# WWW Deployment Manifest This document lists the files under `www/` in the current deployment set that should be copied to the remote staging path: `/home/marco/regalamiunsorriso/incoming/www` ## Deployment Set All files in this rollout are deployed from the current working tree. ## New Files - None in this rollout. ## Updated Files - `www/mailMessage/noMorePic.html` - `www/mailMessage/noMorePic.txt` - `www/mailMessage/noMorePicCc.html` - `www/mailMessage/noMorePicScad.html` - `www/mailMessage/noMorePicScad.txt` - `www/mailMessage/perScadereMsg.html` - `www/mailMessage/userMsg_itCC - Copy.html` - `www/mailMessage/userMsg_itCC.html` ## Remote Copy Target - Source root: `K:\various\regalamiunsorriso` - Remote host: `marco@83.149.164.4:410` - Remote staging path: `/home/marco/regalamiunsorriso/incoming/www` - Remote live path: `/home/sites/regalamiunsorriso/www` - Total files in this manifest: `8` ## Transfer Method - Stage by streaming a tar archive over SSH and extracting it into `/home/marco/regalamiunsorriso/incoming` so the `www/...` directory structure is preserved. - Promote with `/home/marco/promote-file.sh` through `sudo tcsh` so the live destination keeps its required owner, group, and mode. ## Verification Expectations - Verify staged files with `ls -l` and `cksum`. - Verify live files with `ls -l`, `stat -f`, and `cksum`. - Existing destination files should retain their original metadata after promotion. ## Known Shell Quirks - The remote login shell behaves as `tcsh`, so POSIX shell loops fail unless run through `sh -c`. - The server `sh` does not support `-l`, so use `sh -c`, not `sh -lc`. - Direct SSH plus tar works reliably on this host; MCP SSH was previously unreliable and is avoided. - PowerShell quoting can break remote helper commands for paths with spaces; using `ssh ... --%` passes verification commands through cleanly. - Direct remote use of `2>/dev/null`, pipelines, and escaped parentheses can still fail under `tcsh` with `Ambiguous output redirect`; for read-only investigation, prefer small single-purpose SSH commands or wrap the full payload in remote `sh -c`. - If PowerShell shows the continuation prompt `? >`, the quoting failed locally before the command reached the server. Cancel it and rerun a simpler command. ## Mail Template Reconnaissance Read-only investigation on `83.149.164.4` on 2026-04-16 found that mail content is not determined only by the files in `www/mailMessage`. ### Mail Template Directories Found On Server - Live rollout target: `/home/sites/regalamiunsorriso/www/mailMessage` - Staging copy: `/home/marco/regalamiunsorriso/incoming/www/mailMessage` - Older duplicate tree: `/home/sites/regalamiunsorriso/wwwLang/mailMessage` - Archived duplicate tree: `/home/sites/regalamiunsorriso/wwwOld/www/mailMessage` Representative checksum comparisons confirmed that `www/mailMessage` and `wwwLang/mailMessage` currently differ: - `noMorePic.html`: live `2188047161 3645`, `wwwLang` `2803737061 3775` - `userMsg_itCC.html`: live `324589227 5628`, `wwwLang` `429470199 4921` ### Runtime Resolution Path - The Java application lives under `/home/sites/regalamiunsorriso/rus/WEB-INF`. - Local source code shows `DBAdapter.getDocBase()` returns `getParm("DOCBASE").getTesto()`. - Local source code shows `Parm.findByCodice()` executes `select A.* from PARM AS A where A.codice='...'`. - Local source code also shows the mail templates are located through `Parm` values such as `MAIL_REG`, `MAIL_NO_MORE`, `MAIL_NO_MORE_SCAD`, and `MAIL_MSG_PATH_MAILER`. - Local `pg_src/com/ablia/pg/Users.java` seeds default values for `MAIL_MSG_RINNOVO` as `mailMessage/rinnovoMsg.html` and `MAIL_MSG_COUPON_OMAGGIO` as `mailMessage/couponOmaggioMsg.html`. - On the live server, `/home/sites/regalamiunsorriso/rus/WEB-INF/classes/dbcomuni.properties`, `rus.properties`, and `truckservice.properties` all contain `USE_PARM_HT=true`, which indicates the application expects runtime values from the `Parm` store. Implication: Changing a file in `www/mailMessage` is not enough to guarantee a changed outbound message. The live `Parm` data determines at least: - the effective `DOCBASE` - which mail template filename is used for each message type - the generic mailer template root via `MAIL_MSG_PATH_MAILER` If reports say old messages are still being sent, the next thing to verify is the live `Parm` row values for `DOCBASE`, `MAIL_REG`, `MAIL_NO_MORE`, `MAIL_NO_MORE_SCAD`, `MAIL_MSG_PATH_MAILER`, and any related per-feature mail parameters. ### Useful Live App Configuration - Main webapp DB connection from `rus/WEB-INF/web.xml`: - `dbDriver=3` - `database=//localhost/pg` - `user=root` - `password=root` - Secondary app properties from `rus/WEB-INF/classes/truckservice.properties`: - `dbDriver=3` - `dbName=//localhost/truckservice` - `user=root` - `password=root` - Local source code in `DriversJdbc.java` maps `dbDriver=3` to MySQL Connector/J (`jdbc:mysql`). - Tomcat is running under `jsvc` and is listening on `*:8080` with AJP on `127.0.0.1:8009`. ### Read-Only DB Access Attempts - The host has PHP CLI at `/usr/local/bin/php` with `mysqli`, `mysqlnd`, `PDO`, and `pdo_mysql` enabled. - No `mysql` or `mariadb` client binary was found in the shell path. - A read-only PHP probe over SSH is viable by piping a local script into remote PHP: - This worked for plain PHP execution and is the safest known way to attempt SQL reads without creating files on the server. - Live connection attempts behaved as follows: - `mysqli('localhost', 'root', 'root', 'pg')` failed with `No such file or directory`. - `mysqli('127.0.0.1', 'root', 'root', 'pg')` failed with `Connection refused`. - `sockstat -4 -l` showed no listener on MySQL port `3306`. - `sockstat -u -l` and targeted socket checks did not reveal a visible MySQL Unix socket under `/var/run`, `/tmp`, `/usr/local/var`, or `/var/db/mysql`. - Current conclusion: the application configuration indicates MySQL, but direct SQL access from the current shell is not yet available. The webapp may rely on a non-obvious socket path, a jailed/internal service path, or a runtime environment not exposed to the `marco` shell. ### Recon Scope Notes - The `RUS` entry under `/home/sites/regalamiunsorriso` is a symlink to `/mnt/da1/foto`. - That tree appears to be photo/archive storage and produced permission noise during reconnaissance. - It was not needed to identify the email-template resolution path and should be ignored for future mail-template investigations unless the task explicitly involves media storage.