Patrick Welche <prlw1@cam.ac.uk>
[netbsd-mini2440.git] / external / ibm-public / postfix / dist / conf / postfix-script
blob6c36a427b0adaea6433e24f94b74b8486ba5cc3f
1 #!/bin/sh
2 # $NetBSD$
5 #++
6 # NAME
7 # postfix-script 1
8 # SUMMARY
9 # execute Postfix administrative commands
10 # SYNOPSIS
11 # \fBpostfix-script\fR \fIcommand\fR
12 # DESCRIPTION
13 # The \fBpostfix-script\fR script executes Postfix administrative
14 # commands in an environment that is set up by the \fBpostfix\fR(1)
15 # command.
16 # SEE ALSO
17 # master(8) Postfix master program
18 # postfix(1) Postfix administrative interface
19 # LICENSE
20 # .ad
21 # .fi
22 # The Secure Mailer license must be distributed with this software.
23 # AUTHOR(S)
24 # Wietse Venema
25 # IBM T.J. Watson Research
26 # P.O. Box 704
27 # Yorktown Heights, NY 10598, USA
28 #--
30 # Avoid POSIX death due to SIGHUP when some parent process exits.
32 trap '' 1
34 case $daemon_directory in
35 "") echo This script must be run by the postfix command. 1>&2
36 echo Do not run directly. 1>&2
37 exit 1
38 esac
40 LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script"
41 INFO="$LOGGER -p info"
42 WARN="$LOGGER -p warn"
43 ERROR="$LOGGER -p error"
44 FATAL="$LOGGER -p fatal"
45 PANIC="$LOGGER -p panic"
47 umask 022
48 SHELL=/bin/sh
51 # Can't do much without these in place.
53 cd $command_directory || {
54 $FATAL no Postfix command directory $command_directory!
55 exit 1
57 cd $daemon_directory || {
58 $FATAL no Postfix daemon directory $daemon_directory!
59 exit 1
61 test -f master || {
62 $FATAL no Postfix master program $daemon_directory/master!
63 exit 1
65 cd $config_directory || {
66 $FATAL no Postfix configuration directory $config_directory!
67 exit 1
69 cd $queue_directory || {
70 $FATAL no Postfix queue directory $queue_directory!
71 exit 1
73 def_config_directory=`$command_directory/postconf -dh config_directory` || {
74 $FATAL cannot execute $command_directory/postconf!
75 exit 1
78 # If this is a secondary instance, don't touch shared files.
80 instances=`test ! -f $def_config_directory/main.cf ||
81 $command_directory/postconf -c $def_config_directory \
82 -h multi_instance_directories | sed 's/,/ /'` || {
83 $FATAL cannot execute $command_directory/postconf!
84 exit 1
87 check_shared_files=1
88 for name in $instances
90 case "$name" in
91 "$def_config_directory") ;;
92 "$config_directory") check_shared_files=; break;;
93 esac
94 done
97 # Parse JCL
99 case $1 in
101 start_msg)
103 echo "Start postfix"
106 stop_msg)
108 echo "Stop postfix"
111 start)
113 $daemon_directory/master -t 2>/dev/null || {
114 $FATAL the Postfix mail system is already running
115 exit 1
117 if [ -f $queue_directory/quick-start ]
118 then
119 rm -f $queue_directory/quick-start
120 else
121 $daemon_directory/postfix-script check-fatal || {
122 $FATAL Postfix integrity check failed!
123 exit 1
125 # Foreground this so it can be stopped. All inodes are cached.
126 $daemon_directory/postfix-script check-warn
128 $INFO starting the Postfix mail system
129 $daemon_directory/master &
132 drain)
134 $daemon_directory/master -t 2>/dev/null && {
135 $FATAL the Postfix mail system is not running
136 exit 1
138 $INFO stopping the Postfix mail system
139 kill -9 `sed 1q pid/master.pid`
142 quick-stop)
144 $daemon_directory/postfix-script stop
145 touch $queue_directory/quick-start
148 stop)
150 $daemon_directory/master -t 2>/dev/null && {
151 $FATAL the Postfix mail system is not running
152 exit 1
154 $INFO stopping the Postfix mail system
155 kill `sed 1q pid/master.pid`
156 for i in 5 4 3 2 1
158 $daemon_directory/master -t && exit 0
159 $INFO waiting for the Postfix mail system to terminate
160 sleep 1
161 done
162 $WARN stopping the Postfix mail system with force
163 pid=`awk '{ print $1; exit 0 } END { exit 1 }' pid/master.pid` &&
164 kill -9 -$pid
167 abort)
169 $daemon_directory/master -t 2>/dev/null && {
170 $FATAL the Postfix mail system is not running
171 exit 1
173 $INFO aborting the Postfix mail system
174 kill `sed 1q pid/master.pid`
177 reload)
179 $daemon_directory/master -t 2>/dev/null && {
180 $FATAL the Postfix mail system is not running
181 exit 1
183 $INFO refreshing the Postfix mail system
184 $command_directory/postsuper active || exit 1
185 kill -HUP `sed 1q pid/master.pid`
186 $command_directory/postsuper &
189 flush)
191 cd $queue_directory || {
192 $FATAL no Postfix queue directory $queue_directory!
193 exit 1
195 $command_directory/postqueue -f
198 check)
200 $daemon_directory/postfix-script check-fatal || exit 1
201 $daemon_directory/postfix-script check-warn
202 exit 0
205 status)
207 $daemon_directory/master -t 2>/dev/null && {
208 $INFO the Postfix mail system is not running
209 exit 1
211 $INFO the Postfix mail system is running: PID: `sed 1q pid/master.pid`
212 exit 0
216 check-fatal)
217 # This command is NOT part of the public interface.
219 $SHELL $daemon_directory/post-install create-missing || {
220 $FATAL unable to create missing queue directories
221 exit 1
224 # Look for incomplete installations.
226 test -f $config_directory/master.cf || {
227 $FATAL no $config_directory/master.cf file found
228 exit 1
231 # See if all queue files are in the right place. This is slow.
232 # We must scan all queues for mis-named queue files before the
233 # mail system can run.
235 $command_directory/postsuper || exit 1
236 exit 0
239 check-warn)
240 # This command is NOT part of the public interface.
242 todo="$config_directory $queue_directory $queue_directory/pid"
243 test -n "$check_shared_files" && todo="$daemon_directory $todo"
245 for dir in $todo
247 ls -lLd $dir | (grep " root " >/dev/null ||
248 $WARN not owned by root: $dir)
249 done
251 # Some people break Postfix's security model.
252 ls -lLd $queue_directory | egrep '^.....(w|...w)' >/dev/null && \
253 $WARN group or other writable: $queue_directory
255 todo="$config_directory/*"
256 test -n "$check_shared_files" && todo="$daemon_directory/* $todo"
258 find $todo ! -user root \
259 -exec $WARN not owned by root: {} \;
261 todo="$config_directory/."
262 test -n "$check_shared_files" && todo="$daemon_directory/. $todo"
264 find $todo \
265 \( -perm -020 -o -perm -002 \) -type f \
266 -exec $WARN group or other writable: {} \;
268 find $data_directory/. ! -user $mail_owner \
269 -exec $WARN not owned by $mail_owner: {} \;
271 find `ls -d $queue_directory/* | \
272 egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
273 ! \( -type p -o -type s \) ! -user $mail_owner \
274 -exec $WARN not owned by $mail_owner: {} \;
276 todo="$queue_directory/public $queue_directory/maildrop"
277 test -n "$check_shared_files" &&
278 todo="$command_directory/postqueue $command_directory/postdrop $todo"
280 find $todo \
281 -prune ! -group $setgid_group \
282 -exec $WARN not owned by group $setgid_group: {} \;
284 test -n "$check_shared_files" &&
285 find $command_directory/postqueue $command_directory/postdrop \
286 -prune ! -perm -02111 \
287 -exec $WARN not set-gid or not owner+group+world executable: {} \;
289 for name in `ls -d $queue_directory/* | \
290 egrep '/(bin|etc|lib|usr)$'` ; \
291 do \
292 find $name ! -user root \
293 -exec $WARN not owned by root: {} \; ; \
294 done
296 # WARNING: this should not descend into the maildrop directory.
297 # maildrop is the least trusted Postfix directory.
299 find $queue_directory/maildrop/. -prune ! -user $mail_owner \
300 -exec $WARN not owned by $mail_owner: $queue_directory/maildrop \;
302 for dir in bin etc lib sbin usr
304 test -d $dir && find $dir -type f -print | while read path
306 test -f /$path && {
307 cmp -s $path /$path ||
308 $WARN $queue_directory/$path and /$path differ
310 done
311 done
313 find corrupt -type f -exec $WARN damaged message: {} \;
315 # XXX also: look for weird stuff, weird permissions, etc.
317 test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \
318 -f /usr/lib/sendmail && {
319 cmp -s /usr/sbin/sendmail /usr/lib/sendmail || {
320 $WARN /usr/lib/sendmail and /usr/sbin/sendmail differ
321 $WARN Replace one by a symbolic link to the other
324 exit 0
327 set-permissions|upgrade-configuration)
328 $daemon_directory/post-install create-missing "$@"
331 post-install)
332 # Currently not part of the public interface.
333 shift
334 $daemon_directory/post-install "$@"
338 # Currently not part of the public interface.
339 "$@"
343 $ERROR "unknown command: '$1'"
344 $FATAL "usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration)"
345 exit 1
348 esac