
    }
    return;
}

sub _set_quota_file_perms {
    my $mntpoint = shift;
    foreach my $quota_file (@ALL_QUOTA_FILES) {
        if ( -e $mntpoint . '/' . $quota_file ) { chmod 0644, $mntpoint . '/' . $quota_file }
    }
    return;
}

sub wall {
    my $wall_txt = shift;
    my $wall_cmd = Cpanel::Binaries::path('wall');
    -x $wall_cmd
      or return;

    if ( open( my $wall_fh, '|-' ) || exec($wall_cmd ) ) {
        print {$wall_fh} $wall_txt;
        close($wall_fh);
    }
    return;
}

sub rebuild_fstab {
    my ($changeref) = @_;

    my @CFILE;

    my $trans    = _get_fstab_transaction();
    my $fstab_sr = $trans->get_data();
    foreach my $fstab_line ( split( m{^}, $$fstab_sr ) ) {
        push @CFILE, &$changeref($fstab_line);
    }

    my $data = join( '', @CFILE );
    $trans->set_data( \$data );
    $trans->save_and_close_or_die();

    return;
}

sub _get_fstab_transaction {
    return Cpanel::Transaction::File::Raw->new( 'path' => $FSTAB_FILE, 'permissions' => 0644, 'restore_original_permissions' => 1 );
}

#
# Cycle though the fstab and add usrquota to all supported filesystems
# and remove from filesystems that should not have them
#
sub setup_quotas {    ## no critic(Subroutines::ProhibitExcessComplexity)  -- Refactoring this function is a project, not a bug fix

    my $mount_point_config = shift;

    my @CFILE;
    my @MOUNT_CMDS;
    my @NEED_CONVERT;
    my $wwwacct_ref = Cpanel::Config::LoadWwwAcctConf::loadwwwacctconf();
    my $home        = $wwwacct_ref->{'HOMEDIR'} || '/home';

    my $trans           = _get_fstab_transaction();
    my $fstab_sr        = $trans->get_data();
    my $need_quotacheck = 0;

  LINE:
    foreach my $fstab_line ( split( m{^}, $$fstab_sr ) ) {
        if ( $fstab_line =~ /^(\S+)\s*(\S+)/ ) {
            if ( $fstab_line =~ /^#/ ) {
                push @CFILE, $fstab_line;
                next LINE;
            }
            my ( $dsk, $mntpoint, $fstype, $options, $dump, $pass, @opts ) = split( /\s+/, $fstab_line );
            my @options = split( /\s*\,\s*/, $options || '' );
            if ( grep( /^(?:ro|noauto|loop)/, @options ) ) {
                push @CFILE, $fstab_line;
                next LINE;
            }
            if ( grep( /^noquota/, @options ) ) {
                print "The system will leave quotas disabled on $mntpoint because the noquota option was specified in the fstab file.\n";
                push @CFILE, $fstab_line;
                next LINE;
            }
            my $has_usr_quota = ( $fstab_line =~ /\bu(srj?)?quota\b/ ? 1 : 0 );
            $dsk =~ s/^LABEL=//g;
            if ( $fstab_line =~ /\s*$supported_file_system_regex/ ) {
                foreach my $quota_file (@ALL_QUOTA_FILES) {
                    if ( -l $mntpoint . '/' . $quota_file ) {
                        push( @CFILE, $fstab_line );
                        next LINE;    #openvz
                    }
                }

                my $use_journaled         = $fstab_line =~ /\s*$journaled_supported_file_system_regex/ ? $supports_journaled_quota : 0;
                my $mountpnt_can_do_quota = ( $mntpoint =~ /^(?:\/boot|\/tmp)/ ? 0 : 1 );

                $need_quotacheck ||= ( $fstype ne 'xfs' || Cpanel::OS::has_quota_support_for_xfs() ) && $mountpnt_can_do_quota;

                my $config = $mount_point_config->{$mntpoint} // {};
                $mountpnt_can_do_quota = 0 if $config->{'disable'};

                if ( !$mountpnt_can_do_quota && $has_usr_quota ) {
                    print_config_messages( $config, 'action' );
                    print "$dsk (removing " . ( $use_journaled ? 'journaled ' : '' ) . "quotas)\n";
                    _update_fstab_line( \$fstab_line, $DISABLE_QUOTA, $use_journaled );
                    push @MOUNT_CMDS, { 'cmd' => [ 'mount', '-o', $mountkeyword, $mntpoint ], 'fstab' => $fstab_line, 'journaled' => $use_journaled };
                }
                elsif ( $mountpnt_can_do_quota && !$has_usr_quota ) {
                    print_config_messages( $config, 'action' );
                    print "$dsk (enabling " . ( $use_journaled ? 'journaled ' : '' ) . "quotas)\n";
                    _update_fstab_line( \$fstab_line, $ENABLE_QUOTA, $use_journaled );
                    push @MOUNT_CMDS, { 'cmd' => [ 'mount', '-o', $mountkeyword, $mntpoint ], 'fstab' => $fstab_line, 'journaled' => $use_journaled };
                }
                else {
                    print_config_messages( $config, 'inaction' );
                    print "$dsk (already configured quotas = $has_usr_quota).\n";
                }

                if ( $mountpnt_can_do_quota && $fstype ne 'xfs' ) {
                    _set_quota_file_perms($mntpoint);
                    foreach my $quota_file (@ALL_QUOTA_FILES) {
                        my $quota_file_with_path = $mntpoint eq '/' ? $mntpoint . $quota_file : $mntpoint . '/' . $quota_file;
                        if ( !-e $quota_file_with_path ) {
                            Cpanel::FileUtils::TouchFile::touchfile($quota_file_with_path);
                        }
                    }
                    _set_quota_file_perms($mntpoint);
                    push @NEED_CONVERT, $mntpoint;
                }
            }
        }
        push( @CFILE, $fstab_line );
    }

    my $data = join( '', @CFILE );
    $trans->set_data( \$data );
    $trans->save_and_close_or_die();

    return ( \@NEED_CONVERT, \@MOUNT_CMDS, $need_quotacheck );
}

sub get_mount_point_config {
    my %mounts;

    # If a mount point exactly matches the MySQL datadir it should be skipped (CPANEL-28760)
    my $mysql_datadir       = get_mysql_datadir();
    my $mysql_datadir_mount = get_mount_point($mysql_datadir);
    if ( $mysql_datadir_mount eq $mysql_datadir ) {
        $mounts{$mysql_datadir_mount} = {
            disable => 1,
            message => {
                action   => "The system will disable quotas on $mysql_datadir_mount because it is a MySQL or MariaDB data directory.",
                inaction => "The system will leave quotas disabled on $mysql_datadir_mount because it is a MySQL or MariaDB data directory.",
            },
        };
    }

    #NOTE:: QUOTAS CAN BE ON A BACKUP DISK SINCE ALL FILES ARE ALWAYS OWNED BY ROOT -- HOWEVER IT IS SLOW
    for my $backup_mount ( @{ get_backup_dir_mount_points() } ) {
        if ( $backup_mount eq '/' ) {
            $mounts{$backup_mount} = {
                disable => 0,
                message => {
                    always => "Warning : Your system does not have a separate filesystem for backups. This may cause performance degradation during the backup process.",
                },
            };
        }
        else {
            $mounts{$backup_mount} = {
                disable => 1,
                message => {
                    action   => "The system will disable quotas on $backup_mount in order to prevent performance degradation.",
                    inaction => "The system will leave quotas disabled on $backup_mount in order to prevent performance degradation.",
                },
            };
        }
    }

    return \%mounts;
}

# Scans the backup configuraiton for fses that are set to be backup fses that have
# quotas enabled on them and disables them.  Returns a hashref list of backup fses that exist
#
sub get_backup_dir_mount_points {
    my @mountpoints;
    my $backup_dir_ref = Cpanel::Backup::Config::get_backup_dirs();
    foreach my $backup_dir ( Cpanel::ArrayFunc::Uniq::uniq( @{$backup_dir_ref} ) ) {
        print "checking out $backup_dir\n";
        my $backup_mount = get_mount_point($backup_dir);
        push @mountpoints, $backup_mount;
    }
    return \@mountpoints;
}

sub supports_journaled_quota {
    require Cpanel::LoadFile;
    if ( Cpanel::LoadFile::loadfile('/sbin/quotaon') =~ m/usrjquota/ ) {
        print "journaled quota support: kernel supports, user space tools supports (available)\n";
        return 1;
    }
    print "journaled quota support: kernel supports, user space tools not updated (disabled)\n";
    return 0;
}

sub _update_fstab_line {
    my ( $fstab_line_ref, $action, $supports_journaled_quota ) = @_;

    my ( $device, $mntpoint, $fstype, $options, $dump, $pass, @opts ) = split( /\s+/, $$fstab_line_ref );
    my @options_list = split( m/\s*,\s*/, $options );

    if ( $action == $DISABLE_QUOTA ) {
        @options_list = grep( !m/(?:quota|jqfmt)/, @options_list );
        push @options_list, 'defaults' if scalar @options_list == 0;
    }
    else {
        @options_list = grep( !m/(?:u(srj?)?quota|jqfmt)/, @options_list );
        if ($supports_journaled_quota) {
            @options_list = grep( !m/^defaults$/, @options_list );    #defaults seems to cause usrjquota to break on some systems
            push @options_list, 'usrjquota=quota.user', 'jqfmt=vfsv1';
        }
        else {
            unshift @options_list, 'defaults' if !grep( m/^defaults$/, @options_list );
            my $usrquota = 'usrquota';
            if ( Cpanel::OS::has_quota_support_for_xfs() && $$fstab_line_ref =~ m{\bxfs\b} ) {
                print "The system will configure quotas on the “$device” which is using the “xfs” filesystem.\n";
                print "A reboot will be required to enable quotas on xfs.\n";
                $usrquota = 'uquota';
            }

            push @options_list, $usrquota;
        }
    }
    $options = join( ',', @options_list );

    $$fstab_line_ref = join( "\t", $device, $mntpoint, $fstype, $options, $dump, $pass, @opts ) . "\n";

    return 1;
}

sub verify_all_quota_binaries_are_in_place {

    my @missing_cmds;
    foreach my $cmd_name ( keys %cmd ) {

        $cmd{$cmd_name} = Cpanel::FindBin::findbin($cmd_name);
        if ( !( $cmd{$cmd_name} && -x $cmd{$cmd_name} ) ) {

            push @missing_cmds, $cmd_name;
        }
    }

    if ( scalar @missing_cmds ) {
        print "Incomplete quota kit: unable to initialize quotas.\n";
        print 'Missing commands: ', join( ', ', sort @missing_cmds ), "\n";
        return 0;
    }
    return 1;
}

sub get_mount_point {
    my $dir         = shift;
    my $filesys_ref = Cpanel::Filesys::Info::_all_filesystem_info();
    return Cpanel::Filesys::FindParse::find_mount( $filesys_ref, $dir );
}

sub get_mysql_datadir {
    my $datadir = Cpanel::MysqlUtils::Dir::getmysqldir() // $DEFAULT_MYSQL_DATADIR;
    $datadir =~ s{/$}{};    # Remove any trailing slash.
    return $datadir;
}

sub get_config_messages {
    my ( $ref, @selections ) = @_;
    unshift @selections, 'always' unless grep { $_ eq 'always' } @selections;
    return map { $ref->{'message'}->{$_} } grep { exists $ref->{'message'}->{$_} && length $ref->{'message'}->{$_} } @selections;
}

sub print_config_messages {
    return unless my @messages = get_config_messages(@_);
    print join( "\n", @messages ) . "\n";
    return;
}

1;