Initial Import
This commit is contained in:
commit
8a5bf83225
|
@ -0,0 +1,26 @@
|
|||
#!/usr/bin/perl -w
|
||||
|
||||
use esmith::Build::CreateLinks qw(:all);
|
||||
|
||||
service_link_enhanced("dovecot", "S65", "7");
|
||||
service_link_enhanced("dovecot", "K35", "6");
|
||||
service_link_enhanced("dovecot", "K35", "0");
|
||||
service_link_enhanced("dovecot", "K35", "1");
|
||||
|
||||
templates2events("/etc/dovecot/dovecot.conf", qw(email-update bootstrap-console-save));
|
||||
templates2events("/etc/dovecot/master.users", qw(email-update bootstrap-console-save));
|
||||
templates2events("/etc/pam.d/dovecotadmin", qw(email-update bootstrap-console-save));
|
||||
|
||||
safe_touch("root/var/service/dovecot/down");
|
||||
safe_symlink("../daemontools" , 'root/etc/rc.d/init.d/supervise/dovecot');
|
||||
safe_symlink("/var/service/dovecot" , 'root/service/dovecot');
|
||||
safe_symlink("adjust", "root/etc/e-smith/events/email-update/services2adjust/dovecot");
|
||||
# Create a symlink for /service/imap so pop3s still find the imapd.pem file
|
||||
safe_symlink("/var/service/dovecot", "root/service/imap");
|
||||
|
||||
event_link("adjust-dovecot", "email-update", "02");
|
||||
event_link("adjust-dovecot", "bootstrap-console-save", "02");
|
||||
event_link("dovecot-acl", "email-update", "85");
|
||||
event_link("dovecot-acl", "user-create", "85");
|
||||
|
||||
safe_touch("root/var/lib/dovecot/sharedmailbox/dict.db");
|
|
@ -0,0 +1 @@
|
|||
enabled
|
|
@ -0,0 +1 @@
|
|||
enabled
|
|
@ -0,0 +1 @@
|
|||
service
|
|
@ -0,0 +1 @@
|
|||
143
|
|
@ -0,0 +1 @@
|
|||
private
|
|
@ -0,0 +1 @@
|
|||
enabled
|
|
@ -0,0 +1 @@
|
|||
service
|
|
@ -0,0 +1 @@
|
|||
993
|
|
@ -0,0 +1 @@
|
|||
private
|
|
@ -0,0 +1 @@
|
|||
enabled
|
|
@ -0,0 +1 @@
|
|||
service
|
|
@ -0,0 +1 @@
|
|||
4190
|
|
@ -0,0 +1 @@
|
|||
private
|
|
@ -0,0 +1 @@
|
|||
enabled
|
|
@ -0,0 +1 @@
|
|||
service
|
|
@ -0,0 +1,28 @@
|
|||
#!/usr/bin/perl -w
|
||||
|
||||
|
||||
# This script just ensure the dovecot service is enabled
|
||||
# if imap or imaps is enabled
|
||||
# It will also entirely disable the dovecot service if both imap
|
||||
# and imaps are disabled
|
||||
|
||||
use esmith::ConfigDB;
|
||||
|
||||
my $c = esmith::ConfigDB->open() or die "Couldn't open Config DB\n";
|
||||
|
||||
my $imap = $c->get('imap');
|
||||
my $imaps = $c->get('imaps');
|
||||
my $dovecot = $c->get('dovecot') || $c->new_record('dovecot',
|
||||
{ type => 'service',
|
||||
status => 'enabled'});
|
||||
|
||||
my $imapStatus = $imap->prop('status') || 'enabled';
|
||||
my $imapsStatus = $imaps->prop('status') || 'enabled';
|
||||
|
||||
if ($imapStatus eq 'enabled' or $imapsStatus eq 'enabled'){
|
||||
$dovecot->set_prop('status', 'enabled');
|
||||
}
|
||||
else{
|
||||
$dovecot->set_prop('status', 'disabled');
|
||||
}
|
||||
|
|
@ -0,0 +1,87 @@
|
|||
#!/usr/bin/perl -w
|
||||
|
||||
|
||||
use esmith::ConfigDB;
|
||||
use esmith::AccountsDB;
|
||||
use File::Find;
|
||||
|
||||
my $c = esmith::ConfigDB->open || die "Couldn't open ConfigDB\n";
|
||||
my $a = esmith::AccountsDB->open_ro || die "Couldn't open AccountsdDB\n";
|
||||
|
||||
my $dovecot = $c->get('dovecot');
|
||||
|
||||
die "couldn't find dovecot service\n" unless ($dovecot);
|
||||
|
||||
my $event = $ARGV[0];
|
||||
|
||||
# SharedMailboxes disabled ?
|
||||
if (($dovecot->prop('SharedMailbox') || 'disabled') eq 'disabled'){
|
||||
foreach my $user ($a->users){
|
||||
my $name = $user->key;
|
||||
die "Error removing SharedMailbox ACLs ($name"."'s Maildir)\n" unless (
|
||||
system('/usr/bin/setfacl',
|
||||
'-R',
|
||||
'-x',
|
||||
'g:sharedmailbox',
|
||||
"/home/e-smith/files/users/$name") == 0 &&
|
||||
system('/bin/chmod',
|
||||
'-R',
|
||||
'g-s',
|
||||
"/home/e-smith/files/users/$name/Maildir") == 0
|
||||
);
|
||||
}
|
||||
$dovecot->set_prop('SharedMailboxAcl','no');
|
||||
exit(0);
|
||||
}
|
||||
|
||||
# If SharedMailbox is enabled
|
||||
|
||||
# Set the correct ACL during user creation
|
||||
if ($event && $event eq 'user-create'){
|
||||
my $user = $ARGV[1];
|
||||
set_acl($user);
|
||||
}
|
||||
|
||||
if (($dovecot->prop('SharedMailboxAcl') || 'no') ne 'yes'){
|
||||
# ACL for existing users haven't been set yet
|
||||
foreach my $user ($a->users){
|
||||
my $name = $user->key;
|
||||
set_acl($name);
|
||||
}
|
||||
$dovecot->set_prop('SharedMailboxAcl','yes');
|
||||
}
|
||||
|
||||
# Set ACL on a user's Maildir
|
||||
sub set_acl {
|
||||
my $user = shift;
|
||||
die "Missing username\n" unless ($user);
|
||||
die "Couldn't find $user"."'s home dir\n" unless (-e "/home/e-smith/files/users/$user");
|
||||
die "Error applying permissions to $user 's Maildir\n" unless (
|
||||
# sharedmailbox group needs read / write access on Maildir
|
||||
system('/usr/bin/setfacl',
|
||||
'-R',
|
||||
'-m',
|
||||
'g:sharedmailbox:rwX,d:g:sharedmailbox:rwX',
|
||||
"/home/e-smith/files/users/$user/Maildir") == 0 &&
|
||||
# Grant sharedmailbox group permission to go through
|
||||
# the home dir so it can access the Maildir, but let it read
|
||||
# anything else
|
||||
system('/usr/bin/setfacl',
|
||||
'-m',
|
||||
'g:sharedmailbox:x',
|
||||
"/home/e-smith/files/users/$user") == 0
|
||||
);
|
||||
find(\&sgid, "/home/e-smith/files/users/$user/Maildir");
|
||||
}
|
||||
|
||||
# The kernel will handle group perms when a user
|
||||
# create a dir in another user's Maildir (if IMAP ACL allows it)
|
||||
# This will prevent dovecot errors, see
|
||||
# http://wiki2.dovecot.org/SharedMailboxes/Permissions and
|
||||
# http://wiki2.dovecot.org/Errors/ChgrpNoPerm
|
||||
sub sgid {
|
||||
system('/bin/chmod',
|
||||
'g+s',
|
||||
"$_") if (-d);
|
||||
}
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
# Dovecot LDA delivery
|
||||
{
|
||||
# vim: ft=perl:
|
||||
use esmith::ConfigDB;
|
||||
my $cdb = esmith::ConfigDB->open_ro || die "Couldn't open ConfigDB\n";
|
||||
my $sieve = $cdb->get('sieve');
|
||||
my $usersieve = $props{Sieve} || 'enabled';
|
||||
my $globalsieve = ($sieve) ? ($sieve->prop('status') || 'disabled') : 'disabled';
|
||||
|
||||
if (($usersieve ne 'enabled') || ($globalsieve ne 'enabled')){
|
||||
$OUT .= "# Sieve is disabled\n";
|
||||
}
|
||||
elsif ($props{EmailForward} !~ /^(local|both)$/) {
|
||||
$OUT .= "# No local delivery (Dovecot LDA)\n";
|
||||
}
|
||||
else{
|
||||
$OUT .= '| /var/qmail/bin/preline -f /usr/libexec/dovecot/dovecot-lda; if [ $? -ne 0 ] ; then exit -1; else exit 99; fi;';
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
protocols = {
|
||||
if ((($imap{'status'} || 'disabled') eq 'enabled') ||
|
||||
(($imaps{'status'} || 'disabled') eq 'enabled')){
|
||||
$OUT .= "imap";
|
||||
}
|
||||
if (($sieve{'status'} || 'disabled') eq 'enabled'){
|
||||
$OUT .= " sieve";
|
||||
}
|
||||
}
|
|
@ -0,0 +1,23 @@
|
|||
{
|
||||
my $greeting = $dovecot{'Greeting'} || 'SME Server IMAP service powered by doveot';
|
||||
$OUT .= "login_greeting = \"$greeting\"\n";
|
||||
}
|
||||
passdb \{
|
||||
driver = pam
|
||||
\}
|
||||
{
|
||||
if (($dovecot{'AdminIsMaster'} || 'disabled') eq 'enabled'){
|
||||
$OUT .=<<"HERE";
|
||||
|
||||
passdb {
|
||||
driver = pam
|
||||
args = dovecotadmin
|
||||
master = yes
|
||||
}
|
||||
auth_master_user_separator = *
|
||||
HERE
|
||||
}
|
||||
}
|
||||
userdb \{
|
||||
driver = passwd
|
||||
\}
|
|
@ -0,0 +1,3 @@
|
|||
log_path = /dev/stderr
|
||||
log_timestamp = ""
|
||||
auth_verbose = yes
|
|
@ -0,0 +1,3 @@
|
|||
mail_location = maildir:~/Maildir
|
||||
first_valid_uid = 101
|
||||
|
|
@ -0,0 +1,39 @@
|
|||
{
|
||||
if ((($imap{'status'} || 'disabled') eq 'disabled') ||
|
||||
(($imap{'AllowPlainText'} || 'enabled') eq 'disabled')){
|
||||
$OUT .= "disable_plaintext_auth = yes\n";
|
||||
}
|
||||
}
|
||||
|
||||
service imap-login \{
|
||||
inet_listener imap \{
|
||||
port = {$imap{'TCPPort'} || '143'}
|
||||
address = *
|
||||
\}
|
||||
inet_listener imaps \{
|
||||
port = {$imaps{'TCPPort'} || '993'}
|
||||
ssl = yes
|
||||
address = *
|
||||
\}
|
||||
|
||||
service_count = 0
|
||||
process_min_avail = 2
|
||||
|
||||
\}
|
||||
|
||||
{
|
||||
if (($sieve{'status'} || 'enabled') eq 'enabled'){
|
||||
my $port = $sieve{'TCPPort'} || '4190';
|
||||
my $address = $sieve{'Listen'} || '127.0.0.1';
|
||||
$OUT .=<<"HERE";
|
||||
|
||||
service managesieve-login {
|
||||
inet_listener sieve {
|
||||
port = $port
|
||||
address = $address
|
||||
}
|
||||
}
|
||||
|
||||
HERE
|
||||
}
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
ssl = {$OUT .= (($imaps{'status'} || 'enabled') eq 'enabled') ? 'yes':'no';}
|
||||
ssl_cert = </var/service/dovecot/ssl/imapd.pem
|
||||
ssl_key = </var/service/dovecot/ssl/imapd.pem
|
|
@ -0,0 +1,19 @@
|
|||
|
||||
postmaster_address = postmaster@{$DomainName}
|
||||
lda_original_recipient_header = to
|
||||
|
||||
{
|
||||
my $reason = $dovecot{'RejectMessage'} || '';
|
||||
my $subject = $dovecot{'RejectSubject'} || '';
|
||||
if ($reason ne ''){
|
||||
$OUT .= "rejection_reason = $reason\n";
|
||||
}
|
||||
if ($subject ne ''){
|
||||
$OUT .= "rejection_subject = $subject\n";
|
||||
}
|
||||
}
|
||||
|
||||
protocol lda \{
|
||||
mail_plugins = $mail_plugins {$OUT .= (($sieve{'status'} || 'disabled') eq 'enabled') ? 'sieve':''}
|
||||
\}
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
{
|
||||
@plugins = ();
|
||||
@imap_plugins = ();
|
||||
@conf = ();
|
||||
$OUT .= '';
|
||||
}
|
|
@ -0,0 +1,16 @@
|
|||
|
||||
{
|
||||
push @plugins, 'quota';
|
||||
push @imap_plugins, 'imap_quota';
|
||||
$OUT .= '';
|
||||
my $string =<<'HERE';
|
||||
|
||||
plugin {
|
||||
quota = fs:user
|
||||
}
|
||||
|
||||
HERE
|
||||
|
||||
push @conf, $string;
|
||||
}
|
||||
|
|
@ -0,0 +1,21 @@
|
|||
{
|
||||
|
||||
if (($dovecot{'LogActions'} || 'disabled') eq 'enabled'){
|
||||
push @plugins, 'mail_log';
|
||||
push @plugins, 'notify';
|
||||
my $string = <<'HERE';
|
||||
|
||||
plugin {
|
||||
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mailbox_create flag_change
|
||||
mail_log_fields = uid box msgid from subject flags
|
||||
}
|
||||
|
||||
HERE
|
||||
|
||||
push @conf, $string;
|
||||
$OUT .= '';
|
||||
}
|
||||
else{
|
||||
$OUT .= "# Actions loging is disabled\n";
|
||||
}
|
||||
}
|
|
@ -0,0 +1,20 @@
|
|||
{
|
||||
if (($dovecot{'FullTextIndexing'} || 'disabled') eq 'enabled'){
|
||||
push @plugins, 'fts';
|
||||
push @plugins, 'fts_squat';
|
||||
my $string =<<'HERE';
|
||||
|
||||
plugin {
|
||||
fts = squat
|
||||
fts_squat = partial=4 full=10
|
||||
}
|
||||
|
||||
HERE
|
||||
|
||||
push @conf, $string;
|
||||
$OUT .= '';
|
||||
}
|
||||
else{
|
||||
$OUT .= "# Full text indexing is disabled\n";
|
||||
}
|
||||
}
|
|
@ -0,0 +1,68 @@
|
|||
{
|
||||
return "" if (($dovecot{'SharedMailbox'} || 'disabled') eq 'disabled');
|
||||
|
||||
push @plugins, 'acl';
|
||||
push @imap_plugins, 'imap_acl';
|
||||
|
||||
my $string =<<'HERE';
|
||||
|
||||
mail_access_groups = sharedmailbox
|
||||
|
||||
service dict {
|
||||
unix_listener dict {
|
||||
mode = 0660
|
||||
group = sharedmailbox
|
||||
}
|
||||
}
|
||||
|
||||
service auth {
|
||||
unix_listener auth-userdb {
|
||||
mode = 0660
|
||||
group = sharedmailbox
|
||||
}
|
||||
}
|
||||
|
||||
service imap {
|
||||
executable = imap imap-postlogin
|
||||
}
|
||||
|
||||
service imap-postlogin {
|
||||
executable = script-login -d /usr/bin/imap-postlogin
|
||||
unix_listener imap-postlogin {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
namespace {
|
||||
type = private
|
||||
separator = /
|
||||
prefix =
|
||||
inbox = yes
|
||||
}
|
||||
|
||||
namespace {
|
||||
type = shared
|
||||
separator = /
|
||||
prefix = shared/%%u/
|
||||
location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
|
||||
subscriptions = no
|
||||
list = children
|
||||
}
|
||||
|
||||
plugin {
|
||||
acl_shared_dict = file:/var/lib/dovecot/sharedmailbox/dict.db
|
||||
}
|
||||
|
||||
plugin {
|
||||
acl = vfile
|
||||
}
|
||||
|
||||
plugin {
|
||||
acl_anyone = allow
|
||||
}
|
||||
|
||||
HERE
|
||||
|
||||
push @conf, $string;
|
||||
$OUT .= '';
|
||||
}
|
|
@ -0,0 +1,7 @@
|
|||
{
|
||||
$OUT .= 'mail_plugins = $mail_plugins ' . join(' ', @plugins) ."\n\n";
|
||||
$OUT .= "protocol imap {\n";
|
||||
$OUT .= ' mail_plugins = $mail_plugins ' . join(' ', @imap_plugins) . "\n";
|
||||
$OUT .= "}\n";
|
||||
$OUT .= "$_\n" foreach (@conf);
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
admin
|
|
@ -0,0 +1,5 @@
|
|||
auth required pam_listfile.so item=user sense=allow file=/etc/dovecot/master.users onerr=fail
|
||||
auth include dovecot
|
||||
account include system-auth
|
||||
session include system-auth
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
{
|
||||
$OUT = <<HERE;
|
||||
#%PAM-1.0
|
||||
HERE
|
||||
|
||||
$OUT .=
|
||||
Text::Template::_load_text("/etc/e-smith/templates-default/template-begin");
|
||||
}
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
#!/bin/sh
|
||||
ACL_GROUPS=`groups $USER | tr ' ' ','`
|
||||
export ACL_GROUPS
|
||||
export USERDB_KEYS="$USERDB_KEYS acl_groups"
|
||||
exec "$@"
|
|
@ -0,0 +1,41 @@
|
|||
#!/usr/bin/perl -w
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
# copyright (C) 2011 Firewall-Services
|
||||
# daniel@firewall-services.com
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
|
||||
use esmith::util;
|
||||
use esmith::ConfigDB;
|
||||
use File::Copy;
|
||||
|
||||
my $c = esmith::ConfigDB->open_ro;
|
||||
my $s = $c->get('SystemName')->value;
|
||||
my $d = $c->get('DomainName')->value;
|
||||
|
||||
my $pem = "./ssl/imapd.pem";
|
||||
# Now copy system pem file into jail used by ldap
|
||||
copy("/home/e-smith/ssl.pem/$s.$d.pem", "$pem.$$")
|
||||
or die "failed to copy SSL PEM: $!";
|
||||
chmod 0400, "$pem.$$";
|
||||
esmith::util::chownFile("root", "root", "$pem.$$");
|
||||
rename("$pem.$$", "$pem")
|
||||
or die "failed to rename $pem.$$ to $pem: $!";
|
||||
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
#!/bin/sh
|
||||
|
||||
NUM=$(/sbin/e-smith/db configuration getprop dovecot KeepLogFiles)
|
||||
|
||||
exec \
|
||||
/usr/local/bin/setuidgid smelog \
|
||||
/usr/local/bin/multilog t s5000000 \
|
||||
n${NUM:-10} \
|
||||
/var/log/dovecot/
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
#!/bin/sh
|
||||
|
||||
exec 2>&1
|
||||
./control/1
|
||||
exec /usr/sbin/dovecot -F
|
||||
|
|
@ -0,0 +1,80 @@
|
|||
%define version 0.1
|
||||
%define release 0.beta26
|
||||
%define name smeserver-dovecot
|
||||
|
||||
|
||||
Summary: Dovecot IMAP server integration
|
||||
Name: %{name}
|
||||
Version: %{version}
|
||||
Release: %{release}%{?dist}
|
||||
License: GPL
|
||||
Group: Networking/Daemons
|
||||
Source: %{name}-%{version}.tar.gz
|
||||
|
||||
Patch0: smeserver-dovecot-0.1-fix_sharedmailbox_dict_acl.patch
|
||||
Patch1: smeserver-dovecot-0.1-mailshare_group.patch
|
||||
Patch2: smeserver-dovecot-0.1-allow_anyone.patch
|
||||
Patch3: smeserver-dovecot-0.1-no_acl_on_dict.patch
|
||||
Patch4: smeserver-dovecot-0.1-sgid_recursive.patch
|
||||
|
||||
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
|
||||
BuildArchitectures: noarch
|
||||
BuildRequires: e-smith-devtools
|
||||
|
||||
Requires: e-smith-base >= 5.2.0
|
||||
Requires: dovecot >= 2.0.15
|
||||
Requires: dovecot-pigeonhole >= 0.2.4
|
||||
Requires: dovecot-managesieve >= 0.2.4
|
||||
Requires: acl
|
||||
|
||||
Provides: e-smith-imap
|
||||
Obsoletes: e-smith-imap
|
||||
|
||||
%description
|
||||
Configure the dovecot IMAP server with sieve scripts support,
|
||||
quota, ACL, extended logging, master user
|
||||
|
||||
%changelog
|
||||
* Tue Nov 29 2011 Daniel Berteaud <daniel@firewall-services.com> - 0.1
|
||||
- initial release
|
||||
|
||||
%prep
|
||||
%setup -q -n %{name}-%{version}
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
|
||||
%build
|
||||
%{__mkdir_p} root/var/log/dovecot
|
||||
%{__mkdir_p} root/var/service/dovecot/ssl
|
||||
perl createlinks
|
||||
|
||||
%install
|
||||
/bin/rm -rf $RPM_BUILD_ROOT
|
||||
(cd root ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
|
||||
/bin/rm -f %{name}-%{version}-filelist
|
||||
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
|
||||
--file /var/service/dovecot/run 'attr(0755,root,root)' \
|
||||
--file /var/service/dovecot/log/run 'attr(0755,root,root)' \
|
||||
--file /var/service/dovecot/control/1 'attr(0755,root,root)' \
|
||||
--dir /var/log/dovecot 'attr(0750,smelog,smelog)' \
|
||||
--dir /var/lib/dovecot/sharedmailbox 'attr(2770,root,sharedmailbox)' \
|
||||
--file /var/lib/dovecot/sharedmailbox/dict.db 'attr(0660,root,sharedmailbox) %config(noreplace)' \
|
||||
--file /usr/bin/imap-postlogin 'attr(0755,root,root)' \
|
||||
> %{name}-%{version}-filelist
|
||||
|
||||
%files -f %{name}-%{version}-filelist
|
||||
%defattr(-,root,root)
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%pre
|
||||
/usr/sbin/groupadd -g 439 sharedmailbox 2> /dev/null || :
|
||||
|
||||
%post
|
||||
|
||||
%preun
|
||||
|
Loading…
Reference in New Issue