1 /* $NetBSD: postlock.c,v 1.1.1.2 2013/01/02 18:59:03 tron Exp $ */ 2 3 /*++ 4 /* NAME 5 /* postlock 1 6 /* SUMMARY 7 /* lock mail folder and execute command 8 /* SYNOPSIS 9 /* .fi 10 /* \fBpostlock\fR [\fB-c \fIconfig_dir\fB] [\fB-l \fIlock_style\fB] 11 /* [\fB-v\fR] \fIfile command...\fR 12 /* DESCRIPTION 13 /* The \fBpostlock\fR(1) command locks \fIfile\fR for exclusive 14 /* access, and executes \fIcommand\fR. The locking method is 15 /* compatible with the Postfix UNIX-style local delivery agent. 16 /* 17 /* Options: 18 /* .IP "\fB-c \fIconfig_dir\fR" 19 /* Read the \fBmain.cf\fR configuration file in the named directory 20 /* instead of the default configuration directory. 21 /* .IP "\fB-l \fIlock_style\fR" 22 /* Override the locking method specified via the 23 /* \fBmailbox_delivery_lock\fR configuration parameter (see below). 24 /* .IP \fB-v\fR 25 /* Enable verbose logging for debugging purposes. Multiple \fB-v\fR 26 /* options make the software increasingly verbose. 27 /* .PP 28 /* Arguments: 29 /* .IP \fIfile\fR 30 /* A mailbox file. The user should have read/write permission. 31 /* .IP \fIcommand...\fR 32 /* The command to execute while \fIfile\fR is locked for exclusive 33 /* access. The command is executed directly, i.e. without 34 /* interpretation by a shell command interpreter. 35 /* DIAGNOSTICS 36 /* The result status is 75 (EX_TEMPFAIL) when \fBpostlock\fR(1) 37 /* could not perform the requested operation. Otherwise, the 38 /* exit status is the exit status from the command. 39 /* BUGS 40 /* With remote file systems, the ability to acquire a lock does not 41 /* necessarily eliminate access conflicts. Avoid file access by 42 /* processes running on different machines. 43 /* ENVIRONMENT 44 /* .ad 45 /* .fi 46 /* .IP \fBMAIL_CONFIG\fR 47 /* Directory with Postfix configuration files. 48 /* .IP \fBMAIL_VERBOSE\fR 49 /* Enable verbose logging for debugging purposes. 50 /* CONFIGURATION PARAMETERS 51 /* .ad 52 /* .fi 53 /* The following \fBmain.cf\fR parameters are especially relevant to 54 /* this program. 55 /* The text below provides only a parameter summary. See 56 /* \fBpostconf\fR(5) for more details including examples. 57 /* LOCKING CONTROLS 58 /* .ad 59 /* .fi 60 /* .IP "\fBdeliver_lock_attempts (20)\fR" 61 /* The maximal number of attempts to acquire an exclusive lock on a 62 /* mailbox file or \fBbounce\fR(8) logfile. 63 /* .IP "\fBdeliver_lock_delay (1s)\fR" 64 /* The time between attempts to acquire an exclusive lock on a mailbox 65 /* file or \fBbounce\fR(8) logfile. 66 /* .IP "\fBstale_lock_time (500s)\fR" 67 /* The time after which a stale exclusive mailbox lockfile is removed. 68 /* .IP "\fBmailbox_delivery_lock (see 'postconf -d' output)\fR" 69 /* How to lock a UNIX-style \fBlocal\fR(8) mailbox before attempting delivery. 70 /* RESOURCE AND RATE CONTROLS 71 /* .ad 72 /* .fi 73 /* .IP "\fBfork_attempts (5)\fR" 74 /* The maximal number of attempts to fork() a child process. 75 /* .IP "\fBfork_delay (1s)\fR" 76 /* The delay between attempts to fork() a child process. 77 /* MISCELLANEOUS CONTROLS 78 /* .ad 79 /* .fi 80 /* .IP "\fBconfig_directory (see 'postconf -d' output)\fR" 81 /* The default location of the Postfix main.cf and master.cf 82 /* configuration files. 83 /* SEE ALSO 84 /* postconf(5), configuration parameters 85 /* LICENSE 86 /* .ad 87 /* .fi 88 /* The Secure Mailer license must be distributed with this software. 89 /* AUTHOR(S) 90 /* Wietse Venema 91 /* IBM T.J. Watson Research 92 /* P.O. Box 704 93 /* Yorktown Heights, NY 10598, USA 94 /*--*/ 95 96 /* System library. */ 97 98 #include <sys_defs.h> 99 #include <sys/stat.h> 100 #include <sys/wait.h> 101 #include <stdlib.h> 102 #include <unistd.h> 103 #include <fcntl.h> 104 #include <errno.h> 105 106 /* Utility library. */ 107 108 #include <msg.h> 109 #include <vstring.h> 110 #include <vstream.h> 111 #include <msg_vstream.h> 112 #include <iostuff.h> 113 #include <warn_stat.h> 114 115 /* Global library. */ 116 117 #include <mail_params.h> 118 #include <mail_version.h> 119 #include <dot_lockfile.h> 120 #include <deliver_flock.h> 121 #include <mail_conf.h> 122 #include <sys_exits.h> 123 #include <mbox_conf.h> 124 #include <mbox_open.h> 125 #include <dsn_util.h> 126 127 /* Application-specific. */ 128 129 /* usage - explain */ 130 131 static NORETURN usage(char *myname) 132 { 133 msg_fatal("usage: %s [-c config_dir] [-l lock_style] [-v] folder command...", myname); 134 } 135 136 /* fatal_exit - all failures are deemed recoverable */ 137 138 static void fatal_exit(void) 139 { 140 exit(EX_TEMPFAIL); 141 } 142 143 MAIL_VERSION_STAMP_DECLARE; 144 145 /* main - go for it */ 146 147 int main(int argc, char **argv) 148 { 149 DSN_BUF *why; 150 char *folder; 151 char **command; 152 int ch; 153 int fd; 154 struct stat st; 155 int count; 156 WAIT_STATUS_T status; 157 pid_t pid; 158 int lock_mask; 159 char *lock_style = 0; 160 MBOX *mp; 161 162 /* 163 * Fingerprint executables and core dumps. 164 */ 165 MAIL_VERSION_STAMP_ALLOCATE; 166 167 /* 168 * Be consistent with file permissions. 169 */ 170 umask(022); 171 172 /* 173 * To minimize confusion, make sure that the standard file descriptors 174 * are open before opening anything else. XXX Work around for 44BSD where 175 * fstat can return EBADF on an open file descriptor. 176 */ 177 for (fd = 0; fd < 3; fd++) 178 if (fstat(fd, &st) == -1 179 && (close(fd), open("/dev/null", O_RDWR, 0)) != fd) 180 msg_fatal("open /dev/null: %m"); 181 182 /* 183 * Process environment options as early as we can. We are not set-uid, 184 * and we are supposed to be running in a controlled environment. 185 */ 186 if (getenv(CONF_ENV_VERB)) 187 msg_verbose = 1; 188 189 /* 190 * Set up logging and error handling. Intercept fatal exits so we can 191 * return a distinguished exit status. 192 */ 193 msg_vstream_init(argv[0], VSTREAM_ERR); 194 msg_cleanup(fatal_exit); 195 196 /* 197 * Parse JCL. 198 */ 199 while ((ch = GETOPT(argc, argv, "c:l:v")) > 0) { 200 switch (ch) { 201 default: 202 usage(argv[0]); 203 break; 204 case 'c': 205 if (setenv(CONF_ENV_PATH, optarg, 1) < 0) 206 msg_fatal("out of memory"); 207 break; 208 case 'l': 209 lock_style = optarg; 210 break; 211 case 'v': 212 msg_verbose++; 213 break; 214 } 215 } 216 if (optind + 2 > argc) 217 usage(argv[0]); 218 folder = argv[optind]; 219 command = argv + optind + 1; 220 221 /* 222 * Read the config file. The command line lock style can override the 223 * configured lock style. 224 */ 225 mail_conf_read(); 226 lock_mask = mbox_lock_mask(lock_style ? lock_style : 227 get_mail_conf_str(VAR_MAILBOX_LOCK, DEF_MAILBOX_LOCK, 1, 0)); 228 229 /* 230 * Lock the folder for exclusive access. Lose the lock upon exit. The 231 * command is not supposed to disappear into the background. 232 */ 233 why = dsb_create(); 234 if ((mp = mbox_open(folder, O_APPEND | O_WRONLY | O_CREAT, 235 S_IRUSR | S_IWUSR, (struct stat *) 0, 236 -1, -1, lock_mask, "5.2.0", why)) == 0) 237 msg_fatal("open file %s: %s", folder, vstring_str(why->reason)); 238 dsb_free(why); 239 240 /* 241 * Run the command. Remove the lock after completion. 242 */ 243 for (count = 1; (pid = fork()) == -1; count++) { 244 msg_warn("fork %s: %m", command[0]); 245 if (count >= var_fork_tries) { 246 mbox_release(mp); 247 exit(EX_TEMPFAIL); 248 } 249 sleep(var_fork_delay); 250 } 251 switch (pid) { 252 case 0: 253 (void) msg_cleanup((MSG_CLEANUP_FN) 0); 254 execvp(command[0], command); 255 msg_fatal("execvp %s: %m", command[0]); 256 default: 257 if (waitpid(pid, &status, 0) < 0) 258 msg_fatal("waitpid: %m"); 259 vstream_fclose(mp->fp); 260 mbox_release(mp); 261 exit(WIFEXITED(status) ? WEXITSTATUS(status) : 1); 262 } 263 } 264