xref: /netbsd-src/external/ibm-public/postfix/dist/conf/postfix-script (revision c2f76ff004a2cb67efe5b12d97bd3ef7fe89e18d) 
1#!/bin/sh
2#	$NetBSD: postfix-script,v 1.1.1.2 2010/06/17 18:06:08 tron Exp $
3#
4
5#++
6# NAME
7#	postfix-script 1
8# SUMMARY
9#	execute Postfix administrative commands
10# SYNOPSIS
11#	\fBpostfix-script\fR \fIcommand\fR
12# DESCRIPTION
13#	The \fBpostfix-script\fR script executes Postfix administrative
14#	commands in an environment that is set up by the \fBpostfix\fR(1)
15#	command.
16# SEE ALSO
17#	master(8) Postfix master program
18#	postfix(1) Postfix administrative interface
19# LICENSE
20# .ad
21# .fi
22#	The Secure Mailer license must be distributed with this software.
23# AUTHOR(S)
24#	Wietse Venema
25#	IBM T.J. Watson Research
26#	P.O. Box 704
27#	Yorktown Heights, NY 10598, USA
28#--
29
30# Avoid POSIX death due to SIGHUP when some parent process exits.
31
32trap '' 1
33
34case $daemon_directory in
35"") echo This script must be run by the postfix command. 1>&2
36    echo Do not run directly. 1>&2
37    exit 1
38esac
39
40LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script"
41INFO="$LOGGER -p info"
42WARN="$LOGGER -p warn"
43ERROR="$LOGGER -p error"
44FATAL="$LOGGER -p fatal"
45PANIC="$LOGGER -p panic"
46
47umask 022
48SHELL=/bin/sh
49
50#
51# Can't do much without these in place.
52#
53cd $command_directory || {
54	$FATAL no Postfix command directory $command_directory!
55	exit 1
56}
57cd $daemon_directory || {
58	$FATAL no Postfix daemon directory $daemon_directory!
59	exit 1
60}
61test -f master || {
62	$FATAL no Postfix master program $daemon_directory/master!
63	exit 1
64}
65cd $config_directory || {
66	$FATAL no Postfix configuration directory $config_directory!
67	exit 1
68}
69cd $queue_directory || {
70	$FATAL no Postfix queue directory $queue_directory!
71	exit 1
72}
73def_config_directory=`$command_directory/postconf -dh config_directory` || {
74	$FATAL cannot execute $command_directory/postconf!
75	exit 1
76}
77
78# If this is a secondary instance, don't touch shared files.
79
80instances=`test ! -f $def_config_directory/main.cf ||
81    $command_directory/postconf -c $def_config_directory \
82    -h multi_instance_directories | sed 's/,/ /'` || {
83	$FATAL cannot execute $command_directory/postconf!
84	exit 1
85}
86
87check_shared_files=1
88for name in $instances
89do
90    case "$name" in
91    "$def_config_directory") ;;
92    "$config_directory") check_shared_files=; break;;
93    esac
94done
95
96#
97# Parse JCL
98#
99case $1 in
100
101start_msg)
102
103	echo "Start postfix"
104	;;
105
106stop_msg)
107
108	echo "Stop postfix"
109	;;
110
111start)
112
113	$daemon_directory/master -t 2>/dev/null || {
114		$FATAL the Postfix mail system is already running
115		exit 1
116	}
117	if [ -f $queue_directory/quick-start ]
118	then
119		rm -f $queue_directory/quick-start
120	else
121		$daemon_directory/postfix-script check-fatal || {
122			$FATAL Postfix integrity check failed!
123			exit 1
124		}
125		# Foreground this so it can be stopped. All inodes are cached.
126		$daemon_directory/postfix-script check-warn
127	fi
128	$INFO starting the Postfix mail system
129	$daemon_directory/master &
130	;;
131
132drain)
133
134	$daemon_directory/master -t 2>/dev/null && {
135		$FATAL the Postfix mail system is not running
136		exit 1
137	}
138	$INFO stopping the Postfix mail system
139	kill -9 `sed 1q pid/master.pid`
140	;;
141
142quick-stop)
143
144	$daemon_directory/postfix-script stop
145	touch $queue_directory/quick-start
146	;;
147
148stop)
149
150	$daemon_directory/master -t 2>/dev/null && {
151		$FATAL the Postfix mail system is not running
152		exit 1
153	}
154	$INFO stopping the Postfix mail system
155	kill `sed 1q pid/master.pid`
156	for i in 5 4 3 2 1
157	do
158	    $daemon_directory/master -t && exit 0
159	    $INFO waiting for the Postfix mail system to terminate
160	    sleep 1
161	done
162	$WARN stopping the Postfix mail system with force
163	pid=`awk '{ print $1; exit 0 } END { exit 1 }' pid/master.pid` &&
164		kill -9 -$pid
165	;;
166
167abort)
168
169	$daemon_directory/master -t 2>/dev/null && {
170		$FATAL the Postfix mail system is not running
171		exit 1
172	}
173	$INFO aborting the Postfix mail system
174	kill `sed 1q pid/master.pid`
175	;;
176
177reload)
178
179	$daemon_directory/master -t 2>/dev/null && {
180		$FATAL the Postfix mail system is not running
181		exit 1
182	}
183	$INFO refreshing the Postfix mail system
184	$command_directory/postsuper active || exit 1
185	kill -HUP `sed 1q pid/master.pid`
186	$command_directory/postsuper &
187	;;
188
189flush)
190
191	cd $queue_directory || {
192		$FATAL no Postfix queue directory $queue_directory!
193		exit 1
194	}
195	$command_directory/postqueue -f
196	;;
197
198check)
199
200	$daemon_directory/postfix-script check-fatal || exit 1
201	$daemon_directory/postfix-script check-warn
202	exit 0
203	;;
204
205status)
206
207	$daemon_directory/master -t 2>/dev/null && {
208		$INFO the Postfix mail system is not running
209		exit 1
210	}
211	$INFO the Postfix mail system is running: PID: `sed 1q pid/master.pid`
212	exit 0
213	;;
214
215
216check-fatal)
217	# This command is NOT part of the public interface.
218
219	$SHELL $daemon_directory/post-install create-missing || {
220		$FATAL unable to create missing queue directories
221		exit 1
222	}
223
224	# Look for incomplete installations.
225
226	test -f $config_directory/master.cf || {
227		$FATAL no $config_directory/master.cf file found
228		exit 1
229	}
230
231	# See if all queue files are in the right place. This is slow.
232	# We must scan all queues for mis-named queue files before the
233	# mail system can run.
234
235	$command_directory/postsuper || exit 1
236	exit 0
237	;;
238
239check-warn)
240	# This command is NOT part of the public interface.
241
242	todo="$config_directory $queue_directory $queue_directory/pid"
243	test -n "$check_shared_files" && todo="$daemon_directory $todo"
244
245	for dir in $todo
246	do
247		ls -lLd $dir | (grep " root " >/dev/null ||
248		    $WARN not owned by root: $dir)
249	done
250
251	# Some people break Postfix's security model.
252	ls -lLd $queue_directory | egrep '^.....(w|...w)' >/dev/null && \
253		$WARN group or other writable: $queue_directory
254
255	todo="$config_directory/*"
256	test -n "$check_shared_files" && todo="$daemon_directory/* $todo"
257
258	find $todo ! -user root \
259		-exec $WARN not owned by root: {} \;
260
261	todo="$config_directory/."
262	test -n "$check_shared_files" && todo="$daemon_directory/. $todo"
263
264	find $todo \
265		\( -perm -020 -o -perm -002 \) -type f \
266		-exec $WARN group or other writable: {} \;
267
268	find $data_directory/. ! -user $mail_owner \
269	    -exec $WARN not owned by $mail_owner: {} \;
270
271	ls -lLd $data_directory | egrep '^.....(w|...w)' >/dev/null && \
272		$WARN group or other writable: $data_directory
273
274	find `ls -d $queue_directory/* | \
275	    egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
276	    ! \( -type p -o -type s \) ! -user $mail_owner \
277		-exec $WARN not owned by $mail_owner: {} \;
278
279	todo="$queue_directory/public $queue_directory/maildrop"
280	test -n "$check_shared_files" &&
281	   todo="$command_directory/postqueue $command_directory/postdrop $todo"
282
283	find $todo \
284	    -prune ! -group $setgid_group \
285	    -exec $WARN not owned by group $setgid_group: {} \;
286
287	test -n "$check_shared_files" &&
288	find $command_directory/postqueue $command_directory/postdrop \
289	    -prune ! -perm -02111 \
290	    -exec $WARN not set-gid or not owner+group+world executable: {} \;
291
292	for name in `ls -d $queue_directory/* | \
293	    egrep '/(bin|etc|lib|usr)$'` ; \
294	do \
295	    find $name ! -user root \
296		-exec $WARN not owned by root: {} \; ; \
297	done
298
299	# WARNING: this should not descend into the maildrop directory.
300	# maildrop is the least trusted Postfix directory.
301
302	find $queue_directory/maildrop/. -prune ! -user $mail_owner \
303	    -exec $WARN not owned by $mail_owner: $queue_directory/maildrop \;
304
305	for dir in bin etc lib sbin usr
306	do
307		test -d $dir && find $dir -type f -print | while read path
308		do
309			test -f /$path && {
310			    cmp -s $path /$path ||
311				$WARN $queue_directory/$path and /$path differ
312			}
313		done
314	done
315
316	find corrupt -type f -exec $WARN damaged message: {} \;
317
318	# XXX also: look for weird stuff, weird permissions, etc.
319
320	test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \
321		-f /usr/lib/sendmail && {
322	    cmp -s /usr/sbin/sendmail /usr/lib/sendmail || {
323		$WARN /usr/lib/sendmail and /usr/sbin/sendmail differ
324		$WARN Replace one by a symbolic link to the other
325	    }
326	}
327	exit 0
328	;;
329
330set-permissions|upgrade-configuration)
331	$daemon_directory/post-install create-missing "$@"
332	;;
333
334post-install)
335	# Currently not part of the public interface.
336	shift
337	$daemon_directory/post-install "$@"
338	;;
339
340/*)
341	# Currently not part of the public interface.
342	"$@"
343	;;
344
345*)
346	$ERROR "unknown command: '$1'"
347	$FATAL "usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration)"
348	exit 1
349	;;
350
351esac
352