ACC SHELL
| Path : /sbin/conf.d/ |
|
|
| Current File : //sbin/conf.d/SuSEconfig.postfix |
#! /bin/bash
# Copyright (c) 1999-2001 SuSE GmbH Nuernberg, Germany.
# Copyright (c) 2002-2004 SuSE Linux AG
#
# Author: Carsten Hoeger <feedback@suse.de>
export LC_ALL=POSIX
cpifnewer(){
# remove files, that do no longer exist
if [ -d $2 -a "$(echo $2/*)" != "$2/*" ]; then
for i in $2/*; do
if [ ! -e "/$i" ]; then
echo "removing old or no longer used $i"
rm -f $i
fi
done
fi
test -d $2 || mkdir -p $2
for i in $1; do
dst=$2/$(basename $i)
if [ ! -f $dst -a ! -d $dst -a -e $i ]; then
echo "copying missing $dst from $i"
cp -af $i $dst
elif [ ! -d $dst -a $i -nt $dst -o $i -ot $dst ]; then
echo "updating $dst from $i"
cp -af $i $dst
fi
done
}
update_db() {
while test "x$1" != "x" ; do
pfmap=/etc/postfix/${1%:*}
mode=${1#*:}
if [ "$mode" == "$1" ]; then
mode=644
fi
chmod $mode ${pfmap}
test -e $pfmap && \
if test $pfmap -nt ${pfmap}.db -o ! -e ${pfmap}.db ; then
echo "rebuilding ${pfmap}.db"
postmap ${pfmap}
fi
chmod $mode ${pfmap}.db
shift
done
}
get_alias_maps(){
test -d /etc/aliases.d && test "$(echo /etc/aliases.d/*)" != "/etc/aliases.d/*" && \
for i in $(find /etc/aliases.d -maxdepth 1 -type f \
'!' -regex ".*\.\(db\|rpmsave\|rpmorig\)" \
'!' -regex ".*/\(\.\|#\).*" \
'!' -regex ".*~$") ; do
echo -n "$i ";
done
}
warn_user(){
tput bold
echo -e "\t*** WARNING ***"
echo -e $1
echo -e "\t*** WARNING ***"
tput sgr0
}
mkchroot(){
PF_CHROOT="/var/spool/postfix"
if [ ! -d "$PF_CHROOT" ]; then
warn_user "\t$PF_CHROOT does not exist!!!\n\
\tThis should not happen!\n\
\tPlease reinstall package postfix or create this directory!"
exit 1
fi
cd "$PF_CHROOT"
if [ "$(echo "$POSTFIX_MYSQL_CONN" | tr 'A-Z' 'a-z' )" == "socket" -a \
"$(echo "$POSTFIX_WITH_MYSQL" | tr 'A-Z' 'a-z' )" != "no" ]; then
if [ -n "$(my_print_defaults mysqld)" ]; then
MYSQL_SOCKET=$(my_print_defaults mysqld | grep -e '--socket[[:blank:]=]' | awk -F"=" '{print $2}')
MYSQL_SOCKET_DIR=$(dirname $MYSQL_SOCKET)
CHR_MYSQL_SOCKET=$(echo $MYSQL_SOCKET | sed -e "s,/,,")
CHR_MYSQL_SOCKET_DIR=$(dirname $CHR_MYSQL_SOCKET)
else
warn_user "\t/etc/my.cnf does not exist!!\n\
\tThis should not happen!\n\
\tPlease check if postfix-mysql is installed and check for package mysql."
fi
fi
if [ "$(echo "$POSTFIX_CHROOT" | tr 'A-Z' 'a-z' )" != "yes" -a \
"$(echo "$POSTFIX_UPDATE_CHROOT_JAIL" | tr 'A-Z' 'a-z' )" != "no" ]; then
if [ -d etc ]; then
echo "removing postfix chroot environment..."
fi
if grep "$PF_CHROOT"/proc /proc/mounts &> /dev/null; then
umount "$PF_CHROOT"/proc
fi
if [ -n "$CHR_MYSQL_SOCKET_DIR" ]; then
if grep "$PF_CHROOT"/$CHR_MYSQL_SOCKET_DIR /proc/mounts &> /dev/null; then
umount "$PF_CHROOT"/$CHR_MYSQL_SOCKET_DIR
fi
fi
rm -rvf etc lib usr var proc
elif [ "$(echo "$POSTFIX_UPDATE_CHROOT_JAIL" | tr 'A-Z' 'a-z' )" != "no" ]; then
echo "checking postfix chroot environment..."
if [ -e /lib/security/pam_ldap.so ]; then
cpifnewer /etc/openldap/ldap.conf etc/openldap
fi
mkdir -p "$PF_CHROOT"/proc
if ! grep "$PF_CHROOT"/proc /proc/mounts &> /dev/null; then
mount -t proc proc "$PF_CHROOT"/proc
fi
if [ "$(echo "$POSTFIX_WITH_MYSQL" | tr 'A-Z' 'a-z' )" != "yes" ]; then
if [ -n "$CHR_MYSQL_SOCKET_DIR" ]; then
if grep "$PF_CHROOT"/$CHR_MYSQL_SOCKET_DIR /proc/mounts &> /dev/null; then
umount "$PF_CHROOT"/$CHR_MYSQL_SOCKET_DIR
fi
fi
fi
if [ "$(echo "$POSTFIX_MYSQL_CONN" | tr 'A-Z' 'a-z' )" == "socket" -a \
"$(echo "$POSTFIX_WITH_MYSQL" | tr 'A-Z' 'a-z' )" != "no" ]; then
if [ ! -d $CHR_MYSQL_SOCKET_DIR ]; then
mkdir -p $CHR_MYSQL_SOCKET_DIR
fi
if ! grep $CHR_MYSQL_SOCKET_DIR /proc/mounts &> /dev/null; then
mount -o bind $MYSQL_SOCKET_DIR "$PF_CHROOT"/$CHR_MYSQL_SOCKET_DIR
fi
fi
# smtpd_tls_CApath
CAPATH=`postconf -h smtpd_tls_CApath`
if [ "$CAPATH" ]
then
cpifnewer "$CAPATH/*" ./$CAPATH
mkdir ./etc/ssl
rsync -avH /etc/ssl/certs ./etc/ssl
fi
# smtpd_tls_CAfile
smtpd_tls_CAfile=`postconf -h smtpd_tls_CAfile`
if [ "$smtpd_tls_CAfile" ]
then
DIR=`dirname $smtpd_tls_CAfile`
cpifnewer $smtpd_tls_CAfile ./$DIR
fi
# smtpd_tls_cert_file
smtpd_tls_cert_file=`postconf -h smtpd_tls_cert_file`
if [ "$smtpd_tls_cert_file" ]
then
DIR=`dirname $smtpd_tls_cert_file`
cpifnewer $smtpd_tls_cert_file ./$DIR
fi
# smtpd_tls_key_file
smtpd_tls_key_file=`postconf -h smtpd_tls_key_file`
if [ "$smtpd_tls_key_file" -a $smtpd_tls_key_file != '$smtpd_tls_cert_file' ]
then
DIR=`dirname $smtpd_tls_key_file`
cpifnewer $smtpd_tls_key_file ./$DIR
fi
# PAM
cpifnewer "/etc/pam.d/*" etc/pam.d
cpifnewer "/lib/security/*" lib/security
cpifnewer "/lib/libpam*" lib
cpifnewer "/usr/lib/libcrack.so*" usr/lib
# SASL
cpifnewer /etc/sasldb2 etc
cpifnewer "/etc/sasl2/*" etc/sasl2
cpifnewer "/usr/lib/sasl2/*" usr/lib/sasl2
cpifnewer "/usr/lib/libsasl2*" usr/lib
mkdir -p var/run/sasl2
ln -f /var/run/sasl2/mux var/run/sasl2/mux
# CYRUS
mkdir -p var/lib/imap/socket/
ln -f /var/lib/imap/socket/lmtp var/lib/imap/socket/lmtp
cpifnewer "/lib/libnss*" lib
cpifnewer "/lib/libresolv*" lib
cpifnewer "/lib/libdb*" lib
cpifnewer "/lib/libxcrypt*" lib
cpifnewer /etc/host.conf etc
cpifnewer /etc/nsswitch.conf etc
cpifnewer /etc/resolv.conf etc
cpifnewer /etc/services etc
cpifnewer /etc/hosts etc
cpifnewer /etc/passwd etc
if [ -L /etc/localtime ]; then
if [ -z "$TIMEZONE" -o "$TIMEZONE" == "YAST_ASK" ]; then
warn_user "\tUnable to setup your timezone!\n\
\tThe logging of the current time in /var/log/mail may be wrong!\n\
\tPlease set the variable TIMEZONE in /etc/sysconfig/clock!"
else
mkdir -p usr/share/zoneinfo/$(dirname $TIMEZONE)
if [ ! -e /usr/share/zoneinfo/$TIMEZONE ]; then
warn_user "\t$TIMEZONE is not a regular timezone or the corresponding\n\
\tfile at /usr/share/zoneinfo does not exist"
else
cp -af /usr/share/zoneinfo/$TIMEZONE usr/share/zoneinfo/$TIMEZONE
ln -sf ../usr/share/zoneinfo/$TIMEZONE etc/localtime
fi
fi
else
cpifnewer /etc/localtime etc
fi
# do not chown -R root /var/spool/postfix/var
# this will break ownership for mysql on suse < 1120
if [ "$(echo "$POSTFIX_WITH_MYSQL" | tr 'A-Z' 'a-z' )" != "no" ]; then
chown -R root "$PF_CHROOT"/{etc,lib,usr}
else
chown -R root "$PF_CHROOT"/{etc,lib,usr,var}
fi
fi
}
gen_main_cf(){
TMPDIR=$(mktemp -d /tmp/SuSEconfig.postfix.XXXXXX) || exit 1
PCONF="/usr/sbin/postconf -c $TMPDIR"
# needed when for WITH_MYSQL
export POSTFIX_WITH_MYSQL
MCF_DIR=$TMPDIR
export MCF_DIR
if [ $? -ne 0 ]; then
warn_user "Can't create temp directory, exiting..."
exit 1
fi
cp -f /etc/postfix/main.cf $TMPDIR/main.cf
# Some default settings, that seem to be useable, at least to me
$PCONF -e "mail_spool_directory = /var/mail"
$PCONF -e "canonical_maps = hash:/etc/postfix/canonical"
$PCONF -e "virtual_alias_domains = hash:/etc/postfix/virtual"
$PCONF -e "relocated_maps = hash:/etc/postfix/relocated"
if [ "$(echo "$POSTFIX_TRANSPORT_MAPS" | tr 'A-Z' 'a-z' )" != "" ]; then
$PCONF -e "transport_maps = $POSTFIX_TRANSPORT_MAPS"
else
$PCONF -e "transport_maps = hash:/etc/postfix/transport"
fi
$PCONF -e "sender_canonical_maps = hash:/etc/postfix/sender_canonical"
$PCONF -e "masquerade_exceptions = root"
$PCONF -e "masquerade_classes = envelope_sender, header_sender, header_recipient"
$PCONF -e "myhostname = $FQHOSTNAME"
$PCONF -e "delay_warning_time = 1h"
$PCONF -e 'message_strip_characters = \0'
# to be on the save side
$PCONF -e "daemon_directory = /usr/lib/postfix"
$PCONF -e "program_directory = /usr/lib/postfix"
$PCONF -e "readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES"
$PCONF -e "html_directory = /usr/share/doc/packages/postfix-doc/html"
$PCONF -e "sample_directory = /usr/share/doc/packages/postfix-doc/samples"
$PCONF -e "sendmail_path = /usr/sbin/sendmail"
$PCONF -e "setgid_group = maildrop"
$PCONF -e "manpage_directory = /usr/share/man"
$PCONF -e "newaliases_path = /usr/bin/newaliases"
$PCONF -e "mailq_path = /usr/bin/mailq"
if [ "$(echo "$POSTFIX_INET_PROTO" | tr 'A-Z' 'a-z' )" != "" ]; then
$PCONF -e "inet_protocols = $POSTFIX_INET_PROTO"
else
if [ "$( ip addr show dev lo | grep inet6 )" ]; then
$PCONF -e "inet_protocols = all"
else
$PCONF -e "inet_protocols = ipv4"
fi
fi
if test "$SMTPD_LISTEN_REMOTE" == "yes" ; then
if [ "$(echo "$POSTFIX_LISTEN" | tr 'A-Z' 'a-z' )" != "" ]; then
$PCONF -e "inet_interfaces = $POSTFIX_LISTEN"
else
$PCONF -e "inet_interfaces = all"
fi
else
$PCONF -e "inet_interfaces = localhost"
fi
test -n "$POSTFIX_MASQUERADE_DOMAIN" && \
MASQ_DOMS=$POSTFIX_MASQUERADE_DOMAIN
if [ -n "$FROM_HEADER" -a "$FROM_HEADER" != "YAST_ASK" ]; then
if [ -n "$MASQ_DOMS" ]; then
MASQ_DOMS="$MASQ_DOMS, $FROM_HEADER"
else
MASQ_DOMS="$FROM_HEADER"
fi
fi
$PCONF -e "masquerade_domains = $MASQ_DOMS"
if test -z "$POSTFIX_LOCALDOMAINS"; then
$PCONF -e 'mydestination = $myhostname, localhost.$mydomain'
else
$PCONF -e "mydestination = $POSTFIX_LOCALDOMAINS"
fi
# this overrides the previous
if test "$POSTFIX_NULLCLIENT" == "yes"; then
$PCONF -e "mydestination = "
fi
if test "$POSTFIX_DIALUP" == "yes"; then
$PCONF -e "defer_transports = smtp"
$PCONF -e "mynetworks_style = host"
else
$PCONF -e "defer_transports = "
if test -n "$POSTFIX_ADD_MYNETWORKS_STYLE"
then
$PCONF -e "mynetworks_style = $POSTFIX_ADD_MYNETWORKS_STYLE"
fi
fi
if test "$POSTFIX_NODNS" == "yes"; then
$PCONF -e "disable_dns_lookups = yes"
else
$PCONF -e "disable_dns_lookups = no"
fi
if test -n "$POSTFIX_RELAYHOST"; then
$PCONF -e "relayhost = $POSTFIX_RELAYHOST"
else
$PCONF -e "relayhost = "
fi
if [ "$(echo "$USE_AMAVIS" | tr 'A-Z' 'a-z' )" != "yes" ]; then
$PCONF -e "content_filter = "
else
$PCONF -e "content_filter = amavis:[127.0.0.1]:10024"
fi
case "$POSTFIX_MDA" in
procmail)
echo 1>&2 "Setting up procmail as MDA..."
if [ ! -x /usr/bin/procmail ]; then
warn_user 1>&2 "procmail is not installed, using local as MDA!"
$PCONF -e "mailbox_command = "
$PCONF -e "mailbox_transport = "
else
$PCONF -e "mailbox_command = /usr/bin/procmail"
$PCONF -e "mailbox_transport = "
fi
$PCONF -e "strict_8bitmime = no"
$PCONF -e "disable_mime_output_conversion = no"
;;
cyrus)
echo 1>&2 "Setting up cyrus-imapd via lmtp as MDA..."
if [ ! -x /usr/lib/cyrus/bin/lmtpd ]; then
warn_user 1>&2 "cyrus-imapd is not installed, using local as MDA!"
$PCONF -e "mailbox_command = "
$PCONF -e "mailbox_transport = "
else
LMTPUNIX=$(grep -E "^[[:space:]]*lmtpunix.*" /etc/cyrus.conf)
if [ -z "$LMTPUNIX" ]; then
warn_user 1>&2 "you have to add\n\
lmtpunix cmd=\"lmtpd\" listen=\"/var/lib/imap/socket/lmtp\" prefork=1\n\
to /etc/cyrus.conf"
else
if [ -z "$(echo $LMTPUNIX | grep -E '/var/lib/imap/socket/lmtp')" ]; then
warn_user 1>&2 "the socket to listen on is wrong in /etc/cyrus.conf\n\
use listen=\"/var/lib/imap/socket/lmtp\" instead!"
fi
fi
$PCONF -e "mailbox_command = "
$PCONF -e "mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp"
$PCONF -e "strict_8bitmime = yes"
$PCONF -e "disable_mime_output_conversion = no"
if [ -z "$(id postfix | grep -E 'groups=.*mail')" ]; then
warn_user 1>&2 "adding postfix user to group mail"
usermod -G mail postfix
fi
fi
;;
dovecot)
echo 1>&2 "Setting up dovecot as MDA..."
if [ ! -x /usr/lib/dovecot/deliver ]; then
warn_user 1>&2 "dovecot is not installed, using local as MDA!"
$PCONF -e "mailbox_command = "
$PCONF -e "mailbox_transport = "
else
$PCONF -e "mailbox_command = /usr/lib/dovecot/deliver"
$PCONF -e "mailbox_transport = "
fi
$PCONF -e "strict_8bitmime = no"
$PCONF -e "disable_mime_output_conversion = no"
;;
local|*)
echo 1>&2 "Setting up postfix local as MDA..."
$PCONF -e "mailbox_command = "
$PCONF -e "mailbox_transport = "
$PCONF -e "strict_8bitmime = no"
$PCONF -e "disable_mime_output_conversion = no"
;;
esac
case "$POSTFIX_BASIC_SPAM_PREVENTION" in
medium)
echo 1>&2 "Setting up medium SPAM protection..."
$PCONF -e "smtpd_sender_restrictions = hash:/etc/postfix/access, reject_unknown_sender_domain"
if test -n "$POSTFIX_RBL_HOSTS"; then
rblhosts=$(echo ${POSTFIX_RBL_HOSTS//,/ })
clnt_restrictions=""
for i in $rblhosts; do
if [ -z "$clnt_restrictions" ]; then
clnt_restrictions="reject_rbl_client $i"
else
clnt_restrictions="$clnt_restrictions, reject_rbl_client $i"
fi
done
$PCONF -e "smtpd_client_restrictions = $clnt_restrictions"
else
$PCONF -e "smtpd_client_restrictions ="
fi
$PCONF -e "smtpd_helo_required = yes"
$PCONF -e "smtpd_helo_restrictions = "
$PCONF -e "strict_rfc821_envelopes = no"
$PCONF -e "smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination "
;;
hard)
echo 1>&2 "Setting up hard SPAM protection..."
$PCONF -e "smtpd_sender_restrictions = hash:/etc/postfix/access, reject_unknown_sender_domain"
if test -n "$POSTFIX_RBL_HOSTS"; then
rblhosts=$(echo ${POSTFIX_RBL_HOSTS//,/ })
clnt_restrictions=""
for i in $rblhosts; do
if [ -z "$clnt_restrictions" ]; then
clnt_restrictions="reject_rbl_client $i"
else
clnt_restrictions="$clnt_restrictions, reject_rbl_client $i"
fi
done
$PCONF -e "smtpd_client_restrictions = permit_mynetworks, $clnt_restrictions, reject_unknown_client"
else
$PCONF -e \
"smtpd_client_restrictions = permit_mynetworks, reject_unknown_client"
fi
$PCONF -e "smtpd_helo_required = yes"
$PCONF -e "smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname"
$PCONF -e "strict_rfc821_envelopes = yes"
$PCONF -e "smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination"
;;
custom)
echo 1>&2 "Setting up custom SPAM protection..."
$PCONF -e "smtpd_helo_required = yes"
$PCONF -e "strict_rfc821_envelopes = no"
if [ -n "$POSTFIX_SMTPD_CLIENT_RESTRICTIONS" ]; then
s_clnt_restrictions=$(echo ${POSTFIX_SMTPD_CLIENT_RESTRICTIONS/\ \+/,/ })
else
echo 1>&2 "No smtpd_client_restrictions defined ... setting to medium ..."
s_clnt_restrictions="reject_unauth_pipelining, reject_unknown_client"
fi
if [ -n "$POSTFIX_RBL_HOSTS" ]; then
rblhosts=$(echo ${POSTFIX_RBL_HOSTS//,/ })
maps_rbl=""
for i in $rblhosts; do
if [ -z "$maps_rbl" ]; then
maps_rbl="reject_rbl_client $i"
else
maps_rbl="$maps_rbl, reject_rbl_client $i"
fi
done
$PCONF -e "smtpd_client_restrictions = $s_clnt_restrictions, $maps_rbl"
else
$PCONF -e "smtpd_client_restrictions = $s_clnt_restrictions"
fi
if [ -n "$POSTFIX_SMTPD_HELO_RESTRICTIONS" ]; then
helo_restrictions=$(echo ${POSTFIX_SMTPD_HELO_RESTRICTIONS/\ \+/,/ })
$PCONF -e "smtpd_helo_restrictions = $helo_restrictions"
else
$PCONF -e "smtpd_helo_restrictions = reject_unauth_pipelining, reject_unknown_client"
fi
if [ -n "$POSTFIX_SMTPD_SENDER_RESTRICTIONS" ]; then
sender_restrictions=$(echo ${POSTFIX_SMTPD_SENDER_RESTRICTIONS/\ \+/,/ })
$PCONF -e "smtpd_sender_restrictions = $sender_restrictions"
else
$PCONF -e "smtpd_sender_restrictions = hash:/etc/postfix/access, reject_unknown_sender_domain"
fi
if [ -n "$POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS" ]; then
rcpt_restrictions=$(echo ${POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS/\ \+/,/ })
fi
if [ -z "$POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS" ]; then
echo 1>&2 "No smtp_recipient_restrictions defined ... setting to medium ..."
$PCONF -e "smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination"
else
$PCONF -e "smtpd_recipient_restrictions = $rcpt_restrictions"
fi
;;
*)
if test "$POSTFIX_BASIC_SPAM_PREVENTION" != "off"; then
warn_user 1>&2 "$POSTFIX_BASIC_SPAM_PREVENTION is an invalid value for POSTFIX_BASIC_SPAM_PREVENTION\n\
using \"off\" instead!"
fi
echo 1>&2 "Setting SPAM protection to \"off\"..."
$PCONF -e "smtpd_sender_restrictions = hash:/etc/postfix/access"
$PCONF -e "smtpd_client_restrictions ="
$PCONF -e "smtpd_helo_required = no"
$PCONF -e "smtpd_helo_restrictions ="
$PCONF -e "strict_rfc821_envelopes = no"
$PCONF -e "smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination"
;;
esac
if test "$POSTFIX_SMTP_AUTH" == "yes"; then
$PCONF -e "smtp_sasl_auth_enable = yes"
$PCONF -e "smtp_sasl_security_options = $POSTFIX_SMTP_AUTH_OPTIONS"
$PCONF -e "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd"
else
$PCONF -e "smtp_sasl_auth_enable = no"
fi
if test "$POSTFIX_SMTP_AUTH_SERVER" == "yes"; then
if [ -f /etc/sasl2/smtpd.conf ]; then
grep saslauthd /etc/sasl2/smtpd.conf >/dev/null && {
checkproc -p /var/run/sasl2/saslauthd.pid /usr/sbin/saslauthd || {
warn_user 1>&2 "You are using saslauthd as pwcheck_method in /etc/sasl2/smtpd.conf,\n\
but saslauthd is not running."
}
}
elif [ -f /usr/lib/sasl2/smtpd.conf ]; then
grep saslauthd /usr/lib/sasl2/smtpd.conf >/dev/null && {
checkproc -p /var/run/sasl2/saslauthd.pid /usr/sbin/saslauthd || {
warn_user 1>&2 "You are using saslauthd as pwcheck_method in /usr/lib/sasl2/smtpd.conf,\n\
but saslauthd is not running."
}
}
else
warn_user 1>&2 "You have activated POSTFIX_SMTP_AUTH_SERVER, but you don't have /etc/sasl2/smtpd.conf (nor /usr/lib/sasl2/smtpd.conf)"
fi
$PCONF -e "smtpd_sasl_auth_enable= yes"
touch -m -d "1 minute ago" $TMPDIR/main.cf
CURRENT=$($PCONF -h smtpd_client_restrictions)
$PCONF -e "smtpd_client_restrictions= permit_sasl_authenticated, $CURRENT"
touch -m -d "1 minute ago" $TMPDIR/main.cf
CURRENT=$($PCONF -h smtpd_recipient_restrictions)
$PCONF -e "smtpd_recipient_restrictions= permit_sasl_authenticated, $CURRENT"
else
$PCONF -e "smtpd_sasl_auth_enable= no"
fi
if test "$POSTFIX_SMTP_TLS_SERVER_LEGACY_SUPPORT" == "yes"; then
grep -E '^smtps' /etc/services >/dev/null || {
warn_user 1>&2 "adding service \"smtps\" to /etc/services"
echo "smtps 465/tcp # smtp over SSL" >> /etc/services
}
fi
if test "$POSTFIX_SMTP_TLS_SERVER" == "yes" -o "$POSTFIX_SMTP_TLS_SERVER_LEGACY_SUPPORT" == "yes"; then
$PCONF -e "smtpd_use_tls = yes"
$PCONF -e "smtpd_tls_CAfile = $POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE"
$PCONF -e "smtpd_tls_cert_file = $POSTFIX_SSL_PATH/$POSTFIX_TLS_CERTFILE"
$PCONF -e "smtpd_tls_key_file = $POSTFIX_SSL_PATH/$POSTFIX_TLS_KEYFILE"
$PCONF -e "smtpd_tls_received_header = yes"
$PCONF -e "tls_daemon_random_source = dev:/dev/urandom"
$PCONF -e "tls_random_source = dev:/dev/urandom"
$PCONF -e "relay_clientcerts = hash:/etc/postfix/relay_ccerts"
$PCONF -e "smtpd_tls_ask_ccert = yes"
touch -m -d "1 minute ago" $TMPDIR/main.cf
CURRENT=$($PCONF -h smtpd_recipient_restrictions)
$PCONF -e "smtpd_recipient_restrictions = permit_tls_clientcerts, $CURRENT"
else
$PCONF -e "smtpd_use_tls = no"
fi
if test "$POSTFIX_SMTP_TLS_CLIENT" == "no"; then
$PCONF -e "smtp_use_tls = no"
$PCONF -e "smtp_enforce_tls = no"
fi
if test "$POSTFIX_SMTP_TLS_CLIENT" == "yes"; then
$PCONF -e "smtp_use_tls = yes"
$PCONF -e "smtp_enforce_tls = no"
fi
if test "$POSTFIX_SMTP_TLS_CLIENT" == "must"; then
$PCONF -e "smtp_use_tls = yes"
$PCONF -e "smtp_enforce_tls = yes"
fi
if test "$POSTFIX_SMTP_TLS_CLIENT" = "yes" -o "$POSTFIX_SMTP_TLS_CLIENT" = "must" ; then
test -s "$POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE" && \
$PCONF -e "smtp_tls_CAfile = $POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE"
test -s "$POSTFIX_SSL_PATH/$POSTFIX_TLS_CERTFILE" && \
$PCONF -e "smtp_tls_cert_file = $POSTFIX_SSL_PATH/$POSTFIX_TLS_CERTFILE"
test -s "$POSTFIX_SSL_PATH/$POSTFIX_TLS_KEYFILE" && \
$PCONF -e "smtp_tls_key_file = $POSTFIX_SSL_PATH/$POSTFIX_TLS_KEYFILE"
$PCONF -e "smtp_tls_session_cache_timeout = 3600s"
$PCONF -e "smtp_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache"
else
$PCONF -e "smtp_use_tls = no"
fi
ALLMAPS="hash:/etc/aliases"
for i in $(get_alias_maps); do
ALLMAPS="${ALLMAPS}, hash:$i"
done
$PCONF -e "alias_maps = $ALLMAPS"
for i in $(echo ${!POSTFIX_ADD_*}); do
touch -m -d "1 minute ago" $TMPDIR/main.cf
pfkey=$(echo ${i#POSTFIX_ADD_})
pfval=$(eval "echo \$$i")
if [ -z "$($PCONF $pfkey 2>/dev/null)" ]; then
pfkey=$(echo ${i#POSTFIX_ADD_} | tr '[:upper:]' '[:lower:]')
if [ -z "$($PCONF $pfkey 2>/dev/null)" ]; then
warn_user 1>&2 "unknown parameter $i ignored"
else
#old style uppercase written variable
$PCONF -e "$pfkey = $pfval"
fi
else
$PCONF -e "$pfkey = $pfval"
fi
done
perl -e 'use strict;
my $mncf = "$ENV{MCF_DIR}/main.cf";
my $line;
my $with_mysql =
defined $ENV{POSTFIX_WITH_MYSQL} ? $ENV{POSTFIX_WITH_MYSQL} : "no";
$with_mysql = lc($with_mysql);
open(MNCF,"<$mncf") || die "unable to open $mncf: $!";
while( <MNCF> ) {
chomp;
if( /\#?(virtual_alias_maps\s=\s).*/ ) {
if ($with_mysql ne "yes") {
$line = $1."hash:/etc/postfix/virtual";
} else {
$line = $1."hash:/etc/postfix/virtual mysql:/etc/postfix/mysql_virtual_alias_maps.cf";
}
} elsif( /\#?(virtual_uid_maps\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_gid_maps\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_minimum_uid\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_mailbox_base\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_mailbox_domains\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_mailbox_limit\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_mailbox_maps\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_transport\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_create_maildirsize\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_mailbox_extended\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_mailbox_limit_maps\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_mailbox_limit_override\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_maildir_limit_message\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?(virtual_overquota_bounce\s=.*)/ ) {
if ($with_mysql ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /^(relay_domains\s=\s).*/ ) {
if ($with_mysql ne "yes") {
$line = $1."\$mydestination, hash:/etc/postfix/relay";
} else {
$line = $1."\$mydestination, hash:/etc/postfix/relay, mysql:/etc/postfix/mysql_relay_domains_maps.cf";
}
} else {
$line = $_;
}
if( $line =~ /^\#/ ) {
print $line."\n";
next;
}
print $line."\n";
}' > $TMPDIR/new.cf
mv $TMPDIR/new.cf $TMPDIR/main.cf
cat $TMPDIR/main.cf
rm -rf $TMPDIR
}
gen_amavisd_cf(){
cp /etc/amavisd.conf /etc/amavisd.conf.back
export FQHOSTNAME
perl -e 'use strict;
open(ACF,"</etc/amavisd.conf") || die "unable to open /etc/amavisd.conf: $!";
my @CONF = ();
my $myhostname = $ENV{FQHOSTNAME};
my ($h,$mydomain)= split /\./, $myhostname, 2;
my $ismyhostname = 0;
while( <ACF> ) {
if ( s/^\$myhostname = .*;/\$myhostname = "$myhostname";/ )
{
next if $ismyhostname;
$ismyhostname = 1;
}
s/^\$mydomain = .*;/\$mydomain = "$mydomain";/;
push @CONF, $_
}
close(ACF);
pop @CONF;
if ( ! $ismyhostname ) {
push @CONF, "\$myhostname = \"$myhostname\";\n";
}
push @CONF, "1;";
open(OUT,">/etc/amavisd.conf");
print OUT @CONF;
close(OUT);
'
}
gen_master_cf(){
export POSTFIX_LAPTOP
export POSTFIX_CHROOT
export POSTFIX_NULLCLIENT
export USE_AMAVIS
export POSTFIX_SMTP_TLS_SERVER
export POSTFIX_SMTP_TLS_SERVER_LEGACY_SUPPORT
export POSTFIX_SMTP_TLS_CLIENT
perl -e 'use strict;
my $mcf = "/etc/postfix/master.cf";
my $line;
my $laptop =
defined $ENV{POSTFIX_LAPTOP} ? $ENV{POSTFIX_LAPTOP} : "no";
my $nullclient =
defined $ENV{POSTFIX_NULLCLIENT} ? $ENV{POSTFIX_NULLCLIENT} : "no";
my $chroot =
defined $ENV{POSTFIX_CHROOT} ? $ENV{POSTFIX_CHROOT} : "yes";
my $use_amavis =
defined $ENV{USE_AMAVIS} ? $ENV{USE_AMAVIS} : "no";
my $tlsserver =
defined $ENV{POSTFIX_SMTP_TLS_SERVER} ? $ENV{POSTFIX_SMTP_TLS_SERVER} : "no";
my $sslserver =
defined $ENV{POSTFIX_SMTP_TLS_SERVER_LEGACY_SUPPORT} ? $ENV{POSTFIX_SMTP_TLS_SERVER_LEGACY_SUPPORT} : "no";
my $tlsclient =
defined $ENV{POSTFIX_SMTP_TLS_CLIENT} ? $ENV{POSTFIX_SMTP_TLS_CLIENT} : "no";
my $normalize = {};
$laptop = lc($laptop);
$chroot = lc($chroot);
$nullclient = lc($nullclient);
$use_amavis = lc($use_amavis);
$tlsserver = lc($tlsserver);
$tlsclient = lc($tlsclient);
open(MCF,"<$mcf") || die "unable to open $mcf: $!";
while( <MCF> ) {
chomp;
if( /\#?\s*(smtp\s+inet.*?smtpd)/ ) {
if( defined $normalize->{$1} ) { next; } else { $normalize->{$1} = 1; }
if ($nullclient eq "yes") {
$line = "#".$1;
} else {
$line = $1;
}
if ( $use_amavis eq "yes" ) {
$line =~ /(\#?\s*smtp\s+inet\s+[yn-]?\s+[yn-]?\s+[yn-]?\s+[0-9?yn-]?\s+)[0-9-]+(.*)/;
$line = $1."-".$2;
} else {
$line =~ /(\#?\s*smtp\s+inet\s+[yn-]?\s+[yn-]?\s+[yn-]?\s+[0-9?yn-]?\s+)[0-9-]+(.*)/;
$line = $1."-".$2;
}
} elsif( /\#?\s*(amavis\s+unix.*)/ ) {
if ($use_amavis ne "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?\s\s(-o\s+smtp_data_done_timeout=.*)/ ) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtp_send_xforward_command=.*)/ ) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+disable_dns_lookups=.*)/ ) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+max_use=.*)/ ) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif( /\#?\s*(local\s+unix.*)/ ) {
if( defined $normalize->{$1} ) { next; } else { $normalize->{$1} = 1; }
if ($nullclient eq "yes") {
$line = "#".$1;
} else {
$line = $1;
}
} elsif( /\#?\s*(localhost:10025\s+inet.*)/ ) {
if( defined $normalize->{$1} ) { next; } else { $normalize->{$1} = 1; }
if ( $use_amavis ne "yes" ) {
$line = "#".$1;
} else {
$line = $1;
}
} elsif ( /\#?\s\s(-o\s+content_filter=.*)/ ) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_delay_reject=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
# next should match
# # -o smtpd_client_restrictions=
# and not
# # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
} elsif ( /^\#?\s\s(-o\s+smtpd_client_restrictions=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_helo_restrictions=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_sender_restrictions=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_recipient_restrictions=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_data_restrictions=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_end_of_data_restrictions=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_restriction_classes=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+mynetworks=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_error_sleep_time=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_soft_error_limit=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_hard_error_limit=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_client_connection_count_limit=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+smtpd_client_connection_rate_limit=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+receive_override_options=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
if( $line !~ /receive_override_options=no_unknown_recipient_checks,no_header_body_checks/ )
{
$line .= " -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_address_mappings";
}
}
} elsif ( /\#?\s\s(-o\s+local_header_rewrite_clients=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+local_recipient_maps=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif ( /\#?\s\s(-o\s+relay_recipient_maps=.*)/) {
if ( $use_amavis ne "yes" ) {
$line = "# ".$1;
} else {
$line = " ".$1;
}
} elsif( /\#?\s*(tlsmgr\s+unix.*)/ ) {
if( defined $normalize->{$1} ) { next; } else { $normalize->{$1} = 1; }
if ( $tlsclient ne "yes" && $tlsserver ne "yes" && $sslserver ne "yes" ) {
$line = "#".$1;
} else {
$line = $1;
}
} elsif( /\#?\s*(smtps\s+inet.*?smtpd)/ ) {
if( defined $normalize->{$1} ) { next; } else { $normalize->{$1} = 1; }
if ( $sslserver ne "yes" ) {
$line = "#".$1." -o smtpd_tls_wrappermode=yes";
} else {
$line = $1." -o smtpd_tls_wrappermode=yes";
}
if ( $use_amavis eq "yes" ) {
$line =~ /(\#?\s*smtps\s+inet\s+[yn-]?\s+[yn-]?\s+[yn-]?\s+[0-9?yn-]?\s+)[0-9-]+(.*)/;
$line = $1."10".$2." -o content_filter=smtp:[127.0.0.1]:10024";
} else {
$line =~ /(\#?\s*smtps\s+inet\s+[yn-]?\s+[yn-]?\s+[yn-]?\s+[0-9?yn-]?\s+)[0-9-]+(.*)/;
$line = $1."-".$2;
}
} elsif( /^(\#?\s*(?:pickup|qmgr)\s+)(?:fifo|unix)(\s+.*)/ ) {
if( defined $normalize->{$1} ) { next; } else { $normalize->{$1} = 1; }
if ( $laptop eq "yes" ) {
$line = $1."unix".$2;
} else {
$line = $1."fifo".$2;
}
} else {
$line = $_;
}
if( $line =~ /^\#/ ) {
print $line."\n";
next;
}
my $match = 0;
foreach my $serv ( ( "smtp", "pickup", "cleanup", "rewrite",
"bounce", "defer", "showq", "error",
"lmtp", "smtps", "tlsmgr", "localhost:10025" ) ) {
if( $line =~ /^$serv\s+/ ) {
$line =~ /(^$serv\s+\w+\s+[yn-]?\s+[yn-]?\s+)[yn-]?(.*)/;
print $1.( $chroot eq "yes" ? "y" : "n" ).$2."\n";
$match = 1;
} else {
next;
}
}
print $line."\n" if ! $match;
}'
}
update_cf() {
while test "x$1" != "x" ; do
if [ ! -f $r/etc/postfix/${1}.SuSEconfig ]; then
eval gen_${1/\./_} > $r/etc/postfix/${1}.SuSEconfig
test -s $r/etc/postfix/${1}.SuSEconfig || {
warn_user "Writing $r/etc/postfix/${1}.SuSEconfig failed, exiting..."
exit 1
}
check_md5_and_move $r/etc/postfix/$1
else
warn_user "Found /etc/postfix/${1}.SuSEconfig, exiting..."
exit 1
fi
shift
done
}
restore_cf() {
while test "x$1" != "x" ; do
warn_user "/etc/postfix/${1}: zero file size or missing, restoring
from /var/adm/backup/postfix/${1}"
if [ ! -s /var/adm/backup/postfix/$1 ]; then
warn_user "/var/adm/backup/postfix/${1}: zero file size or missing, exiting..."
exit 1
fi
rm -f /var/adm/SuSEconfig/md5/etc/postfix/$1
cp --remove-destination /var/adm/backup/postfix/$1 /etc/postfix/$1
update_cf $1
shift
done
}
gen_CA() {
openssl=/usr/bin/openssl
sslpath=$POSTFIX_SSL_PATH
sslconfig=$sslpath/openssl_postfix.conf
date="$(date)"
oldmask=$(umask)
umask 077
mkdir -p $sslpath/private
mkdir -p $sslpath/certs
mkdir -p $sslpath/newcerts
test -f $sslpath/serial || \
echo 01 > $sslpath/serial
touch $sslpath/index.txt
sed -e "s/@POSTFIX_SSL_COUNTRY@/$POSTFIX_SSL_COUNTRY/" \
-e "s/@POSTFIX_SSL_STATE@/$POSTFIX_SSL_STATE/" \
-e "s/@POSTFIX_SSL_LOCALITY@/$POSTFIX_SSL_LOCALITY/" \
-e "s/@POSTFIX_SSL_ORGANIZATION@/$POSTFIX_SSL_ORGANIZATION/" \
-e "s/@POSTFIX_SSL_ORGANIZATIONAL_UNIT@/$POSTFIX_SSL_ORGANIZATIONAL_UNIT/" \
-e "s/@POSTFIX_SSL_COMMON_NAME@/$POSTFIX_SSL_COMMON_NAME/" \
-e "s/@POSTFIX_SSL_EMAIL_ADDRESS@/$POSTFIX_SSL_EMAIL_ADDRESS/" \
-e "s/@RANDOM@/${RANDOM}${RANDOM}/" \
-e "s/@COMMENT@/generated by SuSEconfig.postfix at $date/" \
/etc/postfix/openssl_postfix.conf.in > $sslconfig
echo "creating CA request/certificate..."
$openssl req -days 2000 -config $sslconfig -new -x509 -nodes \
-keyout $sslpath/private/cakey.pem -out $sslpath/$POSTFIX_TLS_CAFILE 2>/dev/null || {
echo "error creating CA request/certificate"
rm -rf $sslpath
umask $oldmask
return
}
echo "creating certificate request..."
$openssl req -config $sslconfig -new -nodes -keyout \
$sslpath/$POSTFIX_TLS_KEYFILE -out $sslpath/certs/postfixreq.pem 2>/dev/null || {
echo "error creating certificate request"
rm -rf $sslpath
umask $oldmask
return
}
echo "signing server certificate..."
$openssl ca -config $sslconfig -notext -batch \
-out $sslpath/$POSTFIX_TLS_CERTFILE \
-infiles $sslpath/certs/postfixreq.pem 2>/dev/null || {
echo "error signing server certificate"
rm -rf $sslpath
umask $oldmask
return
}
chmod 755 $sslpath
chmod 755 $sslpath/certs
chmod 644 $sslpath/cacert.pem
umask $oldmask
}
###############################################################################
#################################### MAIN #####################################
###############################################################################
r=$ROOT
test -s $r/etc/sysconfig/postfix || {
echo "No $r/etc/sysconfig/postfix found."
exit 1
}
. $r/etc/sysconfig/postfix
# this file contains generic mail setup information
test -s $r/etc/sysconfig/mail || {
echo "No $r/etc/sysconfig/mail found."
exit 1
}
. $r/etc/sysconfig/mail
# We may need TIMEZONE for chroot setup
test -s $r/etc/sysconfig/clock && . $r/etc/sysconfig/clock
# Try to get a valid hostname...
if [ -z "$POSTFIX_MYHOSTNAME" ]; then
test -s "$r/var/run/dhcp-hostname" && . "$r/var/run/dhcp-hostname"
case $FQHOSTNAME in *.*) ;; *) unset FQHOSTNAME ;; esac
test -z "$FQHOSTNAME" -a -s $r/etc/HOSTNAME && read -t 1 FQHOSTNAME < $r/etc/HOSTNAME
# check whether hostname contains at least one dot...
echo $FQHOSTNAME | grep "\." >/dev/null || FQHOSTNAME=""
# still no valid hostname? :-( set hostname to linux.local
test -z "$FQHOSTNAME" && FQHOSTNAME=linux.local
else
FQHOSTNAME=$POSTFIX_MYHOSTNAME
fi
# check whether we want to use amavis
if [ -x /usr/sbin/amavisd ]; then
test -s $r/etc/sysconfig/amavis && . $r/etc/sysconfig/amavis
if [ "$USE_AMAVIS" = "yes" ]; then
gen_amavisd_cf
insserv amavis
fi
fi
test -f $r/lib/YaST/SuSEconfig.functions || {
echo "ERROR - can not find $r/lib/YaST/SuSEconfig.functions!!"
echo "This should not happen. Exit..."
exit 1
}
. $r/lib/YaST/SuSEconfig.functions
# call mkchroot. The conditions what to do take place in this function.
mkchroot
# restore main.cf and master.cf, if they had been removed by accident
test -z "$r" && {
if [ ! -s /etc/postfix/main.cf ]; then
restore_cf main.cf
fi
if [ ! -s /etc/postfix/master.cf ]; then
restore_cf master.cf
fi
}
if test "$MAIL_CREATE_CONFIG" = "yes"; then
test -z "$r" && update_cf master.cf main.cf
fi
PFVERSION=$(/usr/sbin/postconf -h mail_version)
test -z "$PFVERSION" && {
echo "ERROR - unable to determine the version of postfix, you are running"
echo "This should not happen. Exit..."
exit 1
}
PFMAJOR=${PFVERSION:0:1}
if test -z "$r" && test "$POSTFIX_SMTP_TLS_SERVER" == yes ; then
test -d $POSTFIX_SSL_PATH || gen_CA
fi
if test -z "$r" && test "$POSTFIX_UPDATE_MAPS" == yes ; then
test -e /etc/aliases && \
if test /etc/aliases -nt /etc/aliases.db \
-o ! -e /etc/aliases.db ; then
echo "Rebuilding /etc/aliases.db."
/usr/bin/newaliases
fi
update_db $POSTFIX_MAP_LIST
for i in $(get_alias_maps); do
if test $i -nt $i.db -o ! -e $i.db; then
echo "Rebuilding $i.db"
/usr/sbin/postalias $i
fi
done
/usr/sbin/postfix reload > /dev/null 2>&1
fi
ACC SHELL 2018