1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
#!/usr/bin/perl
# this script configures Postfix to not use chroot, restarts Postfix to apply
# the change, and removes the chroot files. See the man page or the
# following blog post for more details:
# http://etbe.coker.com.au/2008/08/02/postfix-and-chroot/
use strict;
my $file = "/etc/postfix/master.cf";
my $rsyslog_postfix_conf = "/etc/rsyslog.d/postfix.conf";
my $rsyslog_postfix_sock = "/var/spool/postfix/dev/log";
my $rsyslog_initrc = "/etc/init.d/rsyslog";
if(-e "$file.bak")
{
print "\"$file.bak\" already exists, aborting\n";
exit(1);
}
open(MAIN, "<$file") or die "Can't open \"$file\"";
open(NEW, ">$file.new") or die "Can't open \"$file.new\"";
while(<MAIN>)
{
if($_ =~ /^#/)
{
print NEW $_;
next;
}
chomp;
if($_ =~ /(^([^\s]+\s+){4})-(.*)$/)
{
print NEW "# modified to disable chroot\n";
print NEW "$1n$3\n";
}
else
{
print NEW "$_\n";
}
}
close(NEW);
close(MAIN);
rename("$file","$file.bak") or die "Can't rename \"$file\" to \"$file.bak\", aborting\n";
rename("$file.new", "$file") or die "Can't rename \"$file.new\" to \"$file\", inconsistent state\n";
my $script = "/etc/init.d/postfix";
open(STATUS,"$script status|") or die "Can't check postfix status\n";
my $status = <STATUS>;
if($status =~ /postfix is running/)
{
system("$script stop");
}
rsyslog_postfix_socket_disable();
mysystem('rm', '-rf', qw(
/var/spool/postfix/dev
/var/spool/postfix/etc
/var/spool/postfix/lib
/var/spool/postfix/usr
));
if($status =~ /postfix is running/)
{
system("$script start");
}
exit(0);
sub rsyslog_postfix_socket_disable
{
if ( -f $rsyslog_postfix_conf )
{
my $from = $rsyslog_postfix_conf;
my $to = $rsyslog_postfix_conf . '.bak';
rename($from, $to)
or die qq|$0: can't rename("$from", "$to"): $!\n|;
}
if ( -S $rsyslog_postfix_sock && -x $rsyslog_initrc )
{
mysystem($rsyslog_initrc, 'restart');
}
}
sub mysystem
{
system(@_);
if ( $? != 0 )
{
print STDERR "$0: exec(" . join(',', map(qq|"$_"|, @_)) . ") ";
}
if ($? == -1)
{
mysystem_error(\@_, "failed: $!");
}
elsif ($? & 127)
{
mysystem_error(\@_, "child died with signal %d, %s coredump",
($? & 127), ($? & 128) ? 'with' : 'without');
}
elsif ( $? )
{
mysystem_error(\@_, "child exited with value %d", $? >> 8);
}
return $?;
}
sub mysystem_error
{
my ($args, $fmt, @fmtargs) = @_;
print STDERR "$0: exec(", join(',', map(qq|"$_"|, @$args)),
") ", sprintf($fmt, @fmtargs), "\n";
}
|
