#!/bin/sh

#++
# NAME
#	postfix-script 1
# SUMMARY
#	execute Postfix administrative commands
# SYNOPSIS
#	\fBpostfix-script\fR \fIcommand\fR
# DESCRIPTION
#	The \fBfBpostfix-script\fR script executes Postfix administrative
#	commands in an environtment that is set up by the \fBpostfix\fR(1)
#	command.
# SEE ALSO
#	master(8) Postfix master program
#	postfix(1) Postfix administrative interface
# LICENSE
# .ad
# .fi
#	The Secure Mailer license must be distributed with this software.
# AUTHOR(S)
#	Wietse Venema
#	IBM T.J. Watson Research
#	P.O. Box 704
#	Yorktown Heights, NY 10598, USA
#--

# Avoid POSIX death due to SIGHUP when some parent process exits.

trap '' 1

case $daemon_directory in
"") echo This script must be run by the postfix command. 1>&2
    echo Do not run directly. 1>&2
    exit 1
esac

LOGGER="$command_directory/postlog -t postfix-script"
INFO="$LOGGER -p info"
WARN="$LOGGER -p warn"
ERROR="$LOGGER -p error"
FATAL="$LOGGER -p fatal"
PANIC="$LOGGER -p panic"

umask 022

#
# LINUX by default does not synchronously update directories -
# that's dangerous for mail.
#
if [ -f /usr/bin/chattr ]
then
	CHATTR="/usr/bin/chattr +S"
else
	CHATTR=:
fi

#
# Can't do much without these in place.
#
cd $command_directory || {
	$FATAL no Postfix command directory $command_directory!
	exit 1
}
cd $daemon_directory || {
	$FATAL no Postfix daemon directory $daemon_directory!
	exit 1
}
test -f master || {
	$FATAL no Postfix master program $daemon_directory/master!
	exit 1
}
cd $config_directory || {
	$FATAL no Postfix configuration directory $config_directory!
	exit 1
}
cd $queue_directory || {
	$FATAL no Postfix queue directory $queue_directory!
	exit 1
}

#
# Parse JCL
#
case $1 in

start_msg)

	echo "Start postfix"
	;;

stop_msg)

	echo "Stop postfix"
	;;

start)

	$daemon_directory/master -t 2>/dev/null || {
		$FATAL the Postfix mail system is already running
		exit 1
	}
	$config_directory/postfix-script check || {
		$FATAL Postfix integrity check failed!
		exit 1
	}
	$INFO starting the Postfix mail system
	$daemon_directory/master &
	;;

drain)

	$daemon_directory/master -t 2>/dev/null && {
		$FATAL the Postfix mail system is not running
		exit 1
	}
	$INFO stopping the Postfix mail system
	kill -9 `sed 1q pid/master.pid`
	;;

stop)

	$daemon_directory/master -t 2>/dev/null && {
		$FATAL the Postfix mail system is not running
		exit 1
	}
	$INFO stopping the Postfix mail system
	kill `sed 1q pid/master.pid`
	;;

abort)

	$daemon_directory/master -t 2>/dev/null && {
		$FATAL the Postfix mail system is not running
		exit 1
	}
	$INFO aborting the Postfix mail system
	kill `sed 1q pid/master.pid`
	;;

reload)

	$daemon_directory/master -t 2>/dev/null && {
		$FATAL the Postfix mail system is not running
		exit 1
	}
	$INFO refreshing the Postfix mail system
	kill -HUP `sed 1q pid/master.pid`
	;;

flush)

	cd $queue_directory || {
		$FATAL no Postfix queue directory $queue_directory!
		exit 1
	}
	$command_directory/postkick public qmgr IDFA
	;;

check)

	for dir in $daemon_directory $config_directory $queue_directory
	do
		ls -lLd $dir | (grep " root " >/dev/null ||
		    $WARN not owned by root: $dir)
	done

	find $daemon_directory/* $config_directory/* ! -user root \
		-exec $WARN not owned by root: {} \;

	find $daemon_directory/. $config_directory/. \
		\( -perm -020 -o -perm -002 \) \
		-exec $WARN group or other writable: {} \;

	find $queue_directory/* $config_directory/* -name '*core' \
		-exec $WARN core file: {} \; 2>/dev/null

	test -d maildrop || {
		$WARN creating missing Postfix maildrop directory
		mkdir maildrop || exit 1
		chmod 1730 maildrop
		chown $mail_owner maildrop
		chgrp maildrop maildrop
	}
	test -d pid || {
		$WARN creating missing Postfix pid directory
		mkdir pid || exit 1
		chmod 755 pid
		chown $mail_owner pid
	}
	for dir in incoming active bounce defer deferred saved corrupt; do
		test -d $dir || {
			$WARN creating missing Postfix $dir directory
			mkdir $dir || exit 1
			chmod 700 $dir; $CHATTR $dir
			chown $mail_owner $dir
		}
	done
	test -d public || {
		$WARN creating missing Postfix public directory
		mkdir public || exit 1
		chmod 755 public
		chown $mail_owner public
	}
	test -d private || {
		$WARN creating missing Postfix private directory
		mkdir private || exit 1
		chmod 700 private
		chown $mail_owner private
	}
	find `ls -d $queue_directory/* | \
	    egrep '/(incoming|active|defer|deferred|bounce|saved|corrupt|public|private)$'` \
	    ! \( -type p -o -type s \) ! -user $mail_owner \
		-exec $WARN not owned by $mail_owner: {} \;

	for dir in $queue_directory/maildrop
	do
		ls -lLd $dir | (grep " $mail_owner " >/dev/null ||
		    $WARN not owned by $mail_owner: $dir)
	done

	for dir in bin etc lib sbin usr
	do
		test -d $dir && find $dir -type f -print | while read path
		do
			cmp -s $path /$path || 
			    $WARN $queue_directory/$path and /$path differ
		done
	done

	$command_directory/postsuper || exit 1

	find corrupt -type f -exec $WARN damaged message: {} \;

	# XXX also: look for weird stuff, weird permissions, etc.
	;;

*)

	$FATAL "usage: postfix start (or stop, reload, abort, flush, or check)"
	exit 1
	;;

esac
