X-Git-Url: https://dehnerts.com/gitweb/?a=blobdiff_plain;f=postfix-script;fp=postfix-script;h=86b59c6b8628a36327ac52385b4e2255628a8d67;hb=3fdd52784aa682e75ec7407c38c4aed30136355a;hp=0000000000000000000000000000000000000000;hpb=07b56eda96ec82571fd9eae038731218e1f8b46c;p=sysconfig%2Fpostfix.git

diff --git a/postfix-script b/postfix-script
new file mode 100755
index 0000000..86b59c6
--- /dev/null
+++ b/postfix-script
@@ -0,0 +1,380 @@
+#!/bin/sh
+
+#++
+# NAME
+#	postfix-script 1
+# SUMMARY
+#	execute Postfix administrative commands
+# SYNOPSIS
+#	\fBpostfix-script\fR \fIcommand\fR
+# DESCRIPTION
+#	The \fBpostfix-script\fR script executes Postfix administrative
+#	commands in an environment that is set up by the \fBpostfix\fR(1)
+#	command.
+# SEE ALSO
+#	master(8) Postfix master program
+#	postfix(1) Postfix administrative interface
+# LICENSE
+# .ad
+# .fi
+#	The Secure Mailer license must be distributed with this software.
+# AUTHOR(S)
+#	Wietse Venema
+#	IBM T.J. Watson Research
+#	P.O. Box 704
+#	Yorktown Heights, NY 10598, USA
+#--
+
+# Avoid POSIX death due to SIGHUP when some parent process exits.
+
+trap '' 1
+
+case $daemon_directory in
+"") echo This script must be run by the postfix command. 1>&2
+    echo Do not run directly. 1>&2
+    exit 1
+esac
+
+LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script"
+INFO="$LOGGER -p info"
+WARN="$LOGGER -p warn"
+ERROR="$LOGGER -p error"
+FATAL="$LOGGER -p fatal"
+PANIC="$LOGGER -p panic"
+
+if [ "X${1#quiet-}" != "X${1}" ]; then
+    INFO=:
+    x=${1#quiet-}
+    shift
+    set -- $x "$@"
+fi
+
+umask 022
+SHELL=/bin/sh
+
+#
+# Can't do much without these in place.
+#
+cd $command_directory || {
+	$FATAL no Postfix command directory $command_directory!
+	exit 1
+}
+cd $daemon_directory || {
+	$FATAL no Postfix daemon directory $daemon_directory!
+	exit 1
+}
+test -f master || {
+	$FATAL no Postfix master program $daemon_directory/master!
+	exit 1
+}
+cd $config_directory || {
+	$FATAL no Postfix configuration directory $config_directory!
+	exit 1
+}
+cd $queue_directory || {
+	$FATAL no Postfix queue directory $queue_directory!
+	exit 1
+}
+def_config_directory=`$command_directory/postconf -dh config_directory` || {
+	$FATAL cannot execute $command_directory/postconf!
+	exit 1
+}
+
+# If this is a secondary instance, don't touch shared files.
+
+instances=`test ! -f $def_config_directory/main.cf ||
+    $command_directory/postconf -c $def_config_directory \
+    -h multi_instance_directories | sed 's/,/ /'` || {
+	$FATAL cannot execute $command_directory/postconf!
+	exit 1
+}
+
+check_shared_files=1
+for name in $instances
+do
+    case "$name" in
+    "$def_config_directory") ;;
+    "$config_directory") check_shared_files=; break;;
+    esac
+done
+
+#
+# Parse JCL
+#
+case $1 in
+
+start_msg)
+
+	echo "Start postfix"
+	;;
+
+stop_msg)
+
+	echo "Stop postfix"
+	;;
+
+quick-start)
+
+	$daemon_directory/master -t 2>/dev/null || {
+		$FATAL the Postfix mail system is already running
+		exit 1
+	}
+	$daemon_directory/postfix-script quick-check || {
+		$FATAL Postfix integrity check failed!
+		exit 1
+	}
+	$INFO starting the Postfix mail system
+	$daemon_directory/master &
+	;;
+
+start)
+
+	$daemon_directory/master -t 2>/dev/null || {
+		$FATAL the Postfix mail system is already running
+		exit 1
+	}
+	if [ -f $queue_directory/quick-start ]
+	then
+		rm -f $queue_directory/quick-start
+	else
+		$daemon_directory/postfix-script check-fatal || {
+			$FATAL Postfix integrity check failed!
+			exit 1
+		}
+		# Foreground this so it can be stopped. All inodes are cached.
+		$daemon_directory/postfix-script check-warn
+	fi
+	$INFO starting the Postfix mail system
+	# NOTE: wait in foreground process to get the initialization status.
+	$daemon_directory/master -w || {
+	    $FATAL "mail system startup failed"
+	    exit 1
+	}
+	;;
+
+drain)
+
+	$daemon_directory/master -t 2>/dev/null && {
+		$FATAL the Postfix mail system is not running
+		exit 1
+	}
+	$INFO stopping the Postfix mail system
+	kill -9 `sed 1q pid/master.pid`
+	;;
+
+quick-stop)
+
+	$daemon_directory/postfix-script stop
+	touch $queue_directory/quick-start
+	;;
+
+stop)
+
+	$daemon_directory/master -t 2>/dev/null && {
+		$FATAL the Postfix mail system is not running
+		exit 0
+	}
+	$INFO stopping the Postfix mail system
+	kill `sed 1q pid/master.pid`
+	for i in 5 4 3 2 1
+	do
+	    $daemon_directory/master -t && exit 0
+	    $INFO waiting for the Postfix mail system to terminate
+	    sleep 1
+	done
+	$WARN stopping the Postfix mail system with force
+	pid=`awk '{ print $1; exit 0 } END { exit 1 }' pid/master.pid` && 
+		kill -9 -$pid
+	;;
+
+abort)
+
+	$daemon_directory/master -t 2>/dev/null && {
+		$FATAL the Postfix mail system is not running
+		exit 0
+	}
+	$INFO aborting the Postfix mail system
+	kill `sed 1q pid/master.pid`
+	;;
+
+reload)
+
+	$daemon_directory/master -t 2>/dev/null && {
+		$FATAL the Postfix mail system is not running
+		exit 1
+	}
+	$INFO refreshing the Postfix mail system
+	$command_directory/postsuper active || exit 1
+	kill -HUP `sed 1q pid/master.pid`
+	$command_directory/postsuper &
+	;;
+
+flush)
+
+	cd $queue_directory || {
+		$FATAL no Postfix queue directory $queue_directory!
+		exit 1
+	}
+	$command_directory/postqueue -f
+	;;
+
+check)
+
+	$daemon_directory/postfix-script check-fatal || exit 1
+	$daemon_directory/postfix-script check-warn
+	exit 0
+	;;
+
+status)
+
+	$daemon_directory/master -t 2>/dev/null && {
+		$INFO the Postfix mail system is not running
+		exit 1
+	}
+	$INFO the Postfix mail system is running: PID: `sed 1q pid/master.pid`
+	exit 0
+	;;
+
+quick-check)
+	# This command is NOT part of the public interface.
+
+	$SHELL $daemon_directory/post-install create-missing || {
+		$WARN unable to create missing queue directories
+		exit 1
+	}
+
+	# Look for incomplete installations.
+
+	test -f $config_directory/master.cf || {
+		$FATAL no $config_directory/master.cf file found
+		exit 1
+	}
+	exit 0
+	;;
+
+check-fatal)
+	# This command is NOT part of the public interface.
+
+	$daemon_directory/postfix-script quick-check
+
+	# See if all queue files are in the right place. This is slow.
+	# We must scan all queues for mis-named queue files before the
+	# mail system can run.
+
+	$command_directory/postsuper || exit 1
+	exit 0
+	;;
+
+check-warn)
+	# This command is NOT part of the public interface.
+
+	todo="$config_directory $queue_directory $queue_directory/pid"
+	test -n "$check_shared_files" && todo="$daemon_directory $todo"
+
+	for dir in $todo
+	do
+		ls -lLd $dir | (grep " root " >/dev/null ||
+		    $WARN not owned by root: $dir)
+	done
+
+	# Some people break Postfix's security model.
+	ls -lLd $queue_directory | egrep '^.....(w|...w)' >/dev/null && \
+		$WARN group or other writable: $queue_directory
+
+	todo="$config_directory/*"
+	test -n "$check_shared_files" && todo="$daemon_directory/* $todo"
+
+	find $todo ! -user root \
+		-exec $WARN not owned by root: {} \;
+
+	todo="$config_directory/."
+	test -n "$check_shared_files" && todo="$daemon_directory/. $todo"
+
+	find $todo \
+		\( -perm -020 -o -perm -002 \) -type f \
+		-exec $WARN group or other writable: {} \;
+
+	find $data_directory/. ! -user $mail_owner \
+	    -exec $WARN not owned by $mail_owner: {} \;
+
+	ls -lLd $data_directory | egrep '^.....(w|...w)' >/dev/null && \
+		$WARN group or other writable: $data_directory
+
+	find `ls -d $queue_directory/* | \
+	    egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
+	    ! \( -type p -o -type s \) ! -user $mail_owner \
+		-exec $WARN not owned by $mail_owner: {} \;
+
+	todo="$queue_directory/public $queue_directory/maildrop"
+	test -n "$check_shared_files" && 
+	   todo="$command_directory/postqueue $command_directory/postdrop $todo"
+
+	find $todo \
+	    -prune ! -group $setgid_group \
+	    -exec $WARN not owned by group $setgid_group: {} \;
+
+	test -n "$check_shared_files" &&
+	find $command_directory/postqueue $command_directory/postdrop \
+	    -prune ! -perm -02111 \
+	    -exec $WARN not set-gid or not owner+group+world executable: {} \;
+
+	for name in `ls -d $queue_directory/* | \
+	    egrep '/(bin|etc|lib|usr)$'` ; \
+	do \
+	    find $name ! -user root \
+		-exec $WARN not owned by root: {} \; ; \
+	done
+
+	# WARNING: this should not descend into the maildrop directory.
+	# maildrop is the least trusted Postfix directory.
+
+	find $queue_directory/maildrop/. -prune ! -user $mail_owner \
+	    -exec $WARN not owned by $mail_owner: $queue_directory/maildrop \;
+
+	for dir in bin etc lib sbin usr
+	do
+		test -d $dir && find $dir -type f -print | while read path
+		do
+			test -f /$path && {
+			    cmp -s $path /$path || 
+				$WARN $queue_directory/$path and /$path differ
+			}
+		done
+	done
+
+	find corrupt -type f -exec $WARN damaged message: {} \;
+
+	# XXX also: look for weird stuff, weird permissions, etc.
+
+	test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \
+		-f /usr/lib/sendmail && {
+	    cmp -s /usr/sbin/sendmail /usr/lib/sendmail || {
+		$WARN /usr/lib/sendmail and /usr/sbin/sendmail differ
+		$WARN Replace one by a symbolic link to the other
+	    }
+	}
+	exit 0
+	;;
+
+set-permissions|upgrade-configuration)
+	$daemon_directory/post-install create-missing "$@"
+	;;
+
+post-install)
+	# Currently not part of the public interface.
+	shift
+	$daemon_directory/post-install "$@"
+	;;
+
+/*)
+	# Currently not part of the public interface.
+	"$@"
+	;;
+
+*)
+	$ERROR "unknown command: '$1'"
+	$FATAL "usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration)"
+	exit 1
+	;;
+
+esac