1#!/bin/sh 2# $NetBSD: post-install,v 1.2 2017/02/14 01:16:43 christos Exp $ 3# 4 5# To view the formatted manual page of this file, type: 6# POSTFIXSOURCE/mantools/srctoman - post-install | nroff -man 7 8#++ 9# NAME 10# post-install 11# SUMMARY 12# Postfix post-installation script 13# SYNOPSIS 14# postfix post-install [name=value] command ... 15# DESCRIPTION 16# The post-install script performs the finishing touch of a Postfix 17# installation, after the executable programs and configuration 18# files are installed. Usage is one of the following: 19# .IP o 20# While installing Postfix from source code on the local machine, the 21# script is run by the postfix-install script to update selected file 22# or directory permissions and to update Postfix configuration files. 23# .IP o 24# While installing Postfix from a pre-built package, the script is run 25# by the package management procedure to set all file or directory 26# permissions and to update Postfix configuration files. 27# .IP o 28# The script can be used to change installation parameter settings such 29# as mail_owner or setgid_group after Postfix is already installed. 30# .IP o 31# The script can be used to upgrade configuration files and to upgrade 32# file/directory permissions of a secondary Postfix instance. 33# .IP o 34# At Postfix start-up time, the script is run from "postfix check" to 35# create missing queue directories. 36# .PP 37# The post-install script is controlled by installation parameters. 38# Specific parameters are described at the end of this document. 39# All installation parameters must be specified ahead of time via 40# one of the methods described below. 41# 42# Arguments 43# .IP create-missing 44# Create missing queue directories with ownerships and permissions 45# according to the contents of $meta_directory/postfix-files 46# and optionally in $meta_directory/postfix-files.d/*, using 47# the mail_owner and setgid_group parameter settings from the 48# command line, process environment or from the installed 49# main.cf file. 50# 51# This is required at Postfix start-up time. 52# .IP set-permissions 53# Set all file/directory ownerships and permissions according to the 54# contents of $meta_directory/postfix-files and optionally 55# in $meta_directory/postfix-files.d/*, using the mail_owner 56# and setgid_group parameter settings from the command line, 57# process environment or from the installed main.cf file. 58# Implies create-missing. 59# 60# This is required when installing Postfix from a pre-built package, 61# or when changing the mail_owner or setgid_group installation parameter 62# settings after Postfix is already installed. 63# .IP upgrade-permissions 64# Update ownership and permission of existing files/directories as 65# specified in $meta_directory/postfix-files and optionally 66# in $meta_directory/postfix-files.d/*, using the mail_owner 67# and setgid_group parameter settings from the command line, 68# process environment or from the installed main.cf file. 69# Implies create-missing. 70# 71# This is required when upgrading an existing Postfix instance. 72# .IP upgrade-configuration 73# Edit the installed main.cf and master.cf files, in order to account 74# for missing services and to fix deprecated parameter settings. 75# 76# This is required when upgrading an existing Postfix instance. 77# .IP upgrade-source 78# Short-hand for: upgrade-permissions upgrade-configuration. 79# 80# This is recommended when upgrading Postfix from source code. 81# .IP upgrade-package 82# Short-hand for: set-permissions upgrade-configuration. 83# 84# This is recommended when upgrading Postfix from a pre-built package. 85# .IP first-install-reminder 86# Remind the user that they still need to configure main.cf and the 87# aliases file, and that newaliases still needs to be run. 88# 89# This is recommended when Postfix is installed for the first time. 90# MULTIPLE POSTFIX INSTANCES 91# .ad 92# .fi 93# Multiple Postfix instances on the same machine can share command and 94# daemon program files but must have separate configuration and queue 95# directories. 96# 97# To create a secondary Postfix installation on the same machine, 98# copy the configuration files from the primary Postfix instance to 99# a secondary configuration directory and execute: 100# 101# postfix post-install config_directory=secondary-config-directory \e 102# .in +4 103# queue_directory=secondary-queue-directory \e 104# .br 105# create-missing 106# .PP 107# This creates secondary Postfix queue directories, sets their access 108# permissions, and saves the specified installation parameters to the 109# secondary main.cf file. 110# 111# Be sure to list the secondary configuration directory in the 112# alternate_config_directories parameter in the primary main.cf file. 113# 114# To upgrade a secondary Postfix installation on the same machine, 115# execute: 116# 117# postfix post-install config_directory=secondary-config-directory \e 118# .in +4 119# upgrade-permissions upgrade-configuration 120# INSTALLATION PARAMETER INPUT METHODS 121# .ad 122# .fi 123# Parameter settings can be specified through a variety of 124# mechanisms. In order of decreasing precedence these are: 125# .IP "command line" 126# Parameter settings can be given as name=value arguments on 127# the post-install command line. These have the highest precedence. 128# Settings that override the installed main.cf file are saved. 129# .IP "process environment" 130# Parameter settings can be given as name=value environment 131# variables. 132# Settings that override the installed main.cf file are saved. 133# .IP "installed configuration files" 134# If a parameter is not specified via the command line or via the 135# process environment, post-install will attempt to extract its 136# value from the already installed Postfix main.cf configuration file. 137# These settings have the lowest precedence. 138# INSTALLATION PARAMETER DESCRIPTION 139# .ad 140# .fi 141# The description of installation parameters is as follows: 142# .IP config_directory 143# The directory for Postfix configuration files. 144# .IP daemon_directory 145# The directory for Postfix daemon programs. This directory 146# should not be in the command search path of any users. 147# .IP command_directory 148# The directory for Postfix administrative commands. This 149# directory should be in the command search path of adminstrative users. 150# .IP queue_directory 151# The directory for Postfix queues. 152# .IP data_directory 153# The directory for Postfix writable data files (caches, etc.). 154# .IP sendmail_path 155# The full pathname for the Postfix sendmail command. 156# This is the Sendmail-compatible mail posting interface. 157# .IP newaliases_path 158# The full pathname for the Postfix newaliases command. 159# This is the Sendmail-compatible command to build alias databases 160# for the Postfix local delivery agent. 161# .IP mailq_path 162# The full pathname for the Postfix mailq command. 163# This is the Sendmail-compatible command to list the mail queue. 164# .IP mail_owner 165# The owner of the Postfix queue. Its numerical user ID and group ID 166# must not be used by any other accounts on the system. 167# .IP setgid_group 168# The group for mail submission and for queue management commands. 169# Its numerical group ID must not be used by any other accounts on the 170# system, not even by the mail_owner account. 171# .IP html_directory 172# The directory for the Postfix HTML files. 173# .IP manpage_directory 174# The directory for the Postfix on-line manual pages. 175# .IP sample_directory 176# The directory for the Postfix sample configuration files. 177# This feature is obsolete as of Postfix 2.1. 178# .IP readme_directory 179# The directory for the Postfix README files. 180# .IP shlib_directory 181# The directory for the Postfix shared-library files, and for 182# the Postfix dabatase plugin files with a relative pathname 183# in the file dynamicmaps.cf. 184# .IP meta_directory 185# The directory for non-executable files that are shared 186# among multiple Postfix instances, such as postfix-files, 187# dynamicmaps.cf, as well as the multi-instance template files 188# main.cf.proto and master.cf.proto. 189# SEE ALSO 190# postfix-install(1) Postfix primary installation script. 191# FILES 192# $config_directory/main.cf, Postfix installation parameters. 193# $meta_directory/postfix-files, installation control file. 194# $meta_directory/postfix-files.d/*, optional control files. 195# $config_directory/install.cf, obsolete configuration file. 196# LICENSE 197# .ad 198# .fi 199# The Secure Mailer license must be distributed with this software. 200# AUTHOR(S) 201# Wietse Venema 202# IBM T.J. Watson Research 203# P.O. Box 704 204# Yorktown Heights, NY 10598, USA 205#-- 206 207umask 022 208 209PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/usr/ucb:/usr/bsd 210SHELL=/bin/sh 211IFS=" 212" 213BACKUP_IFS="$IFS" 214debug=: 215#debug=echo 216MOST_PARAMETERS="command_directory daemon_directory data_directory 217 html_directory mail_owner mailq_path manpage_directory 218 newaliases_path queue_directory readme_directory sample_directory 219 sendmail_path setgid_group shlib_directory meta_directory" 220NON_SHARED="config_directory queue_directory data_directory" 221 222USAGE="Usage: $0 [name=value] command 223 create-missing Create missing queue directories. 224 upgrade-source When installing or upgrading from source code. 225 upgrade-package When installing or upgrading from pre-built package. 226 first-install-reminder Remind of mandatory first-time configuration steps. 227 name=value Specify an installation parameter". 228 229# Process command-line options and parameter settings. Work around 230# brain damaged shells. "IFS=value command" should not make the 231# IFS=value setting permanent. But some broken standard allows it. 232 233create=; set_perms=; upgrade_perms=; upgrade_conf=; first_install_reminder= 234obsolete=; keep_list=; 235 236for arg 237do 238 case $arg in 239 *[" "]*) echo $0: "Error: argument contains whitespace: '$arg'" 240 exit 1;; 241 *=*) IFS= eval $arg; IFS="$BACKUP_IFS";; 242 create-missing) create=1;; 243 set-perm*) create=1; set_perms=1;; 244 upgrade-perm*) create=1; upgrade_perms=1;; 245 upgrade-conf*) upgrade_conf=1;; 246 upgrade-source) create=1; upgrade_conf=1; upgrade_perms=1;; 247 upgrade-package) create=1; upgrade_conf=1; set_perms=1;; 248 first-install*) first_install_reminder=1;; 249 *) echo "$0: Error: $USAGE" 1>&2; exit 1;; 250 esac 251 shift 252done 253 254# Sanity checks. 255 256test -n "$create$upgrade_conf$first_install_reminder" || { 257 echo "$0: Error: $USAGE" 1>&2 258 exit 1 259} 260 261# Bootstrapping problem. 262 263if [ -n "$command_directory" ] 264then 265 POSTCONF="$command_directory/postconf" 266else 267 POSTCONF="postconf" 268fi 269 270$POSTCONF -d mail_version >/dev/null 2>/dev/null || { 271 echo $0: Error: no $POSTCONF command found. 1>&2 272 echo Re-run this command as $0 command_directory=/some/where. 1>&2 273 exit 1 274} 275 276# Also used to require license etc. files only in the default instance. 277 278def_config_directory=`$POSTCONF -d -h config_directory` || exit 1 279test -n "$config_directory" || 280 config_directory="$def_config_directory" 281 282test -d "$config_directory" || { 283 echo $0: Error: $config_directory is not a directory. 1>&2 284 exit 1 285} 286 287# If this is a secondary instance, don't touch shared files. 288# XXX Solaris does not have "test -e". 289 290instances=`test ! -f $def_config_directory/main.cf || 291 $POSTCONF -c $def_config_directory -h multi_instance_directories | 292 sed 's/,/ /'` || exit 1 293 294update_shared_files=1 295for name in $instances 296do 297 case "$name" in 298 "$def_config_directory") ;; 299 "$config_directory") update_shared_files=; break;; 300 esac 301done 302 303test -f $meta_directory/postfix-files || { 304 echo $0: Error: $meta_directory/postfix-files is not a file. 1>&2 305 exit 1 306} 307 308# SunOS5 fmt(1) truncates lines > 1000 characters. 309 310fake_fmt() { 311 sed ' 312 :top 313 /^\( *\)\([^ ][^ ]*\) */{ 314 s//\1\2\ 315\1/ 316 P 317 D 318 b top 319 } 320 ' | fmt 321} 322 323case `uname -s` in 324HP-UX*) FMT=cat;; 325SunOS*) FMT=fake_fmt;; 326 *) FMT=fmt;; 327esac 328 329# If a parameter is not set via the command line or environment, 330# try to use settings from installed configuration files. 331 332# Extract parameter settings from the obsolete install.cf file, as 333# a transitional aid. 334 335grep setgid_group $config_directory/main.cf >/dev/null 2>&1 || { 336 test -f $config_directory/install.cf && { 337 for name in sendmail_path newaliases_path mailq_path setgid manpages 338 do 339 eval junk=\$$name 340 case "$junk" in 341 "") eval unset $name;; 342 esac 343 eval : \${$name="\`. $config_directory/install.cf; echo \$$name\`"} \ 344 || exit 1 345 done 346 : ${setgid_group=$setgid} 347 : ${manpage_directory=$manpages} 348 } 349} 350 351# Extract parameter settings from the installed main.cf file. 352 353test -f $config_directory/main.cf && { 354 for name in $MOST_PARAMETERS 355 do 356 eval junk=\$$name 357 case "$junk" in 358 "") eval unset $name;; 359 esac 360 eval : \${$name=\`$POSTCONF -c $config_directory -h $name\`} || exit 1 361 done 362} 363 364# Sanity checks 365 366case $manpage_directory in 367 no) echo $0: Error: manpage_directory no longer accepts \"no\" values. 1>&2 368 echo Try again with \"$0 manpage_directory=/pathname ...\". 1>&2; exit 1;; 369esac 370 371case $setgid_group in 372 no) echo $0: Error: setgid_group no longer accepts \"no\" values. 1>&2 373 echo Try again with \"$0 setgid_group=groupname ...\" 1>&2; exit 1;; 374esac 375 376for path in "$daemon_directory" "$command_directory" "$queue_directory" \ 377 "$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory" \ 378 "$meta_directory" 379do 380 case "$path" in 381 /*) ;; 382 *) echo $0: Error: \"$path\" should be an absolute path name. 1>&2; exit 1;; 383 esac 384done 385 386for path in "$html_directory" "$readme_directory" "$shlib_directory" 387do 388 case "$path" in 389 /*) ;; 390 no) ;; 391 *) echo $0: Error: \"$path\" should be \"no\" or an absolute path name. 1>&2; exit 1;; 392 esac 393done 394 395# Find out what parameters were not specified via command line, 396# via environment, or via installed configuration files. 397 398missing= 399for name in $MOST_PARAMETERS 400do 401 eval test -n \"\$$name\" || missing="$missing $name" 402done 403 404# All parameters must be specified at this point. 405 406test -n "$non_interactive" -a -n "$missing" && { 407 cat <<EOF | ${FMT} 1>&2 408$0: Error: some required installation parameters are not defined. 409 410- Either the parameters need to be given in the $config_directory/main.cf 411file from a recent Postfix installation, 412 413- Or the parameters need to be specified through the process 414environment. 415 416- Or the parameters need to be specified as name=value arguments 417on the $0 command line, 418 419The following parameters were missing: 420 421 $missing 422 423EOF 424 exit 1 425} 426 427POSTCONF="$command_directory/postconf" 428 429# Save settings, allowing command line/environment override. 430 431# Undo MAIL_VERSION expansion at the end of a parameter value. If 432# someone really wants the expanded mail version in main.cf, then 433# we're sorry. 434 435# Confine side effects from mail_version unexpansion within a subshell. 436 437(case "$mail_version" in 438"") mail_version="`$POSTCONF -dhx mail_version`" || exit 1 439esac 440 441for name in $MOST_PARAMETERS 442do 443 eval junk=\$$name 444 case "$junk" in 445 *"$mail_version"*) 446 case "$pattern" in 447 "") pattern=`echo "$mail_version" | sed 's/\./\\\\./g'` || exit 1 448 esac 449 val=`echo "$junk" | sed "s/$pattern"'$/${mail_version}/g'` || exit 1 450 eval ${name}='"$val"' 451 esac 452done 453 454# XXX Maybe update main.cf only with first install, upgrade, set 455# permissions, and what else? Should there be a warning otherwise? 456 457override= 458for name in $MOST_PARAMETERS 459do 460 eval junk=\"\$$name\" 461 test "$junk" = "`$POSTCONF -c $config_directory -h $name`" || { 462 override=1 463 break 464 } 465done 466 467test -n "$override" && { 468 $POSTCONF -c $config_directory -e \ 469 "daemon_directory = $daemon_directory" \ 470 "command_directory = $command_directory" \ 471 "queue_directory = $queue_directory" \ 472 "data_directory = $data_directory" \ 473 "mail_owner = $mail_owner" \ 474 "setgid_group = $setgid_group" \ 475 "sendmail_path = $sendmail_path" \ 476 "mailq_path = $mailq_path" \ 477 "newaliases_path = $newaliases_path" \ 478 "html_directory = $html_directory" \ 479 "manpage_directory = $manpage_directory" \ 480 "sample_directory = $sample_directory" \ 481 "readme_directory = $readme_directory" \ 482 "shlib_directory = $shlib_directory" \ 483 "meta_directory = $meta_directory" \ 484 || exit 1 485} || exit 0) || exit 1 486 487# Use file/directory status information in $meta_directory/postfix-files. 488 489test -n "$create" && { 490 postfix_files_d=$meta_directory/postfix-files.d 491 for postfix_file in $meta_directory/postfix-files \ 492 `test -d $postfix_files_d && { find $postfix_files_d -type f | sort; }` 493 do 494 exec <$postfix_file || exit 1 495 while IFS=: read path type owner group mode flags junk 496 do 497 IFS="$BACKUP_IFS" 498 set_permission= 499 # Skip comments. Skip shared files, if updating a secondary instance. 500 case $path in 501 [$]*) case "$update_shared_files" in 502 1) $debug keep non-shared or shared $path;; 503 *) non_shared= 504 for name in $NON_SHARED 505 do 506 case $path in 507 "\$$name"*) non_shared=1; break;; 508 esac 509 done 510 case "$non_shared" in 511 1) $debug keep non-shared $path;; 512 *) $debug skip shared $path; continue;; 513 esac;; 514 esac;; 515 *) continue;; 516 esac 517 # Skip hard links and symbolic links. 518 case $type in 519 [hl]) continue;; 520 [df]) ;; 521 *) echo unknown type $type for $path in $postfix_file 1>&2; exit 1;; 522 esac 523 # Expand $name, and canonicalize null fields. 524 for name in path owner group flags 525 do 526 eval junk=\${$name} 527 case $junk in 528 [$]*) eval $name=$junk;; 529 -) eval $name=;; 530 *) ;; 531 esac 532 done 533 # Skip uninstalled files. 534 case $path in 535 no|no/*) continue;; 536 esac 537 # Pick up the flags. 538 case $flags in *u*) upgrade_flag=1;; *) upgrade_flag=;; esac 539 case $flags in *c*) create_flag=1;; *) create_flag=;; esac 540 case $flags in *r*) recursive="-R";; *) recursive=;; esac 541 case $flags in *o*) obsolete_flag=1;; *) obsolete_flag=;; esac 542 case $flags in *[1i]*) test ! -r "$path" -a "$config_directory" != \ 543 "$def_config_directory" && continue;; esac 544 # Flag obsolete objects. XXX Solaris 2..9 does not have "test -e". 545 if [ -n "$obsolete_flag" ] 546 then 547 test -r $path -a "$type" != "d" && obsolete="$obsolete $path" 548 continue; 549 else 550 keep_list="$keep_list $path" 551 fi 552 # Create missing directories with proper owner/group/mode settings. 553 if [ -n "$create" -a "$type" = "d" -a -n "$create_flag" -a ! -d "$path" ] 554 then 555 mkdir $path || exit 1 556 set_permission=1 557 # Update all owner/group/mode settings. 558 elif [ -n "$set_perms" ] 559 then 560 set_permission=1 561 # Update obsolete owner/group/mode settings. 562 elif [ -n "$upgrade_perms" -a -n "$upgrade_flag" ] 563 then 564 set_permission=1 565 fi 566 test -n "$set_permission" && { 567 chown $recursive $owner $path || exit 1 568 test -z "$group" || chgrp $recursive $group $path || exit 1 569 # Don't "chmod -R"; queue file status is encoded in mode bits. 570 if [ "$type" = "d" -a -n "$recursive" ] 571 then 572 find $path -type d -exec chmod $mode "{}" ";" 573 else 574 chmod $mode $path 575 fi || exit 1 576 } 577 done 578 IFS="$BACKUP_IFS" 579 done 580} 581 582# Upgrade existing Postfix configuration files if necessary. 583 584test -n "$upgrade_conf" && { 585 586 # Postfix 2.0. 587 # Add missing relay service to master.cf. 588 589 grep '^relay' $config_directory/master.cf >/dev/null || { 590 echo Editing $config_directory/master.cf, adding missing entry for relay service 591 cat >>$config_directory/master.cf <<EOF || exit 1 592relay unix - - n - - smtp 593EOF 594 } 595 596 # Postfix 1.1. 597 # Add missing flush service to master.cf. 598 599 grep '^flush.*flush' $config_directory/master.cf >/dev/null || { 600 echo Editing $config_directory/master.cf, adding missing entry for flush service 601 cat >>$config_directory/master.cf <<EOF || exit 1 602flush unix - - n 1000? 0 flush 603EOF 604 } 605 606 # Postfix 2.1. 607 # Add missing trace service to master.cf. 608 609 grep 'trace.*bounce' $config_directory/master.cf >/dev/null || { 610 echo Editing $config_directory/master.cf, adding missing entry for trace service 611 cat >>$config_directory/master.cf <<EOF || exit 1 612trace unix - - n - 0 bounce 613EOF 614 } 615 616 # Postfix 2.1. 617 # Add missing verify service to master.cf. 618 619 grep '^verify.*verify' $config_directory/master.cf >/dev/null || { 620 echo Editing $config_directory/master.cf, adding missing entry for verify service 621 cat >>$config_directory/master.cf <<EOF || exit 1 622verify unix - - n - 1 verify 623EOF 624 } 625 626 # Postfix 2.1. 627 # Fix verify service process limit. 628 629 grep '^verify.*[ ]0[ ]*verify' \ 630 $config_directory/master.cf >/dev/null && { 631 echo Editing $config_directory/master.cf, setting verify process limit to 1 632 ed $config_directory/master.cf <<EOF || exit 1 633/^verify.*[ ]0[ ]*verify/ 634s/\([ ]\)0\([ ]\)/\11\2/ 635p 636w 637q 638EOF 639 } 640 641 # Postfix 1.1. 642 # Change privileged pickup service into unprivileged. 643 644 grep "^pickup[ ]*fifo[ ]*n[ ]*n" \ 645 $config_directory/master.cf >/dev/null && { 646 echo Editing $config_directory/master.cf, making the pickup service unprivileged 647 ed $config_directory/master.cf <<EOF || exit 1 648/^pickup[ ]*fifo[ ]*n[ ]*n/ 649s/\(n[ ]*\)n/\1-/ 650p 651w 652q 653EOF 654 } 655 656 # Postfix 1.1. 657 # Change private cleanup and flush services into public. 658 659 for name in cleanup flush 660 do 661 grep "^$name[ ]*unix[ ]*[-y]" \ 662 $config_directory/master.cf >/dev/null && { 663 echo Editing $config_directory/master.cf, making the $name service public 664 ed $config_directory/master.cf <<EOF || exit 1 665/^$name[ ]*unix[ ]*[-y]/ 666s/[-y]/n/ 667p 668w 669q 670EOF 671 } 672 done 673 674 # Postfix 2.2. 675 # File systems have improved since Postfix came out, and all we 676 # require now is that defer and deferred are hashed because those 677 # can contain lots of files. 678 679 found=`$POSTCONF -c $config_directory -h hash_queue_names` 680 missing= 681 (echo "$found" | grep defer >/dev/null) || missing="$missing defer" 682 (echo "$found" | grep deferred>/dev/null)|| missing="$missing deferred" 683 test -n "$missing" && { 684 echo fixing main.cf hash_queue_names for missing $missing 685 $POSTCONF -c $config_directory -e hash_queue_names="$found$missing" || 686 exit 1 687 } 688 689 # Turn on safety nets for new features that could bounce mail that 690 # would be accepted by a previous Postfix version. 691 692 # [The "unknown_local_recipient_reject_code = 450" safety net, 693 # introduced with Postfix 2.0 and deleted after Postfix 2.3.] 694 695 # Postfix 2.0. 696 # Add missing proxymap service to master.cf. 697 698 grep '^proxymap.*proxymap' $config_directory/master.cf >/dev/null || { 699 echo Editing $config_directory/master.cf, adding missing entry for proxymap service 700 cat >>$config_directory/master.cf <<EOF || exit 1 701proxymap unix - - n - - proxymap 702EOF 703 } 704 705 # Postfix 2.1. 706 # Add missing anvil service to master.cf. 707 708 grep '^anvil.*anvil' $config_directory/master.cf >/dev/null || { 709 echo Editing $config_directory/master.cf, adding missing entry for anvil service 710 cat >>$config_directory/master.cf <<EOF || exit 1 711anvil unix - - n - 1 anvil 712EOF 713 } 714 715 # Postfix 2.2. 716 # Add missing scache service to master.cf. 717 718 grep '^scache.*scache' $config_directory/master.cf >/dev/null || { 719 echo Editing $config_directory/master.cf, adding missing entry for scache service 720 cat >>$config_directory/master.cf <<EOF || exit 1 721scache unix - - n - 1 scache 722EOF 723 } 724 725 # Postfix 2.2. 726 # Add missing discard service to master.cf. 727 728 grep '^discard.*discard' $config_directory/master.cf >/dev/null || { 729 echo Editing $config_directory/master.cf, adding missing entry for discard service 730 cat >>$config_directory/master.cf <<EOF || exit 1 731discard unix - - n - - discard 732EOF 733 } 734 735 # Postfix 2.2. 736 # Update the tlsmgr fifo->unix service. 737 738 grep "^tlsmgr[ ]*fifo[ ]" \ 739 $config_directory/master.cf >/dev/null && { 740 echo Editing $config_directory/master.cf, updating the tlsmgr from fifo to unix service 741 ed $config_directory/master.cf <<EOF || exit 1 742/^tlsmgr[ ]*fifo[ ]/ 743s/fifo/unix/ 744s/[0-9][0-9]*/&?/ 745p 746w 747q 748EOF 749 } 750 751 # Postfix 2.2. 752 # Add missing tlsmgr service to master.cf. 753 754 grep '^tlsmgr.*tlsmgr' $config_directory/master.cf >/dev/null || { 755 echo Editing $config_directory/master.cf, adding missing entry for tlsmgr service 756 cat >>$config_directory/master.cf <<EOF || exit 1 757tlsmgr unix - - n 1000? 1 tlsmgr 758EOF 759 } 760 761 # Postfix 2.2. 762 # Add missing retry service to master.cf. 763 764 grep '^retry.*error' $config_directory/master.cf >/dev/null || { 765 echo Editing $config_directory/master.cf, adding missing entry for retry service 766 cat >>$config_directory/master.cf <<EOF || exit 1 767retry unix - - n - - error 768EOF 769 } 770 771 # Postfix 2.5. 772 # Add missing proxywrite service to master.cf. 773 774 grep '^proxywrite.*proxymap' $config_directory/master.cf >/dev/null || { 775 echo Editing $config_directory/master.cf, adding missing entry for proxywrite service 776 cat >>$config_directory/master.cf <<EOF || exit 1 777proxywrite unix - - n - 1 proxymap 778EOF 779 } 780 781 # Postfix 2.5. 782 # Fix a typo in the default master.cf proxywrite entry. 783 784 grep '^proxywrite.*-[ ]*proxymap' $config_directory/master.cf >/dev/null && { 785 echo Editing $config_directory/master.cf, setting proxywrite process limit to 1 786 ed $config_directory/master.cf <<EOF || exit 1 787/^proxywrite.*-[ ]*proxymap/ 788s/-\([ ]*proxymap\)/1\1/ 789p 790w 791q 792EOF 793 } 794 795 # Postfix 2.8. 796 # Add missing postscreen service to master.cf. 797 798 grep '^#*smtp.*postscreen' $config_directory/master.cf >/dev/null || { 799 echo Editing $config_directory/master.cf, adding missing entry for postscreen TCP service 800 cat >>$config_directory/master.cf <<EOF || exit 1 801#smtp inet n - n - 1 postscreen 802EOF 803 } 804 805 # Postfix 2.8. 806 # Add missing smtpd (unix-domain) service to master.cf. 807 808 grep '^#*smtpd.*smtpd' $config_directory/master.cf >/dev/null || { 809 echo Editing $config_directory/master.cf, adding missing entry for smtpd unix-domain service 810 cat >>$config_directory/master.cf <<EOF || exit 1 811#smtpd pass - - n - - smtpd 812EOF 813 } 814 815 # Postfix 2.8. 816 # Add temporary dnsblog (unix-domain) service to master.cf. 817 818 grep '^#*dnsblog.*dnsblog' $config_directory/master.cf >/dev/null || { 819 echo Editing $config_directory/master.cf, adding missing entry for dnsblog unix-domain service 820 cat >>$config_directory/master.cf <<EOF || exit 1 821#dnsblog unix - - n - 0 dnsblog 822EOF 823 } 824 825 # Postfix 2.8. 826 # Add tlsproxy (unix-domain) service to master.cf. 827 828 grep '^#*tlsproxy.*tlsproxy' $config_directory/master.cf >/dev/null || { 829 echo Editing $config_directory/master.cf, adding missing entry for tlsproxy unix-domain service 830 cat >>$config_directory/master.cf <<EOF || exit 1 831#tlsproxy unix - - n - 0 tlsproxy 832EOF 833 } 834 835 # Report (but do not remove) obsolete files. 836 837 test -n "$obsolete" && { 838 cat <<EOF | ${FMT} 839 840 Note: the following files or directories still exist but are 841 no longer part of Postfix: 842 843 $obsolete 844 845EOF 846 } 847 848 # Postfix 2.9. 849 # Safety net for incompatible changes in IPv6 defaults. 850 # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO AVOID AN 851 # UNEXPECTED DROP IN PERFORMANCE AFTER UPGRADING FROM POSTFIX 852 # BEFORE 2.9. 853 # This code assumes that the default is "inet_protocols = ipv4" 854 # when IPv6 support is not compiled in. See util/sys_defs.h. 855 856 test "`$POSTCONF -dh inet_protocols`" = "ipv4" || 857 test -n "`$POSTCONF -c $config_directory -n inet_protocols`" || { 858 cat <<EOF | ${FMT} 859 COMPATIBILITY: editing $config_directory/main.cf, setting 860 inet_protocols=ipv4. Specify inet_protocols explicitly if you 861 want to enable IPv6. 862 In a future release IPv6 will be enabled by default. 863EOF 864 $POSTCONF -c $config_directory inet_protocols=ipv4 || exit 1 865 } 866 867# Disabled because unhelpful down-stream maintainers disable the safety net. 868# # Postfix 2.10. 869# # Safety net for incompatible changes due to the introduction 870# # of the smtpd_relay_restrictions feature to separate the 871# # mail relay policy from the spam blocking policy. 872# # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO PREVENT 873# # INBOUND MAIL FROM UNEXPECTEDLY BOUNCING AFTER UPGRADING FROM 874# # POSTFIX BEFORE 2.10. 875# test -n "`$POSTCONF -c $config_directory -n smtpd_relay_restrictions`" || { 876# cat <<EOF | ${FMT} 877# COMPATIBILITY: editing $config_directory/main.cf, overriding 878# smtpd_relay_restrictions to prevent inbound mail from 879# unexpectedly bouncing. 880# Specify an empty smtpd_relay_restrictions value to keep using 881# smtpd_recipient_restrictions as before. 882#EOF 883# $POSTCONF -c $config_directory "smtpd_relay_restrictions = \ 884# permit_mynetworks permit_sasl_authenticated \ 885# defer_unauth_destination" || exit 1 886# } 887} 888 889# A reminder if this is the first time Postfix is being installed. 890 891test -n "$first_install_reminder" && { 892 893 ALIASES=`$POSTCONF -c $config_directory -h alias_database | sed 's/^[^:]*://'` 894 NEWALIASES_PATH=`$POSTCONF -c $config_directory -h newaliases_path` 895 cat <<EOF | ${FMT} 896 897 Warning: you still need to edit myorigin/mydestination/mynetworks 898 parameter settings in $config_directory/main.cf. 899 900 See also http://www.postfix.org/STANDARD_CONFIGURATION_README.html 901 for information about dialup sites or about sites inside a 902 firewalled network. 903 904 BTW: Check your $ALIASES file and be sure to set up aliases 905 that send mail for root and postmaster to a real person, then 906 run $NEWALIASES_PATH. 907 908EOF 909 910} 911 912exit 0 913