245 lines
5.0 KiB
Bash
245 lines
5.0 KiB
Bash
#!/bin/sh
|
|
|
|
#++
|
|
# NAME
|
|
# postfix-script 1
|
|
# SUMMARY
|
|
# execute Postfix administrative commands
|
|
# SYNOPSIS
|
|
# \fBpostfix-script\fR \fIcommand\fR
|
|
# DESCRIPTION
|
|
# The \fBfBpostfix-script\fR script executes Postfix administrative
|
|
# commands in an environtment that is set up by the \fBpostfix\fR(1)
|
|
# command.
|
|
# SEE ALSO
|
|
# master(8) Postfix master program
|
|
# postfix(1) Postfix administrative interface
|
|
# LICENSE
|
|
# .ad
|
|
# .fi
|
|
# The Secure Mailer license must be distributed with this software.
|
|
# AUTHOR(S)
|
|
# Wietse Venema
|
|
# IBM T.J. Watson Research
|
|
# P.O. Box 704
|
|
# Yorktown Heights, NY 10598, USA
|
|
#--
|
|
|
|
# Avoid POSIX death due to SIGHUP when some parent process exits.
|
|
|
|
trap '' 1
|
|
|
|
case $daemon_directory in
|
|
"") echo This script must be run by the postfix command. 1>&2
|
|
echo Do not run directly. 1>&2
|
|
exit 1
|
|
esac
|
|
|
|
LOGGER="$command_directory/postlog -t postfix-script"
|
|
INFO="$LOGGER -p info"
|
|
WARN="$LOGGER -p warn"
|
|
ERROR="$LOGGER -p error"
|
|
FATAL="$LOGGER -p fatal"
|
|
PANIC="$LOGGER -p panic"
|
|
|
|
umask 022
|
|
|
|
#
|
|
# LINUX by default does not synchronously update directories -
|
|
# that's dangerous for mail.
|
|
#
|
|
if [ -f /usr/bin/chattr ]
|
|
then
|
|
CHATTR="/usr/bin/chattr +S"
|
|
else
|
|
CHATTR=:
|
|
fi
|
|
|
|
#
|
|
# Can't do much without these in place.
|
|
#
|
|
cd $command_directory || {
|
|
$FATAL no Postfix command directory $command_directory!
|
|
exit 1
|
|
}
|
|
cd $daemon_directory || {
|
|
$FATAL no Postfix daemon directory $daemon_directory!
|
|
exit 1
|
|
}
|
|
test -f master || {
|
|
$FATAL no Postfix master program $daemon_directory/master!
|
|
exit 1
|
|
}
|
|
cd $config_directory || {
|
|
$FATAL no Postfix configuration directory $config_directory!
|
|
exit 1
|
|
}
|
|
cd $queue_directory || {
|
|
$FATAL no Postfix queue directory $queue_directory!
|
|
exit 1
|
|
}
|
|
|
|
#
|
|
# Parse JCL
|
|
#
|
|
case $1 in
|
|
|
|
start_msg)
|
|
|
|
echo "Start postfix"
|
|
;;
|
|
|
|
stop_msg)
|
|
|
|
echo "Stop postfix"
|
|
;;
|
|
|
|
start)
|
|
|
|
$daemon_directory/master -t 2>/dev/null || {
|
|
$FATAL the Postfix mail system is already running
|
|
exit 1
|
|
}
|
|
$config_directory/postfix-script check || {
|
|
$FATAL Postfix integrity check failed!
|
|
exit 1
|
|
}
|
|
$INFO starting the Postfix mail system
|
|
$daemon_directory/master &
|
|
;;
|
|
|
|
drain)
|
|
|
|
$daemon_directory/master -t 2>/dev/null && {
|
|
$FATAL the Postfix mail system is not running
|
|
exit 1
|
|
}
|
|
$INFO stopping the Postfix mail system
|
|
kill -9 `sed 1q pid/master.pid`
|
|
;;
|
|
|
|
stop)
|
|
|
|
$daemon_directory/master -t 2>/dev/null && {
|
|
$FATAL the Postfix mail system is not running
|
|
exit 1
|
|
}
|
|
$INFO stopping the Postfix mail system
|
|
kill `sed 1q pid/master.pid`
|
|
;;
|
|
|
|
abort)
|
|
|
|
$daemon_directory/master -t 2>/dev/null && {
|
|
$FATAL the Postfix mail system is not running
|
|
exit 1
|
|
}
|
|
$INFO aborting the Postfix mail system
|
|
kill `sed 1q pid/master.pid`
|
|
;;
|
|
|
|
reload)
|
|
|
|
$daemon_directory/master -t 2>/dev/null && {
|
|
$FATAL the Postfix mail system is not running
|
|
exit 1
|
|
}
|
|
$INFO refreshing the Postfix mail system
|
|
kill -HUP `sed 1q pid/master.pid`
|
|
;;
|
|
|
|
flush)
|
|
|
|
cd $queue_directory || {
|
|
$FATAL no Postfix queue directory $queue_directory!
|
|
exit 1
|
|
}
|
|
$command_directory/postkick public qmgr IDFA
|
|
;;
|
|
|
|
check)
|
|
|
|
for dir in $daemon_directory $config_directory $queue_directory
|
|
do
|
|
ls -lLd $dir | (grep " root " >/dev/null ||
|
|
$WARN not owned by root: $dir)
|
|
done
|
|
|
|
find $daemon_directory/* $config_directory/* ! -user root \
|
|
-exec $WARN not owned by root: {} \;
|
|
|
|
find $daemon_directory/. $config_directory/. \
|
|
\( -perm -020 -o -perm -002 \) \
|
|
-exec $WARN group or other writable: {} \;
|
|
|
|
find $queue_directory/* $config_directory/* -name '*core' \
|
|
-exec $WARN core file: {} \; 2>/dev/null
|
|
|
|
test -d maildrop || {
|
|
$WARN creating missing Postfix maildrop directory
|
|
mkdir maildrop || exit 1
|
|
chmod 1730 maildrop
|
|
chown $mail_owner maildrop
|
|
chgrp maildrop maildrop
|
|
}
|
|
test -d pid || {
|
|
$WARN creating missing Postfix pid directory
|
|
mkdir pid || exit 1
|
|
chmod 755 pid
|
|
chown $mail_owner pid
|
|
}
|
|
for dir in incoming active bounce defer deferred saved corrupt; do
|
|
test -d $dir || {
|
|
$WARN creating missing Postfix $dir directory
|
|
mkdir $dir || exit 1
|
|
chmod 700 $dir; $CHATTR $dir
|
|
chown $mail_owner $dir
|
|
}
|
|
done
|
|
test -d public || {
|
|
$WARN creating missing Postfix public directory
|
|
mkdir public || exit 1
|
|
chmod 755 public
|
|
chown $mail_owner public
|
|
}
|
|
test -d private || {
|
|
$WARN creating missing Postfix private directory
|
|
mkdir private || exit 1
|
|
chmod 700 private
|
|
chown $mail_owner private
|
|
}
|
|
find `ls -d $queue_directory/* | \
|
|
egrep '/(incoming|active|defer|deferred|bounce|saved|corrupt|public|private)$'` \
|
|
! \( -type p -o -type s \) ! -user $mail_owner \
|
|
-exec $WARN not owned by $mail_owner: {} \;
|
|
|
|
for dir in $queue_directory/maildrop
|
|
do
|
|
ls -lLd $dir | (grep " $mail_owner " >/dev/null ||
|
|
$WARN not owned by $mail_owner: $dir)
|
|
done
|
|
|
|
for dir in bin etc lib sbin usr
|
|
do
|
|
test -d $dir && find $dir -type f -print | while read path
|
|
do
|
|
cmp -s $path /$path ||
|
|
$WARN $queue_directory/$path and /$path differ
|
|
done
|
|
done
|
|
|
|
$command_directory/postsuper || exit 1
|
|
|
|
find corrupt -type f -exec $WARN damaged message: {} \;
|
|
|
|
# XXX also: look for weird stuff, weird permissions, etc.
|
|
;;
|
|
|
|
*)
|
|
|
|
$FATAL "usage: postfix start (or stop, reload, abort, flush, or check)"
|
|
exit 1
|
|
;;
|
|
|
|
esac
|