File: //usr/share/sendmail/update_sys
#!/bin/sh
#-----------------------------------------------------------------------------
#
# $Sendmail: update_sys,v 8.15.2 2021-03-16 16:04:16 cowboy Exp $
#
# Update system files used by Sendmail for Debian
#
# Copyright (c) 2001-2010 Richard Nelson. All Rights Reserved.
#
# Notes (to all):
# * Several directories/files have their permissions forced...
# This is done to allow the MSP/MTA split
# * This exec runs 'set +e' to ignore errors!!! this is done to
# support those running NFS (or similiar) systems, where the
# chmod/chown may fail - If this happens, you'll need to update
# those items by hand !
#
# Notes (to self):
# *
#
#-----------------------------------------------------------------------------
set +e;
# Path to other sendmail helpers
if [ -x ./update_sendmail ]; then
sm_path='.';
elif [ -x $(dirname $0)/update_sendmail ]; then
sm_path=$(dirname $0);
else
sm_path=/usr/share/sendmail;
fi;
# Bring in sendmail.conf for the network definitions
if [ ! -f /etc/mail/sendmail.conf ]; then
if [ -x $sm_path/update_conf ]; then
$sm_path/update_conf;
fi;
fi;
if [ -f /etc/mail/sendmail.conf ]; then
. /etc/mail/sendmail.conf;
fi;
if [ "$HANDS_OFF" != 'No' ]; then
exit 0;
fi;
# flag used to indicate a dataset has been moved, may need another update
changed=0;
#-----------------------------------------------------------------------------
# Warn the user that this may take a bit...
#-----------------------------------------------------------------------------
echo '';
echo 'Checking filesystem, this may take some time - it will not hang!';
echo -n ' ... ';
#------------------------------------------------------------------------------
# Create any needed directories, and move any prior data to its new home
#------------------------------------------------------------------------------
# /etc/aliases should exist, though not owned by sendmail, we'll create one
if [ ! -e /etc/aliases ]; then
changed=1;
if [ -f /usr/share/doc/sendmail/examples/db/aliases ]; then
echo "Creating /etc/aliases (not found)";
cp /usr/share/sendmail/examples/db/aliases \
/etc/aliases;
else
touch /etc/aliases;
fi;
chown root:root /etc/aliases;
chmod 0644 /etc/aliases;
fi;
#------------------------------------------------------------------------------
# /var/mail is the FHS user mail location, /var/spool/mail is older
# Note: we set the sticky bit to prevent a sgid exploit from erasing files
if [ ! -e /var/mail ]; then
changed=1;
if [ -L /var/spool/mail ]; then
ln -sf spool/mail /var/mail;
elif [ -d /var/spool/mail ]; then
mv /var/spool/mail /var/mail;
chown root:root /var/mail;
chmod 03777 /var/mail;
else
mkdir /var/mail;
chown root:root /var/mail;
chmod 03777 /var/mail;
fi;
fi;
#
# Make sure the sticky bit is set in pre-existing directories
if [ -d /var/mail ] && [ ! -k /var/mail ]; then
chmod 03777 /var/mail;
fi;
if [ -d /var/spool/mail ] \
&& [ ! -k /var/spool/mail ]; then
chmod a+t /var/spool/mail;
fi;
if [ ! -d /var/spool/mail ] \
&& [ ! -L /var/spool/mail ]; then
ln -sf ../mail /var/spool/mail;
#mkdir /var/spool/mail;
#chown root:root /var/spool/mail;
#chmod 03777 /var/spool/mail;
fi;
#------------------------------------------------------------------------------
# /etc/mail is where the Sendmail config files live
if [ ! -d /etc/mail ]; then
changed=1;
mkdir /etc/mail;
fi;
chown smmta:smmsp /etc/mail;
chmod 02755 /etc/mail;
mkdir -p /etc/mail/m4;
chown smmta:smmsp /etc/mail/m4;
chmod 02755 /etc/mail/m4;
#
# With the MSP/MTA split, we don't want any g=w files or directories
# to save us from potential sgid attacks
find /etc/mail -perm /g=w \( -type f -o -type d \) -print \
| xargs -r chmod g-w,o-w;
#------------------------------------------------------------------------------
# /var/run/sendmail is where we store pid files, control sockets, stamps, etc
if [ ! -d /var/run/sendmail ]; then
changed=1;
mkdir /var/run/sendmail;
fi;
chown root:smmta /var/run/sendmail;
chmod 02755 /var/run/sendmail;
if [ ! -d /var/run/sendmail/mta ]; then
mkdir /var/run/sendmail/mta;
fi;
chown smmta:smmsp /var/run/sendmail/mta;
chmod 02755 /var/run/sendmail/mta;
if [ ! -d /var/run/sendmail/msp ]; then
mkdir /var/run/sendmail/msp;
fi;
chown smmsp:smmsp /var/run/sendmail/msp;
chmod 02775 /var/run/sendmail/msp;
if [ ! -d /var/run/sendmail/stampdir ]; then
mkdir /var/run/sendmail/stampdir;
fi;
chown root:smmsp /var/run/sendmail/stampdir;
chmod 02775 /var/run/sendmail/stampdir;
#
# Remove older files
rm -f /var/run/sendmail.pid;
rm -f /var/run/sendmail/sendmail.pid;
rm -f /var/run/sendmail/smcontrol;
#------------------------------------------------------------------------------
# /var/lib/sendmail is where we stuff host status and sendmail.st
# instead of the mail queue and /etc/ (respectively)
if [ ! -d /var/lib/sendmail ]; then
changed=1;
mkdir /var/lib/sendmail;
fi;
chown smmta:smmsp /var/lib/sendmail;
chmod 02751 /var/lib/sendmail;
touch /var/lib/sendmail/dead.letter;
chown smmta:smmsp /var/lib/sendmail/dead.letter;
chmod 0660 /var/lib/sendmail/dead.letter;
if [ -d /var/state/sendmail/host_status ]; then
changed=1;
echo "Moving /var/state/sendmail/host_status to /var/lib/sendmail/";
mv -f /var/state/sendmail/host_status \
/var/lib/sendmail/host_status;
fi;
if [ -d /var/sendmail/host_status ]; then
changed=1;
echo "Moving /var/sendmail/host_status to /var/lib/sendmail/";
mv -f /var/sendmail/host_status \
/var/lib/sendmail/host_status;
fi;
if [ ! -d /var/lib/sendmail/host_status ]; then
mkdir /var/lib/sendmail/host_status;
fi;
chown root:smmsp /var/lib/sendmail/host_status;
chmod 02775 /var/lib/sendmail/host_status;
find /var/lib/sendmail/host_status -type d -print \
| xargs -r chown root:smmsp;
find /var/lib/sendmail/host_status -type d -print \
| xargs -r chmod 02755;
#
# if sendmail.st doesn't exist, don't create it !
if [ -f /var/log/sendmail.st ]; then
changed=1;
echo "Moving /var/log/sendmail.st to /var/lib/sendmail/";
mv /var/log/sendmail.st \
/var/lib/sendmail/sendmail.st;
fi;
if [ -f /var/sendmail/sendmail.st ]; then
changed=1;
echo "Moving /var/sendmail/sendmail.st to /var/lib/sendmail/";
mv /var/sendmail/sendmail.st \
/var/lib/sendmail/sendmail.st;
fi;
if [ -f /var/lib/sendmail/sendmail.st ]; then
chown root:smmsp /var/lib/sendmail/sendmail.st;
chmod 0640 /var/lib/sendmail/sendmail.st;
if [ ! -f /var/lib/sendmail/sm-client.st ]; then
touch /var/lib/sendmail/sm-client.st;
fi;
fi;
if [ -f /var/lib/sendmail/sm-client.st ]; then
chown smmsp:smmsp /var/lib/sendmail/sm-client.st;
chmod 0660 /var/lib/sendmail/sm-client.st;
fi;
if [ ! -f /var/lib/sendmail/dead.letter ]; then
touch /var/lib/sendmail/dead.letter;
fi;
chown root:smmsp /var/lib/sendmail/dead.letter;
chmod 0660 /var/lib/sendmail/dead.letter;
#
# Remove older files
rm -rf /var/sendmail;
rm -rf /var/state/sendmail;
#------------------------------------------------------------------------------
# /var/spool/mqueue is the MTA mail queue directory
if [ ! -d /var/spool/mqueue ]; then
changed=1;
mkdir /var/spool/mqueue;
fi;
chown smmta:smmsp /var/spool/mqueue;
chmod 02750 /var/spool/mqueue;
#
# With the MSP/MTA split, we *DO* need g=r, gid=smmsp queue directories and
# files for mailq to work...
find /var/spool/mqueue -print \
| xargs -r chown smmta:smmsp;
find /var/spool/mqueue -type d -print \
| xargs -r chmod g+rxs-w,o-rwx;
find /var/spool/mqueue -type f -print \
| xargs -r chmod g+r-wx,o-rwx;
#------------------------------------------------------------------------------
# /var/spool/mqueue-client is the MSP mail queue directory
if [ ! -d /var/spool/mqueue-client ]; then
mkdir /var/spool/mqueue-client;
fi;
chown smmsp:smmsp /var/spool/mqueue-client;
chmod 02770 /var/spool/mqueue-client;
find /var/spool/mqueue-client -perm /o=r -print \
| xargs -r chmod o-rwx;
#-----------------------------------------------------------------------------
echo ' Done.';
#------------------------------------------------------------------------------
exit $changed;