1#!/bin/sh 2# $NetBSD: post-install,v 1.4 2022/10/08 16:12:43 christos Exp $ 3# 4 5# To view the formatted manual page of this file, type: 6# POSTFIXSOURCE/mantools/srctoman - post-install | nroff -man 7 8#++ 9# NAME 10# post-install 11# SUMMARY 12# Postfix post-installation script 13# SYNOPSIS 14# postfix post-install [name=value] command ... 15# DESCRIPTION 16# The post-install script performs the finishing touch of a Postfix 17# installation, after the executable programs and configuration 18# files are installed. Usage is one of the following: 19# .IP o 20# While installing Postfix from source code on the local machine, the 21# script is run by the postfix-install script to update selected file 22# or directory permissions and to update Postfix configuration files. 23# .IP o 24# While installing Postfix from a pre-built package, the script is run 25# by the package management procedure to set all file or directory 26# permissions and to update Postfix configuration files. 27# .IP o 28# The script can be used to change installation parameter settings such 29# as mail_owner or setgid_group after Postfix is already installed. 30# .IP o 31# The script can be used to upgrade configuration files and to upgrade 32# file/directory permissions of a secondary Postfix instance. 33# .IP o 34# At Postfix start-up time, the script is run from "postfix check" to 35# create missing queue directories. 36# .PP 37# The post-install script is controlled by installation parameters. 38# Specific parameters are described at the end of this document. 39# All installation parameters must be specified ahead of time via 40# one of the methods described below. 41# 42# Arguments 43# .IP create-missing 44# Create missing queue directories with ownerships and permissions 45# according to the contents of $meta_directory/postfix-files 46# and optionally in $meta_directory/postfix-files.d/*, using 47# the mail_owner and setgid_group parameter settings from the 48# command line, process environment or from the installed 49# main.cf file. 50# 51# This is required at Postfix start-up time. 52# .IP set-permissions 53# Set all file/directory ownerships and permissions according to the 54# contents of $meta_directory/postfix-files and optionally 55# in $meta_directory/postfix-files.d/*, using the mail_owner 56# and setgid_group parameter settings from the command line, 57# process environment or from the installed main.cf file. 58# Implies create-missing. 59# 60# This is required when installing Postfix from a pre-built package, 61# or when changing the mail_owner or setgid_group installation parameter 62# settings after Postfix is already installed. 63# .IP upgrade-permissions 64# Update ownership and permission of existing files/directories as 65# specified in $meta_directory/postfix-files and optionally 66# in $meta_directory/postfix-files.d/*, using the mail_owner 67# and setgid_group parameter settings from the command line, 68# process environment or from the installed main.cf file. 69# Implies create-missing. 70# 71# This is required when upgrading an existing Postfix instance. 72# .IP upgrade-configuration 73# Edit the installed main.cf and master.cf files, in order to account 74# for missing services and to fix deprecated parameter settings. 75# 76# This is required when upgrading an existing Postfix instance. 77# .IP upgrade-source 78# Short-hand for: upgrade-permissions upgrade-configuration. 79# 80# This is recommended when upgrading Postfix from source code. 81# .IP upgrade-package 82# Short-hand for: set-permissions upgrade-configuration. 83# 84# This is recommended when upgrading Postfix from a pre-built package. 85# .IP first-install-reminder 86# Remind the user that they still need to configure main.cf and the 87# aliases file, and that newaliases still needs to be run. 88# 89# This is recommended when Postfix is installed for the first time. 90# MULTIPLE POSTFIX INSTANCES 91# .ad 92# .fi 93# Multiple Postfix instances on the same machine can share command and 94# daemon program files but must have separate configuration and queue 95# directories. 96# 97# To create a secondary Postfix installation on the same machine, 98# copy the configuration files from the primary Postfix instance to 99# a secondary configuration directory and execute: 100# 101# postfix post-install config_directory=secondary-config-directory \e 102# .in +4 103# queue_directory=secondary-queue-directory \e 104# .br 105# create-missing 106# .PP 107# This creates secondary Postfix queue directories, sets their access 108# permissions, and saves the specified installation parameters to the 109# secondary main.cf file. 110# 111# Be sure to list the secondary configuration directory in the 112# alternate_config_directories parameter in the primary main.cf file. 113# 114# To upgrade a secondary Postfix installation on the same machine, 115# execute: 116# 117# postfix post-install config_directory=secondary-config-directory \e 118# .in +4 119# upgrade-permissions upgrade-configuration 120# INSTALLATION PARAMETER INPUT METHODS 121# .ad 122# .fi 123# Parameter settings can be specified through a variety of 124# mechanisms. In order of decreasing precedence these are: 125# .IP "command line" 126# Parameter settings can be given as name=value arguments on 127# the post-install command line. These have the highest precedence. 128# Settings that override the installed main.cf file are saved. 129# .IP "process environment" 130# Parameter settings can be given as name=value environment 131# variables. 132# Settings that override the installed main.cf file are saved. 133# .IP "installed configuration files" 134# If a parameter is not specified via the command line or via the 135# process environment, post-install will attempt to extract its 136# value from the already installed Postfix main.cf configuration file. 137# These settings have the lowest precedence. 138# INSTALLATION PARAMETER DESCRIPTION 139# .ad 140# .fi 141# The description of installation parameters is as follows: 142# .IP config_directory 143# The directory for Postfix configuration files. 144# .IP daemon_directory 145# The directory for Postfix daemon programs. This directory 146# should not be in the command search path of any users. 147# .IP command_directory 148# The directory for Postfix administrative commands. This 149# directory should be in the command search path of administrative users. 150# .IP queue_directory 151# The directory for Postfix queues. 152# .IP data_directory 153# The directory for Postfix writable data files (caches, etc.). 154# .IP sendmail_path 155# The full pathname for the Postfix sendmail command. 156# This is the Sendmail-compatible mail posting interface. 157# .IP newaliases_path 158# The full pathname for the Postfix newaliases command. 159# This is the Sendmail-compatible command to build alias databases 160# for the Postfix local delivery agent. 161# .IP mailq_path 162# The full pathname for the Postfix mailq command. 163# This is the Sendmail-compatible command to list the mail queue. 164# .IP mail_owner 165# The owner of the Postfix queue. Its numerical user ID and group ID 166# must not be used by any other accounts on the system. 167# .IP setgid_group 168# The group for mail submission and for queue management commands. 169# Its numerical group ID must not be used by any other accounts on the 170# system, not even by the mail_owner account. 171# .IP html_directory 172# The directory for the Postfix HTML files. 173# .IP manpage_directory 174# The directory for the Postfix on-line manual pages. 175# .IP sample_directory 176# The directory for the Postfix sample configuration files. 177# This feature is obsolete as of Postfix 2.1. 178# .IP readme_directory 179# The directory for the Postfix README files. 180# .IP shlib_directory 181# The directory for the Postfix shared-library files, and for 182# the Postfix dabatase plugin files with a relative pathname 183# in the file dynamicmaps.cf. 184# .IP meta_directory 185# The directory for non-executable files that are shared 186# among multiple Postfix instances, such as postfix-files, 187# dynamicmaps.cf, as well as the multi-instance template files 188# main.cf.proto and master.cf.proto. 189# SEE ALSO 190# postfix-install(1) Postfix primary installation script. 191# FILES 192# $config_directory/main.cf, Postfix installation parameters. 193# $meta_directory/postfix-files, installation control file. 194# $meta_directory/postfix-files.d/*, optional control files. 195# $config_directory/install.cf, obsolete configuration file. 196# LICENSE 197# .ad 198# .fi 199# The Secure Mailer license must be distributed with this software. 200# AUTHOR(S) 201# Wietse Venema 202# IBM T.J. Watson Research 203# P.O. Box 704 204# Yorktown Heights, NY 10598, USA 205# 206# Wietse Venema 207# Google, Inc. 208# 111 8th Avenue 209# New York, NY 10011, USA 210#-- 211 212umask 022 213 214PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/usr/ucb:/usr/bsd 215SHELL=/bin/sh 216IFS=" 217" 218BACKUP_IFS="$IFS" 219debug=: 220#debug=echo 221MOST_PARAMETERS="command_directory daemon_directory data_directory 222 html_directory mail_owner mailq_path manpage_directory 223 newaliases_path queue_directory readme_directory sample_directory 224 sendmail_path setgid_group shlib_directory meta_directory" 225NON_SHARED="config_directory queue_directory data_directory" 226 227USAGE="Usage: $0 [name=value] command 228 create-missing Create missing queue directories. 229 upgrade-source When installing or upgrading from source code. 230 upgrade-package When installing or upgrading from pre-built package. 231 first-install-reminder Remind of mandatory first-time configuration steps. 232 name=value Specify an installation parameter". 233 234# Process command-line options and parameter settings. Work around 235# brain damaged shells. "IFS=value command" should not make the 236# IFS=value setting permanent. But some broken standard allows it. 237 238create=; set_perms=; upgrade_perms=; upgrade_conf=; first_install_reminder= 239obsolete=; keep_list=; 240 241for arg 242do 243 case $arg in 244 *[" "]*) echo $0: "Error: argument contains whitespace: '$arg'" 245 exit 1;; 246 *=*) IFS= eval $arg; IFS="$BACKUP_IFS";; 247 create-missing) create=1;; 248 set-perm*) create=1; set_perms=1;; 249 upgrade-perm*) create=1; upgrade_perms=1;; 250 upgrade-conf*) upgrade_conf=1;; 251 upgrade-source) create=1; upgrade_conf=1; upgrade_perms=1;; 252 upgrade-package) create=1; upgrade_conf=1; set_perms=1;; 253 first-install*) first_install_reminder=1;; 254 *) echo "$0: Error: $USAGE" 1>&2; exit 1;; 255 esac 256 shift 257done 258 259# Sanity checks. 260 261test -n "$create$upgrade_conf$first_install_reminder" || { 262 echo "$0: Error: $USAGE" 1>&2 263 exit 1 264} 265 266# Bootstrapping problem. 267 268if [ -n "$command_directory" ] 269then 270 POSTCONF="$command_directory/postconf" 271else 272 POSTCONF="postconf" 273fi 274 275$POSTCONF -d mail_version >/dev/null 2>/dev/null || { 276 echo $0: Error: no $POSTCONF command found. 1>&2 277 echo Re-run this command as $0 command_directory=/some/where. 1>&2 278 exit 1 279} 280 281# Also used to require license etc. files only in the default instance. 282 283def_config_directory=`$POSTCONF -d -h config_directory` || exit 1 284test -n "$config_directory" || 285 config_directory="$def_config_directory" 286 287test -d "$config_directory" || { 288 echo $0: Error: $config_directory is not a directory. 1>&2 289 exit 1 290} 291 292# If this is a secondary instance, don't touch shared files. 293# XXX Solaris does not have "test -e". 294 295instances=`test ! -f $def_config_directory/main.cf || 296 $POSTCONF -c $def_config_directory -h multi_instance_directories | 297 sed 's/,/ /'` || exit 1 298 299update_shared_files=1 300for name in $instances 301do 302 case "$name" in 303 "$def_config_directory") ;; 304 "$config_directory") update_shared_files=; break;; 305 esac 306done 307 308test -f $meta_directory/postfix-files || { 309 echo $0: Error: $meta_directory/postfix-files is not a file. 1>&2 310 exit 1 311} 312 313# SunOS5 fmt(1) truncates lines > 1000 characters. 314 315fake_fmt() { 316 sed ' 317 :top 318 /^\( *\)\([^ ][^ ]*\) */{ 319 s//\1\2\ 320\1/ 321 P 322 D 323 b top 324 } 325 ' | fmt 326} 327 328case `uname -s` in 329HP-UX*) FMT=cat;; 330SunOS*) FMT=fake_fmt;; 331 *) FMT=fmt;; 332esac 333 334# If a parameter is not set via the command line or environment, 335# try to use settings from installed configuration files. 336 337# Extract parameter settings from the obsolete install.cf file, as 338# a transitional aid. 339 340grep setgid_group $config_directory/main.cf >/dev/null 2>&1 || { 341 test -f $config_directory/install.cf && { 342 for name in sendmail_path newaliases_path mailq_path setgid manpages 343 do 344 eval junk=\$$name 345 case "$junk" in 346 "") eval unset $name;; 347 esac 348 eval : \${$name="\`. $config_directory/install.cf; echo \$$name\`"} \ 349 || exit 1 350 done 351 : ${setgid_group=$setgid} 352 : ${manpage_directory=$manpages} 353 } 354} 355 356# Extract parameter settings from the installed main.cf file. 357 358test -f $config_directory/main.cf && { 359 for name in $MOST_PARAMETERS 360 do 361 eval junk=\$$name 362 case "$junk" in 363 "") eval unset $name;; 364 esac 365 eval : \${$name=\`$POSTCONF -c $config_directory -h $name\`} || exit 1 366 done 367} 368 369# Sanity checks 370 371case $manpage_directory in 372 no) echo $0: Error: manpage_directory no longer accepts \"no\" values. 1>&2 373 echo Try again with \"$0 manpage_directory=/pathname ...\". 1>&2; exit 1;; 374esac 375 376case $setgid_group in 377 no) echo $0: Error: setgid_group no longer accepts \"no\" values. 1>&2 378 echo Try again with \"$0 setgid_group=groupname ...\" 1>&2; exit 1;; 379esac 380 381for path in "$daemon_directory" "$command_directory" "$queue_directory" \ 382 "$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory" \ 383 "$meta_directory" 384do 385 case "$path" in 386 /*) ;; 387 *) echo $0: Error: \"$path\" should be an absolute path name. 1>&2; exit 1;; 388 esac 389done 390 391for path in "$html_directory" "$readme_directory" "$shlib_directory" 392do 393 case "$path" in 394 /*) ;; 395 no) ;; 396 *) echo $0: Error: \"$path\" should be \"no\" or an absolute path name. 1>&2; exit 1;; 397 esac 398done 399 400# Find out what parameters were not specified via command line, 401# via environment, or via installed configuration files. 402 403missing= 404for name in $MOST_PARAMETERS 405do 406 eval test -n \"\$$name\" || missing="$missing $name" 407done 408 409# All parameters must be specified at this point. 410 411test -n "$non_interactive" -a -n "$missing" && { 412 cat <<EOF | ${FMT} 1>&2 413$0: Error: some required installation parameters are not defined. 414 415- Either the parameters need to be given in the $config_directory/main.cf 416file from a recent Postfix installation, 417 418- Or the parameters need to be specified through the process 419environment. 420 421- Or the parameters need to be specified as name=value arguments 422on the $0 command line, 423 424The following parameters were missing: 425 426 $missing 427 428EOF 429 exit 1 430} 431 432POSTCONF="$command_directory/postconf" 433 434# Save settings, allowing command line/environment override. 435 436# Undo MAIL_VERSION expansion at the end of a parameter value. If 437# someone really wants the expanded mail version in main.cf, then 438# we're sorry. 439 440# Confine side effects from mail_version unexpansion within a subshell. 441 442(case "$mail_version" in 443"") mail_version="`$POSTCONF -dhx mail_version`" || exit 1 444esac 445 446for name in $MOST_PARAMETERS 447do 448 eval junk=\$$name 449 case "$junk" in 450 *"$mail_version"*) 451 case "$pattern" in 452 "") pattern=`echo "$mail_version" | sed 's/\./\\\\./g'` || exit 1 453 esac 454 val=`echo "$junk" | sed "s/$pattern"'$/${mail_version}/g'` || exit 1 455 eval ${name}='"$val"' 456 esac 457done 458 459# XXX Maybe update main.cf only with first install, upgrade, set 460# permissions, and what else? Should there be a warning otherwise? 461 462override= 463for name in $MOST_PARAMETERS 464do 465 eval junk=\"\$$name\" 466 test "$junk" = "`$POSTCONF -c $config_directory -h $name`" || { 467 override=1 468 break 469 } 470done 471 472test -n "$override" && { 473 $POSTCONF -c $config_directory -e \ 474 "daemon_directory = $daemon_directory" \ 475 "command_directory = $command_directory" \ 476 "queue_directory = $queue_directory" \ 477 "data_directory = $data_directory" \ 478 "mail_owner = $mail_owner" \ 479 "setgid_group = $setgid_group" \ 480 "sendmail_path = $sendmail_path" \ 481 "mailq_path = $mailq_path" \ 482 "newaliases_path = $newaliases_path" \ 483 "html_directory = $html_directory" \ 484 "manpage_directory = $manpage_directory" \ 485 "sample_directory = $sample_directory" \ 486 "readme_directory = $readme_directory" \ 487 "shlib_directory = $shlib_directory" \ 488 "meta_directory = $meta_directory" \ 489 || exit 1 490} || exit 0) || exit 1 491 492# Use file/directory status information in $meta_directory/postfix-files. 493 494test -n "$create" && { 495 postfix_files_d=$meta_directory/postfix-files.d 496 for postfix_file in $meta_directory/postfix-files \ 497 `test -d $postfix_files_d && { find $postfix_files_d -type f | sort; }` 498 do 499 exec <$postfix_file || exit 1 500 while IFS=: read path type owner group mode flags junk 501 do 502 IFS="$BACKUP_IFS" 503 set_permission= 504 # Skip comments. Skip shared files, if updating a secondary instance. 505 case $path in 506 [$]*) case "$update_shared_files" in 507 1) $debug keep non-shared or shared $path;; 508 *) non_shared= 509 for name in $NON_SHARED 510 do 511 case $path in 512 "\$$name"*) non_shared=1; break;; 513 esac 514 done 515 case "$non_shared" in 516 1) $debug keep non-shared $path;; 517 *) $debug skip shared $path; continue;; 518 esac;; 519 esac;; 520 *) continue;; 521 esac 522 # Skip hard links and symbolic links. 523 case $type in 524 [hl]) continue;; 525 [df]) ;; 526 *) echo unknown type $type for $path in $postfix_file 1>&2; exit 1;; 527 esac 528 # Expand $name, and canonicalize null fields. 529 for name in path owner group flags 530 do 531 eval junk=\${$name} 532 case $junk in 533 [$]*) eval $name=$junk;; 534 -) eval $name=;; 535 *) ;; 536 esac 537 done 538 # Skip uninstalled files. 539 case $path in 540 no|no/*) continue;; 541 esac 542 # Pick up the flags. 543 case $flags in *u*) upgrade_flag=1;; *) upgrade_flag=;; esac 544 case $flags in *c*) create_flag=1;; *) create_flag=;; esac 545 case $flags in *r*) recursive="-R";; *) recursive=;; esac 546 case $flags in *o*) obsolete_flag=1;; *) obsolete_flag=;; esac 547 case $flags in *[1i]*) test ! -r "$path" -a "$config_directory" != \ 548 "$def_config_directory" && continue;; esac 549 # Flag obsolete objects. XXX Solaris 2..9 does not have "test -e". 550 if [ -n "$obsolete_flag" ] 551 then 552 test -r $path -a "$type" != "d" && obsolete="$obsolete $path" 553 continue; 554 else 555 keep_list="$keep_list $path" 556 fi 557 # Create missing directories with proper owner/group/mode settings. 558 if [ -n "$create" -a "$type" = "d" -a -n "$create_flag" -a ! -d "$path" ] 559 then 560 mkdir $path || exit 1 561 set_permission=1 562 # Update all owner/group/mode settings. 563 elif [ -n "$set_perms" ] 564 then 565 set_permission=1 566 # Update obsolete owner/group/mode settings. 567 elif [ -n "$upgrade_perms" -a -n "$upgrade_flag" ] 568 then 569 set_permission=1 570 fi 571 test -n "$set_permission" && { 572 chown $recursive $owner $path || exit 1 573 test -z "$group" || chgrp $recursive $group $path || exit 1 574 # Don't "chmod -R"; queue file status is encoded in mode bits. 575 if [ "$type" = "d" -a -n "$recursive" ] 576 then 577 find $path -type d -exec chmod $mode "{}" ";" 578 else 579 chmod $mode $path 580 fi || exit 1 581 } 582 done 583 IFS="$BACKUP_IFS" 584 done 585} 586 587# Upgrade existing Postfix configuration files if necessary. 588 589test -n "$upgrade_conf" && { 590 591 # Postfix 2.0. 592 # Add missing relay service to master.cf. 593 594 grep '^relay' $config_directory/master.cf >/dev/null || { 595 echo Editing $config_directory/master.cf, adding missing entry for relay service 596 cat >>$config_directory/master.cf <<EOF || exit 1 597relay unix - - n - - smtp 598EOF 599 } 600 601 # Postfix 1.1. 602 # Add missing flush service to master.cf. 603 604 grep '^flush.*flush' $config_directory/master.cf >/dev/null || { 605 echo Editing $config_directory/master.cf, adding missing entry for flush service 606 cat >>$config_directory/master.cf <<EOF || exit 1 607flush unix - - n 1000? 0 flush 608EOF 609 } 610 611 # Postfix 2.1. 612 # Add missing trace service to master.cf. 613 614 grep 'trace.*bounce' $config_directory/master.cf >/dev/null || { 615 echo Editing $config_directory/master.cf, adding missing entry for trace service 616 cat >>$config_directory/master.cf <<EOF || exit 1 617trace unix - - n - 0 bounce 618EOF 619 } 620 621 # Postfix 2.1. 622 # Add missing verify service to master.cf. 623 624 grep '^verify.*verify' $config_directory/master.cf >/dev/null || { 625 echo Editing $config_directory/master.cf, adding missing entry for verify service 626 cat >>$config_directory/master.cf <<EOF || exit 1 627verify unix - - n - 1 verify 628EOF 629 } 630 631 # Postfix 2.1. 632 # Fix verify service process limit. 633 634 grep '^verify.*[ ]0[ ]*verify' \ 635 $config_directory/master.cf >/dev/null && { 636 echo Editing $config_directory/master.cf, setting verify process limit to 1 637 ed $config_directory/master.cf <<EOF || exit 1 638/^verify.*[ ]0[ ]*verify/ 639s/\([ ]\)0\([ ]\)/\11\2/ 640p 641w 642q 643EOF 644 } 645 646 # Postfix 1.1. 647 # Change privileged pickup service into unprivileged. 648 649 grep "^pickup[ ]*fifo[ ]*n[ ]*n" \ 650 $config_directory/master.cf >/dev/null && { 651 echo Editing $config_directory/master.cf, making the pickup service unprivileged 652 ed $config_directory/master.cf <<EOF || exit 1 653/^pickup[ ]*fifo[ ]*n[ ]*n/ 654s/\(n[ ]*\)n/\1-/ 655p 656w 657q 658EOF 659 } 660 661 # Postfix 1.1. 662 # Change private cleanup and flush services into public. 663 664 for name in cleanup flush 665 do 666 grep "^$name[ ]*unix[ ]*[-y]" \ 667 $config_directory/master.cf >/dev/null && { 668 echo Editing $config_directory/master.cf, making the $name service public 669 ed $config_directory/master.cf <<EOF || exit 1 670/^$name[ ]*unix[ ]*[-y]/ 671s/[-y]/n/ 672p 673w 674q 675EOF 676 } 677 done 678 679 # Postfix 2.2. 680 # File systems have improved since Postfix came out, and all we 681 # require now is that defer and deferred are hashed because those 682 # can contain lots of files. 683 684 found=`$POSTCONF -c $config_directory -h hash_queue_names` 685 missing= 686 (echo "$found" | grep defer >/dev/null) || missing="$missing defer" 687 (echo "$found" | grep deferred>/dev/null)|| missing="$missing deferred" 688 test -n "$missing" && { 689 echo fixing main.cf hash_queue_names for missing $missing 690 $POSTCONF -c $config_directory -e hash_queue_names="$found$missing" || 691 exit 1 692 } 693 694 # Turn on safety nets for new features that could bounce mail that 695 # would be accepted by a previous Postfix version. 696 697 # [The "unknown_local_recipient_reject_code = 450" safety net, 698 # introduced with Postfix 2.0 and deleted after Postfix 2.3.] 699 700 # Postfix 2.0. 701 # Add missing proxymap service to master.cf. 702 703 grep '^proxymap.*proxymap' $config_directory/master.cf >/dev/null || { 704 echo Editing $config_directory/master.cf, adding missing entry for proxymap service 705 cat >>$config_directory/master.cf <<EOF || exit 1 706proxymap unix - - n - - proxymap 707EOF 708 } 709 710 # Postfix 2.1. 711 # Add missing anvil service to master.cf. 712 713 grep '^anvil.*anvil' $config_directory/master.cf >/dev/null || { 714 echo Editing $config_directory/master.cf, adding missing entry for anvil service 715 cat >>$config_directory/master.cf <<EOF || exit 1 716anvil unix - - n - 1 anvil 717EOF 718 } 719 720 # Postfix 2.2. 721 # Add missing scache service to master.cf. 722 723 grep '^scache.*scache' $config_directory/master.cf >/dev/null || { 724 echo Editing $config_directory/master.cf, adding missing entry for scache service 725 cat >>$config_directory/master.cf <<EOF || exit 1 726scache unix - - n - 1 scache 727EOF 728 } 729 730 # Postfix 2.2. 731 # Add missing discard service to master.cf. 732 733 grep '^discard.*discard' $config_directory/master.cf >/dev/null || { 734 echo Editing $config_directory/master.cf, adding missing entry for discard service 735 cat >>$config_directory/master.cf <<EOF || exit 1 736discard unix - - n - - discard 737EOF 738 } 739 740 # Postfix 2.2. 741 # Update the tlsmgr fifo->unix service. 742 743 grep "^tlsmgr[ ]*fifo[ ]" \ 744 $config_directory/master.cf >/dev/null && { 745 echo Editing $config_directory/master.cf, updating the tlsmgr from fifo to unix service 746 ed $config_directory/master.cf <<EOF || exit 1 747/^tlsmgr[ ]*fifo[ ]/ 748s/fifo/unix/ 749s/[0-9][0-9]*/&?/ 750p 751w 752q 753EOF 754 } 755 756 # Postfix 2.2. 757 # Add missing tlsmgr service to master.cf. 758 759 grep '^tlsmgr.*tlsmgr' $config_directory/master.cf >/dev/null || { 760 echo Editing $config_directory/master.cf, adding missing entry for tlsmgr service 761 cat >>$config_directory/master.cf <<EOF || exit 1 762tlsmgr unix - - n 1000? 1 tlsmgr 763EOF 764 } 765 766 # Postfix 2.2. 767 # Add missing retry service to master.cf. 768 769 grep '^retry.*error' $config_directory/master.cf >/dev/null || { 770 echo Editing $config_directory/master.cf, adding missing entry for retry service 771 cat >>$config_directory/master.cf <<EOF || exit 1 772retry unix - - n - - error 773EOF 774 } 775 776 # Postfix 2.5. 777 # Add missing proxywrite service to master.cf. 778 779 grep '^proxywrite.*proxymap' $config_directory/master.cf >/dev/null || { 780 echo Editing $config_directory/master.cf, adding missing entry for proxywrite service 781 cat >>$config_directory/master.cf <<EOF || exit 1 782proxywrite unix - - n - 1 proxymap 783EOF 784 } 785 786 # Postfix 2.5. 787 # Fix a typo in the default master.cf proxywrite entry. 788 789 grep '^proxywrite.*-[ ]*proxymap' $config_directory/master.cf >/dev/null && { 790 echo Editing $config_directory/master.cf, setting proxywrite process limit to 1 791 ed $config_directory/master.cf <<EOF || exit 1 792/^proxywrite.*-[ ]*proxymap/ 793s/-\([ ]*proxymap\)/1\1/ 794p 795w 796q 797EOF 798 } 799 800 # Postfix 2.8. 801 # Add missing postscreen service to master.cf. 802 803 grep '^#*smtp.*postscreen' $config_directory/master.cf >/dev/null || { 804 echo Editing $config_directory/master.cf, adding missing entry for postscreen TCP service 805 cat >>$config_directory/master.cf <<EOF || exit 1 806#smtp inet n - n - 1 postscreen 807EOF 808 } 809 810 # Postfix 2.8. 811 # Add missing smtpd (unix-domain) service to master.cf. 812 813 grep '^#*smtpd.*smtpd' $config_directory/master.cf >/dev/null || { 814 echo Editing $config_directory/master.cf, adding missing entry for smtpd unix-domain service 815 cat >>$config_directory/master.cf <<EOF || exit 1 816#smtpd pass - - n - - smtpd 817EOF 818 } 819 820 # Postfix 2.8. 821 # Add temporary dnsblog (unix-domain) service to master.cf. 822 823 grep '^#*dnsblog.*dnsblog' $config_directory/master.cf >/dev/null || { 824 echo Editing $config_directory/master.cf, adding missing entry for dnsblog unix-domain service 825 cat >>$config_directory/master.cf <<EOF || exit 1 826#dnsblog unix - - n - 0 dnsblog 827EOF 828 } 829 830 # Postfix 2.8. 831 # Add tlsproxy (unix-domain) service to master.cf. 832 833 grep '^#*tlsproxy.*tlsproxy' $config_directory/master.cf >/dev/null || { 834 echo Editing $config_directory/master.cf, adding missing entry for tlsproxy unix-domain service 835 cat >>$config_directory/master.cf <<EOF || exit 1 836#tlsproxy unix - - n - 0 tlsproxy 837EOF 838 } 839 840 # Report (but do not remove) obsolete files. 841 842 test -n "$obsolete" && { 843 cat <<EOF | ${FMT} 844 845 Note: the following files or directories still exist but are 846 no longer part of Postfix: 847 848 $obsolete 849 850EOF 851 } 852 853 # Postfix 2.9. 854 # Safety net for incompatible changes in IPv6 defaults. 855 # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO AVOID AN 856 # UNEXPECTED DROP IN PERFORMANCE AFTER UPGRADING FROM POSTFIX 857 # BEFORE 2.9. 858 # This code assumes that the default is "inet_protocols = ipv4" 859 # when IPv6 support is not compiled in. See util/sys_defs.h. 860 861 test "`$POSTCONF -dh inet_protocols`" = "ipv4" || 862 test -n "`$POSTCONF -c $config_directory -n inet_protocols`" || { 863 cat <<EOF | ${FMT} 864 COMPATIBILITY: editing $config_directory/main.cf, setting 865 inet_protocols=ipv4. Specify inet_protocols explicitly if you 866 want to enable IPv6. 867 In a future release IPv6 will be enabled by default. 868EOF 869 $POSTCONF -c $config_directory inet_protocols=ipv4 || exit 1 870 } 871 872# Disabled because unhelpful down-stream maintainers disable the safety net. 873# # Postfix 2.10. 874# # Safety net for incompatible changes due to the introduction 875# # of the smtpd_relay_restrictions feature to separate the 876# # mail relay policy from the spam blocking policy. 877# # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO PREVENT 878# # INBOUND MAIL FROM UNEXPECTEDLY BOUNCING AFTER UPGRADING FROM 879# # POSTFIX BEFORE 2.10. 880# test -n "`$POSTCONF -c $config_directory -n smtpd_relay_restrictions`" || { 881# cat <<EOF | ${FMT} 882# COMPATIBILITY: editing $config_directory/main.cf, overriding 883# smtpd_relay_restrictions to prevent inbound mail from 884# unexpectedly bouncing. 885# Specify an empty smtpd_relay_restrictions value to keep using 886# smtpd_recipient_restrictions as before. 887#EOF 888# $POSTCONF -c $config_directory "smtpd_relay_restrictions = \ 889# permit_mynetworks permit_sasl_authenticated \ 890# defer_unauth_destination" || exit 1 891# } 892 893 # Postfix 3.4 894 # Add a postlog service entry. 895 896 grep '^postlog' $config_directory/master.cf >/dev/null || { 897 echo Editing $config_directory/master.cf, adding missing entry for postlog unix-domain datagram service 898 cat >>$config_directory/master.cf <<EOF || exit 1 899postlog unix-dgram n - n - 1 postlogd 900EOF 901 } 902} 903 904# A reminder if this is the first time Postfix is being installed. 905 906test -n "$first_install_reminder" && { 907 908 ALIASES=`$POSTCONF -c $config_directory -h alias_database | sed 's/^[^:]*://'` 909 NEWALIASES_PATH=`$POSTCONF -c $config_directory -h newaliases_path` 910 cat <<EOF | ${FMT} 911 912 Warning: you still need to edit myorigin/mydestination/mynetworks 913 parameter settings in $config_directory/main.cf. 914 915 See also http://www.postfix.org/STANDARD_CONFIGURATION_README.html 916 for information about dialup sites or about sites inside a 917 firewalled network. 918 919 BTW: Check your $ALIASES file and be sure to set up aliases 920 that send mail for root and postmaster to a real person, then 921 run $NEWALIASES_PATH. 922 923EOF 924 925} 926 927exit 0 928