New configs for Xenial (16.04)

[sysconfig/postfix.git] / postfix-script

#!/bin/sh

#++
# NAME
#       postfix-script 1
# SUMMARY
#       execute Postfix administrative commands
# SYNOPSIS
#       \fBpostfix-script\fR \fIcommand\fR
# DESCRIPTION
#       The \fBpostfix-script\fR script executes Postfix administrative
#       commands in an environment that is set up by the \fBpostfix\fR(1)
#       command.
# SEE ALSO
#       master(8) Postfix master program
#       postfix(1) Postfix administrative interface
# LICENSE
# .ad
# .fi
#       The Secure Mailer license must be distributed with this software.
# AUTHOR(S)
#       Wietse Venema
#       IBM T.J. Watson Research
#       P.O. Box 704
#       Yorktown Heights, NY 10598, USA
#--

# Avoid POSIX death due to SIGHUP when some parent process exits.

trap '' 1

case $daemon_directory in
"") echo This script must be run by the postfix command. 1>&2
    echo Do not run directly. 1>&2
    exit 1
esac

LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script"
INFO="$LOGGER -p info"
WARN="$LOGGER -p warn"
ERROR="$LOGGER -p error"
FATAL="$LOGGER -p fatal"
PANIC="$LOGGER -p panic"

if [ "X${1#quiet-}" != "X${1}" ]; then
    INFO=:
    x=${1#quiet-}
    shift
    set -- $x "$@"
fi

umask 022
SHELL=/bin/sh

#
# Can't do much without these in place.
#
cd $command_directory || {
        $FATAL no Postfix command directory $command_directory!
        exit 1
}
cd $daemon_directory || {
        $FATAL no Postfix daemon directory $daemon_directory!
        exit 1
}
test -f master || {
        $FATAL no Postfix master program $daemon_directory/master!
        exit 1
}
cd $config_directory || {
        $FATAL no Postfix configuration directory $config_directory!
        exit 1
}
case $shlib_directory in
no) ;;
 *) cd $shlib_directory || {
        $FATAL no Postfix shared-library directory $shlib_directory!
        exit 1
    }
esac
cd $meta_directory || {
        $FATAL no Postfix meta directory $meta_directory!
        exit 1
}
cd $queue_directory || {
        $FATAL no Postfix queue directory $queue_directory!
        exit 1
}
def_config_directory=`$command_directory/postconf -dh config_directory` || {
        $FATAL cannot execute $command_directory/postconf!
        exit 1
}

# If this is a secondary instance, don't touch shared files.

instances=`test ! -f $def_config_directory/main.cf ||
    $command_directory/postconf -c $def_config_directory \
    -h multi_instance_directories | sed 's/,/ /'` || {
        $FATAL cannot execute $command_directory/postconf!
        exit 1
}

check_shared_files=1
for name in $instances
do
    case "$name" in
    "$def_config_directory") ;;
    "$config_directory") check_shared_files=; break;;
    esac
done

#
# Parse JCL
#
case $1 in

start_msg)

        echo "Start postfix"
        ;;

stop_msg)

        echo "Stop postfix"
        ;;

quick-start)

        $daemon_directory/master -t 2>/dev/null || {
                $FATAL the Postfix mail system is already running
                exit 1
        }
        $daemon_directory/postfix-script quick-check || {
                $FATAL Postfix integrity check failed!
                exit 1
        }
        $INFO starting the Postfix mail system
        $daemon_directory/master &
        ;;

start)

        $daemon_directory/master -t 2>/dev/null || {
                $FATAL the Postfix mail system is already running
                exit 1
        }
        if [ -f $queue_directory/quick-start ]
        then
                rm -f $queue_directory/quick-start
        else
                $daemon_directory/postfix-script check-fatal || {
                        $FATAL Postfix integrity check failed!
                        exit 1
                }
                # Foreground this so it can be stopped. All inodes are cached.
                $daemon_directory/postfix-script check-warn
        fi
        $INFO starting the Postfix mail system
        # NOTE: wait in foreground process to get the initialization status.
        $daemon_directory/master -w || {
            $FATAL "mail system startup failed"
            exit 1
        }
        ;;

drain)

        $daemon_directory/master -t 2>/dev/null && {
                $FATAL the Postfix mail system is not running
                exit 1
        }
        $INFO stopping the Postfix mail system
        kill -9 `sed 1q pid/master.pid`
        ;;

quick-stop)

        $daemon_directory/postfix-script stop
        touch $queue_directory/quick-start
        ;;

stop)

        $daemon_directory/master -t 2>/dev/null && {
                $FATAL the Postfix mail system is not running
                exit 0
        }
        $INFO stopping the Postfix mail system
        kill `sed 1q pid/master.pid`
        for i in 5 4 3 2 1
        do
            $daemon_directory/master -t && exit 0
            $INFO waiting for the Postfix mail system to terminate
            sleep 1
        done
        $WARN stopping the Postfix mail system with force
        pid=`awk '{ print $1; exit 0 } END { exit 1 }' pid/master.pid` && 
                kill -9 -$pid
        ;;

abort)

        $daemon_directory/master -t 2>/dev/null && {
                $FATAL the Postfix mail system is not running
                exit 0
        }
        $INFO aborting the Postfix mail system
        kill `sed 1q pid/master.pid`
        ;;

reload)

        $daemon_directory/master -t 2>/dev/null && {
                $FATAL the Postfix mail system is not running
                exit 1
        }
        $INFO refreshing the Postfix mail system
        $command_directory/postsuper active || exit 1
        kill -HUP `sed 1q pid/master.pid`
        $command_directory/postsuper &
        ;;

flush)

        cd $queue_directory || {
                $FATAL no Postfix queue directory $queue_directory!
                exit 1
        }
        $command_directory/postqueue -f
        ;;

check)

        $daemon_directory/postfix-script check-fatal || exit 1
        $daemon_directory/postfix-script check-warn
        exit 0
        ;;

status)

        $daemon_directory/master -t 2>/dev/null && {
                $INFO the Postfix mail system is not running
                exit 1
        }
        $INFO the Postfix mail system is running: PID: `sed 1q pid/master.pid`
        exit 0
        ;;

quick-check)
        # This command is NOT part of the public interface.

        $SHELL $daemon_directory/post-install create-missing || {
                $WARN unable to create missing queue directories
                exit 1
        }

        # Look for incomplete installations.

        test -f $config_directory/master.cf || {
                $FATAL no $config_directory/master.cf file found
                exit 1
        }
        exit 0
        ;;

check-fatal)
        # This command is NOT part of the public interface.

        $daemon_directory/postfix-script quick-check

        # See if all queue files are in the right place. This is slow.
        # We must scan all queues for mis-named queue files before the
        # mail system can run.

        $command_directory/postsuper || exit 1
        exit 0
        ;;

check-warn)
        # This command is NOT part of the public interface.

        # Check Postfix root-owned directory owner/permissions.

        find $queue_directory/. $queue_directory/pid \
            -prune ! -user root \
            -exec $WARN not owned by root: {} \;

        find $queue_directory/. $queue_directory/pid \
            -prune \( -perm -020 -o -perm -002 \) \
            -exec $WARN group or other writable: {} \;

        # Check Postfix root-owned directory tree owner/permissions.

        todo="$config_directory/."
        test -n "$check_shared_files" && {
                todo="$daemon_directory/. $meta_directory/. $todo"
                test "$shlib_directory" = "no" || 
                    todo="$shlib_directory/. $todo"
        }
        todo=`echo "$todo" | tr ' ' '\12' | sort -u`

        find $todo ! -user root \
            -exec $WARN not owned by root: {} \;

        find $todo \( -perm -020 -o -perm -002 \) \
            -exec $WARN group or other writable: {} \;

        # Check Postfix mail_owner-owned directory tree owner/permissions.

        find $data_directory/. ! -user $mail_owner \
            -exec $WARN not owned by $mail_owner: {} \;

        find $data_directory/. \( -perm -020 -o -perm -002 \) \
            -exec $WARN group or other writable: {} \;

        # Check Postfix mail_owner-owned directory tree owner.

        find `ls -d $queue_directory/* | \
            egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
            ! \( -type p -o -type s \) ! -user $mail_owner \
                -exec $WARN not owned by $mail_owner: {} \;

        # WARNING: this should not descend into the maildrop directory.
        # maildrop is the least trusted Postfix directory.

        find $queue_directory/maildrop -prune ! -user $mail_owner \
            -exec $WARN not owned by $mail_owner: $queue_directory/maildrop \;

        # Check Postfix setgid_group-owned directory and file group/permissions.

        todo="$queue_directory/public $queue_directory/maildrop"
        test -n "$check_shared_files" && 
           todo="$command_directory/postqueue $command_directory/postdrop $todo"

        find $todo \
            -prune ! -group $setgid_group \
            -exec $WARN not owned by group $setgid_group: {} \;

        test -n "$check_shared_files" &&
        find $command_directory/postqueue $command_directory/postdrop \
            -prune ! -perm -02111 \
            -exec $WARN not set-gid or not owner+group+world executable: {} \;

        # Check non-Postfix root-owned directory tree owner/content.

        for dir in bin etc lib sbin usr
        do
            test -d $dir && {
                find $dir ! -user root \
                    -exec $WARN not owned by root: $queue_directory/{} \;

                find $dir -type f -print | while read path
                do
                    test -f /$path && {
                        cmp -s $path /$path || 
                            $WARN $queue_directory/$path and /$path differ
                    }
                done
            }
        done

        find corrupt -type f -exec $WARN damaged message: {} \;

        # Check for non-Postfix MTA remnants.

        test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \
                -f /usr/lib/sendmail && {
            cmp -s /usr/sbin/sendmail /usr/lib/sendmail || {
                $WARN /usr/lib/sendmail and /usr/sbin/sendmail differ
                $WARN Replace one by a symbolic link to the other
            }
        }
        exit 0
        ;;

set-permissions|upgrade-configuration)
        $daemon_directory/post-install create-missing "$@"
        ;;

post-install)
        # Currently not part of the public interface.
        shift
        $daemon_directory/post-install "$@"
        ;;

tls)
        shift
        $daemon_directory/postfix-tls-script "$@"
        ;;

/*)
        # Currently not part of the public interface.
        "$@"
        ;;

*)
        $ERROR "unknown command: '$1'"
        $FATAL "usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration)"
        exit 1
        ;;

esac