Merge pull request #1165 from gnadelwartz/iconv

fix iconv transcoding for wrong characters in files

.gitattributes

@@ -2,57 +2,8 @@
 # webmin .gitattribues file
 # help git / github to know the encoding of webmin (lang) files
 
-# set default encoding to iso-8859-1 aka ASCII
-*        working-tree-encoding=iso8859-1 git-encoding=iso8859-1
-
 # force module.info to iso-8859-1 even it contains other encodings
 */module.info        working-tree-encoding=iso8859-1 git-encoding=iso8859-1
 
 # set all .UTF-8 to UTF-8
 *.UTF-8      working-tree-encoding=UTF-8 git-encoding=UTF-8
-
-# set all non iso8859-1 lang files to correct encoding
-**/lang/ru_SU        working-tree-encoding=koi8-r       git-encoding=koi8-r
-**/lang/ru_RU        working-tree-encoding=windows-1251     git-encoding=windows-1251
-**/lang/zh_TW.Big5   working-tree-encoding=Big5         git-encoding=Big5
-**/lang/zh_CN        working-tree-encoding=GB2312       git-encoding=GB2312
-**/lang/hu       working-tree-encoding=iso-8859-2       git-encoding=iso-8859-2
-**/lang/he       working-tree-encoding=iso-8859-8-I     git-encoding=iso-8859-8-I
-**/lang/tr       working-tree-encoding=iso-8859-9       git-encoding=iso-8859-9
-**/lang/pl       working-tree-encoding=iso-8859-2       git-encoding=iso-8859-2
-**/lang/ja_JP.euc    working-tree-encoding=EUC-JP       git-encoding=EUC-JP
-**/lang/si       working-tree-encoding=iso-8859-2       git-encoding=iso-8859-2
-**/lang/ko_KR.euc    working-tree-encoding=EUC-KR       git-encoding=EUC-KR
-**/lang/cz       working-tree-encoding=iso-8859-2       git-encoding=iso-8859-2
-**/lang/th       working-tree-encoding=tis-620          git-encoding=tis-620
-**/lang/no       working-tree-encoding=iso-8859-15      git-encoding=iso-8859-15
-**/lang/sk       working-tree-encoding=iso-8859-2       git-encoding=iso-8859-2
-**/lang/lt       working-tree-encoding=windows-1257     git-encoding=windows-1257
-**/lang/bg       working-tree-encoding=windows-1251     git-encoding=windows-1251
-**/lang/el       working-tree-encoding=iso-8859-7       git-encoding=iso-8859-7
-**/lang/uk_UA    working-tree-encoding=windows-1251     git-encoding=windows-1251
-**/lang/ar       working-tree-encoding=iso-8859-6-I     git-encoding=iso-8859-6-I
-**/lang/fa       working-tree-encoding=UTF-8            git-encoding=UTF-8
-
-# set all non iso8859-1 config.info files to correct encoding
-*/config.info.ru_SU       working-tree-encoding=koi8-r          git-encoding=koi8-r
-*/lconfig.info.ru_RU      working-tree-encoding=windows-1251    git-encoding=windows-1251
-*/config.info.zh_TW.Big5  working-tree-encoding=Big5            git-encoding=Big5
-*/config.info.zh_CN       working-tree-encoding=GB2312          git-encoding=GB2312
-*/lconfig.info.hu         working-tree-encoding=iso-8859-2      git-encoding=iso-8859-2
-*/config.info.he          working-tree-encoding=iso-8859-8-I    git-encoding=iso-8859-8-I
-*/config.info.tr          working-tree-encoding=iso-8859-9      git-encoding=iso-8859-9
-*/config.info.pl          working-tree-encoding=iso-8859-2      git-encoding=iso-8859-2
-*/config.info.ja_JP.euc   working-tree-encoding=EUC-JP          git-encoding=EUC-JP
-*/config.info.si          working-tree-encoding=iso-8859-2      git-encoding=iso-8859-2
-*/config.info.ko_KR.euc   working-tree-encoding=EUC-KR          git-encoding=EUC-KR
-*/lconfig.info.cz         working-tree-encoding=iso-8859-2      git-encoding=iso-8859-2
-*/lconfig.info.th         working-tree-encoding=tis-620         git-encoding=tis-620
-*/config.info.no          working-tree-encoding=iso-8859-15     git-encoding=iso-8859-15
-*/config.info.sk          working-tree-encoding=iso-8859-2      git-encoding=iso-8859-2
-*/config.info.lt          working-tree-encoding=windows-1257    git-encoding=windows-1257
-*/lconfig.info.bg         working-tree-encoding=windows-1251    git-encoding=windows-1251
-*/config.info.el          working-tree-encoding=iso-8859-7      git-encoding=iso-8859-7
-*/config.info.uk_UA       working-tree-encoding=windows-1251    git-encoding=windows-1251
-*/config.info.ar          working-tree-encoding=iso-8859-6-I    git-encoding=iso-8859-6-I
-*/config.info.fa          working-tree-encoding=UTF-8           git-encoding=UTF-8

CHANGELOG.md

@@ -1,5 +1,8 @@
 ## Changelog
 
+#### Version 1.930 (August 18, 2019)
+These updates fix a [security vulnerability](http://webmin.com/security.html) and should be installed IMMEDIATELY by all users. Although it is not exploitable in a Webmin install with the default configuration, upgrading is strongly recommended.
+
 #### Version 1.920 (July 04, 2019)
 This update includes the latest theme version, translation updates, the ability to disable hosts file entries, easier monitoring of bootup actions, and a bunch of bugfixes.
 

IDEAS

@@ -1,29 +0,0 @@
- - DHCP class support
- - Jump to page support in sendmail mailq and other mailqs
-	- Common functionality between sendmail, qmail and postfix?
-	- Clean up mailq code in sendmail module!
- - Update all code which uses remote_ functions to pass in server object
- - Function to open a file in read mode, which checks for < or > characters
-	- Ties into common callback for modifying file, based on file and module
-	- Foreign_require should allow a different package name to be specified,
-	  for zone clones with different behaviour
-	- Change all open() calls to use new API, and mention in module docs
- - Bandwidth modules should use some kind of logging socket instead of
-   syslog, which writes to a daemon.
- - reset session timeout every time a key is pressed, to prevent timeouts
-   when composing mail. Do on all pages.
- - covert more modules to readonly support (init first)
-	- perhaps need untranslate_file function? call in software/*-lib.pl
-	- writes to temp files should be allowed
- - all firewall modules need ability to setup port redirection
-	- for calling from squid and frox modules, polymorphically
- - better support for includes in samba module
-	- need to expand inline
-	- keep track of file and line for each directive
- - allow copying from view_mail.cgi in mailboxes module (for subs too)
- - Support IPFW tables
- - integrate venu's file manager
- - clone user in useradmin / ldap-useradmin
- - improved NFS export support on OSX
- - Use CPAN to install Perl modules
-	- FS#5583

README.md

@@ -29,7 +29,7 @@ Webmin can be installed in two different ways:
  1. By downloading a pre-built package, available for different distributions (CentOS, Fedora, SuSE, Mandriva, Debian, Ubuntu, Solaris and [other](http://www.webmin.com/support.html)) from our [download page](http://webmin.com/download.html);
   <kbd>Note: It is highly recommended to [add repository](https://doxfer.webmin.com/Webmin/Installation) to your system for having automatic updates.</kbd>
 
- 2. By downloading, extracting [source file](https://prdownloads.sourceforge.net/webadmin/webmin-1.930.tar.gz), and running [_setup.sh_](http://www.webmin.com/tgz.html) script, with no arguments, which will setup to run it directly from this directory, or with a command-line argument, such as targeted directory.
+ 2. By downloading, extracting [source file](https://prdownloads.sourceforge.net/webadmin/webmin-1.940.tar.gz), and running [_setup.sh_](http://www.webmin.com/tgz.html) script, with no arguments, which will setup to run it directly from this directory, or with a command-line argument, such as targeted directory.
   <kbd>Note: If you are installing Webmin [on Windows](http://www.webmin.com/windows.html) system, you must run the command `perl setup.pl` instead. The Windows version depends on several programs, and modules that may not be part of the standard distribution. You will need _process.exe_ commmand, _sc.exe_ command, and _Win32::Daemon_ Perl module.</kbd>
 
 ## Documentation

RELEASE

@@ -1,104 +0,0 @@
-Release Checklist
------------------
-
- x Check all .cgi and .pl files for syntax errors!
-find . -name "*.cgi" | grep -v shellinabox.cgi | grep -v thirdparty-cgi-scripts | grep -v ipweb | grep -v ipcache | grep -v thejax-theme | xargs -l1 perl -c |& grep -v OK
-find . -name "*.pl" | grep -v config.info | grep -v makemodulerpm.pl | grep -v ipcache | grep -v swell-tsunami-theme | grep -v Authen-SolarisRBAC-0.1 | grep -v virtualmin-nuvola | grep -v win32.pl | grep -v asterisk | grep -v server-manager | grep -v thejax-theme | grep -v exim | grep -v Webmin-API-1.0 | xargs -l1 perl -c |& grep -v OK
-
- x Make sure all cgi programs are executable
-find . -name "*.cgi" | xargs chmod +x
-
- x Make sure all files are world-readable, but not world-writable
-find . -type f | grep -v shellinabox | grep -v asterisk | xargs chmod +r
-find . -type f | grep -v shellinabox | grep -v asterisk | xargs chmod o-w
-find . -type d | grep -v shellinabox | grep -v asterisk | xargs chmod +rx
-find . -type d | grep -v shellinabox | grep -v asterisk | xargs chmod o-w
-
- x Delete all ~, .rej and .orig files
-find . -name "*~" -o -name "*.rej" -o -name "*.orig" -o -name ".*.swp" | xargs rm
-
- x Create and check in UTF-8 translations
-./chinese-to-utf8.pl
-find . -name '*.UTF-8*' | grep -v sccb- | xargs -l1 git add
-git commit ; git push
-
- x Check language files for clashes
-langcheck.pl lang/en */lang/en | grep -v asterisk/lang | grep -v rae-mpp/lang
-
- x Update README and version files
-
- x Run Virtualmin tests
-	x fudu
-	x lentor
-	x xencentos
-
- x Build .tar.gz, minimal.tar.gz and Solaris, RPM and Debian packages
-
- x Install on test system
-	vm2 create-system --type kvm --host webmintest --kvm-host fudu.home --ssh-pass smeg --image kvm-centos5.4-base --desc "Webmin install test" --kvm-memory 256
-        vm2 upload-file --host webmintest.home --source /usr/local/webadmin/rpm/webmin-$ver-1.noarch.rpm --dest /tmp/webmin.rpm
-        vm2 run-command --host webmintest.home "/etc/init.d/iptables stop ; chkconfig iptables off"
-        vm2 run-command --host webmintest.home "rpm -U /tmp/webmin.rpm"
-        vm2 refresh-systems --host webmintest.home
-	vm2 reboot-system --host webmintest.home
-        vm2 refresh-systems --host webmintest.home
-        vm2 run-command --host webmintest.home "rpm -U --force /tmp/webmin.rpm"
-        vm2 refresh-systems --host webmintest.home
-	vm2 delete-system --host webmintest.home
-
- x Upload files to sourceforge
-	/usr/local/webadmin/copy-devels.sh
-	Create new dir at https://sourceforge.net/projects/webadmin/files/webmin/
-	scp /tmp/devel/*/*$ver* jcameron,webadmin@frs.sourceforge.net:/home/frs/project/w/we/webadmin/webmin/$ver/
-	Set default downloads for files at https://sourceforge.net/projects/webadmin/files/webmin/
-
- x Upload signatures to sourceforge (with copy-sigs.sh)
-
- x Update .htaccess redirects in download directory on sourceforge
-	scp .htaccess web.sourceforge.net:htdocs/.htaccess
-
- x Copy module .wbm files to sourceforge (with modules-release.sh)
-
- x Upload Debian files to site, with :
-	scp deb/webmin_*.dsc deb/webmin_*.diff webadmin@download.webmin.com:domains/download.webmin.com/public_html/download/deb/
-
- x Generate MD5 checksums with :
-	cd ~/webmin.com ; ./make-md5.pl $ver >md5.html
-
- x Update and upload website HTML, including lang.html, support.html
-   and standard.html
-   Need to run makestandard.pl, makesupport.pl and lang_table.pl
-
- x Update freshmeat.net entry
-
- x Send to mailing list
-
- x Add new modules to thirdpartymodules.com
-
- x Update versions on thirdpartymodules.com at https://mysql-w.sourceforge.net/
-    - w30065admin / 1diamond
-    - update webminmodules set version = XXX where standard = 'Y'
-
- x Add version to bug tracker
-    - https://sourceforge.net/tracker/admin/?group_id=17457
-
- x Add new modules to bug tracker
-
- n Notify mirror site owners at webmin-mirrors@webmin.com
-
- x Copy APT repository with commands (on lentor)
-    /usr/local/download/deb/repository/make-repo.sh
-    rsync -rv --rsh=ssh --delete /usr/local/download/deb/repository webadmin@download.webmin.com:domains/download.webmin.com/public_html/download
-
- x Create YUM repository with commands
-     /usr/local/download/rpm/yum/make-repo.sh
-     rsync -rv --rsh=ssh /usr/local/download/rpm/yum webadmin@download.webmin.com:domains/download.webmin.com/public_html/download
-
- - Tell Joe
-
- x Facebook
-
- x Update Cloudmin repos
-	x RPM
-	x .wbm
-	x Debian

acl/CHANGELOG

@@ -64,3 +64,5 @@ Converted all pages to use the common Webmin UI library for a more consistent in
 Made all code Perl strict and warnings compliant.
 ---- Changes since 1.670 ----
 Added a button for adding multiple Webmin users to a group.
+---- Changes since 1.930 ----
+Added support for creating "safe-mode" Webmin users who have access only to modules and permissions that don't grant root access.

acl/acl-lib.pl

@@ -755,9 +755,9 @@ my ($user, $oldpass, $miniserv) = @_;
 if ($oldpass ne $user->{'pass'} &&
     "!".$oldpass ne $user->{'pass'} &&
     $oldpass ne "!".$user->{'pass'} &&
-    $user->{'pass'} ne 'x' &&
-    $user->{'pass'} ne 'e' &&
-    $user->{'pass'} ne '*LK*') {
+    $oldpass ne 'x' &&
+    $oldpass ne 'e' &&
+    $oldpass ne '*LK*') {
 	# Password change detected .. update change time
 	# and save the old one
 	my $nolock = $oldpass;
@@ -2167,5 +2167,16 @@ foreach $a (split(/\s+/, $miniserv{'anonymous'})) {
 return @rv;
 }
 
+# get_safe_acl(module)
+# Returns the safe ACL hash ref for a module, if there is one, or undef
+sub get_safe_acl
+{
+my ($m) = @_;
+my $mdir = &module_root_directory($m);
+my %rv;
+&read_file_cached("$mdir/safeacl", \%rv) || return undef;
+return \%rv;
+}
+
 1;
 

acl/edit_acl.cgi

@@ -54,17 +54,26 @@ if ($in{'mod'} && $in{'user'} && &supports_rbac($in{'mod'}) &&
 			  [ 0, $text{'no'} ] ]), 3);
 	}
 
-if ($in{'mod'}) {
+# Load custom ACL library
+my $mdir = &module_root_directory($in{'mod'});
+if (-r "$mdir/acl_security.pl") {
+	&foreign_require($in{'mod'}, "acl_security.pl");
+	}
+
+my $shown_config = 0;
+if ($in{'mod'} && -r "$mdir/config.info" &&
+    (!&foreign_defined($in{'mod'}, "acl_security_noconfig") ||
+     !&foreign_call($in{'mod'}, "acl_security_noconfig"))) {
 	# Show module config editing option
 	print &ui_table_row($text{'acl_config'},
 		&ui_radio("noconfig", $maccess{'noconfig'} ? 1 : 0,
 			[ [ 0, $text{'yes'} ], [ 1, $text{'no'} ] ]), 3);
+	$shown_config = 1;
 	}
 
-my $mdir = &module_root_directory($in{'mod'});
+# Show custom ACL form
 if (-r "$mdir/acl_security.pl") {
-	print &ui_table_hr() if ($in{'mod'});
-	&foreign_require($in{'mod'}, "acl_security.pl");
+	print &ui_table_hr() if ($shown_config);
 	&foreign_call($in{'mod'}, "load_theme_library");
 	&foreign_call($in{'mod'}, "acl_security_form", \%maccess);
 	}

acl/edit_user.cgi

@@ -9,7 +9,7 @@ our (%in, %text, %config, %access, $config_directory, $base_remote_user);
 &foreign_require("webmin", "webmin-lib.pl");
 
 &ReadParse();
-my ($u, %user);
+my ($u, %user,  $safe);
 if ($in{'user'}) {
 	# Editing an existing user
 	&can_edit_user($in{'user'}) || &error($text{'edit_euser'});
@@ -17,20 +17,27 @@ if ($in{'user'}) {
 	$u = &get_user($in{'user'});
 	$u || &error($text{'edit_egone'});
 	%user = %$u;
+	my %gacl = &get_module_acl($in{'user'}, '');
+	$safe = $gacl{'_safe'};
 	}
 else {
 	# Creating a new user
 	$access{'create'} || &error($text{'edit_ecreate'});
-	&ui_print_header(undef, $text{'edit_title2'}, "");
 	if ($in{'clone'}) {
 		# Initial settings come from clone
 		$u = &get_user($in{'clone'});
 		%user = %$u;
 		delete($user{'name'});
+		my %gacl = &get_module_acl($in{'clone'}, '');
+		$safe = $gacl{'_safe'};
 		}
 	else {
+		# User starts out empty
 		%user = ( );
+		$safe = $in{'safe'};
 		}
+	&ui_print_header(undef, $safe ? $text{'edit_title3'}
+				      : $text{'edit_title2'}, "");
 	}
 my $me = &get_user($base_remote_user);
 
@@ -51,6 +58,7 @@ if ($in{'user'}) {
 if ($in{'clone'}) {
 	print &ui_hidden("clone", $in{'clone'});
 	}
+print &ui_hidden("safe", $safe);
 print &ui_hidden_table_start($text{'edit_rights'}, "width=100%", 2, "rights",
 			     1, [ "width=30%" ]);
 
@@ -155,6 +163,17 @@ if ($in{'user'}) {
 		$text{'edit_proto_'.($user{'proto'} || '')});
 	}
 
+# Safe or not?
+my $smsg;
+if ($in{'user'} && $safe) {
+	$smsg = &ui_radio("unsafe", 0, [ [ 0, $text{'edit_safe1'} ],
+					 [ 1, $text{'edit_safe0'} ] ]);
+	}
+else {
+	$smsg = $safe ? $text{'edit_safe1'} : $text{'edit_safe0'};
+	}
+print &ui_table_row($text{'edit_safe'}, $smsg);
+
 print &ui_hidden_table_end("rights");
 
 # Start of UI options section
@@ -332,9 +351,16 @@ my @groups = &list_groups();
 print &ui_hidden_table_start(@groups ? $text{'edit_modsg'} : $text{'edit_mods'},
 			     "width=100%", 2, "mods");
 
+# Build list of modules, based on safe mode
+my @allmods = &list_module_infos();
+if ($safe) {
+	@allmods = grep { $has{$_->{'dir'}} ||
+			  &get_safe_acl($_->{'dir'}) } @allmods;
+	}
+
 # Show available modules, under categories
 my @mlist = grep { $access{'others'} || $has{$_->{'dir'}} ||
-		   $mcan{$_->{'dir'}} } &list_module_infos();
+		   $mcan{$_->{'dir'}} } @allmods;
 my @links = ( &select_all_link("mod", 0, $text{'edit_selall'}),
 	      &select_invert_link("mod", 0, $text{'edit_invert'}) );
 my @cats = &unique(map { $_->{'category'} || '' } @mlist);
@@ -359,7 +385,7 @@ foreach my $c (sort { $b cmp $a } @cats) {
 			}
 		elsif ($mcan{$md}) {
 			my $label;
-			if ($access{'acl'} && $in{'user'}) {
+			if ($access{'acl'} && $in{'user'} && !$safe) {
 				# Show link for editing ACL
 				$label = ui_link("edit_acl.cgi?" .
 				     "mod=" . urlize($m->{'dir'}) .
@@ -387,7 +413,7 @@ print &ui_hidden_table_end("mods");
 
 # Add global ACL section, but only if not set from the group
 my $groupglobal = $memg && -r "$config_directory/$memg->{'name'}.acl";
-if ($access{'acl'} && !$groupglobal && $in{'user'}) {
+if ($access{'acl'} && !$groupglobal && $in{'user'} && !$safe) {
 	print &ui_hidden_table_start($text{'edit_global'}, "width=100%", 2,
 				     "global", 0, [ "width=30%" ]);
 	my %uaccess;

acl/index.cgi

@@ -54,7 +54,10 @@ if (!@canulist) {
 		print &ui_subheading($text{'index_users'})
 			if (!$config{'display'});
 		print "<b>$text{'index_nousers'}</b><p>\n";
-		print ui_link("edit_user.cgi", $text{'index_create'}) . "\n";
+		print &ui_links_row([
+			&ui_link("edit_user.cgi", $text{'index_create'}),
+			&ui_link("edit_user.cgi?ssfe=1", $text{'index_screate'})
+			]);
 		$shown_users = 1;
 		}
 	}
@@ -64,7 +67,8 @@ elsif ($config{'display'}) {
 	print &ui_form_start("delete_users.cgi", "post");
 	&show_name_table(\@canulist, "edit_user.cgi",
 			 $access{'create'} ? $text{'index_create'} : undef,
-			 $text{'index_users'}, "user");
+			 $text{'index_users'}, "user",
+			 $access{'create'} ? $text{'index_screate'} : undef);
 	print &ui_form_end([ [ "delete", $text{'index_delete'} ],
 			     @gbut ]);
 	$shown_users = 1;
@@ -77,7 +81,8 @@ else {
 	print &ui_form_start("delete_users.cgi", "post");
 	push(@rowlinks, &select_all_link("d", $form),
 		     &select_invert_link("d", $form));
-	push(@rowlinks, ui_link("edit_user.cgi", $text{'index_create'}))
+	push(@rowlinks, ui_link("edit_user.cgi", $text{'index_create'}),
+			ui_link("edit_user.cgi?safe=1", $text{'index_screate'}))
 		if ($access{'create'});
 	print &ui_links_row(\@rowlinks);
 
@@ -251,20 +256,24 @@ $rv .= &ui_grid_table(\@grid, 3, 100,
 return $rv;
 }
 
-# show_name_table(&users|&groups, cgi, create-text, header-text, param)
+# show_name_table(&users|&groups, cgi, create-text, header-text, param,
+# 		  safe-text)
 sub show_name_table
 {
+my ($users, $cgi, $ctext, $htext, $param, $stext) = @_;
+
 # Show table of users, and maybe create links
 my @rowlinks = ( &select_all_link("d", $form),
 		 &select_invert_link("d", $form) );
-push(@rowlinks, ui_link("$_[1]", $_[2])) if ($_[2]);
+push(@rowlinks, ui_link($cgi, $ctext)) if ($ctext);
+push(@rowlinks, ui_link($cgi."?safe=1", $stext)) if ($stext);
 print &ui_links_row(\@rowlinks);
 my @links;
-for(my $i=0; $i<@{$_[0]}; $i++) {
-	push(@links, &user_link($_[0]->[$i], $_[1], $_[4]));
+for(my $i=0; $i<@$users; $i++) {
+	push(@links, &user_link($users->[$i], $cgi, $param));
 	}
 print &ui_grid_table(\@links, 4, 100,
-	[ "width=25%", "width=25%", "width=25%", "width=25%" ], undef, $_[3]);
+	[ "width=25%", "width=25%", "width=25%", "width=25%" ], undef, $htext);
 print &ui_links_row(\@rowlinks);
 }
 

acl/lang/en

@@ -1,8 +1,8 @@
 index_title=Webmin Users
 index_user=User
 index_modules=Modules
-index_create=Create a new Webmin user.
-index_rcreate=Create a new risk-level user.
+index_create=Create a new privileged user.
+index_screate=Create a new safe user.
 index_convert=Convert Unix To Webmin Users
 index_cert=Request an SSL Certificate
 index_twofactor=Two-Factor Authentication
@@ -30,6 +30,7 @@ index_eglist=Failed to list groups : $1
 
 edit_title=Edit Webmin User
 edit_title2=Create Webmin User
+edit_title3=Create Safe Webmin User
 edit_readonly=This Webmin user should not be edited as it is managed by the $1 module. <a href='$2'>Click here</a> to bypass this warning and edit the user anyway - but beware that any manual changes may be over-written!
 edit_rights=Webmin user access rights
 edit_user=Username
@@ -111,9 +112,14 @@ edit_proto_mysql=MySQL database
 edit_proto_postgresql=PostgreSQL database
 edit_proto_ldap=LDAP server
 edit_proto_=Local files
+edit_safe=Privilege level
+edit_safe0=Unrestricted
+edit_safe1=Safe modules only
+edit_unsafe=Reset to unrestricted
 
 save_err=Failed to save user
 save_ename='$1' is not a valid username
+save_eunixname=The username '$1' is not a Unix user, and so cannot be used in safe mode
 save_enamewebmin=The username 'webmin' is reserved for internal use
 save_edup=The username '$1' is already in use
 save_eoverlay=A theme overlay cannot be selected unless a theme is

acl/module.info

@@ -1,4 +1,3 @@
-risk=high
 name=AdminUsers
 category=webmin
 desc=Webmin Users

acl/save_acl.cgi

@@ -49,7 +49,9 @@ else {
 	# Validate and store ACL settings
 	&error_setup($text{'acl_err'});
 	my %maccess;
-	$maccess{'noconfig'} = $in{'noconfig'};
+	if (defined($in{'noconfig'})) {
+		$maccess{'noconfig'} = $in{'noconfig'};
+		}
 	if ($in{'rbac'}) {
 		# RBAC overrides everything
 		$maccess{'rbac'} = 1;

acl/save_user.cgi

@@ -62,6 +62,10 @@ if (!$in{'old'} || $in{'old'} ne $in{'name'}) {
 	$in{'logouttime'} =~ /^\d+$/ || &error($text{'save_elogouttime'});
 !$access{'minsize'} || $in{'minsize_def'} ||
 	$in{'minsize'} =~ /^\d+$/ || &error($text{'save_eminsize'});
+if ($in{'safe'} && !$in{'unsafe'}) {
+	getpwnam($in{'name'}) ||
+		&error(&text('save_eunixname', &html_escape($in{'name'})));
+	}
 
 # Validate password
 if ($in{'pass_def'} == 0) {
@@ -359,18 +363,41 @@ else {
 		}
 	}
 
-if ($in{'old'} && $in{'acl_security_form'} && !$newgroup) {
+my $aclfile = "$config_directory/$in{'name'}.acl";
+if ($in{'old'} && $in{'acl_security_form'} && !$newgroup && !$in{'safe'}) {
 	# Update user's global ACL
 	&foreign_require("", "acl_security.pl");
 	my %uaccess;
 	&foreign_call("", "acl_security_save", \%uaccess, \%in);
-	my $aclfile = "$config_directory/$in{'name'}.acl";
 	&lock_file($aclfile);
 	&save_module_acl(\%uaccess, $in{'name'}, "", 1);
 	&set_ownership_permissions(undef, undef, 0640, $aclfile);
 	&unlock_file($aclfile);
 	}
 
+# Clear safe setting
+if ($in{'unsafe'}) {
+	&lock_file($aclfile);
+	my %uaccess = &get_module_acl($in{'name'}, "", 1, 1);
+	delete($uaccess{'_safe'});
+	&save_module_acl(\%uaccess, $in{'name'}, "", 1);
+	&unlock_file($aclfile);
+	}
+
+# If the user is in safe mode, set ACLs on all new modules
+if ($in{'safe'}) {
+	foreach my $m ("", @mods) {
+		my %macl = &get_module_acl($in{'name'}, $m, 0, 1);
+		my $safe = &get_safe_acl($m);
+		if (!%macl && $safe) {
+			%macl = %$safe;
+			$macl{'_safe'} = 1;
+			$macl{'noconfig'} = 1;
+			&save_module_acl(\%macl, $in{'name'}, $m);
+			}
+		}
+	}
+
 # Log the event
 delete($in{'pass'});
 delete($in{'oldpass'});

acl/system_info.pl

@@ -46,6 +46,7 @@ if (@logins) {
 				$state = "<font color=orange>$state</font>";
 				}
 			}
+		$main::theme_allow_make_date = 1;
 		$html .= &ui_columns_row([ $l->[2],
 					   &make_date($l->[1]),
 					   $state ]);

apache/apache-lib.pl

@@ -942,6 +942,7 @@ sub parse_opt
 {
 local($i, $re);
 local $v = $in{$_[0]};
+$v =~ /\r|\n|\0/ && &error($text{'enewline'});
 if ($in{"$_[0]_def"}) { return ( [ ] ); }
 for($i=1; $i<@_; $i+=2) {
 	$re = $_[$i];
@@ -979,8 +980,13 @@ return $rv;
 # parse_choice(name, default)
 sub parse_choice
 {
-if (lc($in{$_[0]}) eq lc($_[1])) { return ( [ ] ); }
-else { return ( [ $in{$_[0]} ] ); }
+if (lc($in{$_[0]}) eq lc($_[1])) {
+	return ( [ ] );
+	}
+else {
+	$in{$_[0]} =~ /\r|\n|\0/ && &error($text{'enewline'});
+	return ( [ $in{$_[0]} ] );
+	}
 }
 
 # select_input(value, name, default, [choice]+)
@@ -1027,8 +1033,13 @@ return &ui_select($_[1], undef, \@sel, 1);
 # parse_handler(name)
 sub parse_handler
 {
-if ($in{$_[0]} eq "") { return ( [ ] ); }
-else { return ( [ $in{$_[0]} ] ); }
+if ($in{$_[0]} eq "") {
+	return ( [ ] );
+	}
+else {
+	$in{$_[0]} =~ /\r|\n|\0/ && &error($text{'enewline'});
+	return ( [ $in{$_[0]} ] );
+	}
 }
 
 # filters_input(&values, name)
@@ -1054,6 +1065,7 @@ return $rv;
 # parse_filters(name)
 sub parse_filters
 {
+$in{$_[0]} =~ /\r|\n|\0/ && &error($text{'enewline'});
 local @f = split(/\0/, $in{$_[0]});
 return @f ? ( [ join(";", @f) ] ) : ( [ ] );
 }

apache/lang/en

@@ -81,6 +81,7 @@ auth_return=access control
 default_serv=default server
 bytes=bytes
 eafter=Configuration verification failed : $1 Changes have not been saved.
+enewline=Invalid character in value
 
 global_ecannot=You are not allowed to edit global options
 global_mime=Global MIME types list

apache/mod_ssl.pl

@@ -38,7 +38,7 @@ sub get_sslprotos
 {
 my @sslprotos = ("SSLv2", "SSLv3", "TLSv1" );
 if ($httpd_modules{'core'} >= 2.215) {
-	push(@sslprotos, "TLSv1.1", "TLSv1.2");
+	push(@sslprotos, "TLSv1.1", "TLSv1.2", "TLSv1.3");
 	}
 return @sslprotos;
 }

apache/module.info

@@ -1,4 +1,3 @@
-risk=low medium high
 name=Apache
 category=servers
 os_support=solaris *-linux aix hpux freebsd osf1 irix unixware openserver macos openbsd netbsd windows 

apache/show_virt.cgi

@@ -5,6 +5,7 @@
 require './apache-lib.pl';
 &ReadParse();
 ($conf, $v) = &get_virtual_config($in{'virt'});
+&can_edit_virt($v) || &error($text{'virt_ecannot'});
 $desc = &text('virt_header', &virtual_name($v));
 &ui_print_header($desc, $text{'show_title'}, "");
 

bind8/CHANGELOG

@@ -152,3 +152,5 @@ Added support for editing TLSA (SSL Certificate) records.
 Added support for editing SSHFP (SSH Public Key) records.
 ---- Changes since 1.880 ----
 Before a zone is updated, BIND will be told to freeze it and thaw afterwards. This ensures that dynamic updates are preserved.
+---- Changes since 1.930 ----
+Added support for CAA records.

bind8/bind8-lib.pl

@@ -1047,11 +1047,13 @@ if ($config{'short_names'} && defined($_[5])) {
 	}
 
 # TTL field
-if ($rec{'ttl'} =~ /^(\d+)([SMHDW]?)$/i) {
-	$ttl = $1; $ttlunit = $2;
+if ($rec{'ttl'} && $rec{'ttl'} =~ /^(\d+)([SMHDW]?)$/i) {
+	$ttl = $1;
+	$ttlunit = $2;
 	}
 else {
-	$ttl = $rec{'ttl'}; $ttlunit = "";
+	$ttl = $rec{'ttl'} || '';
+	$ttlunit = "";
 	}
 print &ui_table_row($text{'edit_ttl'},
 	&ui_opt_textbox("ttl", $ttl, 8, $text{'default'})." ".
@@ -1063,7 +1065,7 @@ if ($rec{'values'}) {
 	@v = @{$rec{'values'}};
 	}
 else {
-	@v = undef;
+	@v = ( );
 	}
 if ($type eq "A" || $type eq "AAAA") {
 	print &ui_table_row($text{'value_A1'},
@@ -1292,10 +1294,24 @@ elsif ($type eq "NSEC3PARAM") {
 	print &ui_table_row($text{'value_NSEC3PARAM3'},
 		&ui_textbox("value2", $v[2], 4));
 
-	print &ui_table_row($text{'value_NSEC3PARAM5'},
-		&ui_textbox("value4", $v[4], 20));
+	print &ui_table_row($text{'value_NSEC3PARAM4'},
+		&ui_textbox("value3", $v[3], 20));
 
 	}
+elsif ($type eq "CAA") {
+	# CAA records have a flag, tag and issuer domain
+	print &ui_table_row($text{'value_CAA0'},
+		&ui_yesno_radio("value0", $v[0] || 0));
+
+	print &ui_table_row($text{'value_CAA1'},
+		&ui_select("value1", $v[1],
+			   [ [ "issue", $text{'value_caa_issue'} ],
+			     [ "issuewild", $text{'value_caa_issuewild'} ],
+			     [ "iodef", $text{'value_caa_iodef'} ] ]));
+
+	print &ui_table_row($text{'value_CAA2'},
+		&ui_textbox("value2", $v[2], 40));
+	}
 else {
 	# All other types just have a text box
 	print &ui_table_row($text{'value_other'},
@@ -2389,7 +2405,7 @@ foreach my $k (keys %znc) {
 		$filecount++;
 		$donefile{$1}++;
 		my @fst = stat($1);
-		if ($fst[9] > $st[9]) {
+		if (!@fst || $fst[9] > $st[9]) {
 			$changed = 1;
 			}
 		}
@@ -2966,7 +2982,7 @@ $slave_error = $_[0];
 
 sub get_forward_record_types
 {
-return ("A", "NS", "CNAME", "MX", "HINFO", "TXT", "SPF", "DMARC", "WKS", "RP", "PTR", "LOC", "SRV", "KEY", "TLSA", "SSHFP", "NSEC3PARAM", $config{'support_aaaa'} ? ( "AAAA" ) : ( ), @extra_forward);
+return ("A", "NS", "CNAME", "MX", "HINFO", "TXT", "SPF", "DMARC", "WKS", "RP", "PTR", "LOC", "SRV", "KEY", "TLSA", "SSHFP", "CAA", "NSEC3PARAM", $config{'support_aaaa'} ? ( "AAAA" ) : ( ), @extra_forward);
 }
 
 sub get_reverse_record_types
@@ -3046,12 +3062,13 @@ my ($file) = @_;
 $file ||= &make_chroot($config{'named_conf'});
 my $chroot = &get_chroot();
 my $out = &backquote_command("$config{'checkconf'} -h 2>&1 </dev/null");
-my $zflag = $out =~ /\[-z\]/ ? "-z" : "";
+my $zflag = $out =~ /\[-z\]|\[-\S*z\S*\]/ ? "-z" : "";
 $out = &backquote_command(
         $config{'checkconf'}.
 	($chroot && $chroot ne "/" ? " -t ".quotemeta($chroot) : "").
 	" $zflag 2>&1 </dev/null");
-return $? ? grep { !/loaded\s+serial/ } split(/\r?\n/, $out) : ( );
+return $? ? &unique(grep { !/loaded\s+serial|already\s+exists/ }
+		         split(/\r?\n/, $out)) : ( );
 }
 
 # delete_records_file(file)
@@ -3086,6 +3103,7 @@ sub move_zone_button
 {
 my ($conf, $view, $zonename) = @_;
 my @views = grep { &can_edit_view($_) } &find("view", $conf);
+$view = '' if (!defined($view));
 if ($view eq '' && @views || $view ne '' && @views > 1) {
 	return &ui_buttons_row("move_zone.cgi",
                 $text{'master_move'},
@@ -3150,9 +3168,9 @@ if (!$access{'ro'} && $access{'apply'}) {
 	if (&is_bind_running()) {
 		if ($zone && ($access{'apply'} == 1 || $access{'apply'} == 2)) {
 			# Apply this zone
-            my $link = "restart_zone.cgi?return=$r&".
-                        "view=$zone->{'viewindex'}&".
-                        "zone=$zone->{'name'}";
+		        my $link = "restart_zone.cgi?return=$r&".
+				   "view=$zone->{'viewindex'}&".
+				   "zone=$zone->{'name'}";
 			push(@rv, &ui_link($link, $text{'links_apply'}) );
 			}
 		# Apply whole config
@@ -3464,6 +3482,10 @@ while($tries++ < 10) {
 		" -f ".quotemeta($signed)." ".
 		quotemeta($chrootfn)." 2>&1");
 	last if (!$?);
+	if ($out =~ /out\s+of\s+range/i) {
+		# Journal files are out of sync
+		&try_cmd("sync -clean 2>&1 </dev/null");
+		}
 	}
 return $out if ($tries >= 10);
 
@@ -3782,7 +3804,7 @@ sub schedule_dnssec_cronjob
 			'active' => 1,
 			'command' => $dnssec_cron_cmd,
 			'mins' => int(rand()*60),
-			'hours' => int(rand()*24),
+			'hours' => '*',
 			'days' => '*',
 			'months' => '*',
 			'weekdays' => '*' };

bind8/edit_master.cgi

@@ -8,7 +8,7 @@ our (%access, %text, %in, %config, %is_extra);
 require './bind8-lib.pl';
 &ReadParse();
 our $ipv6revzone;
-$in{'view'} = 'any' if ($in{'view'} eq '');
+$in{'view'} = 'any' if (!$in{'view'} || $in{'view'} eq '');
 my $zone = &get_zone_name_or_error($in{'zone'}, $in{'view'});
 my $dom = $zone->{'name'};
 &can_edit_zone($zone) || &error($text{'master_ecannot'});

bind8/edit_recs.cgi

@@ -89,7 +89,7 @@ else {
 my %hmap;
 if (@recs) {
 	@recs = &sort_records(@recs);
-	foreach my $v (keys %text) {
+	foreach my $v (sort { $a cmp $b } keys %text) {
 		if ($v =~ /^value_([A-Z0-9]+)(\d+)/) {
 			$hmap{$1}->[$2-1] = $text{$v};
 			}
@@ -180,7 +180,7 @@ for(my $i=0; $i<@_; $i++) {
 	if ($in{'type'} eq 'ALL') {
 		push(@cols, $r->{'type'});
 		}
-	if ($r->{'ttl'} =~ /(\d+)([SMHDW]?)/i) {
+	if ($r->{'ttl'} && $r->{'ttl'} =~ /(\d+)([SMHDW]?)/i) {
 		$r->{'ttl'} =~ s/S//i;
 		if ($r->{'ttl'} =~ s/M//i) { $r->{'ttl'} *= 60; }
 		if ($r->{'ttl'} =~ s/H//i) { $r->{'ttl'} *= 3600; }
@@ -238,6 +238,14 @@ for(my $i=0; $i<@_; $i++) {
 				$v = $v ? $v." (".$r->{'values'}->[$j].")"
 					: $r->{'values'}->[$j];
 				}
+			elsif ($in{'type'} eq "CAA") {
+				if ($j == 0) {
+					$v = $v ? $text{'yes'} : $text{'no'};
+					}
+				elsif ($j == 1) {
+					$v = $text{'value_caa_'.$v} || $v;
+					}
+				}
 			}
 		if (length($v) > 80) {
 			$v = substr($v, 0, 80)." ...";

bind8/lang/en

@@ -310,6 +310,7 @@ edit_ensec3value3=Missing or non-base64 salt
 edit_edmarcpct=Percentage of messages must be an integer between 0 and 100
 edit_edmarcrua=Missing aggregate feedback address
 edit_edmarcruf=Missing forensic information address
+edit_ecaavalue2=Missing or invalid-looking domain name
 
 text_title=Edit Records File
 text_title2=View Records File
@@ -399,6 +400,7 @@ type_LOC=Location
 type_SRV=Service Address
 type_ALL=All Record Types
 type_KEY=Public Key
+type_CAA=Certificate Authority
 
 edit_A=Address
 edit_AAAA=IPv6 Address
@@ -418,6 +420,7 @@ edit_KEY=Public Key
 edit_NSEC3PARAM=DNSSEC Parameters
 edit_TLSA=SSL Certificate
 edit_SSHFP=SSH Public Key
+edit_CAA=Certificate Authority
 
 recs_defttl=Default TTL
 recs_A=Address
@@ -439,6 +442,7 @@ recs_KEY=Public Key
 recs_NSEC3PARAM=DNSSEC Parameters
 recs_TLSA=SSL Certificate
 recs_SSHFP=SSH Public Key
+recs_CAA=Certificate Authority
 recs_delete=Delete Selected
 
 value_A1=Address
@@ -477,8 +481,7 @@ value_DMARC1=DMARC specification
 value_NSEC3PARAM1=Hash algorithm
 value_NSEC3PARAM2=NSEC3 flags
 value_NSEC3PARAM3=Number of hash iterations
-value_NSEC3PARAM4=Length of salt
-value_NSEC3PARAM5=Salt string
+value_NSEC3PARAM4=Salt string
 value_delegated=Delegated zone
 value_notdelegated=Other zone
 value_other=Values (one per line)
@@ -512,6 +515,12 @@ value_dmarcnop=Same as this domain
 value_dmarcaspf=Require strict SPF alignment
 value_dmarcadkim=Require strict DKIM alignment
 value_dmarcnor=Don't send
+value_CAA1=Require enforcement? 
+value_CAA2=Authorization type
+value_CAA3=CA domain name
+value_caa_issue=Single domain cert
+value_caa_issuewild=Wildcard cert
+value_caa_iodef=Policy violation URL
 
 tlsa_usage0=Certificate authority
 tlsa_usage1=End entity
@@ -1224,7 +1233,6 @@ zonekey_other=Other size (in bits)
 zonekey_enable=Create and Add Key
 zonekey_err=Failed to create DNSSEC key
 zonekey_esize=Key size must be a number of bits between $1 and $2
-zonekey_efactor=Key size must be a multiple of $1
 zonekey_creating=Creating DNSSEC key for $1 ..
 zonekey_ecreate=.. creation failed : $1
 zonekey_done=.. done

bind8/list_gen.cgi

@@ -36,7 +36,7 @@ else {
 	}
 my $i = 0;
 foreach my $g (@gens, { }) {
-	my @gv = $g->{'generate'};
+	my @gv = @{$g->{'generate'}};
 	my @cols = ( );
 	my @r = $gv[0] =~ /^(\d+)-(\d+)(\/(\d+))?$/ ? ( $1, $2, $4 ) : ( );
 	push(@cols, &ui_select("type_$i", uc($gv[2]),

bind8/module.info

@@ -1,4 +1,3 @@
-risk=low medium high
 name=BIND
 category=servers
 os_support=*-linux solaris hpux freebsd osf1 irix unixware openserver macos openbsd aix netbsd windows 
@@ -7,5 +6,3 @@ depends=servers
 longdesc=Create and edit domains, DNS records, BIND options and views.
 readonly=1
 syslog=1
-desc_bg=BIND DNS Server
-longdesc_bg=Ñúçäàâàíå è ðåäàêòèðàíå íà äîìåéíè, DNS çàïèñè, îïöèè íà BIND è èçãëåäè.

bind8/records-lib.pl

@@ -824,7 +824,7 @@ sub join_dmarc
 {
 my ($dmarc) = @_;
 my @rv = ( "v=DMARC1" );
-foreach my $s ("pct", "ruf", "rua", "p", "sp", "adkim", "aspf") {
+foreach my $s ("p", "pct", "ruf", "rua", "sp", "adkim", "aspf") {
 	if ($dmarc->{$s} && $dmarc->{$s} ne '') {
 		push(@rv, $s."=".$dmarc->{$s});
 		}

bind8/save_record.cgi

@@ -421,11 +421,17 @@ else {
 		# Save DNSSEC parameters
 		$in{'value2'} =~ /^\d+$/ ||
 			&error($text{'edit_ensec3value2'});
-		$in{'value4'} =~ /^[a-zA-Z0-9\+\/]+$/ ||
+		$in{'value3'} =~ /^[a-zA-Z0-9\+\/]+$/ ||
 			&error($text{'edit_ensec3value2'});
 		$vals = join(" ", "(", $in{'value0'}, $in{'value1'},
-                                       $in{'value2'}, length($in{'value4'}),
-				       $in{'value4'}, ")");
+                                       $in{'value2'},
+				       $in{'value3'}, ")");
+		}
+	elsif ($in{'type'} eq 'CAA') {
+		$in{'value2'} =~ /^\S+$/ ||
+			&error($text{'edit_ecaavalue2'});
+		$vals = join(" ", $in{'value0'}, $in{'value1'},
+				  "\"$in{'value2'}\"");
 		}
 	else {
 		# For other record types, just save the lines

bind8/xfer.cgi

@@ -24,7 +24,7 @@ my $src = &find("transfer-source", $options->{'members'});
 my $masters = &find("masters", $zconf);
 my @ips;
 foreach my $av (@{$masters->{'members'}}) {
-	push(@ips, join(" ", @{$av->{'values'}}));
+	push(@ips, join(" ", $av->{'name'}, @{$av->{'values'}}));
 	}
 print &text('xfer_doing', join(" ", @ips)),"<br>\n";
 my $temp = &transname();

bsdexports/module.info

@@ -1,4 +1,3 @@
-risk=low medium high
 name=BSDexports
 category=net
 os_support=freebsd openbsd macos netbsd openserver

change-user/safeacl

@@ -0,0 +1,3 @@
+lang=1
+theme=1
+pass=1

chinese-to-utf8.pl

@@ -1,10 +1,8 @@
 #!/usr/local/bin/perl
-# Create zh_TW.UTF-8 files from zh_TW.Big5 files, and zh_CN.UTF-8 files from
-# zh_CN files, ja_JP.UTF-8 from ja_JP.euc, and ko_KR.UTF-8 from ko_KR.euc
-#
-# Also creates ru.UTF-8 from ru_SU files
+# Creates UTF-8 encoded language files from their native encodings
 
-chdir($ARGV[0] || "/usr/local/webadmin");
+@ARGV == 1 || die "Usage: $0 <directory>";
+chdir($ARGV[0]) || die "Failed to chdir to $ARGV[0] : $!";
 @modules = ( "." );
 opendir(DIR, ".");
 foreach $d (readdir(DIR)) {
@@ -41,41 +39,76 @@ close(LANG);
 foreach $m (@modules) {
 	# Translate the lang/* files
 	if (-r "$m/lang/zh_TW.Big5") {
-		system("iconv -f Big5 -t UTF-8 - <$m/lang/zh_TW.Big5 >$m/lang/zh_TW.UTF-8");
+		system("iconv -c -f Big5 -t UTF-8 - <$m/lang/zh_TW.Big5 >$m/lang/zh_TW.UTF-8");
 		}
 	if (-r "$m/lang/zh_CN") {
-		system("iconv -f GB2312 -t UTF-8 - <$m/lang/zh_CN >$m/lang/zh_CN.UTF-8");
+		system("iconv -c -f GB2312 -t UTF-8 - <$m/lang/zh_CN >$m/lang/zh_CN.UTF-8");
 		}
 	if (-r "$m/lang/ja_JP.euc") {
-		system("iconv -f EUC-JP -t UTF-8 - <$m/lang/ja_JP.euc >$m/lang/ja_JP.UTF-8");
+		system("iconv -c -f EUC-JP -t UTF-8 - <$m/lang/ja_JP.euc >$m/lang/ja_JP.UTF-8");
 		}
 	if (-r "$m/lang/ko_KR.euc") {
-		system("iconv -f EUC-KR -t UTF-8 - <$m/lang/ko_KR.euc >$m/lang/ko_KR.UTF-8");
+		system("iconv -c -f EUC-KR -t UTF-8 - <$m/lang/ko_KR.euc >$m/lang/ko_KR.UTF-8");
 		}
 	if (-r "$m/lang/ru_SU") {
-		system("iconv -f KOI8-R -t UTF-8 - <$m/lang/ru_SU >$m/lang/ru.UTF-8");
+		system("iconv -c -f KOI8-R -t UTF-8 - <$m/lang/ru_SU >$m/lang/ru.UTF-8");
 		}
 	foreach $l (@fiveone_langs) {
 		if (-r "$m/lang/$l") {
-			system("iconv -f windows-1251 -t UTF-8 - <$m/lang/$l >$m/lang/$l.UTF-8");
+			system("iconv -c -f windows-1251 -t UTF-8 - <$m/lang/$l >$m/lang/$l.UTF-8");
 			}
 		}
 	foreach $l (@fivenine_langs) {
 		if (-r "$m/lang/$l") {
-			system("iconv -f iso-8859-2 -t UTF-8 - <$m/lang/$l >$m/lang/$l.UTF-8");
+			system("iconv -c -f iso-8859-2 -t UTF-8 - <$m/lang/$l >$m/lang/$l.UTF-8");
 			}
 		}
 	foreach $l (@fifteen_langs) {
 		if (-r "$m/lang/$l") {
-			system("iconv -f iso-8859-15 -t UTF-8 - <$m/lang/$l >$m/lang/$l.UTF-8");
+			system("iconv -c -f iso-8859-15 -t UTF-8 - <$m/lang/$l >$m/lang/$l.UTF-8");
 			}
 		}
 	foreach $l (@default_langs) {
 		if (-r "$m/lang/$l") {
-			system("iconv -f iso-8859-1 -t UTF-8 - <$m/lang/$l >$m/lang/$l.UTF-8");
+			system("iconv -c -f iso-8859-1 -t UTF-8 - <$m/lang/$l >$m/lang/$l.UTF-8");
+			}
+		}
+        # Translate the ulang/* files
+	if (-r "$m/ulang/zh_TW.Big5") {
+		system("iconv -c -f Big5 -t UTF-8 - <$m/ulang/zh_TW.Big5 >$m/ulang/zh_TW.UTF-8");
+		}
+	if (-r "$m/ulang/zh_CN") {
+		system("iconv -c -f GB2312 -t UTF-8 - <$m/ulang/zh_CN >$m/ulang/zh_CN.UTF-8");
+		}
+	if (-r "$m/ulang/ja_JP.euc") {
+		system("iconv -c -f EUC-JP -t UTF-8 - <$m/ulang/ja_JP.euc >$m/ulang/ja_JP.UTF-8");
+		}
+	if (-r "$m/ulang/ko_KR.euc") {
+		system("iconv -c -f EUC-KR -t UTF-8 - <$m/ulang/ko_KR.euc >$m/ulang/ko_KR.UTF-8");
+		}
+	if (-r "$m/ulang/ru_SU") {
+		system("iconv -c -f KOI8-R -t UTF-8 - <$m/ulang/ru_SU >$m/ulang/ru.UTF-8");
+		}
+	foreach $l (@fiveone_langs) {
+		if (-r "$m/ulang/$l") {
+			system("iconv -c -f windows-1251 -t UTF-8 - <$m/ulang/$l >$m/ulang/$l.UTF-8");
+			}
+		}
+	foreach $l (@fivenine_langs) {
+		if (-r "$m/ulang/$l") {
+			system("iconv -c -f iso-8859-2 -t UTF-8 - <$m/ulang/$l >$m/ulang/$l.UTF-8");
+			}
+		}
+	foreach $l (@fifteen_langs) {
+		if (-r "$m/ulang/$l") {
+			system("iconv -c -f iso-8859-15 -t UTF-8 - <$m/ulang/$l >$m/ulang/$l.UTF-8");
+			}
+		}
+	foreach $l (@default_langs) {
+		if (-r "$m/ulang/$l") {
+			system("iconv -c -f iso-8859-1 -t UTF-8 - <$m/ulang/$l >$m/ulang/$l.UTF-8");
 			}
 		}
-
 	# Translate the module.info.LANG files
 	local %minfo;
 	if (&read_file("$m/module.info.zh_TW.Big5", \%minfo)) {
@@ -354,7 +387,7 @@ local $temp = "/tmp/$$.big5";
 open(TEMP, ">$temp");
 print TEMP $str;
 close(TEMP);
-local $out = `iconv -f Big5 -t UTF-8 - <$temp`;
+local $out = `iconv -c -f Big5 -t UTF-8 - <$temp`;
 unlink($temp);
 return $out;
 }
@@ -366,7 +399,7 @@ local $temp = "/tmp/$$.cn";
 open(TEMP, ">$temp");
 print TEMP $str;
 close(TEMP);
-local $out = `iconv -f GB2312 -t UTF-8 - <$temp`;
+local $out = `iconv -c -f GB2312 -t UTF-8 - <$temp`;
 unlink($temp);
 return $out;
 }
@@ -378,7 +411,7 @@ local $temp = "/tmp/$$.cn";
 open(TEMP, ">$temp");
 print TEMP $str;
 close(TEMP);
-local $out = `iconv -f EUC-JP -t UTF-8 - <$temp`;
+local $out = `iconv -c -f EUC-JP -t UTF-8 - <$temp`;
 unlink($temp);
 return $out;
 }
@@ -390,7 +423,7 @@ local $temp = "/tmp/$$.cn";
 open(TEMP, ">$temp");
 print TEMP $str;
 close(TEMP);
-local $out = `iconv -f EUC-KR -t UTF-8 - <$temp`;
+local $out = `iconv -c -f EUC-KR -t UTF-8 - <$temp`;
 unlink($temp);
 return $out;
 }
@@ -402,7 +435,7 @@ local $temp = "/tmp/$$.cn";
 open(TEMP, ">$temp");
 print TEMP $str;
 close(TEMP);
-local $out = `iconv -f KOI8-R -t UTF-8 - <$temp`;
+local $out = `iconv -c -f KOI8-R -t UTF-8 - <$temp`;
 unlink($temp);
 return $out;
 }
@@ -414,7 +447,7 @@ local $temp = "/tmp/$$.cn";
 open(TEMP, ">$temp");
 print TEMP $str;
 close(TEMP);
-local $out = `iconv -f windows-1251 -t UTF-8 - <$temp`;
+local $out = `iconv -c -f windows-1251 -t UTF-8 - <$temp`;
 unlink($temp);
 return $out;
 }
@@ -426,7 +459,7 @@ local $temp = "/tmp/$$.cn";
 open(TEMP, ">$temp");
 print TEMP $str;
 close(TEMP);
-local $out = `iconv -f iso-8859-2 -t UTF-8 - <$temp`;
+local $out = `iconv -c -f iso-8859-2 -t UTF-8 - <$temp`;
 unlink($temp);
 return $out;
 }
@@ -438,7 +471,7 @@ local $temp = "/tmp/$$.cn";
 open(TEMP, ">$temp");
 print TEMP $str;
 close(TEMP);
-local $out = `iconv -f iso-8859-15 -t UTF-8 - <$temp`;
+local $out = `iconv -c -f iso-8859-15 -t UTF-8 - <$temp`;
 unlink($temp);
 return $out;
 }
@@ -450,7 +483,7 @@ local $temp = "/tmp/$$.cn";
 open(TEMP, ">$temp");
 print TEMP $str;
 close(TEMP);
-local $out = `iconv -f iso-8859-1 -t UTF-8 - <$temp`;
+local $out = `iconv -c -f iso-8859-1 -t UTF-8 - <$temp`;
 unlink($temp);
 return $out;
 }

chooser.cgi

@@ -46,6 +46,9 @@ if (&supports_users()) {
 		# ACL determines
 		$fileunix = $access{'fileunix'} || $remote_user;
 		@uinfo = getpwnam($fileunix);
+		if (!@uinfo && !$access{'fileunix'}) {
+			@uinfo = getpwnam("nobody");
+			}
 		if (@uinfo) {
 			&switch_to_unix_user(\@uinfo);
 			}

cluster-copy/chooser.cgi

@@ -1 +0,0 @@
-../chooser.cgi

cluster-passwd/edit_passwd.cgi

@@ -43,11 +43,8 @@ if ($access{'others'} == 2) {
 	    &ui_checkbox("others", 1, $passwd::text{'passwd_others'}, 1), 2);
 	}
 
-print &ui_table_row(undef,
-		    &ui_submit($passwd::text{'passwd_change'})."\n".
-		    &ui_reset($passwd::text{'passwd_reset'}), 2);
 print &ui_table_end();
-print &ui_form_end();
+print &ui_form_end([ [ undef, $passwd::text{'passwd_change'} ] ]);
 
 &ui_print_footer($in{'one'} ? ( "/", $text{'index'} )
 			    : ( "", $passwd::text{'index_return'} ));

cluster-software/delete_packs.cgi

@@ -27,7 +27,7 @@ foreach $p (@packs) {
 	}
 $found || &error($text{'deletes_enone'});
 
-&ui_print_header(undef, $text{'deletes_title'}, "", "delete");
+&ui_print_header(undef, $text{'deletes_title'}, "", undef);
 
 if ($in{'sure'}) {
 	# do the deletion

cluster-software/edit_host.cgi

@@ -20,7 +20,7 @@ print "<tr $cb> <td><table width=100%>\n";
 print "<tr> <td><b>$text{'host_name'}</b></td>\n";
 if ($server->{'id'}) {
 	$h = $server->{'realhost'} || $server->{'host'};
-	printf &ui_link("/servers/link.cgi/%s/","%s")."</td>\n",
+	printf "<td>". &ui_link("/servers/link.cgi/%s/","%s")."</td>\n",
 		$server->{'id'}, $server->{'desc'} ? "$server->{'desc'} ($h:$server->{'port'})" : "$h:$server->{'port'}";
 	}
 else {
@@ -44,14 +44,14 @@ print "<td>$host->{'real_os_type'} $host->{'real_os_version'}</td> </tr>\n";
 
 print "<tr> <td><b>$text{'host_system'}</b></td>\n";
 $system = $host->{'package_system'} || $software::config{'package_system'};
-print "<td>",uc($system),"</td>\n";
+print "<td colspan=3>",uc($system),"</td>\n";
 
 print "</tr>\n";
 
 print "</table></td></tr></table>\n";
 
 # Show delete and refresh buttons
-print "<table width=100%><tr>\n";
+print "<p></p><table width=100%><tr>\n";
 
 print "<td><form action=delete_host.cgi>\n";
 print "<input type=hidden name=id value=$in{'id'}>\n";
@@ -91,6 +91,7 @@ print "<table width=100%>\n";
 &traverse("", 0);
 print "</table>\n";
 if ($hasclasses) {
+	print "<p></p>";
 	print &ui_link("closeall.cgi?id=$in{'id'}",$text{'host_close'}),"\n";
 	print &ui_link("openall.cgi?id=$in{'id'}",$text{'host_open'}),"<p>\n";
 	}
@@ -100,7 +101,7 @@ if ($hasclasses) {
 sub traverse
 {
 local($s, $act, $i);
-print "<tr> <td>", $spacer x $_[1];
+print "<tr style='border-top: 1px solid #aaaaaa28'> <td>", $spacer x $_[1];
 if ($_[0]) {
 	print "<a name=\"$_[0]\"></a>\n";
 	$act = $heiropen{$_[0]} ? "close" : "open";
@@ -114,7 +115,7 @@ if ($heiropen{$_[0]}) {
 	# print sub-folders followed by packages
 	foreach $i (@packages) {
 		if ($i->{'class'} eq $_[0]) {
-			print "<tr> <td>", $spacer x ($_[1]+1);
+			print "<tr style='border-top: 1px solid #aaaaaa28'> <td>", $spacer x ($_[1]+1);
 			print "<img border=0 src=images/pack.gif></a>&nbsp;\n";
 			print "<a href=\"edit_pack.cgi?package=",
 			     &urlize($i->{'name'}),"\">$i->{'name'}</a></td>\n";

cluster-software/edit_pack.cgi

@@ -36,9 +36,9 @@ print "<tr $cb> <td><table width=100%>\n";
 # Description, if we have one
 if ($pinfo[2]) {
 	print "<tr> <td valign=top width=20%><b>$text{'edit_desc'}</b></td>\n";
-	print "<td colspan=3><pre>",
+	print "<td colspan=3>",
 	      &html_escape(&entities_to_ascii($pinfo[2])),
-	      "</pre></td> </tr>\n";
+	      "</td> </tr>\n";
 	}
 
 print "<tr> <td width=20%><b>$text{'edit_pack'}</b></td> <td>$pinfo[0]</td>\n";
@@ -91,6 +91,7 @@ print &ui_subheading($text{'edit_hosts'});
 			      "$_->{'host'}:$_->{'port'}").
 		($version{$_} ? "<br>$text{'edit_ver'} $version{$_}" : "") } @got;
 &icons_table(\@links, \@titles, \@icons);
+print "<br>";
 
 &remote_finished();
 if ($in{'search'}) {

cluster-software/index.cgi

@@ -69,7 +69,7 @@ $formno++;
 print "<table width=100%><tr>\n";
 @addservers = grep { !$gothost{$_->{'id'}} } @servers;
 if (@addservers && $access{'add'}) {
-	print "<td width=33%><form action=add.cgi>\n";
+	print "<td><form action=add.cgi>\n";
 	print "<input type=submit name=add value='$text{'index_add'}'>\n";
 	print "<select name=server>\n";
 	foreach $s (sort { $a->{'host'} cmp $b->{'host'} } @addservers) {
@@ -82,7 +82,7 @@ if (@addservers && $access{'add'}) {
 
 # Show button for compare form
 if (@hosts) {
-	print "<td align=center width=33%>\n";
+	print "<td align=right>\n";
 	print "<form action=compare_form.cgi>\n";
 	print "<input type=submit value='$text{'index_compare'}'>\n";
 	print "</form>\n";

cluster-software/list_pack.cgi

@@ -12,20 +12,20 @@ require './cluster-software-lib.pl';
 
 print &ui_subheading(&text('list_files', "<tt>$in{'package'}</tt>",
 		   $s->{'desc'} ? $s->{'desc'} : $s->{'host'}));
-print "<table border width=100%>\n";
-print "<tr $tb> <td><b>$text{'list_path'}</b></td> ",
-      "<td><b>$text{'list_owner'}</b></td> ",
-      "<td><b>$text{'list_group'}</b></td> ",
-      "<td><b>$text{'list_type'}</b></td> ",
-      "<td><b>$text{'list_size'}</b></td> ",
-      "<td><b>$text{'list_status'}</b></td> </tr>\n";
+print "<table class='table table-striped table-hover table-condensed' width=100%>\n";
+print "<thead><tr><th>$text{'list_path'}</th> ",
+      "<th>$text{'list_owner'}</th> ",
+      "<th>$text{'list_group'}</th> ",
+      "<th>$text{'list_type'}</th> ",
+      "<th>$text{'list_size'}</th> ",
+      "<th>$text{'list_status'}</th> </tr></thead><tbody>\n";
 $n = &remote_foreign_call($s->{'host'}, "software",
 			  "check_files", $in{'package'});
 $files = &remote_eval($s->{'host'}, "software", "\\%files");
 for($i=0; $i<$n; $i++) {
 	$sz = $files->{$i,'size'};
 	$ty = $files->{$i,'type'};
-	print "<tr $cb>\n";
+	print "<tr>\n";
 	if ($ty == 3 || $ty == 4) {
 		print "<td valign=top>$files->{$i,'path'} -> ",
 		      "$files->{$i,'link'}</td>\n";
@@ -59,7 +59,7 @@ for($i=0; $i<$n; $i++) {
 	else { print "<td valign=top>$text{'list_ok'}</td>\n"; }
 	print "</tr>\n";
 	}
-print "</table><p>\n";
+print "</tbody></table><p>\n";
 
 &remote_finished();
 &ui_print_footer("edit_pack.cgi?package=".&urlize($in{'package'})."&search=".&urlize($in{'search'}), $text{'edit_return'});

cluster-useradmin/edit_group.cgi

@@ -35,7 +35,7 @@ print "<tr $tb> <td><b>$text{'gedit_details'}</b></td> </tr>\n";
 print "<tr $cb> <td><table width=100%>\n";
 
 print "<tr> <td valign=top><b>$text{'gedit_group'}</b></td>\n";
-print "<td valign=top><font size=+1><i>$ginfo{'group'}</i></font></td>\n";
+print "<td valign=top><font size=3><i>$ginfo{'group'}</i></font></td>\n";
 
 print "<td valign=top><b>$text{'gedit_gid'}</b></td>\n";
 printf "<td><input type=radio name=gid_def value=1 checked> %s (%s)\n",
@@ -77,11 +77,11 @@ print "<td><input type=radio name=chgid value=2> $text{'gedit_allfiles'}</td> </
 
 print "<tr> <td><b>$text{'uedit_servs'}</b></td>\n";
 print "<td><input type=radio name=servs value=1> $text{'uedit_mall'}</td>\n";
-print "<td><input type=radio name=servs value=0 checked> $text{'uedit_mthis'}</td> </tr>\n";
+print "<td colspan=2><input type=radio name=servs value=0 checked> $text{'uedit_mthis'}</td> </tr>\n";
 
 print "<tr> <td><b>$text{'gedit_mothers'}</b></td>\n";
 print "<td><input type=radio name=others value=1 checked> $text{'yes'}</td>\n";
-print "<td><input type=radio name=others value=0> $text{'no'}</td> </tr>\n";
+print "<td colspan=2><input type=radio name=others value=0> $text{'no'}</td> </tr>\n";
 
 print "</table></td> </tr></table><p>\n";
 
@@ -142,6 +142,7 @@ if ($config{'table_mode'}) {
 else {
 	# Show as icons
 	&icons_table(\@links, \@titles, \@icons);
+	print "<br>";
 	}
 
 &ui_print_footer("", $text{'index_return'});

cluster-useradmin/edit_host.cgi

@@ -27,7 +27,7 @@ if ($server->{'id'}) {
 	print "</td>";
 	}
 else {
-	print "<td><a href=/>$text{'this_server'}</a></td>\n";
+	print "<td colspan=3><a href=/>$text{'this_server'}</a></td>\n";
 	}
 
 if ($server->{'id'}) {
@@ -48,7 +48,7 @@ printf "<td>%d</td> </tr>\n", scalar(@{$host->{'groups'}});
 print "</table></td></tr></table>\n";
 
 # Show delete and refresh buttons
-print "<table width=100%><tr>\n";
+print "<p><table width=100%><tr>\n";
 
 print "<td><form action=delete_host.cgi>\n";
 print "<input type=hidden name=id value=$in{'id'}>\n";

cluster-useradmin/edit_user.cgi

@@ -202,7 +202,7 @@ elsif ($pft == 2) {
 		}
 	else { print "$text{'uedit_unknown'}\n"; }
 	if ($uinfo{'max'}) {
-		print "<input type=checkbox name=forcechange value=1> ",
+		print "&nbsp; <input type=checkbox name=forcechange value=1> ",
 		      "$text{'uedit_forcechange'}\n";
 		}
 	print "</td> </tr>\n";
@@ -374,7 +374,7 @@ print "<tr $cb> <td><table>\n";
 
 print "<tr> <td><b>$text{'uedit_movehome'}</b></td>\n";
 print "<td><input type=radio name=movehome value=1 checked> $text{'yes'}</td>\n";
-print "<td><input type=radio name=movehome value=0> $text{'no'}</td> </tr>\n";
+print "<td colspan=2><input type=radio name=movehome value=0> $text{'no'}</td> </tr>\n";
 
 print "<tr> <td><b>$text{'uedit_chuid'}</b></td>\n";
 print "<td><input type=radio name=chuid value=0> $text{'no'}</td>\n";
@@ -392,11 +392,11 @@ print "<td><input type=radio name=chgid value=2> ",
 
 print "<tr> <td><b>$text{'uedit_servs'}</b></td>\n";
 print "<td><input type=radio name=servs value=1> $text{'uedit_mall'}</td>\n";
-print "<td><input type=radio name=servs value=0 checked> $text{'uedit_mthis'}</td> </tr>\n";
+print "<td colspan=2><input type=radio name=servs value=0 checked> $text{'uedit_mthis'}</td> </tr>\n";
 
 print "<tr> <td><b>$text{'uedit_mothers'}</b></td>\n";
 print "<td><input type=radio name=others value=1 checked> $text{'yes'}</td>\n";
-print "<td><input type=radio name=others value=0> $text{'no'}</td> </tr>\n";
+print "<td colspan=2><input type=radio name=others value=0> $text{'no'}</td> </tr>\n";
 
 print "</table></td> </tr></table><p>\n";
 
@@ -461,6 +461,7 @@ if ($config{'table_mode'}) {
 else {
 	# Show as icons
 	&icons_table(\@links, \@titles, \@icons);
+	print "<br>";
 	}
 
 &ui_print_footer("", $text{'index_return'});

cluster-useradmin/group_form.cgi

@@ -4,7 +4,7 @@
 
 require './cluster-useradmin-lib.pl';
 &ReadParse();
-&ui_print_header(undef, $text{'gedit_title2'}, "", "create_group");
+&ui_print_header(undef, $text{'gedit_title2'}, "", undef);
 @hosts = &list_useradmin_hosts();
 @servers = &list_servers();
 
@@ -37,9 +37,8 @@ print "<input type=radio name=passmode value=2> $text{'clear'}\n";
 print "<input name=pass size=15></td>\n";
 
 print "<td valign=top><b>$text{'gedit_members'}</b></td>\n";
-print "<td><table><tr><td><textarea wrap=auto name=members rows=5 cols=10>",
-      "</textarea></td>\n";
-print "<td valign=top><input type=button onClick='ifield = document.forms[0].members; chooser = window.open(\"/useradmin/my_user_chooser.cgi?multi=1&user=\"+escape(ifield.value), \"chooser\", \"toolbar=no,menubar=no,scrollbars=yes,width=500,height=200\"); chooser.ifield = ifield' value=\"...\"></td></tr></table></td> </tr>\n";
+print "<td valign=top><input name=members size=14>",
+	"<input type=button onClick='ifield = document.forms[0].members; chooser = window.open(\"/useradmin/my_user_chooser.cgi?multi=1&user=\"+escape(ifield.value), \"chooser\", \"toolbar=no,menubar=no,scrollbars=yes,width=500,height=200\"); chooser.ifield = ifield' value=\"...\"></td> </tr>\n";
 print "</table></td></tr></table><p>\n";
 
 print "<table border width=100%>\n";
@@ -53,9 +52,8 @@ print "<td><input type=radio name=others value=0> $text{'no'}</td> </tr>\n";
 # Show server selection input
 &create_on_input($text{'uedit_servers'});
 
-print "</table></td> </tr></table><p>\n";
+print "</table></td> </tr></table><p></p><p></p>\n";
 
 print "<input type=submit value=\"$text{'create'}\"></form><p>\n";
 
 &ui_print_footer("", $text{'index_return'});
-

cluster-useradmin/index.cgi

@@ -68,7 +68,7 @@ else {
 	print "<b>$text{'index_nohosts'}</b><p>\n";
 	}
 $formno++;
-print "<br><br><form action=add.cgi>\n";
+print "<form data-post-icon-row-submit action=add.cgi>\n";
 print "<table width=100%><tr>\n";
 @addservers = grep { !$gothost{$_->{'id'}} } @servers;
 if (@addservers) {

cluster-useradmin/sync_form.cgi

@@ -8,7 +8,7 @@ require './cluster-useradmin-lib.pl';
 
 print "$text{'sync_desc'}<p>\n";
 print "<form action=sync.cgi>\n";
-print "<table>\n";
+print "<table width='100%'>\n";
 
 print "<tr> <td valign=top><b>$text{'sync_hosts'}</b></td> <td>\n";
 &create_on_input(undef, 1, 1);
@@ -67,7 +67,7 @@ print "<tr> <td><b>$text{'sync_others'}</b></td>\n";
 print "<td><input type=radio name=others value=1 checked> $text{'yes'}\n";
 print "<input type=radio name=others value=0> $text{'no'}</td> </tr>\n";
 
-print "</table>\n";
+print "</table><p></p><p></p>\n";
 print "<input type=submit value='$text{'sync_ok'}'></form>\n";
 
 &ui_print_footer("", $text{'index_return'});

cluster-useradmin/user_form.cgi

@@ -96,8 +96,8 @@ foreach (1 .. 15) {
 	$random_password .= $random_password_chars[
 				rand(scalar(@random_password_chars))];
 	}
-print "<td valign=top rowspan=4><b>$text{'pass'}</b>",
-      "</td> <td rowspan=4 valign=top>\n";
+print "<td valign=top rowspan=3><b>$text{'pass'}</b>",
+      "</td> <td rowspan=3 valign=top>\n";
 printf "<input type=radio name=passmode value=0> %s<br>\n",
 	$uconfig{'empty_mode'} ? $text{'none1'} : $text{'none2'};
 printf "<input type=radio name=passmode value=1 checked> %s<br>\n",
@@ -129,8 +129,8 @@ if ($pft == 1 || $pft == 6) {
 	print " &nbsp; <input name=changeh size=3>";
 	print ":<input name=changemi size=3></td>\n";
 
-	print "<td><b>$text{'expire2'}</b></td>\n";
-	print "<td>";
+	print "<td colspan=1><b>$text{'expire2'}</b></td>\n";
+	print "<td colspan=3>";
 	&date_input("", "", "", 'expire');
 	print " &nbsp; <input name=expireh size=3>";
 	print ":<input name=expiremi size=3></td> </tr>\n";
@@ -147,8 +147,8 @@ elsif ($pft == 2) {
 	print "<tr $tb> <td><b>$text{'uedit_passopts'}</b></td> </tr>\n";
 	print "<tr $cb> <td><table width=100%>\n";
 
-	print "<td><b>$text{'expire'}</b></td>\n";
-	print "<td>";
+	print "<td colspan=1><b>$text{'expire'}</b></td>\n";
+	print "<td colspan=3>";
 	&date_input($eday, $emon, $eyear, 'expire');
 	print "</td> </tr>\n";
 
@@ -204,7 +204,7 @@ print "<table border width=100%>\n";
 print "<tr $tb> <td><b>$text{'uedit_gmem'}</b></td> </tr>\n";
 print "<tr $cb> <td><table width=100%>\n";
 print "<tr> <td valign=top><b>$text{'group'}</b></td> <td valign=top>\n";
-printf "<input name=gid size=8 value=\"%s\">\n",
+printf "<input name=gid size=15 value=\"%s\">\n",
 	$uconfig{'default_group'};
 print "<input type=button onClick='ifield = document.forms[0].gid; chooser = window.open(\"/useradmin/my_group_chooser.cgi?multi=0&group=\"+escape(ifield.value), \"chooser\", \"toolbar=no,menubar=no,scrollbars=yes,width=300,height=200\"); chooser.ifield = ifield' value=\"...\"></td>\n";
 
@@ -248,9 +248,9 @@ print "<td><input type=radio name=others value=0> $text{'no'}</td> </tr>\n";
 # Show selector for hosts to create on
 &create_on_input($text{'uedit_servers'});
 
-print "</table></td> </tr></table><p>\n";
+print "</table></td> </tr></table><p></p><p></p>\n";
 
-print "<input type=submit value=\"$text{'create'}\"></form><p>\n";
+print "<input type=submit value=\"$text{'create'}\"></form>\n";
 
 &ui_print_footer("", $text{'index_return'});
 

cluster-usermin/edit_host.cgi

@@ -53,27 +53,36 @@ printf "<td>%s</td> </tr>\n", $host->{'version'};
 print "</table></td></tr></table>\n";
 
 # Show delete and refresh buttons
-print "<table width=100%><tr>\n";
-print "<form action=delete_host.cgi>\n";
+print "<p></p><table width=100%><tr>\n";
+print "<td><form action=delete_host.cgi>\n";
 print "<input type=hidden name=id value=$in{'id'}>\n";
-print "<td><input type=submit value='$text{'host_delete'}'></td>\n";
-print "</form>\n";
+print "<input type=submit value='$text{'host_delete'}'>\n";
+print "</form></td>\n";
 
-print "<form action=refresh.cgi>\n";
+print "<td align=right><form action=refresh.cgi>\n";
 print "<input type=hidden name=id value=$in{'id'}>\n";
-print "<td align=right><input type=submit value='$text{'host_refresh'}'></td>\n";
-print "</form>\n";
+print "<input type=submit value='$text{'host_refresh'}'>\n";
+print "</form></td>\n";
 print "</tr></table>\n";
 
 # Show table of modules and themes
-print "<table border width=100%>\n";
+print "<p></p><table border width=100%>\n";
 print "<tr $tb> <td><b>$text{'host_header_m'}</b></td> </tr>\n";
 print "<tr $cb> <td><table width=100%>\n";
 
 $i = 0;
+my $total_cells = scalar(@modules);
 foreach $m (sort { $a->{'desc'} cmp $b->{'desc'} } @modules) {
+	my $colspan = '';
+	if ($total_cells == $i + 1 && $total_cells%$i == 1) {
+		if ($i%3 == 0) {
+			$colspan = " colspan=3 ";
+		} elsif($i%3 == 1) {
+			$colspan = " colspan=2 ";
+		}
+	}
 	print "<tr>\n" if ($i%3 == 0);
-	print "<td width=33%><a href='edit_mod.cgi?mod=$m->{'dir'}&host=$in{'id'}'>",$m->{'desc'},"</td>\n";
+	print "<td $colspan width=33%><a href='edit_mod.cgi?mod=$m->{'dir'}&host=$in{'id'}'>",$m->{'desc'},"</td>\n";
 	print "</tr>\n" if ($i%3 == 2);
 	$i++;
 	}
@@ -82,9 +91,18 @@ if (@themes) {
 	print "</table></td></tr>\n";
 	print "<tr $tb> <td><b>$text{'host_header_t'}</b></td> </tr>\n";
 	print "<tr $cb> <td><table width=100%>\n";
+	my $total_cells_themes = scalar(@themes);
 	foreach $t (sort { $a->{'desc'} cmp $b->{'desc'} } @themes) {
+		my $colspan = '';
+		if ($total_cells_themes == $i + 1 && $total_cells_themes%$i == 1) {
+			if ($i%3 == 0) {
+				$colspan = " colspan=3 ";
+			} elsif($i%3 == 1) {
+				$colspan = " colspan=2 ";
+			}
+		}
 		print "<tr>\n" if ($i%3 == 0);
-		print "<td width=33%><a href='edit_mod.cgi?theme=$t->{'dir'}$in{'id'}'>",$t->{'desc'},"</td>\n";
+		print "<td $colspan width=33%><a href='edit_mod.cgi?theme=$t->{'dir'}$in{'id'}'>",$t->{'desc'},"</td>\n";
 		print "</tr>\n" if ($i%3 == 2);
 		$i++;
 		}

cluster-usermin/edit_mod.cgi

@@ -170,16 +170,16 @@ else {
 print "</table></td></tr></table><p>\n";
 
 print "<table width=100%><tr>\n";
-print "<form action=delete_mod.cgi>\n";
+print "<td><form action=delete_mod.cgi>\n";
 print "<input type=hidden name=type value=\"$type\">\n";
 print "<input type=hidden name=mod value=\"$name\">\n";
-print "<td><input type=submit value='",$text{"edit_uninst_$type"},"'>\n";
+print "<input type=submit value='",$text{"edit_uninst_$type"},"'>\n";
 print "<select name=server>\n";
 print "<option value=-1>$text{'edit_all'}</option>\n";
 foreach $s (@got) {
 	print "<option value='$s->{'id'}'>",&server_name($s),"</option>\n";
 	}
-print "</select></td></form>\n";
+print "</select></form></td>\n";
 
 print "</tr></table>\n";
 
@@ -191,6 +191,7 @@ print &ui_subheading($text{'edit_hosts'});
 @titles = map { &server_name($_).
 	        ($_->{'module'}->{'version'} ? " ($text{'host_version2'} $_->{'module'}->{'version'})" : "") } @got;
 &icons_table(\@links, \@titles, \@icons);
+print "<br>";
 
 &remote_finished();
 &ui_print_footer("", $text{'index_return'});

cluster-usermin/index.cgi

@@ -75,10 +75,10 @@ foreach $t (&all_themes(\@hosts)) {
 $themesel .= "</select>\n";
 
 # Show button for adding server
-print "<table width=100%><tr>\n";
+print "<table data-post-icon-row-submit width=100%><tr>\n";
 @addservers = grep { !$gothost{$_->{'id'}} } @servers;
 if (@addservers) {
-	print "<td><form action=add.cgi><td>\n";
+	print "<td><form action=add.cgi>\n";
 	print "<input type=submit name=add value='$text{'index_add'}'>\n";
 	print "<select name=server>\n";
 	foreach $s (@addservers) {

cluster-webmin/cluster-webmin-lib.pl

@@ -169,14 +169,15 @@ return sort { $a->{'name'} cmp $b->{'name'} }
 	 map { @{$_->{'users'}} } @{$_[0]};
 }
 
-# create_on_input(desc, [no-donthave], [no-have], [multiple])
+# create_on_input(desc, [no-donthave], [no-have], [multiple], [colspan])
 sub create_on_input
 {
 local @hosts = &list_webmin_hosts();
 local @servers = &list_servers();
 if ($_[0]) {
 	print "<tr> <td><b>$_[0]</b></td>\n";
-	print "<td>\n";
+	my $colspan = "colspan=$_[4]" if ($_[4]);
+	print "<td $colspan>\n";
 	}
 if ($_[3]) {
 	print "<select name=server size=5 multiple>\n";

cluster-webmin/edit_host.cgi

@@ -53,7 +53,7 @@ printf "<td>%s</td> </tr>\n", $host->{'version'};
 print "</table></td></tr></table>\n";
 
 # Show delete and refresh buttons
-print "<table width=100%><tr>\n";
+print "<p></p><table width=100%><tr>\n";
 
 print "<td><form action=delete_host.cgi>\n";
 print "<input type=hidden name=id value=$in{'id'}>\n";
@@ -68,14 +68,23 @@ print "</form></td>\n";
 print "</tr></table>\n";
 
 # Show table of modules and themes
-print "<table border width=100%>\n";
+print "<p></p><table border width=100%>\n";
 print "<tr $tb> <td><b>$text{'host_header_m'}</b></td> </tr>\n";
 print "<tr $cb> <td><table width=100%>\n";
 
 $i = 0;
+my $total_cells = scalar(@modules);
 foreach $m (sort { $a->{'desc'} cmp $b->{'desc'} } @modules) {
+	my $colspan = '';
+	if ($total_cells == $i + 1 && $total_cells%$i == 1) {
+		if ($i%3 == 0) {
+			$colspan = " colspan=3 ";
+		} elsif($i%3 == 1) {
+			$colspan = " colspan=2 ";
+		}
+	}
 	print "<tr>\n" if ($i%3 == 0);
-	print "<td width=33%><a href='edit_mod.cgi?mod=$m->{'dir'}&host=$in{'id'}'>",$m->{'desc'},"</td>\n";
+	print "<td $colspan width=33%><a href='edit_mod.cgi?mod=$m->{'dir'}&host=$in{'id'}'>",$m->{'desc'},"</td>\n";
 	print "</tr>\n" if ($i%3 == 2);
 	$i++;
 	}
@@ -84,9 +93,18 @@ if (@themes) {
 	print "</table></td></tr>\n";
 	print "<tr $tb> <td><b>$text{'host_header_t'}</b></td> </tr>\n";
 	print "<tr $cb> <td><table width=100%>\n";
+	my $total_cells_themes = scalar(@themes);
 	foreach $t (sort { $a->{'desc'} cmp $b->{'desc'} } @themes) {
+		my $colspan = '';
+		if ($total_cells_themes == $i + 1 && $total_cells_themes%$i == 1) {
+			if ($i%3 == 0) {
+				$colspan = " colspan=3 ";
+			} elsif($i%3 == 1) {
+				$colspan = " colspan=2 ";
+			}
+		}
 		print "<tr>\n" if ($i%3 == 0);
-		print "<td width=33%><a href='edit_mod.cgi?theme=$t->{'dir'}$in{'id'}'>",$t->{'desc'},"</td>\n";
+		print "<td $colspan width=33%><a href='edit_mod.cgi?theme=$t->{'dir'}$in{'id'}'>",$t->{'desc'},"</td>\n";
 		print "</tr>\n" if ($i%3 == 2);
 		$i++;
 		}
@@ -94,7 +112,7 @@ if (@themes) {
 print "</table></td></tr></table><br>\n";
 
 # Show table of users and groups
-print "<table border width=100%>\n";
+print "<p></p><table border width=100%>\n";
 print "<tr $tb> <td><b>$text{'host_header_u'}</b></td> </tr>\n";
 print "<tr $cb> <td><table width=100%>\n";
 $i = 0;

cluster-webmin/edit_mod.cgi

@@ -177,33 +177,33 @@ print "</table></td></tr></table><p>\n";
 print "<table width=100%><tr>\n";
 
 # Show button to delete module
-print "<form action=delete_mod.cgi>\n";
+print "<td><form action=delete_mod.cgi>\n";
 print "<input type=hidden name=type value=\"$type\">\n";
 print "<input type=hidden name=mod value=\"$name\">\n";
-print "<td><input type=submit value='",$text{"edit_uninst_$type"},"'>\n";
+print "<input type=submit value='",$text{"edit_uninst_$type"},"'>\n";
 print "<select name=server>\n";
 print "<option value=-1>$text{'edit_all'}</option>\n";
 foreach $s (@got) {
 	print "<option value='$s->{'id'}'>",&server_name($s),"</option>\n";
 	}
-print "</select></td></form>\n";
+print "</select></form></td>\n";
 
 if ($type eq 'mod') {
 	# Show button to edit config
-	print "<form action=edit_config.cgi>\n";
+	print "<td><form action=edit_config.cgi>\n";
 	print "<input type=hidden name=type value=\"$type\">\n";
 	print "<input type=hidden name=mod value=\"$name\">\n";
-	print "<td><input type=submit value='$text{'edit_config'}'>\n";
+	print "<input type=submit value='$text{'edit_config'}'>\n";
 	&create_on_input(undef, 1, 0, 0);
-	print "</td></form>\n";
+	print "</form></td>\n";
 	}
 
 if ($type eq 'mod') {
 	# Show user/group ACL selector
-	print "<form action=edit_acl.cgi>\n";
+	print "<td align=right><form action=edit_acl.cgi>\n";
 	print "<input type=hidden name=mod value=\"$name\">\n";
 	print "<input type=hidden name=host value=\"$checkonh->{'id'}\">\n";
-	print "<td align=right><input type=submit value='$text{'edit_acl'}'>\n";
+	print "<input type=submit value='$text{'edit_acl'}'>\n";
 	print "<select name=whohost>\n";
 	for($i=0; $i<@goth; $i++) {
 		$h = $goth[$i];
@@ -227,7 +227,7 @@ if ($type eq 'mod') {
 				if (&indexof($name, @m) >= 0);
 			}
 		}
-	print "</select></td></form>\n";
+	print "</select></form></td>\n";
 	}
 
 print "</tr></table>\n";
@@ -240,6 +240,7 @@ print &ui_subheading($text{'edit_hosts'});
 @titles = map { &server_name($_).
 	        ($_->{'module'}->{'version'} ? " ($text{'host_version2'} $_->{'module'}->{'version'})" : "") } @got;
 &icons_table(\@links, \@titles, \@icons);
+print "<br>";
 
 &remote_finished();
 &ui_print_footer("", $text{'index_return'});

cluster-webmin/group_form.cgi

@@ -45,15 +45,15 @@ for($i=$mp*2; $i<@mods; $i++) {
 print "</select>\n";
 
 print "<br>\n";
-print "<a href='' onClick='for(i=0; i<document.forms[0].mods1.options.length; i++) { document.forms[0].mods1.options[i].selected = true; } for(i=0; i<document.forms[0].mods2.options.length; i++) { document.forms[0].mods2.options[i].selected = true; } for(i=0; i<document.forms[0].mods3.options.length; i++) { document.forms[0].mods3.options[i].selected = true; } return false'>$text{'user_sall'}</a>&nbsp;\n";
-print "<a href='' onClick='for(i=0; i<document.forms[0].mods1.options.length; i++) { document.forms[0].mods1.options[i].selected = false; } for(i=0; i<document.forms[0].mods2.options.length; i++) { document.forms[0].mods2.options[i].selected = false; } for(i=0; i<document.forms[0].mods3.options.length; i++) { document.forms[0].mods3.options[i].selected = false; } return false'>$text{'user_snone'}</a>&nbsp;\n";
-print "<a href='' onClick='for(i=0; i<document.forms[0].mods1.options.length; i++) { document.forms[0].mods1.options[i].selected = !document.forms[0].mods1.options[i].selected; } for(i=0; i<document.forms[0].mods2.options.length; i++) { document.forms[0].mods2.options[i].selected = !document.forms[0].mods2.options[i].selected; } for(i=0; i<document.forms[0].mods3.options.length; i++) { document.forms[0].mods3.options[i].selected = !document.forms[0].mods3.options[i].selected; } return false'>$text{'user_sinvert'}</a><br>\n";
+print "<button class='btn btn-tiny' type='button' onClick='for(i=0; i<this.form.mods1.options.length; i++) { this.form.mods1.options[i].selected = true; } for(i=0; i<this.form.mods2.options.length; i++) { this.form.mods2.options[i].selected = true; } for(i=0; i<this.form.mods3.options.length; i++) { this.form.mods3.options[i].selected = true; } return false'>$text{'user_sall'}</button>\n";
+print "<button class='btn btn-tiny' type='button' onClick='for(i=0; i<this.form.mods1.options.length; i++) { this.form.mods1.options[i].selected = false; } for(i=0; i<this.form.mods2.options.length; i++) { this.form.mods2.options[i].selected = false; } for(i=0; i<this.form.mods3.options.length; i++) { this.form.mods3.options[i].selected = false; } return false'>$text{'user_snone'}</button>\n";
+print "<button class='btn btn-tiny' type='button' onClick='for(i=0; i<this.form.mods1.options.length; i++) { this.form.mods1.options[i].selected = !this.form.mods1.options[i].selected; } for(i=0; i<this.form.mods2.options.length; i++) { this.form.mods2.options[i].selected = !this.form.mods2.options[i].selected; } for(i=0; i<this.form.mods3.options.length; i++) { this.form.mods3.options[i].selected = !this.form.mods3.options[i].selected; } return false'>$text{'user_sinvert'}</a><br>\n";
 
 print "</td> </tr>\n";
 
-&create_on_input($text{'group_servers'}, 0, 1);
+&create_on_input($text{'group_servers'}, 0, 1, undef, 3);
 
-print "</table></td></tr></table><br>\n";
+print "</table></td></tr></table><p></p><p></p>\n";
 print "<input type=submit value='$text{'create'}'></form>\n";
 
 &ui_print_footer("", $text{'index_return'});

cluster-webmin/index.cgi

@@ -87,7 +87,7 @@ foreach $u (@wgroups) {
 	}
 $groupsel .= "</select>\n";
 
-print "<table width=100%><tr>\n";
+print "<table data-post-icon-row-submit width=100%><tr>\n";
 @addservers = grep { !$gothost{$_->{'id'}} } @servers;
 if (@addservers) {
 	print "<td><form action=add.cgi>\n";

cluster-webmin/sync_form.cgi

@@ -8,7 +8,7 @@ require './cluster-webmin-lib.pl';
 
 print "$text{'sync_desc'}<p>\n";
 print "<form action=sync.cgi>\n";
-print "<table>\n";
+print "<table width='100%'>\n";
 
 print "<tr> <td valign=top><b>$text{'sync_hosts'}</b></td> <td>\n";
 &create_on_input(undef, 1, 1, 1);
@@ -44,7 +44,7 @@ print "<tr> <td><b>$text{'sync_test'}</b></td>\n";
 print "<td><input type=radio name=test value=1> $text{'yes'}\n";
 print "<input type=radio name=test value=0 checked> $text{'no'}</td> </tr>\n";
 
-print "</table>\n";
+print "</table><p></p><p></p>\n";
 print "<input type=submit value='$text{'sync_ok'}'></form>\n";
 
 &ui_print_footer("", $text{'index_return'});

cluster-webmin/user_form.cgi

@@ -27,12 +27,12 @@ foreach $g (@wgroups) {
 print "</select></td> </tr>\n";
 
 print "<tr> <td><b>$text{'user_pass'}</b></td> <td colspan=3>\n";
-print "<select name=pass_def>\n";
+print "<select class='ui_select margined-bottom-1' name=pass_def>\n";
 print "<option value=0 selected>$text{'user_set'} ..</option>\n";
 print "<option value=3>$text{'user_unix'}</option>\n";
 print "<option value=4>$text{'user_lock'}</option>\n";
 print "<option value=5>$text{'user_extauth'}</option>\n";
-print "</select><input type=password name=pass size=25></td> </tr>\n";
+print "</select>&nbsp;<input type=password name=pass size=25></td> </tr>\n";
 
 print "<tr> <td><b>$text{'user_lang'}</b></td> <td>\n";
 print "<select name=lang>\n";
@@ -81,15 +81,15 @@ for($i=$mp*2; $i<@mods; $i++) {
 print "</select>\n";
 
 print "<br>\n";
-print "<a href='' onClick='for(i=0; i<document.forms[0].mods1.options.length; i++) { document.forms[0].mods1.options[i].selected = true; } for(i=0; i<document.forms[0].mods2.options.length; i++) { document.forms[0].mods2.options[i].selected = true; } for(i=0; i<document.forms[0].mods3.options.length; i++) { document.forms[0].mods3.options[i].selected = true; } return false'>$text{'user_sall'}</a>&nbsp;\n";
-print "<a href='' onClick='for(i=0; i<document.forms[0].mods1.options.length; i++) { document.forms[0].mods1.options[i].selected = false; } for(i=0; i<document.forms[0].mods2.options.length; i++) { document.forms[0].mods2.options[i].selected = false; } for(i=0; i<document.forms[0].mods3.options.length; i++) { document.forms[0].mods3.options[i].selected = false; } return false'>$text{'user_snone'}</a>&nbsp;\n";
-print "<a href='' onClick='for(i=0; i<document.forms[0].mods1.options.length; i++) { document.forms[0].mods1.options[i].selected = !document.forms[0].mods1.options[i].selected; } for(i=0; i<document.forms[0].mods2.options.length; i++) { document.forms[0].mods2.options[i].selected = !document.forms[0].mods2.options[i].selected; } for(i=0; i<document.forms[0].mods3.options.length; i++) { document.forms[0].mods3.options[i].selected = !document.forms[0].mods3.options[i].selected; } return false'>$text{'user_sinvert'}</a><br>\n";
+print "<button class='btn btn-tiny' type='button' onClick='for(i=0; i<this.form.mods1.options.length; i++) { this.form.mods1.options[i].selected = true; } for(i=0; i<this.form.mods2.options.length; i++) { this.form.mods2.options[i].selected = true; } for(i=0; i<this.form.mods3.options.length; i++) { this.form.mods3.options[i].selected = true; } return false'>$text{'user_sall'}</button>\n";
+print "<button class='btn btn-tiny' type='button' onClick='for(i=0; i<this.form.mods1.options.length; i++) { this.form.mods1.options[i].selected = false; } for(i=0; i<this.form.mods2.options.length; i++) { this.form.mods2.options[i].selected = false; } for(i=0; i<this.form.mods3.options.length; i++) { this.form.mods3.options[i].selected = false; } return false'>$text{'user_snone'}</button>\n";
+print "<button class='btn btn-tiny' type='button' onClick='for(i=0; i<this.form.mods1.options.length; i++) { this.form.mods1.options[i].selected = !this.form.mods1.options[i].selected; } for(i=0; i<this.form.mods2.options.length; i++) { this.form.mods2.options[i].selected = !this.form.mods2.options[i].selected; } for(i=0; i<this.form.mods3.options.length; i++) { this.form.mods3.options[i].selected = !this.form.mods3.options[i].selected; } return false'>$text{'user_sinvert'}</button><br>\n";
 
 print "</td> </tr>\n";
 
-&create_on_input($text{'user_servers'}, 0, 1);
+&create_on_input($text{'user_servers'}, 0, 1, undef, 3);
 
-print "</table></td></tr></table><br>\n";
+print "</table></td></tr></table><p></p><p></p>\n";
 print "<input type=submit value='$text{'create'}'></form>\n";
 
 &ui_print_footer("", $text{'index_return'});

config.cgi

@@ -8,11 +8,12 @@ require './config-lib.pl';
 &init_config();
 &ReadParse();
 $m = $in{'module'} || $ARGV[0];
+%module_info = &get_module_info($m);
+%module_info || &error($text{'config_emodule'});
 &foreign_available($m) || &error($text{'config_eaccess'});
 %access = &get_module_acl(undef, $m);
 $access{'noconfig'} &&
 	&error($text{'config_ecannot'});
-%module_info = &get_module_info($m);
 if (-r &help_file($m, "config_intro")) {
 	$help = [ "config_intro", $m ];
 	}

config_save.cgi

@@ -9,6 +9,8 @@ require './config-lib.pl';
 &ReadParse();
 $m = $in{'module'};
 &error_setup($text{'config_err'});
+%module_info = &get_module_info($m);
+%module_info || &error($text{'config_emodule'});
 &foreign_available($m) || &error($text{'config_eaccess'});
 %access = &get_module_acl(undef, $m);
 $access{'noconfig'} && &error($text{'config_ecannot'});

cpan/module.info

@@ -1,4 +1,3 @@
-risk=high
 desc=Perl Modules
 name=CPAN
 longdesc=Install new Perl modules on your system, and view those already installed.

cron/config.info

@@ -2,7 +2,7 @@ line1=Configurable options,11
 max_len=Maximum command length to display,3,Unlimited
 max_jobs=Maximum Cron jobs to show,3,Unlimited
 show_time=Show job schedules?,1,1-Yes,0-No
-show_comment=Show job comments?,1,1-Yes,0-No
+show_comment=Show job description?,1,1-Yes,0-No
 show_run=Display running status of jobs?,1,2-Yes, and allow starting and stopping,1-Yes,0-No
 show_next=Show next time each job will run?,1,1-Yes,0-No
 match_mode=Find job processes by,1,1-Command only,0-Command and arguments

cron/module.info

@@ -3,6 +3,5 @@ category=system
 os_support=solaris *-linux hpux freebsd osf1 irix unixware openserver macos openbsd aix netbsd windows 
 depends=proc
 readonly=1
-risk=low medium high
 desc=Scheduled Cron Jobs
 longdesc=Create, edit and delete Cron jobs.

cron/safeacl

@@ -0,0 +1,8 @@
+mode=3
+allow=0
+command=1
+create=1
+delete=1
+move=1
+kill=1
+hourly=0

custom/module.info

@@ -1,4 +1,3 @@
-risk=medium high
 name=Custom
 desc=Custom Commands
 depends=proc

dfsadmin/low.risk

@@ -1 +0,0 @@
-noconfig=1

dfsadmin/medium.risk

@@ -1 +0,0 @@
-noconfig=1

dfsadmin/module.info

@@ -1,4 +1,3 @@
-risk=low medium high
 name=DFSadmin
 category=net
 os_support=solaris unixware

dhcpd/edit_iface.cgi

@@ -95,7 +95,7 @@ my $val;
 if (&foreign_check("net")) {
 	%got = map { $_, 1 } split(/\s+/, $iface);
 	&foreign_require("net", "net-lib.pl");
-	@ifaces = grep { $_->{'virtual'} eq '' } &net::active_interfaces();
+	@ifaces = &net::active_interfaces();
 	$sz = scalar(@ifaces);
     my @iface_sel;
 	foreach $i (@ifaces) {

dhcpd/module.info

@@ -1,4 +1,3 @@
-risk=low medium high
 name=DHCPD
 category=servers
 os_support=debian-linux freebsd osf1 redhat-linux mandrake-linux slackware-linux solaris suse-linux united-linux unixware openserver open-linux turbo-linux openbsd corel-linux cobalt-linux irix netbsd msc-linux generic-linux gentoo-linux hpux trustix-linux macos sol-linux coherent-linux openmamba-linux pardus-linux

dnsadmin/module.info

@@ -1,4 +1,3 @@
-risk=low medium high
 name=DNSadmin
 category=servers
 os_support=slackware-linux{-r "/etc/named.boot"} coherent-linux{-r "/etc/named.boot"} redhat-linux{-r "/etc/named.boot"} mandrake-linux{-r "/etc/named.boot"} solaris{-r "/etc/named.boot"} debian-linux{-r "/etc/named.boot" || -r "/etc/bind/named.boot"} suse-linux{-r "/etc/named.boot"} united-linux{-r "/etc/named.boot"} hpux{-r "/etc/named.boot" || -x "/usr/sbin/named"} freebsd{-r "/etc/named.boot" || -r "/etc/namedb/named.boot"} osf1{-r "/etc/named.boot" || -r "/etc/namedb/named.boot"} irix unixware{-r "/etc/named.boot"} openserver{-r "/etc/named.boot"} turbo-linux{-r "/etc/named.boot"} openbsd{-r "/etc/named.boot" || -r "/var/named/named.boot"} aix{-r "/etc/named.boot"} cobalt-linux/2.2{-r "/etc/named.boot"} cobalt-linux/4.0{-r "/etc/named.boot"} aix{-r "/etc/named.boot"} msc-linux{-r "/etc/named.boot"} openmamba-linux{-r "/etc/named.boot"}

exports-nfs4/low.risk

@@ -1 +0,0 @@
-noconfig=1

exports-nfs4/medium.risk

@@ -1 +0,0 @@
-noconfig=1

exports-nfs4/module.info

@@ -1,4 +1,3 @@
-risk=low medium high
 longdesc=Edit NFS v4 file shares defined in /etc/exports.
 name=Export Manager
 category=net

exports/low.risk

@@ -1 +0,0 @@
-noconfig=1

exports/medium.risk

@@ -1 +0,0 @@
-noconfig=1

exports/module.info

@@ -1,4 +1,3 @@
-risk=low medium high
 longdesc=Edit NFS file shares defined in /etc/exports.
 name=Export Manager
 category=net

fdisk/fdisk-lib.pl

@@ -249,7 +249,8 @@ else {
 	open(FDISK, "fdisk -l -u=cylinders $devs 2>/dev/null || fdisk -l $devs 2>/dev/null |");
 	}
 while(<FDISK>) {
-	if (/Disk\s+([^ :]+):\s+(\d+)\s+\S+\s+(\d+)\s+\S+\s+(\d+)/ ||
+	if (($m4 = ($_ =~ /Disk\s+([^ :]+):\s+(\d+)\s+(\S+),\s+(\d+)\s+bytes,\s+(\d+)\s+sectors/)) ||
+	    ($m1 = ($_ =~ /Disk\s+([^ :]+):\s+(\d+)\s+\S+\s+(\d+)\s+\S+\s+(\d+)/)) ||
 	    ($m2 = ($_ =~ /Disk\s+([^ :]+):\s+(.*)\s+bytes/)) ||
 	    ($m3 = ($_ =~ /Disk\s+([^ :]+):\s+([0-9\.]+)cyl/))) {
 		# New disk section
@@ -261,6 +262,7 @@ while(<FDISK>) {
 			}
 		elsif ($m2) {
 			# New style fdisk
+			# Disk /dev/sda: 85.8 GB, 85899345920 bytes
 			$disk = { 'device' => $1,
 				  'prefix' => $1,
 				  'table' => 'msdos', };
@@ -269,6 +271,14 @@ while(<FDISK>) {
 			$disk->{'sectors'} = $2;
 			$disk->{'cylinders'} = $3;
 			}
+		elsif ($m4) {
+			# Even newer disk (sectors/etc come later)
+			# Disk /dev/sda: 10 GiB, 10737418240 bytes, 20971520 sectors
+			$disk = { 'device' => $1,
+				  'prefix' => $1,
+				  'size' => $4,
+				  'table' => 'msdos', };
+			}
 		else {
 			# Old style fdisk
 			$disk = { 'device' => $1,
@@ -432,7 +442,14 @@ while(<FDISK>) {
 
 		push(@disks, $disk);
 		}
-	elsif (/^Units\s+=\s+cylinders\s+of\s+(\d+)\s+\*\s+(\d+)/) {
+	elsif (/Geometry:\s+(\d+)\s+heads,\s+(\d+)\s+sectors\/track,\s+(\d+)\s+cylinders/) {
+		# Separate geometry line
+		# Geometry: 255 heads, 63 sectors/track, 1305 cylinders
+		$disk->{'heads'} = $1;
+		$disk->{'sectors'} = $2;
+		$disk->{'cylinders'} = $3;
+		}
+	elsif (/^Units\s*[=:]\s+cylinders\s+of\s+(\d+)\s+\*\s+(\d+)/) {
 		# Unit size for disk from fdisk
 		$disk->{'bytes'} = $2;
 		$disk->{'cylsize'} = $disk->{'heads'} * $disk->{'sectors'} *
@@ -450,8 +467,25 @@ while(<FDISK>) {
 						        $disk->{'sectors'};
 		$disk->{'size'} = $disk->{'cylinders'} * $disk->{'cylsize'};
 		}
+	elsif (/(\/dev\/\S+?(\d+))[ \t*]+(\d+)\s+(\d+)\s+(\d+)\s+(\S+)\s+(\S{1,2})\s+(.*)/) {
+		# Partition within the current disk from fdisk (msdos format)
+		# /dev/sda1 * 1 1306 1306 10G 83 Linux
+		local $part = { 'number' => $2,
+				'device' => $1,
+				'type' => $7,
+				'start' => $3,
+				'end' => $4,
+				'extended' => $7 eq '5' || $6 eq 'f' ? 1 : 0,
+				'index' => scalar(@{$disk->{'parts'}}),
+			 	'edittype' => 1, };
+		$part->{'desc'} = &partition_description($part->{'device'});
+		$part->{'size'} = ($part->{'end'} - $part->{'start'} + 1) *
+				  $disk->{'cylsize'};
+		push(@{$disk->{'parts'}}, $part);
+		}
 	elsif (/(\/dev\/\S+?(\d+))[ \t*]+\d+\s+(\d+)\s+(\d+)\s+(\S+)\s+(\S{1,2})\s+(.*)/ || /(\/dev\/\S+?(\d+))[ \t*]+(\d+)\s+(\d+)\s+(\S+)\s+(\S{1,2})\s+(.*)/) {
 		# Partition within the current disk from fdisk (msdos format)
+		# /dev/sda1 * 1 9327 74919096 83 Linux
 		local $part = { 'number' => $2,
 				'device' => $1,
 				'type' => $6,

fdisk/module.info

@@ -1,4 +1,3 @@
-risk=high
 name=Partition Manager
 category=hardware
 os_support=*-linux

file/getattrs.cgi

@@ -10,7 +10,7 @@ if (!&can_access($in{'file'})) {
 	print $text{'facl_eaccess'},"\n";
 	}
 else {
-	$out = `attr -l '$in{'file'}' 2>&1`;
+	$out = &backquote_command("attr -l ".quotemeta($in{'file'})." 2>&1");
 	if ($?) {
 		print $out,"\n";
 		}
@@ -19,7 +19,9 @@ else {
 			if ($l =~ /Attribute\s+"(.*)"/i) {
 				# Get the valid for this attribute
 				local $name = $1;
-				$got = `attr -g '$name' '$in{'file'}' 2>&1`;
+				$got = &backquote_command(
+					"attr -g ".quotemeta($name)." ".
+					quotemeta($in{'file'})." 2>&1");
 				if ($? || $got !~ /^(.*)\n([\0-\377]*)\n$/) {
 					print $got,"\n";
 					exit;

file/getext.cgi

@@ -10,7 +10,7 @@ if (!&can_access($in{'file'})) {
 	print $text{'facl_eaccess'},"\n";
 	}
 else {
-	$out = `lsattr -d '$in{'file'}' 2>&1`;
+	$out = &backquote_command("lsattr -d ".quotemeta($in{'file'})." 2>&1");
 	$out =~ s/^lsattr.*\n//;
 	if ($? || $out !~ /^(\S+)\s/) {
 		print $out,"\n";

file/module.info

@@ -1,4 +1,3 @@
-risk=high
 name=FileManager
 desc=Java File Manager
 longdesc=View, edit and change permissions on files and directories on your system with a Windows-like file manager.

filemin/acl_security.pl

@@ -60,3 +60,7 @@ sub acl_security_save {
     }
     $access->{'max'} = $in->{'max_def'} ? undef : $in{'max'};
 }
+
+sub acl_security_noconfig {
+    return 1;
+}

filemin/filemin-lib.pl

@@ -75,8 +75,12 @@ sub get_paths {
         }
     }
     @allowed_paths = map { &simplify_path($_) } &unique(@allowed_paths);
-    $path = $in{'path'} || '';
-    $html_escaped_path = html_escape($path);
+    if ($in{'path'} =~ /^%2F/) {
+        $path = un_urlize($in{'path'}, 1) || '';
+    } else {
+        $path = $in{'path'} || '';
+    }
+    $quote_escaped_path = quote_escape($path);
     $urlized_path = urlize($path);
     
     $cwd = &simplify_path($base.$path);
@@ -224,7 +228,7 @@ sub print_interface {
         for(my $i = 1; $i <= scalar(@breadcr)-1; $i++) {
             chomp($breadcr[$i]);
             $cp = $cp.'/'.$breadcr[$i];
-            print "<a href='index.cgi?path=$cp'>".
+            print "<a href='index.cgi?path=".&urlize($cp)."'>".
                   &html_escape($breadcr[$i])."</a> / ";
         }
         print "<br />";
@@ -299,7 +303,7 @@ sub print_interface {
         $vlink = html_escape($link);
         $vlink = quote_escape($vlink);
         $vlink = decode('UTF-8', $vlink, Encode::FB_DEFAULT);
-	my $hlink = html_escape($vlink);
+        my $hlink = html_escape($vlink);
         $vpath = quote_escape($vpath);
         $vpath = decode('UTF-8', $vpath, Encode::FB_DEFAULT);
 
@@ -381,7 +385,7 @@ sub print_interface {
         print &ui_checked_columns_row(\@row_data, "", "name", $vlink);
     }
     print ui_columns_end();
-    print &ui_hidden("path", $urlized_path),"\n";
+    print &ui_hidden("path", $path),"\n";
     print &ui_form_end();
 }
 

filemin/safeacl

@@ -0,0 +1,3 @@
+allowed_paths=$HOME
+work_as_root=0
+work_as_user=0

filemin/save_file.cgi

@@ -16,7 +16,8 @@ $data =~ s/\r\n/\n/g;
 if ( $in{'encoding'} && lc( $in{'encoding'} ) ne "utf-8" ) {
     eval { $data = Encode::encode( $in{'encoding'}, Encode::decode( 'utf-8', $data ) ) };
 }
-&open_tempfile(SAVE, ">$file") || &error("$text{'error_saving_file'} : $!");
+&open_tempfile(SAVE, ">$file") ||
+	&error($text{'error_saving_file'}." : ".&html_escape("$!"));
 &print_tempfile(SAVE, $data);
 &close_tempfile(SAVE);
 

filemin/unauthenticated/css/style.css

@@ -6,7 +6,6 @@ body
   clear: both;
 }
 #listing {
-  //border: solid 1px;
   border-collapse: collapse;
   width: 100%;
 }
@@ -17,9 +16,7 @@ body
   font-weight: bold;
   background: #ddd;
 }
-#list_form tr:hover {
-//  background: #bbb;
-}
+
 #list_form tr.checked {
   background: #bfb;
 }
@@ -137,8 +134,8 @@ a:hover {
  cursor:pointer;
 }
 /* by https://github.com/rostovtsev */
-#list_form tbody tr.checked:hover,
-#list_form tbody tr:hover {
+#list_form tbody tr.checked:not(.m-active-o):not(.m-not-active):hover,
+#list_form tbody tr:hover:not(.m-active-o):not(.m-not-active) {
     background: #d3e4f4 !important;
 }
 

filemin/unauthenticated/templates/dialogs.html

@@ -27,7 +27,7 @@
                     <div class="form-group">
                         <label>$text{'new_folder_name'}</label>
                         <input id="name" name="name" type="text" class="form-control" data-placement="right" data-content="$text{'provide_folder_name'}" data-trigger="manual">
-                        <input type='hidden' name='path' value='$urlized_path'>
+                        <input type='hidden' name='path' value='$quote_escaped_path'>
                     </div>
                 </form>
             </div>
@@ -51,7 +51,7 @@
                     <div class="form-group">
                         <label>$text{'new_file_name'}</label>
                         <input name="name" type="text" class="form-control" data-placement="right" data-content="$text{'provide_file_name'}" data-trigger="manual">
-                        <input type='hidden' name='path' value='$urlized_path'>
+                        <input type='hidden' name='path' value='$quote_escaped_path'>
                     </div>
                 </form>
             </div>
@@ -76,7 +76,7 @@
                         <label>$text{'new_name'}</label>
                         <input name="name" type="text" class="form-control" data-placement="right" data-content="$text{'provide_new_file_name'}" data-trigger="manual">
                         <input type='hidden' name='file' value='' required>
-                        <input type='hidden' name='path' value='$urlized_path'>
+                        <input type='hidden' name='path' value='$quote_escaped_path'>
                     </div>
                 </form>
             </div>
@@ -310,7 +310,7 @@
             <label>$text{'dialog_user_pass'}</label>
             <input name="password" type="password" class="form-control">
           </div>
-          <input type='hidden' name='path' value='$urlized_path'>
+          <input type='hidden' name='path' value='$quote_escaped_path'>
         </form>
       </div>
       <div class="modal-footer">
@@ -331,7 +331,7 @@
       <div class="modal-body">
         <form id='upload-form' method='post' action='upload.cgi?path=$urlized_path&id=$upid' enctype='multipart/form-data' onsubmit='window.open("$gconfig{'webprefix'}/uptracker.cgi?id=$upid&uid=$uid", "uptracker", "toolbar=no, menubar=no, scrollbars=no, location=no, resizable=no, width=screen.width, height=screen.height")'>
             <input type='file' id='upfiles' name='upfiles' multiple onchange='countUploads(this)'>
-            <input type='hidden' name='path' value='$urlized_path'>
+            <input type='hidden' name='path' value='$quote_escaped_path'>
         </form>
           <div id="readyForUploadList" class="well">
           </div>
@@ -357,7 +357,7 @@
                         <label>$text{'search_label'}</label>
                         <input id="query" name="query" type="text" class="form-control" data-placement="right" data-content="$text{'provide_search_query'}" data-trigger="manual"><br>
                         <input id="caseins" name="caseins" type="checkbox" checked="checked"> $text{'search_insensitive'}
-                        <input type='hidden' name='path' value='$urlized_path'>
+                        <input type='hidden' name='path' value='$quote_escaped_path'>
                     </div>
                 </form>
             </div>

filemin/unauthenticated/templates/legacy_dialogs.html

@@ -7,7 +7,7 @@
       <div class="form-group">
           <label>$text{'new_folder_name'}</label>
           <input id="name" name="name" type="text" title="$text{'provide_folder_name'}">
-          <input type='hidden' name='path' value='$urlized_path'>
+          <input type='hidden' name='path' value='$quote_escaped_path'>
       </div>
   </form>
 </div>
@@ -17,7 +17,7 @@
       <div class="form-group">
           <label>$text{'new_file_name'}</label>
           <input name="name" type="text">
-          <input type='hidden' name='path' value='$urlized_path'>
+          <input type='hidden' name='path' value='$quote_escaped_path'>
       </div>
   </form>
 </div>
@@ -28,7 +28,7 @@
           <label>$text{'new_name'}</label>
           <input name="name" type="text">
           <input type='hidden' name='file' value='' required>
-          <input type='hidden' name='path' value='$urlized_path'>
+          <input type='hidden' name='path' value='$quote_escaped_path'>
       </div>
   </form>
 </div>
@@ -97,7 +97,7 @@
       <input name="username" type="text"><br>
       <label>$text{'dialog_user_pass'}</label>
       <input name="password" type="password">
-      <input type='hidden' name='path' value='$urlized_path'>
+      <input type='hidden' name='path' value='$quote_escaped_path'>
     </div>
   </form>
 </div>
@@ -105,7 +105,7 @@
 <div id="readyForUploadDialog" class="modal">
     <form id='upload-form' method='post' action='upload.cgi?path=$urlized_path&id=$upid' enctype='multipart/form-data' onsubmit='window.open("$gconfig{'webprefix'}/uptracker.cgi?id=$upid&uid=$uid", "uptracker", "toolbar=no, menubar=no, scrollbars=no, location=no, resizable=no, width=screen.width, height=screen.height")'>
         <input type='file' id='upfiles' name='upfiles' multiple onchange='countUploads(this)'>
-        <input type='hidden' name='path' value='$urlized_path'>
+        <input type='hidden' name='path' value='$quote_escaped_path'>
     </form>
     <div id="readyForUploadList" class="well">
     </div>
@@ -179,7 +179,7 @@
           <label>$text{'search_label'}</label>
           <input id="query" name="query" type="text" title="$text{'provide_search_query'}"><br>
           <input id="caseins" name="caseins" type="checkbox" checked="checked"> $text{'search_insensitive'}
-          <input type='hidden' name='path' value='$urlized_path'>
+          <input type='hidden' name='path' value='$quote_escaped_path'>
       </div>
   </form>
 </div>

firewall/firewall-lib.pl

@@ -43,7 +43,7 @@ return 4;
 }
 
 
-# get_iptables_save([file])
+# get_iptables_save([file|"direct"])
 # Parse the iptables save file into a list of tables 
 # format seems to be:
 #  *table
@@ -53,11 +53,20 @@ return 4;
 #  COMMIT
 sub get_iptables_save
 {
+local ($file) = @_;
 local (@rv, $table, %got);
 local $lnum = 0;
 
-open(FILE, $_[0] || ($config{"direct${ipvx}"} ? "ip${ipvx}tables-save 2>/dev/null |"
-				       : $ipvx_save));
+local $direct = "ip${ipvx}tables-save 2>/dev/null |";
+if (!$file) {
+	# Use default file
+	$file = $config{"direct${ipvx}"} ? $direct : $ipvx_save;
+	}
+elsif ($file eq "direct") {
+	# Read active rules
+	$file = $direct;
+	}
+open(FILE, $file);
 local $cmt;
 LINE:
 while(<FILE>) {

format/module.info

@@ -1,4 +1,3 @@
-risk=high
 name=Partition Manager
 category=hardware
 os_support=solaris

gray-theme/theme.pl

@@ -17,8 +17,8 @@
 # Global state for wrapper
 # if 0, wrapper isn't on, add one and open it, if 1 close it, if 2+, subtract
 # but don't close
-$WRAPPER_OPEN = 0;
-$COLUMNS_WRAPPER_OPEN = 0;
+$main::WRAPPER_OPEN = 0;
+$main::COLUMNS_main::WRAPPER_OPEN = 0;
 
 # theme_ui_post_header([subtext])
 # Returns HTML to appear directly after a standard header() call
@@ -283,11 +283,11 @@ if (defined($main::ui_table_cols)) {
 my $rv;
 my $colspan = 1;
 
-if (!$WRAPPER_OPEN) {
+if (!$main::WRAPPER_OPEN) {
 	$rv .= "<table class='shrinkwrapper' $tabletags>\n";
 	$rv .= "<tr><td>\n";
 	}
-$WRAPPER_OPEN++;
+$main::WRAPPER_OPEN++;
 $rv .= "<table class='ui_table' $tabletags>\n";
 if (defined($heading) || defined($rightheading)) {
         $rv .= "<thead><tr>";
@@ -362,12 +362,12 @@ else {
   $main::ui_table_default_tds = undef;
   }
 $rv .= "</tbody></table></td></tr></table>\n";
-if ($WRAPPER_OPEN==1) {
+if ($main::WRAPPER_OPEN==1) {
 	#$rv .= "</div>\n";
 	$rv .= "</td></tr>\n";
 	$rv .= "</table>\n";
 	}
-$WRAPPER_OPEN--;
+$main::WRAPPER_OPEN--;
 return $rv;
 }
 
@@ -460,14 +460,14 @@ my ($heads, $width, $noborder, $tdtags, $title) = @_;
 my ($href) = grep { $_ =~ /<a\s+href/i } @$heads;
 my $rv;
 $theme_ui_columns_row_toggle = 0;
-if (!$noborder && !$COLUMNS_WRAPPER_OPEN) {
+if (!$noborder && !$main::COLUMNS_main::WRAPPER_OPEN) {
 	$rv .= "<table class='wrapper' width="
 	     . ($width ? $width : "100")
 	     . "%>\n";
 	$rv .= "<tr><td>\n";
 	}
 if (!$noborder) {
-	$COLUMNS_WRAPPER_OPEN++;
+	$main::COLUMNS_main::WRAPPER_OPEN++;
 	}
 my @classes;
 push(@classes, "ui_table") if (!$noborder);
@@ -514,10 +514,10 @@ sub theme_ui_columns_end
 {
 my $rv;
 $rv = "</tbody> </table>\n";
-if ($COLUMNS_WRAPPER_OPEN == 1) { # Last wrapper
+if ($main::COLUMNS_main::WRAPPER_OPEN == 1) { # Last wrapper
 	$rv .= "</td> </tr> </table>\n";
 	}
-$COLUMNS_WRAPPER_OPEN--;
+$main::COLUMNS_main::WRAPPER_OPEN--;
 return $rv;
 }
 
@@ -580,11 +580,11 @@ my $defimg = $status ? "open.gif" : "closed.gif";
 my $defclass = $status ? 'opener_shown' : 'opener_hidden';
 my $text = defined($tconfig{'cs_text'}) ? $tconfig{'cs_text'} :
         defined($gconfig{'cs_text'}) ? $gconfig{'cs_text'} : "000000";
-if (!$WRAPPER_OPEN) { # If we're not already inside of a wrapper, wrap it
+if (!$main::WRAPPER_OPEN) { # If we're not already inside of a wrapper, wrap it
 	$rv .= "<table class='shrinkwrapper' $tabletags>\n";
 	$rv .= "<tr><td>\n";
 	}
-$WRAPPER_OPEN++;
+$main::WRAPPER_OPEN++;
 my $colspan = 1;
 $rv .= "<table class='ui_table' $tabletags>\n";
 if (defined($heading) || defined($rightheading)) {
@@ -612,12 +612,12 @@ sub theme_ui_hidden_table_end
 {
 my ($name) = @_;
 local $rv = "</table></div></td></tr></tbody></table>\n";
-if ( $WRAPPER_OPEN == 1 ) {
-	$WRAPPER_OPEN--;
+if ( $main::WRAPPER_OPEN == 1 ) {
+	$main::WRAPPER_OPEN--;
 	#$rv .= "</div>\n";
 	$rv .= "</td></tr></table>\n";
 	}
-elsif ($WRAPPER_OPEN) { $WRAPPER_OPEN--; }
+elsif ($main::WRAPPER_OPEN) { $main::WRAPPER_OPEN--; }
 return $rv;
 }
 

help.cgi

@@ -50,9 +50,6 @@ $help =~ s/<if\s+([^>]*)>([\000-\177]*?)<else>([\000-\177]*?)<\/if>/ifhelp($1, $
 # find and replace <if> directives
 $help =~ s/<if\s+([^>]*)>([\000-\177]*?)<\/if>/ifhelp($1, $2)/ige;
 
-# find and replace <exec> directives
-$help =~ s/<exec\s+([^>]*)>/exechelp($1)/ige;
-
 # output the HTML
 print $help;
 &popup_footer();
@@ -84,14 +81,6 @@ elsif ($rv) { return $_[1]; }
 else { return $_[2]; }
 }
 
-# exechelp(perl)
-sub exechelp
-{
-local $rv = eval $_[0];
-if ($@) { return "<i>".&text('help_eexec', $_[0], $@)."</i><br>\n"; }
-else { return $rv; }
-}
-
 sub helperror
 {
 &header($text{'error'});

help/module.info

@@ -1,4 +1,3 @@
 name=Help
 category=webmin
 desc=Webmin Help
-risk=low medium high

hpuxexports/low.risk

@@ -1 +0,0 @@
-noconfig=1

hpuxexports/medium.risk

@@ -1 +0,0 @@
-noconfig=1

hpuxexports/module.info

@@ -1,4 +1,3 @@
-risk=low medium high
 name=Export Manager
 category=net
 os_support=hpux

inetd/module.info

@@ -1,4 +1,3 @@
-risk=low medium high
 category=net
 os_support=solaris *-linux hpux freebsd unixware openserver osf1 macos openbsd netbsd irix
 desc=Network Services and Protocols

init/init-lib.pl

@@ -1344,6 +1344,33 @@ else {
 	}
 }
 
+=head2 reload_action(action)
+
+Does a config reload for some action.
+
+=cut
+sub reload_action
+{
+local ($name) = @_;
+local $action_mode = &get_action_mode($name);
+if ($action_mode eq "upstart") {
+	return &reload_upstart_service($name);
+	}
+elsif ($action_mode eq "systemd") {
+	return &reload_systemd_service($name);
+	}
+elsif ($action_mode eq "init") {
+	local $file = &action_filename($name);
+	local $hasarg = &get_action_args($file);
+	if ($hasarg->{'reload'}) {
+		local $cmd = $file." reload";
+		local $out = &backquote_logged("$cmd 2>&1 </dev/null");
+		return $? ? (0, $out) : (1, undef);
+		}
+	}
+return (0, "Not implemented");
+}
+
 =head2 status_action(name)
 
 Returns 1 if some action is running right now, 0 if not, or -1 if unknown
@@ -1969,6 +1996,19 @@ my $out = &backquote_logged(
 return (!$?, $out);
 }
 
+=head2 reload_upstart_service(name)
+
+Reload the upstart service with some name, and return an OK flag and output
+
+=cut
+sub reload_upstart_service
+{
+my ($name) = @_;
+my $out = &backquote_logged(
+	"service ".quotemeta($name)." reload 2>&1 </dev/null");
+return (!$?, $out);
+}
+
 =head2 create_upstart_service(name, description, command, [pre-script], [fork])
 
 Create a new upstart service with the given details.
@@ -2192,6 +2232,19 @@ my $out = &backquote_logged(
 return (!$?, $out);
 }
 
+=head2 reload_systemd_service(name)
+
+Reload the systemd service with some name, and return an OK flag and output
+
+=cut
+sub reload_systemd_service
+{
+my ($name) = @_;
+my $out = &backquote_logged(
+	"systemctl reload ".quotemeta($name)." 2>&1 </dev/null");
+return (!$?, $out);
+}
+
 =head2 create_systemd_service(name, description, start-script, stop-script,
 			      restart-script, [forks], [pidfile])