Scalix mit Debian Etch: Unterschied zwischen den Versionen
Keine Bearbeitungszusammenfassung |
|||
Zeile 1.711: | Zeile 1.711: | ||
# Setting up Scalix-Tomcat | # Setting up Scalix-Tomcat | ||
vi /etc/opt/scalix-tomcat/scalix-tomcat.conf | # vi /etc/opt/scalix-tomcat/scalix-tomcat.conf | ||
# Set RAM Usage to 50% of complete RAM (or other, e.g. 40M) | # Set RAM Usage to 50% of complete RAM (or other, e.g. 40M) | ||
# JAVA_OPTS="-server -Xms40m -Xmx40m" | # JAVA_OPTS="-server -Xms40m -Xmx40m" | ||
Zeile 1.780: | Zeile 1.780: | ||
Jetzt sollte man sich in o.g. URL als sxadmin und dem vorher definierten Password einloggen können. | Jetzt sollte man sich in o.g. URL als sxadmin und dem vorher definierten Password einloggen können. | ||
Als sxadmin kann man in der | Als ''sxadmin'' kann man in der '''S'''calix '''A'''dmin '''C'''onsole (SAC) neue User anlegen. | ||
Um Ressourcen zu sparen, kann man den Speicherbedarf des Tomcat etwas zügeln: | |||
'''/etc/opt/scalix-tomcat/scalix-tomcat.conf''' | |||
<pre> | |||
# Configuration file for Scalix Tomcat | |||
# The directory where Java is installed | |||
# (determined from /usr/bin/java managed by update-alternatives | |||
# by default, change to hardcoded path if needed): | |||
JAVA_HOME="`/opt/scalix-tomcat/bin/determine-java-home`" | |||
# Additional arguments to be passed to Java: | |||
JAVA_OPTS="-server -Xms40m -Xmx40m" | |||
# Maximum number of file descriptors | |||
ULIMIT_NUM_FILES="1000" | |||
</pre> | |||
== Quellen == | == Quellen == |
Version vom 18. Mai 2007, 21:12 Uhr
Vorbereitung
Etch Installation in XEN DomU
Ich starte mit der Installation auf einer frischen Etch-Installation unter XEN. Der Einfachheit halber benutze ich die xen-tools.
apt-get install xen-tools vi /etc/xen-tools/xen-tools.conf # # ... lvm = vg debootstrap = 1 # ## # Disk and Sizing options. ## # size = 4Gb # Disk image size. memory = 128Mb # Memory size swap = 128Mb # Swap size # noswap = 1 # Don't use swap at all for the new system. fs = ext3 # use the EXT3 filesystem for the disk image. dist = etch # Default distribution to install. image = sparse # Specify sparse vs. full disk images. dhcp = 1 # # Default kernel and ramdisk to use for the virtual servers # kernel = /boot/vmlinuz-2.6.18-4-xen-686 initrd = /boot/initrd.img-2.6.18-4-xen-686 # # The default mirror for debootstrap which can be used to install # Debian Sid, Sarge, and Etch. # mirror = http://ftp.de.debian.org/debian/ # ...
Etch-DomU Image erstellen und anschliessend starten
xen-create-image --hostname=scx vi /etc/xen/scx.cfg xm create -c /etc/xen/scx.cfg ... ethtool -K eth0 tx off vi /etc/network/interfaces # uncomment ethtool # post-up ethtool -K eth0 tx off
Zusätzliche Pakete installieren
Jetzt die notwendigen Pakete installieren:
- Apache, Sendmail
- Postgres
- Kerberos
- SASL2
- diverse Libraries
- Sun Java
- gawk, wget, elinks, ethtool, less, host
apt-get install -u apache2 sendmail sendmail-doc apt-get install -u postgresql apt-get install -u krb5-config krb5-doc krb5-user libkadm55 libkrb53 apt-get install -u saslauthd libsasl2-modules libsasl2-gssapi-mit sasl2-bin libssl0.9.7 apt-get install -u libxml2 libglib2.0-0 libstdc++2.10-glibc2.2 libstdc++5 apt-get install -u sun-java5-jre apt-get install -u gawk elinks wget w3m less ethtool host
Folgendes habe ich angepasst (siehe unten):
- Sendmail-Dual Konfiguration
- Smarthost
- Masquerading
- Amavisd-new integrieren
Ich fange mit Amavisd-new, Spamassassin und Clamav an.
Sendmail mit Amavisd-New konfigurieren
Nach der Installation muss Amavis die zentrale Spamassassin-Konfigurationsdatei etc/spamassassin/local.cf untergeschoben werden und dem Benutzer clamav die Gruppe amavis zugeordnet werden:
apt-get install -u amavisd-new clamav clamav-daemon spamassassin adduser clamav amavis mkdir ~amavis/.spamassassin ln -s /etc/spamassassin/local.cf \ ~amavis/.spamassassin/user_prefs
Die Amavisd Konfiguration wird angepasst, unter /etc/amavis/conf.d/50-user:
use strict; # # Place your configuration directives here. They will override those in # earlier files. # # See /usr/share/doc/amavisd-new/ for documentation and examples of # the directives you can use in this file # @bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); @bypass_spam_checks_maps = ( \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re); $final_virus_destiny = D_DISCARD; # (data not lost, see virus quarantine) $final_banned_destiny = D_DISCARD; # D_REJECT when front-end MTA $final_spam_destiny = D_DISCARD; $final_bad_header_destiny = D_PASS; # False-positive prone (for spam) #------------ Do not modify anything below this line ------------- 1; # insure a defined return
Amavisd Neustart:
/etc/init.d/amavis restart
Sendmail-Dual-Konfiguration
Um Amavisd-New mit Spamassassin und Clamav in sendmail zu integrieren verwende ich das Sendmail-Dual Setup (welches der Konfiguration von Exim mit Amavisd-new entspricht).
Auszug aus /usr/share/doc/amavisd-new/README.sendmail-dual.gz:
The following setup is described in this document: ............................ ............................ : sendmail instance MTA-RX : : sendmail instance MTA-TX : : : : : 25 -----> \ (mqueue-rx) : : (mqueue) / -------> forward 587 -----> > -queue- : : -queue- ->-----+ : ^ : / | MAIL_HUB, : : | \ -------> local | : v SMART_HOST : : ^ : delivery msp ...........|................ ....|....................... | ^ loopback interface v | port 10025 loopback interf.| port 10024 | .....|.......................|............. : $inet_socket_port=10024 | : : | : : $forward_method='smtp:127.0.0.1:10025' : : $notify_method ='smtp:127.0.0.1:10025' : : : : amavisd-new : ...........................................
Die Sendmail Konfiguration ist unter /etc/mail/sendmail-rx.mc und /etc/mail/sendmail-tx.mc definiert.
Sendmail-RX
/etc/mail/sendmail-rx.mc
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl VERSIONID(`$Id: sendmail-rx.mc, v 8.13.8-3 2006-12-08 20:21:10 neobiker Exp $') OSTYPE(`debian')dnl DOMAIN(`debian-mta')dnl dnl # dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS= dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE dnl # define(`confRUN_AS_USER',`smmta:smmsp')dnl DAEMON_OPTIONS(`Family=inet, Name=MTA-RX, Port=smtp, Addr=127.0.0.1')dnl FEATURE(`access_db', , `skip')dnl FEATURE(`authinfo', `hash /etc/mail/auth/client-info')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl dnl # include(`/etc/mail/sasl/sasl.m4')dnl include(`/etc/mail/tls/starttls.m4')dnl dnl # define(`confPID_FILE', `/var/run/sendmail/mta/sendmail-rx.pid')dnl Non-default pid file define(`STATUS_FILE', `/etc/mail/stat-rx')dnl Non-default stat file define(`QUEUE_DIR', `/var/spool/mqueue-rx')dnl Non-default queue area define(`confQUEUE_SORT_ORDER',`Modification')dnl Modif or Random are reasonable dnl # dnl Match the number of queue runners (R=) to the number of amavisd-new child dnl processes ($max_servers). 2 to 7 OK, 10 is plenty, 20 is too many QUEUE_GROUP(`mqueue', `P=/var/spool/mqueue-rx, R=2, F=f')dnl dnl # FEATURE(stickyhost)dnl define(`MAIL_HUB', `esmtp:[127.0.0.1]')dnl Forward all local mail to amavisd define(`SMART_HOST', `esmtp:[127.0.0.1]')dnl Forward all other mail to amavisd define(`LOCAL_RELAY',`esmtp:[127.0.0.1]')dnl define(`confDELIVERY_MODE',`q')dnl Delivery mode: queue only (a must, define(`ESMTP_MAILER_ARGS',`TCP $h 10024')dnl To tcp port 10024 instead of 25 MODIFY_MAILER_FLAGS(`ESMTP', `+z')dnl Speak LMTP (this is optional) define(`SMTP_MAILER_MAXMSGS',`10')dnl Max no. of msgs in a single connection define(`confTO_DATAFINAL',`20m')dnl 20 minute timeout for content checking dnl # undefine(`ALIAS_FILE')dnl No aliases file, all local mail goes to MAIL_HUB define(`confFORWARD_PATH')dnl Empty search path for .forward files undefine(`UUCP_RELAY')dnl undefine(`BITNET_RELAY')dnl undefine(`DECNET_RELAY')dnl MAILER(`smtp')dnl
Sendmail-TX
/etc/mail/sendmail-tx.mc
define(`_USE_ETC_MAIL_')dnl include(`/usr/share/sendmail/cf/m4/cf.m4')dnl VERSIONID(`$Id: sendmail-tx.mc, v 8.13.8-3 2006-12-08 20:21:10 neobiker Exp $') OSTYPE(`debian')dnl DOMAIN(`debian-mta')dnl dnl # dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS= dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE dnl # FEATURE(`no_default_msa')dnl FEATURE(`access_db', , `skip')dnl DAEMON_OPTIONS(`Family=inet, Name=MTA-TX, Port=10025, Addr=127.0.0.1')dnl dnl # include(`/etc/mail/sasl/sasl.m4')dnl include(`/etc/mail/tls/starttls.m4')dnl dnl # include(`/etc/mail/m4/dialup.m4')dnl include(`/etc/mail/m4/provider.m4')dnl dnl # dnl # Masquerading options FEATURE(`always_add_domain')dnl MASQUERADE_AS(`scx.neobiker.de')dnl FEATURE(`allmasquerade')dnl FEATURE(`masquerade_envelope')dnl dnl # define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl FEATURE(`authinfo', `hash /etc/mail/auth/client-info')dnl define(`confREFUSE_LA',999)dnl Disable the feature, limiting belongs to MTA-RX define(`confMAX_DAEMON_CHILDREN',0)dnl Disable, limiting belongs to MTA-RX FEATURE(`nocanonify')dnl Host/domain names are considered canonical define(`confSMTP_LOGIN_MSG', `$w.tx.$m Sendmail $v/$Z; $b')dnl define(`confTO_IDENT', `0')dnl Disable IDENT dnl # dnl # Default Mailer setup MAILER_DEFINITIONS MAILER(scalix)dnl MAILER(`local')dnl MAILER(`smtp')dnl
Sendmail-Smarthost
Der Smarthost wird unter /etc/mail/m4/provider.m4 eintragen (und von dort importiert):
define(`SMART_HOST', `mail.1und1.de')
Sendmail konfigurieren und starten
cp -p /var/spool/mqueue /var/spool/mqueue-rx m4 /etc/mail/hostname-rx.mc > /etc/mail/sendmail-rx.cf m4 /etc/mail/hostname-tx.mc > /etc/mail/sendmail-tx.cf /usr/sbin/sendmail -C /etc/mail/sendmail-rx.cf -L sm-mta-rx -bd -qp /usr/sbin/sendmail -C /etc/mail/sendmail-tx.cf -L sm-mta-tx -bd -q15m /usr/sbin/sendmail -Ac -L sm-msp-queue -q10m
Sendmail-Dual Initscript
Ich habe das normale Sendmail-Initscript angepasst, damit der 2.te Sendmail-Prozess (MTA-RX zus. zu MTA-TX) berücksichtigt wird. Die Anpassungen sind im wesentlichen aus den normalen Prozeduren kopiert und angepasst. Im Original werden die Variablen MTAL_XXXX verwendet, ich habe für den zusätzlichen MTA-RX Prozess diese einfach als MTAR_XXXX wo nötig ergänzt und eingefügt.
Starten wie üblich, zum Debuggen den tail Befehl verwenden, monitoring mit ps:
# tail -f /var/log/mail.info & # /etc/init.d/sendmail-dual start # ps aux|grep -v grep|grep sendmail root 5885 0.0 1.5 8344 2604 ? Ss 19:11 0:00 sendmail: MTA: accepting connections smmta 5886 0.0 1.0 8336 1764 ? S 19:11 0:00 sendmail: MTA: running queue: /var/spool/mqueue-rx root 5890 0.0 1.5 8332 2612 ? Ss 19:11 0:00 sendmail: MTA: accepting connections #
/etc/init.d/sendmail-dual (Ich habe das normale /etc/init.d/sendmail File ersetzt).
#!/bin/sh -e # # $Sendmail: init.d,v 8.13.8 2006-12-08 20:21:10 cowboy Exp $ # # Sendmail rc script for Debian (/etc/init.d/sendmail) # all the work is done by the imbedded copy of /usr/share/sendmail/sendmail # # Copyright (c) 2001-2005, Richard Nelson <cowboy@debian.org>. # # Notes (to all): # * *** Do not edit this file *** Instead edit /etc/mail/sendmail.conf # # Notes (to self): # * # set -e; # set -x; PATH=/bin:/usr/bin:/sbin:/usr/sbin; #!/bin/sh -e #----------------------------------------------------------------------------- # $Sendmail: sm_helper.sh,v 8.13.8 2006-12-08 20:21:10 cowboy Exp $ # # Copyright (c) 1998-2005 Richard Nelson. All Rights Reserved. # # Debian helper function script for Debian Sendmail # Note: this file supports 8.7.6 - 9.0.0 # # Notes (to all): # * # # Notes (to self): # * clean_queues fubar, esp wrt MSP # #----------------------------------------------------------------------------- # set -e; DEBUG=0; # LSB compliance (kinda) if [ -f /lib/lsb/init-functions ]; then . /lib/lsb/init-functions; else log_begin_msg() { echo "$@"; }; log_success_msg() { echo "$@"; }; log_warning_msg() { echo "$@"; }; fi; #------------------------------------------------------------------------------ # Parameters for the sendmail daemon # Do *NOT* touch these lines, instead, edit /etc/mail/sendmail.conf # The _PARMS lines are listed in precedence order #------------------------------------------------------------------------------ Get_Parameters () { # Main configuration parameters in /etc/mail/sendmail.conf DAEMON_MODE='Daemon'; DAEMON_PARMS=''; DAEMON_UID='root'; QUEUE_MODE="$DAEMON_MODE"; QUEUE_INTERVAL='10m'; QUEUE_PARMS=''; MSP_MODE="$QUEUE_MODE"; MSP_INTERVAL="$QUEUE_INTERVAL"; MSP_PARMS=""; MISC_PARMS=''; CRON_PARMS=''; LOG_CMDS='No'; # Secondary (non-documented) parameters in /etc/mail/sendmail.conf # Caveat Emptor: change these at your own risk - they impact several # disjoint pieces parts... SENDMAIL_ROOT='/var/run/sendmail'; MTA_DAEMON='/usr/sbin/sendmail-mta'; MTA_COMMAND='/usr/sbin/sendmail-mta'; MTA_A='-Am'; MTAR_L='-L sm-mta-rx'; MTAL_L='-L sm-mta-tx'; MTAL_L_QUEUE='-L sm-mta-queue'; MTAL_L_RUNQ='-L sm-mta-runq'; MTA_ROOT="${SENDMAIL_ROOT}/mta"; MTAR_PIDFILE="${MTA_ROOT}/sendmail-rx.pid"; MTAL_PIDFILE="${MTA_ROOT}/sendmail.pid"; MTAL_SOCKET="${MTA_ROOT}/smsocket"; MTAL_CNTL="${MTA_ROOT}/smcontrol"; MTAQ_L='-L sm-que'; MTAQ_L_RUNQ='-L sm-que-runq'; MTAQ_PIDFILE="${MTA_ROOT}/queue.pid"; MTAQ_SOCKET="${MTA_ROOT}/qusocket"; MTAQ_CNTL="${MTA_ROOT}/qucontrol"; MSP_DAEMON='/usr/sbin/sendmail-msp'; MSP_COMMAND='/usr/sbin/sendmail-msp'; MSP_A='-Ac'; MSP_L='-L sm-msp'; MSP_L_QUEUE='-L sm-msp-queue'; MSP_ROOT="${SENDMAIL_ROOT}/msp"; MSP_PIDFILE="${MSP_ROOT}/sendmail.pid"; MSP_SOCKET="${MSP_ROOT}/smsocket"; MSP_CNTL="${MSP_ROOT}/smcontrol"; # Pull in any user modified variables if [ -f /etc/mail/sendmail.conf ]; then . /etc/mail/sendmail.conf; fi; # These can't be user customized SM_Get_Parameters='yes'; PATH='/bin:/usr/bin:/sbin:/usr/sbin'; STAMP_DIR="${SENDMAIL_ROOT}/stampdir"; START_MTAR_CMD="start-stop-daemon \ --pidfile $MTAR_PIDFILE \ --exec $MTA_DAEMON \ --startas $MTA_COMMAND \ --start"; STOP_MTAR_CMD="start-stop-daemon \ --pidfile $MTAR_PIDFILE \ --name sendmail-mta \ --stop"; SIGNAL_MTAR_CMD="start-stop-daemon \ --pidfile $MTAR_PIDFILE \ --name sendmail-mta \ --stop"; START_MTAL_CMD="start-stop-daemon \ --pidfile $MTAL_PIDFILE \ --exec $MTA_DAEMON \ --startas $MTA_COMMAND \ --start"; STOP_MTAL_CMD="start-stop-daemon \ --pidfile $MTAL_PIDFILE \ --name sendmail-mta \ --stop"; SIGNAL_MTAL_CMD="start-stop-daemon \ --pidfile $MTAL_PIDFILE \ --name sendmail-mta \ --stop"; START_MTAQ_CMD="start-stop-daemon \ --pidfile $MTAQ_PIDFILE \ --make-pidfile \ --exec $MTA_DAEMON \ --startas $MTA_COMMAND \ --start"; STOP_MTAQ_CMD="start-stop-daemon \ --pidfile $MTAQ_PIDFILE \ --name sendmail-mta \ --stop"; SIGNAL_MTAQ_CMD="start-stop-daemon \ --pidfile $MTAQ_PIDFILE \ --name sendmail-mta \ --stop"; START_MSP_CMD="start-stop-daemon \ --pidfile $MSP_PIDFILE \ --exec $MSP_DAEMON \ --startas $MSP_COMMAND \ --chuid smmsp \ --start"; STOP_MSP_CMD="start-stop-daemon \ --pidfile $MSP_PIDFILE \ --name sendmail-msp \ --stop"; SIGNAL_MSP_CMD="start-stop-daemon \ --pidfile $MSP_PIDFILE \ --name sendmail-msp \ --stop"; NAME='sendmail'; FLAGS='defaults 50'; # Sanitize some keyword entries DAEMON_MODE=$(echo "$DAEMON_MODE" | tr '[:upper:]' '[:lower:]'); QUEUE_MODE=$(echo "$QUEUE_MODE" | tr '[:upper:]' '[:lower:]'); MSP_MODE=$(echo "$MSP_MODE" | tr '[:upper:]' '[:lower:]'); # See if we can share the listener and queue-runner daemon: # * Both must be in daemon mode # * They must have the same (possibly empty) parameters if [ "$DAEMON_MODE" = "daemon" \ -a \( \( "$QUEUE_MODE" = "cron" -o "$QUEUE_MODE" = "none" \) \ -o \( "$QUEUE_MODE" != "cron" \ -a "$QUEUE_MODE" != "none" \ -a "$DAEMON_PARMS" = "$QUEUE_PARMS" \ \) \ \) ]; then SPLIT_DAEMON=0; else SPLIT_DAEMON=1; fi; # Version dependant support: # 8.12.0+ M{TA,MSP}_A if [ ! -f /usr/share/sendmail/cf/feature/msp.m4 ]; then MTA_A=''; MTAL_L=''; MTAL_L_QUEUE=''; MSP_A=''; MSP_L=''; MSP_L_QUEUE=''; fi; }; #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # enhanced sendmail startup #------------------------------------------------------------------------------ start_mta () { # # Make sure /var/run/sendmail/ exists check_dirs; # # If already running, don't start it... if is_running mta; then log_warning_msg 'MTA is already running.'; return; fi; # # Check if we're going to run a daemon (and how many): daemon_check; # # Mark restarted for communication betwixt here and /etc/mail/Makefile touch $STAMP_DIR/reload; # if [ "$DAEMON_MODE" = "daemon" ]; then # # Allow Unix (local) connections betwixt MSP/MTA: touch $MTAL_SOCKET; # # We can only afford to clean the MTA queues if running daemon mode, # otherwise, there is a chance that a cronjob might still be using # the queue... Thats also why we don't clean the MSP queues herein. #clean_queues; # # cd to a safe place to stash core files... cd $MTA_ROOT; # # if running in -dual config, run the receive daemon CMD="$START_MTAR_CMD -- $MTAR_PARMS"; if [ "$LOG_CMDS" = "Yes" ]; then logger -i -p mail.debug -- "$0 $CMD"; fi; $CMD & CMD="$START_MTAL_CMD -- $MTAL_PARMS"; if [ "$LOG_CMDS" = "Yes" ]; then logger -i -p mail.debug -- "$0 $CMD"; fi; $CMD & # # Update permissions on smsocket sleep 2; chown $DAEMON_UID:smmsp $MTAL_SOCKET; chmod 0666 $MTAL_SOCKET; fi; # # Check for split daemon mode (separate listener/queue runner) if [ "$SPLIT_DAEMON" -eq 1 ]; then CMD="$START_MTAQ_CMD -- $MTAQ_PARMS"; if [ "$LOG_CMDS" = "Yes" ]; then logger -i -p mail.debug -- "$0 $CMD"; fi; $CMD & sleep 2; qp=`expr "${MTAQ_PARMS}" : '.*\(-qp[0-9]*[smhdw]\)'` || true; if [ -z "$qp" ]; then chmod 0664 $MTAQ_PIDFILE; else qc=`ps --no-headers -fCsendmail \ | egrep -e 'Queue control' \ | awk '{print $2}'`; if [ -z "$qc" ]; then rm -f $MTAQ_PIDFILE; else chmod 0664 $MTAQ_PIDFILE; printf "$qc\n$MTA_COMMAND $MTAQ_PARMS" > $MTAQ_PIDFILE; fi; fi; fi; # # if running split service, run the client queues (just to make sure) if check_msp; then $MSP_COMMAND -q $MSP_A $MSP_L_QUEUE $MSP_PARMS $MISC_PARMS; fi; }; start_msp () { # # Make sure /var/run/sendmail/ exists check_dirs; # # If already running, don't start it... if is_running msp; then log_warning_msg 'MSP is already running.'; return; fi; # # Check to see if MSP mode is indeed available if ! check_msp; then return; fi; # # Check if we're going to run a daemon: if [ "$MSP_MODE" != 'daemon' ]; then return; fi; # # We can only afford to clean the MSP queues if running daemon mode, # otherwise, there is a chance that a cronjob might still be using # the queue... Thats also why we don't clean the MTA queues herein. #clean_queues /var/spool/mqueue-client; # # cd to a safe place to stash core files... cd $MSP_ROOT; $START_MSP_CMD -- \ $MSP_A $MSP_L -q${MSP_INTERVAL} $MSP_PARMS $MISC_PARMS & }; start_sendmail () { start_mta; if check_msp; then start_msp; fi; }; #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # enhanced sendmail reload #------------------------------------------------------------------------------ reload_mta () { # # Make sure /var/run/sendmail/ exists check_dirs; # # reload (signal -HUP) is *much* better/faster than stop/start # # Mark restarted for communication betwixt here and /etc/mail/Makefile touch $STAMP_DIR/reload; # # If not running, just start it... if ! is_running mta; then start_mta; fi; # # Is running, must signal it... $SIGNAL_MTAL_CMD --signal HUP --oknodo --quiet || true; sleep 2; chown $DAEMON_UID:smmta $MTAL_SOCKET; chmod 0666 $MTAL_SOCKET; $SIGNAL_MTAR_CMD --signal HUP --oknodo --quiet || true; # # Check for split daemon mode (separate listener/queue runner) if [ "$SPLIT_DAEMON" -eq 1 ]; then $SIGNAL_MTAQ_CMD --signal HUP --oknodo --quiet || true; fi; }; reload_msp () { # # Make sure /var/run/sendmail/ exists check_dirs; # # reload (signal -HUP) is *much* better/faster than stop/start # # If not running, just start it... if ! is_running msp; then start_msp; fi; # # Is running, must signal it... $SIGNAL_MSP_CMD --signal HUP --oknodo --quiet || true; }; reload_sendmail () { reload_mta; if check_msp; then reload_msp; fi; }; #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # enhanced sendmail shutdown #------------------------------------------------------------------------------ stop_mta () { local cnt; stopped=0; # # Make sure /var/run/sendmail/ exists check_dirs; # # If not running, don't stop it... #if ! is_running mta; then # return; # fi; # # Is running, must stop it... $STOP_MTAR_CMD --signal TERM --quiet --oknodo > /dev/null; $STOP_MTAL_CMD --signal TERM --quiet --oknodo > /dev/null; # # Now we have to wait until sendmail has _really_ stopped. # sleep 2; if $STOP_MTAL_CMD --signal TERM --quiet > /dev/null; then echo -n ' Waiting .'; cnt=0; while $STOP_MTAL_CMD --signal TERM --quiet > /dev/null; do cnt=`expr $cnt + 1`; if [ $cnt -gt 60 ]; then # # Waited 120 seconds now. Fail. # echo -n ' Failed '; stopped=1; break; fi; sleep 2; echo -n '.'; done; echo -n ' Done '; fi; # Remove pidfile if stopped if ! $STOP_MTAL_CMD --signal TERM --quiet > /dev/null; then rm -f "$MTAL_PIDFILE"; fi # # Now we have to wait until sendmail has _really_ stopped. # if $STOP_MTAR_CMD --signal TERM --quiet > /dev/null; then echo -n ' Waiting .'; cnt=0; while $STOP_MTAR_CMD --signal TERM --quiet > /dev/null; do cnt=`expr $cnt + 1`; if [ $cnt -gt 60 ]; then # # Waited 120 seconds now. Fail. # echo -n ' Failed '; stopped=1; break; fi; sleep 2; echo -n '.'; done; echo -n ' Done '; fi; # Remove pidfile if stopped if ! $STOP_MTAR_CMD --signal TERM --quiet > /dev/null; then rm -f "$MTAR_PIDFILE"; fi }; stop_queue () { local cnt; stopped=0; # # Make sure /var/run/sendmail/ exists check_dirs; # # If not running, don't stop it... if ! is_running queue; then return; fi; # # Is running, must stop it... $STOP_MTAQ_CMD --signal TERM --quiet --oknodo > /dev/null; # # Now we have to wait until sendmail has _really_ stopped. # sleep 2; if $STOP_MTAQ_CMD --signal TERM --quiet > /dev/null; then echo -n ' Waiting .'; cnt=0; while $STOP_MTAQ_CMD --signal TERM --quiet > /dev/null; do cnt=`expr $cnt + 1`; if [ $cnt -gt 60 ]; then # # Waited 120 seconds now. Fail. # echo -n ' Failed '; stopped=1; break; fi; sleep 2; echo -n '.'; done; echo -n ' Done '; fi; # Remove pidfile iff stopped if ! $STOP_MTAQ_CMD --signal TERM --quiet > /dev/null; then rm -f "$MTAQ_PIDFILE"; fi }; stop_msp () { local cnt; stopped=0; # # Make sure /var/run/sendmail/ exists check_dirs; # # If not running, don't stop it... if ! is_running msp; then return; fi; # # Is running, must stop it... $STOP_MSP_CMD --signal TERM --quiet --oknodo > /dev/null; # # Now we have to wait until sendmail has _really_ stopped. # sleep 2; if $STOP_MSP_CMD --signal TERM --quiet > /dev/null; then echo -n 'Waiting .'; cnt=0; while $STOP_MSP_CMD --signal TERM --quiet > /dev/null; do cnt=`expr $cnt + 1`; if [ $cnt -gt 60 ]; then # # Waited 120 seconds now. Fail. # echo -n ' Failed '; stopped=1; break; fi; sleep 2; echo -n '.'; done; echo -n ' Done '; fi; # Remove pidfile iff stopped if ! $STOP_MSP_CMD --signal TERM --quiet > /dev/null; then rm -f "$MSP_PIDFILE"; fi; }; stop_sendmail () { if check_msp; then stop_msp; fi; stop_mta; stop_queue; }; #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # Check to see if sendmail is running #------------------------------------------------------------------------------ is_running () { local result; result=1; # # Make sure /var/run/sendmail/ exists check_dirs; # # Determine proper pidfile to check who=$(echo "$1" | tr '[:upper:]' '[:lower:]'); case $who in mta) PIDFILE="$MTAL_PIDFILE"; PIDFILE2="$MTAR_PIDFILE"; ;; queue) PIDFILE="$MTAQ_PIDFILE"; ;; msp) PIDFILE="$MSP_PIDFILE"; ;; *) PIDFILE="$1"; ;; esac; # # If no pidfile, not running # Extract pid/command and see if still running # Remove pidfile if app didn't # Also remove any control sockets for PIDFILE in $PIDFILE $PIDFILE2; do if [ -s $PIDFILE ]; then PID=`head -n 1 $PIDFILE 2>/dev/null`; COMMAND=`tail -n 1 $PIDFILE`; if [ ! -z "`ps --no-heading $PID`" ]; then result=0; else rm -f $PIDFILE; case $who in mta) rm -f $MTAL_SOCKET $MTAL_CNTL; ;; queue) rm -f $MTAQ_SOCKET $MTAQ_CNTL; ;; msp) rm -f $MSP_SOCKET $MSP_CNTL; esac; fi; fi; done return $result; }; #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # Check to see if running split service (MTA, MSP) # Must be at 8.12.0+ for this support #------------------------------------------------------------------------------ check_msp () { local result; result=1; if [ ! -f /usr/share/sendmail/cf/feature/msp.m4 ]; then result=1; elif [ -s /etc/mail/submit.cf ] \ && [ -s /etc/mail/submit.mc ]; then if grep -qEe "^[[:space:]]*\`?FEATURE\([[:space:]]*\`?msp" \ /etc/mail/submit.mc; then result=0; fi; fi; return $result; }; #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # Miscellaneous sendmail command support for MSP/MTA split # mailstats, mailq, runq #------------------------------------------------------------------------------ newaliases () { # # Obtain parameters IFF needed if [ -z "$SM_Get_Parameters" ]; then Get_Parameters; fi; # $MTA_COMMAND $MTA_A -bi $*; }; hoststat () { # # Obtain parameters IFF needed if [ -z "$SM_Get_Parameters" ]; then Get_Parameters; fi; # $MTA_COMMAND $MTA_A -bh $*; }; purgestat () { local parms; parms=$(echo "$1" | tr '[:upper:]' '[:lower:]'); case $parms in n*) # Now parms='-O Timeout.hoststatus=1s'; shift; ;; *) parms=''; ;; esac; # # Obtain parameters IFF needed if [ -z "$SM_Get_Parameters" ]; then Get_Parameters; fi; # $MTA_COMMAND $MTA_A -bH $parms $*; }; mailstats () { # # Obtain parameters IFF needed if [ -z "$SM_Get_Parameters" ]; then Get_Parameters; fi; # #if running split service, show the client status first if check_msp; then echo 'MSP statistics...'; #check if we have a status file for the MSP statusfile=$(grep -Ee '^O StatusFile=/.*' \ /etc/mail/submit.cf | cut -d= -f2); if [ -n $statusfile ]; then /usr/lib/sm.bin/mailstats -C \ /etc/mail/submit.cf $* || true; fi; echo 'MTA statistics...'; fi; #check if we have a status file for the MTA statusfile=$(grep -Ee '^O StatusFile=/.*' \ /etc/mail/sendmail.cf | cut -d= -f2); if [ -n $statusfile ]; then /usr/lib/sm.bin/mailstats $* || true; fi; }; mailq () { # # Obtain parameters IFF needed if [ -z "$SM_Get_Parameters" ]; then Get_Parameters; fi; # # if running split service, show the client queues first if check_msp; then echo 'MSP Queue status...'; # # Check to see if shared memory is in use (8.12.0+) if grep -qEe "^[[:space:]]*\`?define\(\`?confSHAREDMEMORYKEY'?[[:space:]]*,[[:space:]]*\`?0*[1-9]+[0-9]*'?[[:space:]]*\)" \ /etc/mail/submit.mc; then $MSP_COMMAND -bP || true; fi; $MSP_COMMAND -bp $MSP_A $MISC_PARMS $* || true; echo 'MTA Queue status...'; fi; # # Check to see if shared memory is in use (8.12.0+) if grep -qEe "^[[:space:]]*\`?define\(\`?confSHAREDMEMORYKEY'?[[:space:]]*,[[:space:]]*\`?0*[1-9]+[0-9]*'?[[:space:]]*\)" \ /etc/mail/sendmail.mc; then $MTA_COMMAND -bP || true; fi; $MTA_COMMAND -bp $MTA_A $MISC_PARMS $* || true; }; runq () { # # Obtain parameters IFF needed if [ -z "$SM_Get_Parameters" ]; then Get_Parameters; fi; # # if running split service, run the client queues first if check_msp; then echo 'Running the MSP queue...'; $MSP_COMMAND -q $MSP_A \ $MSP_L_QUEUE $MSP_PARMS $MISC_PARMS $* || true; echo 'Running the MTA queues...'; fi; if [ "$SPLIT_DAEMON" -eq 0 ]; then $MTA_COMMAND -q $MTA_A \ $MTAL_L_RUNQ $QUEUE_PARMS $MISC_PARMS $* || true; else $MTA_COMMAND -q $MTA_A \ $MTAQ_L_RUNQ $QUEUE_PARMS $MISC_PARMS $* || true; fi; }; control () { # # Obtain parameters IFF needed if [ -z "$SM_Get_Parameters" ]; then Get_Parameters; fi; local parms; parms="$*"; if [ -z "$parms" ]; then parms='help'; fi; if is_running mta; then /usr/share/sendmail/smcontrol.pl $parms; else echo 'MTA: is not running'; fi; }; #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # Print status of running job(s) #------------------------------------------------------------------------------ status () { # # Make sure /var/run/sendmail/ exists check_dirs; # # Obtain parameters IFF needed if [ -z "$SM_Get_Parameters" ]; then Get_Parameters; fi; # # if running split service, check the client status first if check_msp; then if is_running msp; then echo "MSP: $PID $COMMAND"; ps -fwp $PID; if [ -S ${MSP_CNTL} ]; then /usr/share/sendmail/smcontrol.pl \ -f ${MSP_CNTL} status || true; fi; elif [ $MSP_MODE = 'cron' ]; then echo "MSP: is run via cron ($MSP_INTERVAL)"; elif [ $MSP_MODE = 'none' ]; then echo 'MSP: is disabled'; else echo 'MSP: is not running'; fi; fi; # # Check MTA listener if is_running mta; then echo "MTA: $PID $COMMAND"; ps -fwp $PID; if [ -S ${MTAL_CNTL} ]; then /usr/share/sendmail/smcontrol.pl \ -f ${MTAL_CNTL} status || true; fi; elif [ $DAEMON_MODE = 'inetd' ]; then echo 'MTA: is run via inetd'; elif [ $DAEMON_MODE = 'none' ]; then echo 'MTA: is disabled'; else echo 'MTA: is not running'; fi; # # Check for split daemon mode (separate listener/queue runner) if is_running queue; then echo "QUE: $PID $COMMAND"; ps -fwp $PID; if [ -S ${MTAQ_CNTL} ]; then /usr/share/sendmail/smcontrol.pl \ -f ${MTAQ_CNTL} status || true; fi; elif [ $QUEUE_MODE = 'cron' ]; then echo "QUE: is run via cron ($QUEUE_INTERVAL)"; elif [ $QUEUE_MODE = 'none' ]; then echo 'QUE: is disabled'; elif [ "$SPLIT_DAEMON" -eq 0 ]; then echo "QUE: Same as MTA"; else echo 'QUE: is not running'; fi; }; #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # Cronjob handling #------------------------------------------------------------------------------ cron_mta () { # # Make sure /var/run/sendmail/ exists check_dirs; # # Obtain parameters IFF needed if [ -z "$SM_Get_Parameters" ]; then Get_Parameters; fi; # # If cron not needed, don't do queue running (though it wouldn't hurt) if [ $QUEUE_MODE = 'cron' ]; then # # If running a split (MTA/MSP) setup, we need to make sure that # messages not immediately accepted by the MTA get delivered. # Only run the MSP queue if MSP_MODE=none if check_msp; then if [ $MSP_MODE = 'none' ]; then # Make sure only *ONE* cronjob at a time if [ ! -f $STAMP_DIR/cron_msp ]; then touch $STAMP_DIR/cron_msp; #clean_queues /var/spool/mqueue-client; $MSP_COMMAND -qf $MSP_A $MSP_L_QUEUE \ $MSP_PARMS $MISC_PARMS \ $CRON_PARMS || true; rm -f $STAMP_DIR/cron_msp; fi; fi; fi; # Make sure only *ONE* cronjob at a time if [ ! -f $STAMP_DIR/cron_mta ]; then touch $STAMP_DIR/cron_mta; $MTA_COMMAND -qf $MTA_A $MTAL_L_QUEUE \ $QUEUE_PARMS $MISC_PARMS $CRON_PARMS || true; rm -f $STAMP_DIR/cron_mta; fi; fi; }; cron_msp () { # # Make sure /var/run/sendmail/ exists check_dirs; # # Obtain parameters IFF needed if [ -z "$SM_Get_Parameters" ]; then Get_Parameters; fi; # # If cron not needed, don't do queue running (though it wouldn't hurt) if [ $MSP_MODE = 'cron' ]; then # # If running a split (MTA/MSP) setup, we need to make sure that # messages not immediately accepted by the MTA get delivered. if check_msp; then # Make sure only *ONE* cronjob at a time if [ ! -f $STAMP_DIR/cron_msp ]; then touch $STAMP_DIR/cron_msp; #clean_queues /var/spool/mqueue-client; $MSP_COMMAND -qf $MSP_A $MSP_L_QUEUE \ $MSP_PARMS $MISC_PARMS \ $CRON_PARMS || true; rm -f $STAMP_DIR/cron_msp; fi; fi; fi; }; #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # Determine how to run sendmail mta daemon # * No daemon # * As listener # * As queue runner # * As both listener and queue runner #------------------------------------------------------------------------------ daemon_check () { local run_daemon; # # Skip daemon run for the following: # * sendmail hasn't been configured # * DAEMON_MODE = (none | inet) & QUEUE_MODE = (none | cron) if [ ! -s /etc/mail/sendmail.cf ] || \ [ ! -s /etc/mail/sendmail.mc ]; then echo 'sendmail has not been configured, not started.'; echo 'To configure sendmail, type sendmailconfig'; exit 1; fi; MTAR_PARMS="-C/etc/mail/sendmail-rx.cf $MTAR_L"; MTAL_PARMS="-C/etc/mail/sendmail-tx.cf $MTAL_L"; MTAQ_PARMS="$MTA_A $MTAQ_L"; run_daemon=3; case "$DAEMON_MODE" in none* | \ inetd*) run_daemon=`expr $run_daemon - 1`; ;; daemon* | \ *) MTAL_PARMS="$MTAL_PARMS -bd $DAEMON_PARMS"; MTAR_PARMS="$MTAR_PARMS -bd $DAEMON_PARMS"; ;; esac; case "$QUEUE_MODE" in none* | \ cron*) run_daemon=`expr $run_daemon - 1`; ;; daemon* | \ *) # Check for split daemon mode (separate listener/queue runner) if [ $SPLIT_DAEMON -eq 0 ]; then if [ ! -z "$QUEUE_INTERVAL" ]; then MTAL_PARMS="$MTAL_PARMS -q${QUEUE_INTERVAL}"; MTAR_PARMS="$MTAR_PARMS -qp"; fi; MTAL_PARMS="$MTAL_PARMS $QUEUE_PARMS"; MTAR_PARMS="$MTAR_PARMS $QUEUE_PARMS"; else if [ ! -z "$QUEUE_INTERVAL" ]; then MTAQ_PARMS="$MTAQ_PARMS -q${QUEUE_INTERVAL}"; fi; MTAQ_PARMS="$MTAQ_PARMS $QUEUE_PARMS"; fi; ;; esac; # Add any miscellanous (ie debugging) parameters MTAR_PARMS="$MTAR_PARMS $MISC_PARMS"; MTAL_PARMS="$MTAL_PARMS $MISC_PARMS"; MTAQ_PARMS="$MTAQ_PARMS $MISC_PARMS"; # Add PidFile override for MTA queue runner MTAQ_PARMS="$MTAQ_PARMS -O PidFile=$MTAQ_PIDFILE"; MTAQ_PARMS="$MTAQ_PARMS -O ControlSocketName=$MTAQ_CNTL"; if [ $run_daemon -lt 2 ]; then echo 'sendmail listen/queue daemon not desired.'; exit 0; fi; }; #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # Clean sendmail queues (somewhat): does *not* support split qf/df/xf dirs. # NOTE: This whole thing sucks with queue-groups, need to redo it!!! # NOTE: Check for race conditions betwixt this code and queue-runners #------------------------------------------------------------------------------ clean_queues () { local QUEUE_ROOT QUEUE QUIET # Obtain queue root directory if [ -z "$1" ]; then QUEUE_ROOT=/var/spool/mqueue QUEUE=/var/spool/mqueue QUIET='' else QUEUE_ROOT="$1" QUEUE="$1" QUIET='1' fi # remove lock files left because of kill/crash # rm -f $QUEUE/[lnx]f* doesn't work with a plethora of files ;-( for i in A B C D E F G H I J K L M N O P Q R S T U V W X Y Z \ a b c d e f g h i j k l m n o p q r s t u v w x y z; do rm -f $QUEUE/[lnx]f${i}* done # remove zero length qf files #for qffile in $QUEUE/qf*; do for qffile in $(find $QUEUE_ROOT -type f -name 'qf*'); do if [ -r "$qffile" ] && [ ! -s "$qffile" ]; then if [ ! -z "$QUIET" ]; then echo -n "<zero: $qffile> "; fi rm -f "$qffile" fi done # rename tf files to be qf if the qf does not exist for tffile in $QUEUE/tf*; do qffile=`echo "$tffile" | sed 's/\/tf\([[:alnum:]]*\)$/\/qf\1/'` if [ -r "$tffile" ] && [ ! -f "$qffile" ]; then if [ ! -z "$QUIET" ]; then echo -n "<recovering: $tffile> "; fi mv "$tffile" "$qffile" elif [ -f "$tffile" ]; then echo -n "<extra: $tffile> " rm -f "$tffile" fi done # remove df files with no corresponding qf files for dffile in $QUEUE/df*; do qffile=`echo "$dffile" | sed 's/\/df\([[:alnum:]]*\)$/\/qf\1/'` Dffile=`echo "$dffile" | sed 's/\/df\([[:alnum:]]*\)$/\/Df\1/'` if [ -r "$dffile" ] && [ ! -f "$qffile" ]; then if [ ! -s "$dffile" ]; then rm -f "$dffile" else if [ ! -z "$QUIET" ]; then echo -n "<incomplete: $dffile> "; fi mv "$dffile" "$Dffile"; fi fi done # announce files that have been saved during disaster recovery for xffile in $QUEUE/[A-Z]f*; do if [ -f "$xffile" ]; then if [ ! -z "$QUIET" ]; then echo -n "<panic: $xffile> "; fi fi done } #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # check_dirs: Make sure /var/run/sendmail/{mta,msp,stampdir} exist #------------------------------------------------------------------------------ check_dirs () { if [ ! -d "${SENDMAIL_ROOT}" ]; then mkdir -p "${SENDMAIL_ROOT}"; chown root:smmta "${SENDMAIL_ROOT}"; chmod 02755 "${SENDMAIL_ROOT}"; fi; if [ ! -d "${MTA_ROOT}" ]; then mkdir -p "${MTA_ROOT}"; chown $DAEMON_UID:smmta "${MTA_ROOT}"; chmod 02755 "${MTA_ROOT}"; fi; if [ ! -d "${MSP_ROOT}" ]; then mkdir -p "${MSP_ROOT}"; chown smmsp:smmsp "${MSP_ROOT}"; chmod 02775 "${MSP_ROOT}"; fi; if [ ! -d "${STAMP_DIR}" ]; then mkdir -p "${STAMP_DIR}"; chown root:smmsp "${STAMP_DIR}"; chmod 02775 "${STAMP_DIR}"; fi; } #------------------------------------------------------------------------------ # Why are we here ? #------------------------------------------------------------------------------ # Some requisite initialization if [ -z "$SM_Get_Parameters" ]; then Get_Parameters; fi; if [ "$LOG_CMDS" = "Yes" ]; then logger -i -p mail.debug -- "$0 $@"; fi; #------------------------------------------------------------------------------ # Handle being called via an alias #------------------------------------------------------------------------------ case $(basename $0) in newaliases) newaliases $*; exit $?; ;; hoststat) hoststat $*; exit $?; ;; purgestat) purgestat $*; exit $?; ;; mailstats) mailstats $*; exit $?; ;; mailq) mailq $*; exit $?; ;; runq) runq $*; exit $?; ;; control|smcontrol) control $*; exit $?; ;; status) status $* exit $? ;; *) ;; esac; #------------------------------------------------------------------------------ # Handle being called via /etc/init.d/sendmail or directly #------------------------------------------------------------------------------ # Ok, why are we here... case "$1" in #----------------------------------------------------------------------- # Debian required/optional targets: #----------------------------------------------------------------------- start) echo -n 'Starting Mail Transport Agent: sendmail'; start_sendmail; echo '.' ;; stop|force-stop) echo -n 'Stopping Mail Transport Agent: sendmail'; stop_sendmail; echo '.' ;; restart) echo -n 'Restarting Transport Agent: sendmail'; # reload is equivalent (but faster) than stop/start ! # but... it doesn't honor changes to /etc/mail/sendmail.conf #reload_sendmail; stop_sendmail; start_sendmail; echo '.'; ;; restart-if-running) if ! is_running mta && ! is_running msp; then echo 'Mail Transport Agent: sendmail is not running'; else $0 restart; fi; ;; reload-if-running) if ! is_running mta && ! is_running msp; then echo 'Mail Transport Agent: sendmail is not running'; else $0 reload; fi; ;; reload|force-reload) echo -n 'Reloading Mail Transport Agent configuration: sendmail'; reload_sendmail; echo '.'; ;; #----------------------------------------------------------------------- # Local targets (sendmail commands/aliases) for MSP/MTA split support # These targets will pass along any provided parameters #----------------------------------------------------------------------- newaliases) shift; newaliases $*; ;; hoststat) shift; hoststat $*; ;; purgestat) shift; purgestat $*; ;; mailstats) shift; mailstats $*; ;; mailq) shift; mailq $*; ;; runq) shift; runq $*; ;; control|smcontrol) shift; control $*; ;; #----------------------------------------------------------------------- # Local targets for extended support/debugging #----------------------------------------------------------------------- status) shift; status $*; ;; debug) # # If not running, can't debug if is_running msp; then echo -n 'Dumping MSP state...'; $SIGNAL_MSP_CMD --signal USR1; echo 'done.'; fi; if is_running mta; then echo -n 'Dumping MTA state...'; $SIGNAL_MTAL_CMD --signal USR1; echo 'done.'; fi; ;; clean|clean_que*|clean-que*) # # If running, don't clean the queues... if is_running mta; then echo 'MTA is running, queue cleaning ill advised...'; else echo -n 'Cleaning up the queues...'; clean_queues; echo 'done.'; fi; ;; #----------------------------------------------------------------------- # Local targets for cronjob support #----------------------------------------------------------------------- cron-msp) cron_msp; ;; cron-mta) cron_mta; ;; #----------------------------------------------------------------------- # Default target - bitch and moan #----------------------------------------------------------------------- *) echo "Invalid command <$1>"; echo "Usage: $0 <command>"; echo ' Where <command> is one of the following'; echo ' start|stop|restart|restart-if-running'; echo ' reload-if-running|reload|force-reload'; echo ' newaliases|hoststat|purgestat|mailstats|mailq|runq|control'; echo ' status|debug|clean'; exit 1; ;; esac; exit 0;
Scalix Installation
Sourcen laden
Sourcen laden und unter /usr/src auspacken:
cd /usr/src wget http://downloads.scalix.com/.community/11.0.2.1/scalix-11.0.4-GA-debian-intel.tgz tar xvzf scalix-11.0.4-GA-debian-intel.tgz
Installieren
Das Pakage war bei mir korrupt, in einem Tomcat-Paket ist ein Syntaxfehler. Den beheben wir zuerst:
cd /usr/src/scalix-debian-11.0.4-GA/software/scalix_server mkdir -p new/DEBIAN old mv scalix-tomcat_5.5.16-263_all.deb old dpkg -x old/scalix-tomcat_5.5.16-263_all.deb new dpkg -e old/scalix-tomcat_5.5.16-263_all.deb new/DEBIAN vi new/DEBIAN/postinst # ... Zeile 21 die überflüssige ')' entfernen /opt/scalix-tomcat/bin/sxtomcat-create-instance "" # ... dpkg -b new scalix-tomcat_5.5.16-263_all_patched.deb
Jetzt könenn wir die Scalix-Pakete installieren:
cd /usr/src/scalix-debian-11.0.4-GA/software/scalix-server dpkg -i ../../third_party/libical/i386/libical*.deb dpkg -i scalix-server_*.deb export PATH=/opt/scalix/bin:$PATH echo -n "What should the name of your primary mailnode be? "; read mnode echo -n "Please enter the admin password for the Scalix admin user (sxadmin)? "; read admpwd echo -n "Please enter a password for the ldap query user? "; read ldappwd echo -n "Please enter a password for the db user? "; read dbpwd echo -n "Please enter the external ip address of your Scalix box? "; read ip ldomain=$(hostname -d) host=$(hostname) fqdn=$(hostname -f) short=${host:0:1}${host: -1:1} # Initialize the Scalix Message Store ommakeom # Set Generation Rules for Display Name, Login Name and Internet Address sxconfig --set -t general.usrl_cn_rule='S, G' sxconfig --set -t general.usrl_authid_rule='gs@' sxconfig --set -t orniasys.name_part_1='"C" <G.S>' -t orniasys.domain_part_1=$ldomain # Creating the Default Mailnode omaddmn -m $mnode # Starting the Server Daemons omrc -n # Creating the Default Admin User omaddu -n sxadmin/$mnode --class limited -c admin -p "$admpwd" sxadmin # Configuring the Admin User omconfenu -n "sxadmin/$mnode" omlimit -u "sxadmin/$mnode" -o -i 0 -m 0 # Creating the LDAP Query User omaddu -n sxqueryadmin/$mnode --class limited -c admin -p $ldappwd sxqueryadmin@$fqdn # Creating the Standard Scalix Admin Groups omaddpdl -l ScalixUserAdmins/$mnode omaddpdl -l ScalixUserAttributesAdmins/$mnode omaddpdl -l ScalixGroupAdmins/$mnode omaddpdl -l ScalixAdmins/$mnode cat >>/var/opt/scalix/${short}/s/sys/general.cfg <<EOF # # The CDA service (used for "type down" in some clients) is more # efficient if it can check the directory change log before attempting # to update the access tables that it uses. One slow machines, it may # also be worth uncommenting the CDA_CHECKTIME tweak to reduce the check # interval from five minutes to an hour. # CDA_USE_CHANGE_LOG=TRUE # CDA_CHECKTIME=60 # # These tweaks limit the number and rate of IMAP connections to the # server. The IMAP_CONNECTION_LIMIT simply restricts the total number of # connections to the server. Note that many IMAP clients have several # connections for each IMAP session. The IMAP_CONNRATE_LIMIT restricts # the rate at which clients can connect to the server, in this case, at # most 10 connections per second. If clients try to connect faster # than that, the IMAP server simply slows down the rate at which it will # accept new connections. # IMAP_CONNECTION_LIMIT=500 IMAP_CONNRATE_LIMIT=10 # # The IMAP_IDLE_TIMEOUT tweak is the maximum time an IMAP connection # will wait for a command before terminating the connection. The default # setting, and the minimum required setting, is 30 minutes. Some # clients "refresh" their connection once every thirty minutes # exactly -- but if they are a little bit late, the server drops their # connection. Setting a timeout of 31 minutes avoids this problem. # IMAP_IDLE_TIMEOUT=31 # # This tweak arranges for Local Delivery to automatically create a # message store for users created without one. # Users added with the bulk-add mechanism used by the # wizard do not have a message store. So setting this tweak allows # them to receive mail before they are initially signed on. # LD_CREATE_MESSAGE_STORE=TRUE # # These three tweaks allow users to sign on using an alias. Only # system-defined aliases are permitted and it the alias name is ignored # for the purposes of message creation and so on. # # Note that changing these settings normally requires restarting Scalix. # UAL_SIGNON_ALIAS=YES UAL_SIGNON_ALIAS_CONFIG=SYS UAL_USE_SIGNON_ALIAS=FALSE EOF # Starting Scalix Services omon -s all # Installing the Scalix Server package # ein Deb-Paket (scalix-tomcat_*.deb) hat einen Fehler im Install-Skript. # Der muss zuerst behoben werden (Deb auspacken, Syntax Error korrigieren, Deb-Paket neu erstellen) dpkg -i scalix-postgres_*.deb scalix-tomcat-connector_*.deb scalix-tomcat_*.deb \ scalix-mobile_*.deb scalix-platform_*.deb scalix-res_*.deb scalix-sac_*.deb \ scalix-sis_*.deb scalix-swa_*.deb # Setup DB /opt/scalix-postgres/bin/sxpsql-init # To create the database and tables /opt/scalix-postgres/bin/sxpsql-setpwd $dbpwd /opt/scalix-postgres/bin/sxpsql-whitelist 127.0.0.1 $ip # Setting up Scalix-Tomcat # vi /etc/opt/scalix-tomcat/scalix-tomcat.conf # Set RAM Usage to 50% of complete RAM (or other, e.g. 40M) # JAVA_OPTS="-server -Xms40m -Xmx40m" # Configure Scalix tomcatport=80 base=/var/opt/scalix/${short} files="$base/webmail/swa.properties \ $base/caa/scalix.res/config/ubermanager.properties \ $base/res/config/res.properties \ $base/platform/platform.properties \ $base/mobile/mobile.properties \ $base/sis/sis.properties" for file in $files; do sed -e "s;%LOCALDOMAIN%;$ldomain;g" \ -e "s;%LOCALHOST%;$fqdn;g" \ -e "s;%PLATFORMURL%;$fqdn;g" \ -e "s;__SECURED_MODE__;false;g" \ -e "s;ubermanager/__FQHN_HOST__@__KERBEROS_REALM__;;g" \ -e "s;__KERBEROS_REALM__;;g" \ -e "s;__FQHN_FOR_KDC_HOST__;;g" \ -e "s;__FQHN_QUERY_SERVER_NAME__;$fqdn;g" \ -e "s;__UBERMGR_USE_EXTERNAL_AUTH__;false;g" \ -e "s;__UBERMGR_ALLOW_EXTERNAL_AUTH__;false;g" \ -e "s;__UBERMGR_MAXLIST_SIZE__;100;g" \ -e "s;__UBERMGR_MAIL_DOMAINS_LIST__;$ldomain;g" \ -e "s;__UBERMGR_EXTERNAL_DOMAIN_AUTH_LIST__;;g" \ -e "s;__CONFIGURED__;true;g" \ -e "s;__FQHN_FOR_UBERMANAGER__;$fqdn;g" \ -e "s;__TOMCAT_PORT__;$tomcatport;g" \ -e "s;localhost;$fqdn;g" \ -e "s;%SIS-LANGUAGE%;German;g" \ -e "s;%INDEX-WHITELIST%;$fqdn;g" \ -e "s;%SEARCH-WHITELIST%;$fqdn;g" \ $file > $file.neu mv $file.neu $file done # Write Ldappassword to psdata cd ${base}/caa/scalix.res/config echo "$ldappwd" > psdata chown root:root psdata chmod 400 psdata cd # Restart Tomcat /etc/init.d/scalix-tomcat restart # Setup Apache ln -s /opt/scalix/global/httpd/scalix-web-client.conf /etc/apache2/conf.d cat << EOF > /etc/apache2/conf.d/scalix-access.conf <Location /> Allow from all </Location> EOF /etc/init.d/apache2 restart cat << EOT ##################################################### # You should now be able to access scalix at: # http://$fqdn/sac # http://$fqdn/webmail ##################################################### EOT
Jetzt sollte man sich in o.g. URL als sxadmin und dem vorher definierten Password einloggen können. Als sxadmin kann man in der Scalix Admin Console (SAC) neue User anlegen.
Um Ressourcen zu sparen, kann man den Speicherbedarf des Tomcat etwas zügeln: /etc/opt/scalix-tomcat/scalix-tomcat.conf
# Configuration file for Scalix Tomcat # The directory where Java is installed # (determined from /usr/bin/java managed by update-alternatives # by default, change to hardcoded path if needed): JAVA_HOME="`/opt/scalix-tomcat/bin/determine-java-home`" # Additional arguments to be passed to Java: JAVA_OPTS="-server -Xms40m -Xmx40m" # Maximum number of file descriptors ULIMIT_NUM_FILES="1000"
Quellen
[1] Scalix Wiki: Manuelle Installation unter Etch
[2] Linux Magazin Online: Mail Server