123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380
  1. #!/bin/sh
  2. #++
  3. # NAME
  4. # postfix-script 1
  5. # SUMMARY
  6. # execute Postfix administrative commands
  7. # SYNOPSIS
  8. # \fBpostfix-script\fR \fIcommand\fR
  9. # DESCRIPTION
  10. # The \fBpostfix-script\fR script executes Postfix administrative
  11. # commands in an environment that is set up by the \fBpostfix\fR(1)
  12. # command.
  13. # SEE ALSO
  14. # master(8) Postfix master program
  15. # postfix(1) Postfix administrative interface
  16. # LICENSE
  17. # .ad
  18. # .fi
  19. # The Secure Mailer license must be distributed with this software.
  20. # AUTHOR(S)
  21. # Wietse Venema
  22. # IBM T.J. Watson Research
  23. # P.O. Box 704
  24. # Yorktown Heights, NY 10598, USA
  25. #--
  26. # Avoid POSIX death due to SIGHUP when some parent process exits.
  27. trap '' 1
  28. case $daemon_directory in
  29. "") echo This script must be run by the postfix command. 1>&2
  30. echo Do not run directly. 1>&2
  31. exit 1
  32. esac
  33. LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script"
  34. INFO="$LOGGER -p info"
  35. WARN="$LOGGER -p warn"
  36. ERROR="$LOGGER -p error"
  37. FATAL="$LOGGER -p fatal"
  38. PANIC="$LOGGER -p panic"
  39. if [ "X${1#quiet-}" != "X${1}" ]; then
  40. INFO=:
  41. x=${1#quiet-}
  42. shift
  43. set -- $x "$@"
  44. fi
  45. umask 022
  46. SHELL=/bin/sh
  47. #
  48. # Can't do much without these in place.
  49. #
  50. cd $command_directory || {
  51. $FATAL no Postfix command directory $command_directory!
  52. exit 1
  53. }
  54. cd $daemon_directory || {
  55. $FATAL no Postfix daemon directory $daemon_directory!
  56. exit 1
  57. }
  58. test -f master || {
  59. $FATAL no Postfix master program $daemon_directory/master!
  60. exit 1
  61. }
  62. cd $config_directory || {
  63. $FATAL no Postfix configuration directory $config_directory!
  64. exit 1
  65. }
  66. cd $queue_directory || {
  67. $FATAL no Postfix queue directory $queue_directory!
  68. exit 1
  69. }
  70. def_config_directory=`$command_directory/postconf -dh config_directory` || {
  71. $FATAL cannot execute $command_directory/postconf!
  72. exit 1
  73. }
  74. # If this is a secondary instance, don't touch shared files.
  75. instances=`test ! -f $def_config_directory/main.cf ||
  76. $command_directory/postconf -c $def_config_directory \
  77. -h multi_instance_directories | sed 's/,/ /'` || {
  78. $FATAL cannot execute $command_directory/postconf!
  79. exit 1
  80. }
  81. check_shared_files=1
  82. for name in $instances
  83. do
  84. case "$name" in
  85. "$def_config_directory") ;;
  86. "$config_directory") check_shared_files=; break;;
  87. esac
  88. done
  89. #
  90. # Parse JCL
  91. #
  92. case $1 in
  93. start_msg)
  94. echo "Start postfix"
  95. ;;
  96. stop_msg)
  97. echo "Stop postfix"
  98. ;;
  99. quick-start)
  100. $daemon_directory/master -t 2>/dev/null || {
  101. $FATAL the Postfix mail system is already running
  102. exit 1
  103. }
  104. $daemon_directory/postfix-script quick-check || {
  105. $FATAL Postfix integrity check failed!
  106. exit 1
  107. }
  108. $INFO starting the Postfix mail system
  109. $daemon_directory/master &
  110. ;;
  111. start)
  112. $daemon_directory/master -t 2>/dev/null || {
  113. $FATAL the Postfix mail system is already running
  114. exit 1
  115. }
  116. if [ -f $queue_directory/quick-start ]
  117. then
  118. rm -f $queue_directory/quick-start
  119. else
  120. $daemon_directory/postfix-script check-fatal || {
  121. $FATAL Postfix integrity check failed!
  122. exit 1
  123. }
  124. # Foreground this so it can be stopped. All inodes are cached.
  125. $daemon_directory/postfix-script check-warn
  126. fi
  127. $INFO starting the Postfix mail system
  128. # NOTE: wait in foreground process to get the initialization status.
  129. $daemon_directory/master -w || {
  130. $FATAL "mail system startup failed"
  131. exit 1
  132. }
  133. ;;
  134. drain)
  135. $daemon_directory/master -t 2>/dev/null && {
  136. $FATAL the Postfix mail system is not running
  137. exit 1
  138. }
  139. $INFO stopping the Postfix mail system
  140. kill -9 `sed 1q pid/master.pid`
  141. ;;
  142. quick-stop)
  143. $daemon_directory/postfix-script stop
  144. touch $queue_directory/quick-start
  145. ;;
  146. stop)
  147. $daemon_directory/master -t 2>/dev/null && {
  148. $FATAL the Postfix mail system is not running
  149. exit 0
  150. }
  151. $INFO stopping the Postfix mail system
  152. kill `sed 1q pid/master.pid`
  153. for i in 5 4 3 2 1
  154. do
  155. $daemon_directory/master -t && exit 0
  156. $INFO waiting for the Postfix mail system to terminate
  157. sleep 1
  158. done
  159. $WARN stopping the Postfix mail system with force
  160. pid=`awk '{ print $1; exit 0 } END { exit 1 }' pid/master.pid` &&
  161. kill -9 -$pid
  162. ;;
  163. abort)
  164. $daemon_directory/master -t 2>/dev/null && {
  165. $FATAL the Postfix mail system is not running
  166. exit 0
  167. }
  168. $INFO aborting the Postfix mail system
  169. kill `sed 1q pid/master.pid`
  170. ;;
  171. reload)
  172. $daemon_directory/master -t 2>/dev/null && {
  173. $FATAL the Postfix mail system is not running
  174. exit 1
  175. }
  176. $INFO refreshing the Postfix mail system
  177. $command_directory/postsuper active || exit 1
  178. kill -HUP `sed 1q pid/master.pid`
  179. $command_directory/postsuper &
  180. ;;
  181. flush)
  182. cd $queue_directory || {
  183. $FATAL no Postfix queue directory $queue_directory!
  184. exit 1
  185. }
  186. $command_directory/postqueue -f
  187. ;;
  188. check)
  189. $daemon_directory/postfix-script check-fatal || exit 1
  190. $daemon_directory/postfix-script check-warn
  191. exit 0
  192. ;;
  193. status)
  194. $daemon_directory/master -t 2>/dev/null && {
  195. $INFO the Postfix mail system is not running
  196. exit 1
  197. }
  198. $INFO the Postfix mail system is running: PID: `sed 1q pid/master.pid`
  199. exit 0
  200. ;;
  201. quick-check)
  202. # This command is NOT part of the public interface.
  203. $SHELL $daemon_directory/post-install create-missing || {
  204. $WARN unable to create missing queue directories
  205. exit 1
  206. }
  207. # Look for incomplete installations.
  208. test -f $config_directory/master.cf || {
  209. $FATAL no $config_directory/master.cf file found
  210. exit 1
  211. }
  212. exit 0
  213. ;;
  214. check-fatal)
  215. # This command is NOT part of the public interface.
  216. $daemon_directory/postfix-script quick-check
  217. # See if all queue files are in the right place. This is slow.
  218. # We must scan all queues for mis-named queue files before the
  219. # mail system can run.
  220. $command_directory/postsuper || exit 1
  221. exit 0
  222. ;;
  223. check-warn)
  224. # This command is NOT part of the public interface.
  225. todo="$config_directory $queue_directory $queue_directory/pid"
  226. test -n "$check_shared_files" && todo="$daemon_directory $todo"
  227. for dir in $todo
  228. do
  229. ls -lLd $dir | (grep " root " >/dev/null ||
  230. $WARN not owned by root: $dir)
  231. done
  232. # Some people break Postfix's security model.
  233. ls -lLd $queue_directory | egrep '^.....(w|...w)' >/dev/null && \
  234. $WARN group or other writable: $queue_directory
  235. todo="$config_directory/*"
  236. test -n "$check_shared_files" && todo="$daemon_directory/* $todo"
  237. find $todo ! -user root \
  238. -exec $WARN not owned by root: {} \;
  239. todo="$config_directory/."
  240. test -n "$check_shared_files" && todo="$daemon_directory/. $todo"
  241. find $todo \
  242. \( -perm -020 -o -perm -002 \) -type f \
  243. -exec $WARN group or other writable: {} \;
  244. find $data_directory/. ! -user $mail_owner \
  245. -exec $WARN not owned by $mail_owner: {} \;
  246. ls -lLd $data_directory | egrep '^.....(w|...w)' >/dev/null && \
  247. $WARN group or other writable: $data_directory
  248. find `ls -d $queue_directory/* | \
  249. egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
  250. ! \( -type p -o -type s \) ! -user $mail_owner \
  251. -exec $WARN not owned by $mail_owner: {} \;
  252. todo="$queue_directory/public $queue_directory/maildrop"
  253. test -n "$check_shared_files" &&
  254. todo="$command_directory/postqueue $command_directory/postdrop $todo"
  255. find $todo \
  256. -prune ! -group $setgid_group \
  257. -exec $WARN not owned by group $setgid_group: {} \;
  258. test -n "$check_shared_files" &&
  259. find $command_directory/postqueue $command_directory/postdrop \
  260. -prune ! -perm -02111 \
  261. -exec $WARN not set-gid or not owner+group+world executable: {} \;
  262. for name in `ls -d $queue_directory/* | \
  263. egrep '/(bin|etc|lib|usr)$'` ; \
  264. do \
  265. find $name ! -user root \
  266. -exec $WARN not owned by root: {} \; ; \
  267. done
  268. # WARNING: this should not descend into the maildrop directory.
  269. # maildrop is the least trusted Postfix directory.
  270. find $queue_directory/maildrop/. -prune ! -user $mail_owner \
  271. -exec $WARN not owned by $mail_owner: $queue_directory/maildrop \;
  272. for dir in bin etc lib sbin usr
  273. do
  274. test -d $dir && find $dir -type f -print | while read path
  275. do
  276. test -f /$path && {
  277. cmp -s $path /$path ||
  278. $WARN $queue_directory/$path and /$path differ
  279. }
  280. done
  281. done
  282. find corrupt -type f -exec $WARN damaged message: {} \;
  283. # XXX also: look for weird stuff, weird permissions, etc.
  284. test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \
  285. -f /usr/lib/sendmail && {
  286. cmp -s /usr/sbin/sendmail /usr/lib/sendmail || {
  287. $WARN /usr/lib/sendmail and /usr/sbin/sendmail differ
  288. $WARN Replace one by a symbolic link to the other
  289. }
  290. }
  291. exit 0
  292. ;;
  293. set-permissions|upgrade-configuration)
  294. $daemon_directory/post-install create-missing "$@"
  295. ;;
  296. post-install)
  297. # Currently not part of the public interface.
  298. shift
  299. $daemon_directory/post-install "$@"
  300. ;;
  301. /*)
  302. # Currently not part of the public interface.
  303. "$@"
  304. ;;
  305. *)
  306. $ERROR "unknown command: '$1'"
  307. $FATAL "usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration)"
  308. exit 1
  309. ;;
  310. esac