Changeset 3142

Timestamp:

04/24/12 17:51:47 (13 months ago)

Author:

squidly

Message:

Mise à jour pour la génération du paquet alternc, pour tout ce qui est mail.

Gros changement : comme discuté sur la ML, alternc.install n'est plus lancé automatiquement lors de l'installation, l'utilisateur doit le lancer manuellement
pour finir l'installation.

Changements significatifs :

• l'installation génére et applique les template dovecot et postfix
• un utilisateur MySQL dédié est maintenant créé pour postfix et dovecot (mail_user).
• ajout d'un utilisateur systeme pour dovecot pour le mail delivery

Location:

alternc/trunk

Files:

• debian/alternc.config (modified) (4 diffs)
• debian/alternc.postinst (modified) (2 diffs)
• debian/alternc.postrm (modified) (1 diff)
• debian/alternc.preinst (modified) (1 diff)
• debian/templates (modified) (1 diff)
• etc/alternc/postfix.cf (modified) (2 diffs)
• etc/alternc/templates/dovecot/dovecot-sql.conf (modified) (2 diffs)
• etc/alternc/templates/dovecot/dovecot.conf (modified) (8 diffs)
• etc/alternc/templates/postfix/master.cf (added)
• etc/alternc/templates/postfix/myalias.cf (modified) (1 diff)
• etc/alternc/templates/postfix/mydomain.cf (modified) (1 diff)
• etc/alternc/templates/postfix/mygid.cf (modified) (1 diff)
• etc/alternc/templates/postfix/myquota.cf (added)
• etc/alternc/templates/postfix/myvirtual.cf (modified) (1 diff)
• install/alternc.install (modified) (4 diffs)
• install/mysql.sh (modified) (7 diffs)
• install/mysql.sql (modified) (7 diffs)
• tools/postfix-add-policy (added)

alternc/trunk/debian/alternc.config

@@ -2 +2 @@
 
 set -e
-
 # Source debconf library.
 . /usr/share/debconf/confmodule
@@ -27 +26 @@
 MYSQL_USER=sysusr
 MYSQL_PASS="`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..10)' `"
-MYSQL_MAIL_USER=alternc_mail_user
+MYSQL_MAIL_USER=alternc_user
 MYSQL_MAIL_PASS="`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..10)' `"
 MYSQL_CLIENT=localhost
@@ -170 +169 @@
 fi
 
+db_get alternc/mysql/alternc_mail_user
 if [ -z "$RET" ]
     then
@@ -175 +175 @@
 fi
 
+db_get alternc/mysql/alternc_mail_password
 if [ -z "$RET" ]
     then

alternc/trunk/debian/alternc.postinst

@@ -46 +46 @@
     mkdir -p /var/spool/postfix/var/run/saslauthd || true
     dpkg-statoverride --quiet --update --add root sasl 710 /var/spool/postfix/var/run/saslauthd  || true
+
+
+    #Create Dovecot user for mail handling FIXME change home with ALTERNC_LOC
+    if ! getent group vmail; then
+       addgroup --gid 1998 vmail
+    fi
+    if ! getent passwd vmail; then
+       adduser -g vmail -u 1998 vmail -d /var/alternc/mail -m 
+    fi 
+    chown -R vmail:vmail /var/alternc/mail
+    chmod u+w /var/alternc/mail
+
 
     # build local.sh if it does not exist
@@ -145 +157 @@
         db_get "alternc/mysql/password"
         password="$RET"
-        
+        db_get "alternc/mysql/alternc_mail_user"
+        alternc_mail_user="$RET"
+        db_get "alternc/mysql/alternc_mail_password"
+        alternc_mail_password="$RET"
+
         # we source (instead of forking) mysql.sh so that it gets the local environment above
         . /usr/share/alternc/install/mysql.sh

alternc/trunk/debian/alternc.postrm

@@ -16 +16 @@
 case "$1" in
   purge)
-    rm -f /etc/alternc/local.sh /etc/alternc/my.cnf /etc/alternc/bureau.conf
+    rm -f /etc/alternc/local.sh /etc/alternc/my_mail.cnf /etc/alternc/my.cnf /etc/alternc/bureau.conf
     rm -f /var/backups/alternc/etc-installed.tar.gz
 

alternc/trunk/debian/alternc.preinst

@@ -6 +6 @@
 
 # Create AlternC Panel user for web server
-if ! getent group alterncpanel ; then
+if ! getent group alterncpanel; then
         addgroup --system --gid 1999 alterncpanel
 fi
-if ! getent passwd alterncpanel ; then
+if ! getent passwd alterncpanel; then
 adduser --system --home "/etc/alternc/.alterncpanel" \
   --disabled-password --uid 1999 --ingroup alterncpanel alterncpanel

alternc/trunk/debian/templates

@@ -93 +93 @@
  the system database !!!
 
+
+Template: alternc/mysql/alternc_mail_user
+Type: string
+_Description: AlternC's mysql account:
+ AlternC will create a mysql administrator account. Please choose it's
+ username here. The default value should be good in most case.
+
+Template: alternc/mysql/alternc_mail_password
+Type: password
+_Description: Password of the AlternC's mysql account:
+ AlternC requires an administrator account on the mysql server. It will be
+ created automatically during the install process. Please choose a password
+ for this account.
+
 Template: alternc/mysql/client
 Type: string

alternc/trunk/etc/alternc/postfix.cf

@@ +1 @@
+# Used by alternc.install with postconf
 home_mailbox = Maildir/
 smtpd_banner = $myhostname ESMTP
@@ -27 +28 @@
 alias_database = hash:/etc/aliases
 virtual_alias_maps = proxy:mysql:/etc/postfix/myalias.cf
-virtual_alias_domains =
+virtual_alias_domains = 
 virtual_mailbox_domains = proxy:mysql:/etc/postfix/mydomain.cf
 virtual_mailbox_maps = proxy:mysql:/etc/postfix/myvirtual.cf
+virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/myquota.cf
 virtual_mailbox_base = /var/alternc/mail
 virtual_minimum_uid = 2000
 virtual_gid_maps = proxy:mysql:/etc/postfix/mygid.cf
 virtual_uid_maps = proxy:mysql:/etc/postfix/mygid.cf
+virtual_transport = dovecot
+dovecot_destination_recipient_limit = 1
 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_rbl_client zen.spamhaus.org, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unlisted_recipient, reject_unauth_destination

alternc/trunk/etc/alternc/templates/dovecot/dovecot-sql.conf

@@ -61 +61 @@
 #   connect = /etc/dovecot/authdb.sqlite
 #
-connect = host=%%dbhost%% dbname=%%dbname%% user=%%dbuser%% password=%%dbpwd%%
+connect = host=%%dbhost%% dbname=%%dbname%% user=%%db_mail_user%% password=%%db_mail_pwd%%
 
 # Default password scheme.
@@ -68 +68 @@
 # http://wiki.dovecot.org/Authentication/PasswordSchemes
 #
-default_pass_scheme = MD5
+default_pass_scheme = PLAIN-MD5
 
 # passdb query to retrieve the password. It can return fields:

alternc/trunk/etc/alternc/templates/dovecot/dovecot.conf

@@ -23 +23 @@
 # If you only want to use dovecot-auth, you can set this to "none".
 protocols = imap imaps pop3 pop3s managesieve
-#protocols = none
+protocols = imap imaps
 
 # A space separated list of IP or host addresses where to listen in for
@@ -45 +45 @@
 #     ..
 #   }
-#listen = *
+listen = *
 
 # Disable LOGIN command and all other plaintext authentications unless
@@ -230 +230 @@
 # </usr/share/doc/dovecot-common/wiki/MailLocation.txt>
 #
-mail_location = maildir:~/Maildir 
+mail_location = maildir:~/Maildir
 
 # If you need to set multiple mailbox locations or want to change default
@@ -700 +700 @@
   # list of plugins to load.
   #mail_plugins = 
-  mail_plugins = quota 
+  mail_plugins = quota
   #mail_plugin_dir = /usr/lib/dovecot/modules/pop3
 
@@ -756 +756 @@
 protocol lda {
   # Address to use when sending rejection mails (e.g. postmaster@example.com).
-  postmaster_address = postmaster@lautre.net
+  postmaster_address = postmaster@localhost
 
   # Hostname to use in various parts of sent mails, eg. in Message-Id.
@@ -1128 +1128 @@
       # can find mailbox locations.
       path = /var/run/dovecot/auth-master
-      mode = 0666
+      mode = 0600
       # Default user/group is the one who started dovecot-auth (root)
-      user = vmail 
+      user = vmail
       #group = 
     }
@@ -1169 +1169 @@
 
 dict {
-  quota = mysql:/etc/dovecot/dovecot-dict-quota.conf
+  quotadict = mysql:/etc/dovecot/dovecot-dict-quota.conf
   #expire = db:/var/lib/dovecot/expire.db
 }
@@ -1217 +1217 @@
      quota_warning = storage=80%% /usr/local/bin/quota-warning.sh 80
   #quota = maildir
-  quota = dict:user:proxy::quotadict
+  quota = dict:user::proxy::quotadict
 
   # ACL plugin. vfile backend reads ACLs from "dovecot-acl" file from maildir

alternc/trunk/etc/alternc/templates/postfix/myalias.cf

@@ -7 +7 @@
 hosts =%%dbhost%%
 dbname = %%dbname%%
-query = select concat( if(isnull(mailbox.id), '', concat(concat(address.address,'@',domaines.domaine), '\n')), recipient.recipients ) from recipient join address on address.id = re
-cipient.address_id left outer join mailbox on mailbox.address_id = address.id join domaines on domaines.id = address.domain_id where concat(address.address,'@',domaines.domaine)='%
-s';
+query = select concat( if(isnull(mailbox.id), '', concat(concat(address.address,'@',domaines.domaine), '\n')), recipient.recipients ) from recipient join address on address.id = recipient.address_id left outer join mailbox on mailbox.address_id = address.id join domaines on domaines.id = address.domain_id where concat(address.address,'@',domaines.domaine)='%s';
  
 

alternc/trunk/etc/alternc/templates/postfix/mydomain.cf

@@ -7 +7 @@
 hosts =%%dbhost%%
 dbname = %%dbname%%
-query = select domaines.domaine from domaines where domaine='%s' and gesmx=1;
+query = select domaines.domaine from domaines join address on address.id=domaines.id where concat(address.address,'@',domaines.domaine)='%s' and gesmx=1;
 

alternc/trunk/etc/alternc/templates/postfix/mygid.cf

@@ -7 +7 @@
 hosts =%%dbhost%%
 dbname = %%dbname%%
-query = select compte from domaines join address on address.domain_id = domaines.id join mailbox on mailbox.address_id = address.id where address.address='%s'
+query = select compte from domaines join address on address.domain_id = domaines.id join mailbox on mailbox.address_id = address.id where concat(address.address,'@',domaines.domaine)='%s'
 

alternc/trunk/etc/alternc/templates/postfix/myvirtual.cf

@@ -7 +7 @@
 hosts =%%dbhost%%
 dbname = %%dbname%%
-query = select concat(path, '/Maildir/') from mailbox join address on address.id = mailbox.address_id join domaines on domaines.id = address.domain_id where concat(address.address,
-'@',domaines.domaine) ='%s';
+query = select concat(path, '/Maildir/') from mailbox join address on address.id = mailbox.address_id join domaines on domaines.id = address.domain_id where concat(address.address,'@',domaines.domaine) ='%s';
 

alternc/trunk/install/alternc.install

@@ -119 +119 @@
     # * convert mysql variables into our MYSQL_ naming convention (;s)
     # * print the result (;p)
-    eval `sed -n -e "/=/{s/ *= *\"\?/='/;s/\"\?\$/'/;s/host/MYSQL_HOST/;s/user/MYSQL_USER/;s/password/MYSQL_PASS/;s/database/MYSQL_DATABASE/;p}" /etc/alternc/my.cnf`
+    eval `sed -n -e "/=/{s/ *= *\"\?/='/;s/\"\?\$/'/;s/host/MYSQL_HOST/;s/user/MYSQL_MAIL_USER/;s/password/MYSQL_MAIL_PASS/;s/database/MYSQL_DATABASE/;p}" /etc/alternc/my_mail.cnf`
     chown root:alterncpanel /etc/alternc/my_mail.cnf
     chmod 640 /etc/alternc/my_mail.cnf
@@ -281 +281 @@
 fi
 
-# configure postfix appropriatly for our needs
+# configure Postfix appropriatly for our needs
 if [ "$slave" = "1" ]; then
     postfix_conf=/etc/alternc/postfix-slave.cf
@@ -287 +287 @@
     postfix_conf=/etc/alternc/postfix.cf
 fi
-while read line
-do
+while read line ; do
    postconf -e "$line"
-done < $postfix_conf
+done < "$postfix_conf"
+
+# Conviguring delivery used bu Postfix FIXME change script name
+echo `/usr/bin/postfix-add-policy2 dovecot pipe DRhu vmail:vmail  '/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} '`
 
 # Bug #1215: configure mydestination when $FQDN is not in
@@ -367 +369 @@
 fi
 
+#giving vmail user read access on dovecot sql file
+chgrp vmail /etc/dovecot/dovecot.conf
+chmod g+r /etc/dovecot/dovecot.conf
+
 # Changing owner of web panel's files
 chown -R alterncpanel:alterncpanel "$ALTERNC_LOC/bureau"

alternc/trunk/install/mysql.sh

@@ -35 +35 @@
 # * password
 # * database
-# * mail_user
-# * mail_password
+# * alternc_mail_user
+# * alternc_mail_password
 # * MYSQL_CLIENT
 # 
@@ -56 +56 @@
 # this means (a) creating the user and (b) creating the database
 grant="GRANT ALL ON *.* TO '$user'@'${MYSQL_CLIENT}' IDENTIFIED BY '$password' WITH GRANT OPTION;
-CREATE DATABASE IF NOT EXISTS $database;GRANT ALL ON '$database'.dovecot_view TO '$mail_user'@'${MYSQL_CLIENT}' IDENTIFIED BY '$mail_password'; "
+CREATE DATABASE IF NOT EXISTS $database; "
+grant_mail="GRANT ALL ON $database.dovecot_view TO '$alternc_mail_user'@'${MYSQL_CLIENT}' IDENTIFIED BY '$alternc_mail_password';"
+grant_mail=$grant_mail"GRANT SELECT ON $database.* TO '$alternc_mail_user'@'${MYSQL_CLIENT}' IDENTIFIED BY '$alternc_mail_password';"
 
 echo -n "Trying debian.cnf: "
@@ -137 +139 @@
     file=$3
     grep -Eq "^ *$var=" $file || echo "$var=" >> $file
-    SED_SCRIPT="$SED_SCRIPT;s\\^ *$var=.*\\$var=\"$RET\"\\"
+    if [ $file = $MYSQL_CONFIG ]; then
+      SED_SCRIPT_USR="$SED_SCRIPT_USR;s\\^ *$var=.*\\$var=\"$RET\"\\"
+    else
+      SED_SCRIPT_MAIL="$SED_SCRIPT_MAIL;s\\^ *$var=.*\\$var=\"$RET\"\\"
+    fi 
 }
 
-SED_SCRIPT=""
+SED_SCRIPT_USR=""
+SED_SCRIPT_MAIL=""
 # hostname was empty in older (pre-0.9.6?) versions
 if [ -z "$host" ]; then
@@ -155 +162 @@
 set_value host $host $MYSQL_MAIL_CONFIG
 set_value database $database $MYSQL_MAIL_CONFIG
-set_value user $mail_user $MYSQL_MAIL_CONFIG
-set_value password $mail_password $MYSQL_MAIL_CONFIG
-
+set_value user $alternc_mail_user $MYSQL_MAIL_CONFIG
+set_value password $alternc_mail_password $MYSQL_MAIL_CONFIG
+
+echo $SED_SCRIPT_MAIL
+echo XXXXXX
+echo $SED_SCRIPT_USR
 
 # take extra precautions here with the mysql password:
@@ -163 +173 @@
 SED_SCRIPT_NAME=`mktemp`
 cat > $SED_SCRIPT_NAME <<EOF
-$SED_SCRIPT
+$SED_SCRIPT_USR
 EOF
 sed -f "$SED_SCRIPT_NAME" < $MYSQL_CONFIG > $MYSQL_CONFIG.$$
@@ -169 +179 @@
 rm -f $SED_SCRIPT_NAME
 
+SED_SCRIPT_NAME_MAIL=`mktemp`
+cat > $SED_SCRIPT_NAME_MAIL <<EOF
+$SED_SCRIPT_MAIL
+EOF
+sed -f "$SED_SCRIPT_NAME_MAIL" < $MYSQL_MAIL_CONFIG > $MYSQL_MAIL_CONFIG.$$
+mv -f $MYSQL_MAIL_CONFIG.$$ $MYSQL_MAIL_CONFIG
+rm -f $SED_SCRIPT_NAME_MAIL
+
 # Now we should be able to use the mysql configuration
 mysql="/usr/bin/mysql --defaults-file=$MYSQL_CONFIG"
@@ -175 +193 @@
 echo "Checking for MySQL connectivity"
 $mysql -e "SHOW TABLES" >/dev/null && echo "MYSQL.SH OK!" || echo "MYSQL.SH FAILED: database user setup failed"
-$mysql_mail -e "SHOW TABLES" >/dev/null && echo "MYSQL.SH OK!" || echo "MYSQL.SH FAILED: database mail user setup failed"
-
+echo $grant_mail
 # Final mysql setup: db schema
 echo "installing AlternC schema in $database..."
 $mysql < /usr/share/alternc/install/mysql.sql || echo cannot load database schema
-
+$mysql <<EOF
+ $grant_mail
+EOF

alternc/trunk/install/mysql.sql

@@ -237 +237 @@
 -- Addresses for domain.
 
-CREATE TABLE `address` (
+CREATE TABLE IF NOT EXISTS `address` (
   `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, -- Technical id.
   `domain_id` bigint(20) unsigned NOT NULL REFERENCES `domaines`(`id`), -- FK to sub_domains.
@@ -255 +255 @@
 -- Local delivered mailboxes.
 
-CREATE TABLE `mailbox` (
+CREATE TABLE IF NOT EXISTS `mailbox` (
   `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, -- Technical id.
   `address_id` bigint(20) unsigned NOT NULL REFERENCES `address`(`id`), -- Reference to address.
@@ -273 +273 @@
 -- Other recipients for an address (aliases)
 
-CREATE TABLE `recipient` (
+CREATE TABLE IF NOT EXISTS `recipient` (
   `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, -- Technical id.
   `address_id` bigint(20) unsigned NOT NULL REFERENCES `address`(`id`), -- Reference to address
@@ -287 +287 @@
 -- Table containing mailman addresses
 
-CREATE TABLE `mailman` (
+CREATE TABLE IF NOT EXISTS `mailman` (
   `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, -- Technical id.
   `address_id` bigint(20) unsigned NOT NULL REFERENCES `address`(`id`), -- Reference to address
@@ -546 +546 @@
 -- Add function who are not in mysql 5 to be able ton convert ipv6 to decimal (and reverse it)
 DELIMITER //
+DROP FUNCTION IF EXISTS INET_ATON6;//
 CREATE FUNCTION INET_ATON6(n CHAR(39))
 RETURNS DECIMAL(39) UNSIGNED
@@ -570 +571 @@
 DELIMITER ;
 DELIMITER //
+DROP FUNCTION IF EXISTS INET_NTOA6;//
 CREATE FUNCTION INET_NTOA6(n DECIMAL(39) UNSIGNED)
 RETURNS CHAR(39)
@@ -648 +650 @@
 --
 
-CREATE VIEW `dovecot_view` AS
+CREATE OR REPLACE VIEW `dovecot_view` AS
 SELECT concat(`address`.`address`,'@',`domaines`.`domaine`) AS `user`,
 concat('*:storage=',cast(`mailbox`.`quota` as char charset latin1),'M') AS `userdb_quota_rule`,