xref: /netbsd-src/external/ibm-public/postfix/dist/conf/postfix-script (revision 6a493d6bc668897c91594964a732d38505b70cbb) 
1#!/bin/sh
2#	$NetBSD: postfix-script,v 1.1.1.3 2013/09/25 19:06:20 tron Exp $
3#
4
5#++
6# NAME
7#	postfix-script 1
8# SUMMARY
9#	execute Postfix administrative commands
10# SYNOPSIS
11#	\fBpostfix-script\fR \fIcommand\fR
12# DESCRIPTION
13#	The \fBpostfix-script\fR script executes Postfix administrative
14#	commands in an environment that is set up by the \fBpostfix\fR(1)
15#	command.
16# SEE ALSO
17#	master(8) Postfix master program
18#	postfix(1) Postfix administrative interface
19# LICENSE
20# .ad
21# .fi
22#	The Secure Mailer license must be distributed with this software.
23# AUTHOR(S)
24#	Wietse Venema
25#	IBM T.J. Watson Research
26#	P.O. Box 704
27#	Yorktown Heights, NY 10598, USA
28#--
29
30# Avoid POSIX death due to SIGHUP when some parent process exits.
31
32trap '' 1
33
34case $daemon_directory in
35"") echo This script must be run by the postfix command. 1>&2
36    echo Do not run directly. 1>&2
37    exit 1
38esac
39
40LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script"
41INFO="$LOGGER -p info"
42WARN="$LOGGER -p warn"
43ERROR="$LOGGER -p error"
44FATAL="$LOGGER -p fatal"
45PANIC="$LOGGER -p panic"
46
47umask 022
48SHELL=/bin/sh
49
50#
51# Can't do much without these in place.
52#
53cd $command_directory || {
54	$FATAL no Postfix command directory $command_directory!
55	exit 1
56}
57cd $daemon_directory || {
58	$FATAL no Postfix daemon directory $daemon_directory!
59	exit 1
60}
61test -f master || {
62	$FATAL no Postfix master program $daemon_directory/master!
63	exit 1
64}
65cd $config_directory || {
66	$FATAL no Postfix configuration directory $config_directory!
67	exit 1
68}
69cd $queue_directory || {
70	$FATAL no Postfix queue directory $queue_directory!
71	exit 1
72}
73def_config_directory=`$command_directory/postconf -dh config_directory` || {
74	$FATAL cannot execute $command_directory/postconf!
75	exit 1
76}
77
78# If this is a secondary instance, don't touch shared files.
79
80instances=`test ! -f $def_config_directory/main.cf ||
81    $command_directory/postconf -c $def_config_directory \
82    -h multi_instance_directories | sed 's/,/ /'` || {
83	$FATAL cannot execute $command_directory/postconf!
84	exit 1
85}
86
87check_shared_files=1
88for name in $instances
89do
90    case "$name" in
91    "$def_config_directory") ;;
92    "$config_directory") check_shared_files=; break;;
93    esac
94done
95
96#
97# Parse JCL
98#
99case $1 in
100
101start_msg)
102
103	echo "Start postfix"
104	;;
105
106stop_msg)
107
108	echo "Stop postfix"
109	;;
110
111start)
112
113	$daemon_directory/master -t 2>/dev/null || {
114		$FATAL the Postfix mail system is already running
115		exit 1
116	}
117	if [ -f $queue_directory/quick-start ]
118	then
119		rm -f $queue_directory/quick-start
120	else
121		$daemon_directory/postfix-script check-fatal || {
122			$FATAL Postfix integrity check failed!
123			exit 1
124		}
125		# Foreground this so it can be stopped. All inodes are cached.
126		$daemon_directory/postfix-script check-warn
127	fi
128	$INFO starting the Postfix mail system
129	# NOTE: wait in foreground process to get the initialization status.
130	$daemon_directory/master -w || {
131	    $FATAL "mail system startup failed"
132	    exit 1
133	}
134	;;
135
136drain)
137
138	$daemon_directory/master -t 2>/dev/null && {
139		$FATAL the Postfix mail system is not running
140		exit 1
141	}
142	$INFO stopping the Postfix mail system
143	kill -9 `sed 1q pid/master.pid`
144	;;
145
146quick-stop)
147
148	$daemon_directory/postfix-script stop
149	touch $queue_directory/quick-start
150	;;
151
152stop)
153
154	$daemon_directory/master -t 2>/dev/null && {
155		$FATAL the Postfix mail system is not running
156		exit 1
157	}
158	$INFO stopping the Postfix mail system
159	kill `sed 1q pid/master.pid`
160	for i in 5 4 3 2 1
161	do
162	    $daemon_directory/master -t && exit 0
163	    $INFO waiting for the Postfix mail system to terminate
164	    sleep 1
165	done
166	$WARN stopping the Postfix mail system with force
167	pid=`awk '{ print $1; exit 0 } END { exit 1 }' pid/master.pid` &&
168		kill -9 -$pid
169	;;
170
171abort)
172
173	$daemon_directory/master -t 2>/dev/null && {
174		$FATAL the Postfix mail system is not running
175		exit 1
176	}
177	$INFO aborting the Postfix mail system
178	kill `sed 1q pid/master.pid`
179	;;
180
181reload)
182
183	$daemon_directory/master -t 2>/dev/null && {
184		$FATAL the Postfix mail system is not running
185		exit 1
186	}
187	$INFO refreshing the Postfix mail system
188	$command_directory/postsuper active || exit 1
189	kill -HUP `sed 1q pid/master.pid`
190	$command_directory/postsuper &
191	;;
192
193flush)
194
195	cd $queue_directory || {
196		$FATAL no Postfix queue directory $queue_directory!
197		exit 1
198	}
199	$command_directory/postqueue -f
200	;;
201
202check)
203
204	$daemon_directory/postfix-script check-fatal || exit 1
205	$daemon_directory/postfix-script check-warn
206	exit 0
207	;;
208
209status)
210
211	$daemon_directory/master -t 2>/dev/null && {
212		$INFO the Postfix mail system is not running
213		exit 1
214	}
215	$INFO the Postfix mail system is running: PID: `sed 1q pid/master.pid`
216	exit 0
217	;;
218
219
220check-fatal)
221	# This command is NOT part of the public interface.
222
223	$SHELL $daemon_directory/post-install create-missing || {
224		$FATAL unable to create missing queue directories
225		exit 1
226	}
227
228	# Look for incomplete installations.
229
230	test -f $config_directory/master.cf || {
231		$FATAL no $config_directory/master.cf file found
232		exit 1
233	}
234
235	# See if all queue files are in the right place. This is slow.
236	# We must scan all queues for mis-named queue files before the
237	# mail system can run.
238
239	$command_directory/postsuper || exit 1
240	exit 0
241	;;
242
243check-warn)
244	# This command is NOT part of the public interface.
245
246	todo="$config_directory $queue_directory $queue_directory/pid"
247	test -n "$check_shared_files" && todo="$daemon_directory $todo"
248
249	for dir in $todo
250	do
251		ls -lLd $dir | (grep " root " >/dev/null ||
252		    $WARN not owned by root: $dir)
253	done
254
255	# Some people break Postfix's security model.
256	ls -lLd $queue_directory | egrep '^.....(w|...w)' >/dev/null && \
257		$WARN group or other writable: $queue_directory
258
259	todo="$config_directory/*"
260	test -n "$check_shared_files" && todo="$daemon_directory/* $todo"
261
262	find $todo ! -user root \
263		-exec $WARN not owned by root: {} \;
264
265	todo="$config_directory/."
266	test -n "$check_shared_files" && todo="$daemon_directory/. $todo"
267
268	find $todo \
269		\( -perm -020 -o -perm -002 \) -type f \
270		-exec $WARN group or other writable: {} \;
271
272	find $data_directory/. ! -user $mail_owner \
273	    -exec $WARN not owned by $mail_owner: {} \;
274
275	ls -lLd $data_directory | egrep '^.....(w|...w)' >/dev/null && \
276		$WARN group or other writable: $data_directory
277
278	find `ls -d $queue_directory/* | \
279	    egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
280	    ! \( -type p -o -type s \) ! -user $mail_owner \
281		-exec $WARN not owned by $mail_owner: {} \;
282
283	todo="$queue_directory/public $queue_directory/maildrop"
284	test -n "$check_shared_files" &&
285	   todo="$command_directory/postqueue $command_directory/postdrop $todo"
286
287	find $todo \
288	    -prune ! -group $setgid_group \
289	    -exec $WARN not owned by group $setgid_group: {} \;
290
291	test -n "$check_shared_files" &&
292	find $command_directory/postqueue $command_directory/postdrop \
293	    -prune ! -perm -02111 \
294	    -exec $WARN not set-gid or not owner+group+world executable: {} \;
295
296	for name in `ls -d $queue_directory/* | \
297	    egrep '/(bin|etc|lib|usr)$'` ; \
298	do \
299	    find $name ! -user root \
300		-exec $WARN not owned by root: {} \; ; \
301	done
302
303	# WARNING: this should not descend into the maildrop directory.
304	# maildrop is the least trusted Postfix directory.
305
306	find $queue_directory/maildrop/. -prune ! -user $mail_owner \
307	    -exec $WARN not owned by $mail_owner: $queue_directory/maildrop \;
308
309	for dir in bin etc lib sbin usr
310	do
311		test -d $dir && find $dir -type f -print | while read path
312		do
313			test -f /$path && {
314			    cmp -s $path /$path ||
315				$WARN $queue_directory/$path and /$path differ
316			}
317		done
318	done
319
320	find corrupt -type f -exec $WARN damaged message: {} \;
321
322	# XXX also: look for weird stuff, weird permissions, etc.
323
324	test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \
325		-f /usr/lib/sendmail && {
326	    cmp -s /usr/sbin/sendmail /usr/lib/sendmail || {
327		$WARN /usr/lib/sendmail and /usr/sbin/sendmail differ
328		$WARN Replace one by a symbolic link to the other
329	    }
330	}
331	exit 0
332	;;
333
334set-permissions|upgrade-configuration)
335	$daemon_directory/post-install create-missing "$@"
336	;;
337
338post-install)
339	# Currently not part of the public interface.
340	shift
341	$daemon_directory/post-install "$@"
342	;;
343
344/*)
345	# Currently not part of the public interface.
346	"$@"
347	;;
348
349*)
350	$ERROR "unknown command: '$1'"
351	$FATAL "usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration)"
352	exit 1
353	;;
354
355esac
356