Mini File Manager

File Manager

Current Directory: /home/lartcid/public_html/journal.lartc.id

[Back]

.. [Open]

.htaccess [Edit]

.well-known [Open]

README.md [Edit]

api [Open]

cache [Open]

cgi-bin [Open]

classes [Open]

config.TEMPLATE.inc.php [Edit]

config.inc.php [Edit]

controllers [Open]

cypress.json [Edit]

dbscripts [Open]

docs [Open]

error_log [Edit]

favicon.ico [Edit]

index.php [Edit]

js [Open]

lib [Open]

locale [Open]

mini.php [Edit]

pages [Open]

php.ini [Edit]

plugins [Open]

public [Open]

registry [Open]

scheduledTaskLogs [Open]

schemas [Open]

styles [Open]

templates [Open]

tools [Open]

Edit File

#!/usr/local/cpanel/3rdparty/bin/perl

# cpanel - scripts/expunge_expired_certificates_from_sslstorage
#                                                  Copyright 2022 cPanel, L.L.C.
#                                                           All rights reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited

package scripts::expunge_expired_certificates_from_sslstorage;

use strict;
use warnings;

use parent qw( Cpanel::HelpfulScript );

use Cpanel::Config::Users                ();
use Cpanel::PIDFile                      ();
use Cpanel::SSLStorage::User             ();
use Cpanel::PwCache::Build               ();
use Cpanel::PwCache                      ();
use Cpanel::AccessIds::ReducedPrivileges ();

use Try::Tiny;

=encoding utf-8

=head1 NAME

scripts::expunge_expired_certificates_from_sslstorage

=head1 SYNOPSIS

expunge_expired_certificates_from_sslstorage [ --user <username> | --help ]

=head1 DESCRIPTION

This command will look at the SSLStorage databases for all the users (or optionally a specific user) and checks for
certificates that have been expired for over a set time (C<$Cpanel::SSLStorage::EXPUNGE_CERTIFICATES_AFTER_SECONDS> seconds)
and removes them.

NOTE: This only operates on the user's SSL Storage database. This does not uninstall
certificates from websites, mail, cpsrvd, or other services.

=cut

our $PID_FILE = '/var/run/expunge_expired_certificates_from_sslstorage.pid';

sub _OPTIONS {
    return qw( user=s );
}

__PACKAGE__->new(@ARGV)->script() unless caller();

sub script {
    my ($self) = @_;

if ( $self->getopt('user') ) {
        my $user = $self->getopt('user');
        print "Checking for expired certificates for the user '$user'.\n";

try {
            my $expired_certs = $self->call_for_one_user($user);
            print "Found and expunged " . scalar @$expired_certs . " expired certificates for '$user'.\n";
        }
        catch {
            warn "There was an error expunging certificates for '$user': $_\n";
        };

return;
    }

Cpanel::PwCache::Build::init_passwdless_pwcache();

Cpanel::PIDFile->do(
        $PID_FILE,
        sub {
            print "Checking for expired certificates for all users.\n";
            my @users = ( Cpanel::Config::Users::getcpusers(), 'root' );

for my $user (@users) {
                try {
                    my $expired_certs = $self->call_for_one_user($user);
                    print "Found and expunged " . scalar @$expired_certs . " expired certificates for '$user'.\n";
                }
                catch {
                    warn "There was an error expunging certificates for '$user': $_\n";
                };
            }
        }
    );

return;
}

sub call_for_one_user {
    my ( $self, $user ) = @_;

my $expired_certs;

my $privs;

if ( $user ne 'root' ) {
        my $homedir = Cpanel::PwCache::gethomedir($user);
        die "No ssl storage exists for '$user'" if !-d "$homedir/ssl" || -z "$homedir/ssl/ssl.db";
        $privs = Cpanel::AccessIds::ReducedPrivileges->new($user);
    }

my ( $ok, $storage ) = Cpanel::SSLStorage::User->new( user => $user, 'disable_required_fields_check' => 1 );
    die "There was an error getting the SSLStorage database for '$user': $storage" if !$ok;

( $ok, $expired_certs ) = $storage->_expunge_expired_certificates();    # we already reduced privs
    die "There was an error expunging expired certificates for '$user': $expired_certs" if !$ok;

return $expired_certs;
}