Compare commits

...

21 Commits

Author SHA1 Message Date
Daniel Berteaud 8761671533 Spec file update 10 years ago
Daniel Berteaud 405eb1157d Allow args to passdb 10 years ago
Daniel Berteaud 0075251890 Spec file update 11 years ago
Daniel Berteaud 79b21830af Spec file update 11 years ago
Daniel Berteaud 07711461cf Migrate limits from imaps to imap DB entry 11 years ago
Daniel Berteaud 8a97c4d939 Backport fix from http://bugs.contribs.org/show_bug.cgi?id=7570 11 years ago
Daniel Berteaud af29cbe4dc Spec file update 11 years ago
Daniel Berteaud 20f8d3181a Apply process limits 11 years ago
Daniel Berteaud 952bf0e709 update spec file 11 years ago
Daniel Berteaud 0cd9571a65 Use SMTP to send sieve notif (forward, vacation etc...) so the From envolop is correctly set 11 years ago
Daniel Berteaud bf99846901 update spec file 12 years ago
Daniel Berteaud c24e5140ec Fix ACL and default ACL on maildirs which have to be 755/644 12 years ago
Daniel Berteaud 19d0c43c27 update spec file 12 years ago
Daniel Berteaud c635de001b Pass the recipient address to dovecot-lda so vacation message can be ignored for unspecified addresses 12 years ago
Daniel Berteaud 2c96405523 update spec file 12 years ago
Daniel Berteaud 238da5d92c Do not remove ACL all the time if SharedMailbox is disabled 12 years ago
Daniel Berteaud 7d231598c0 Re obsoletes e-smith-imap 12 years ago
Daniel Berteaud a6c24e6347 Don't obsoletes e-smith-imap, but conflicts so updates cannot install automatically 12 years ago
Daniel Berteaud fbfdfd783d move acl dict file to /etc/dovecot 13 years ago
Daniel Berteaud 94d202cae6 Fix an syntax error in dovecot-acl 13 years ago
Daniel Berteaud 5e98fd3ad9 Grant group write perm 13 years ago
  1. 2
      createlinks
  2. 12
      root/etc/e-smith/db/configuration/migrate/ImapsLimits
  3. 38
      root/etc/e-smith/events/actions/dovecot-acl
  4. 2
      root/etc/e-smith/templates-user/.qmail/80DovecotLDA
  5. 4
      root/etc/e-smith/templates/etc/dovecot/dovecot.conf/15auth
  6. 18
      root/etc/e-smith/templates/etc/dovecot/dovecot.conf/27Limits
  7. 1
      root/etc/e-smith/templates/etc/dovecot/dovecot.conf/40lda
  8. 2
      root/etc/e-smith/templates/etc/dovecot/dovecot.conf/65pluginAcl
  9. 4
      root/var/service/dovecot/control/1
  10. 30
      smeserver-dovecot.spec

@ -23,4 +23,4 @@ event_link("adjust-dovecot", "bootstrap-console-save", "02");
event_link("dovecot-acl", "email-update", "85");
event_link("dovecot-acl", "user-create", "85");
safe_touch("root/var/lib/dovecot/sharedmailbox/dict.db");
safe_touch("root/etc/dovecot/sharedmailbox/dict.db");

@ -0,0 +1,12 @@
{
# Those limits are now defined on the imap entry
foreach my $prop (qw/ConcurrencyLimit ConcurrencyLimitPerIP ProcessMemoryLimit/){
my $imaps_value = $DB->get_prop_and_delete('imaps', $prop);
next unless ($imaps_value);
my $imap_value = $DB->get_prop('imap', $prop);
next if ($imap_value);
$DB->set_prop('imap', $prop, $imaps_value);
}
}

@ -16,19 +16,21 @@ my $event = $ARGV[0];
# SharedMailboxes disabled ?
if (($dovecot->prop('SharedMailbox') || 'disabled') eq 'disabled'){
foreach my $user ($a->users){
my $name = $user->key;
die "Error removing SharedMailbox ACLs ($name"."'s Maildir)\n" unless (
system('/usr/bin/setfacl',
'-R',
'-x',
'g:sharedmailbox',
"/home/e-smith/files/users/$name") == 0 &&
system('/bin/chmod',
'-R',
'g-s',
"/home/e-smith/files/users/$name/Maildir") == 0
);
if (($dovecot->prop('SharedMailboxAcl') || 'yes') ne 'no'){
foreach my $user ($a->users){
my $name = $user->key;
die "Error removing SharedMailbox ACLs ($name"."'s Maildir)\n" unless (
system('/usr/bin/setfacl',
'-R',
'-x',
'g:sharedmailbox',
"/home/e-smith/files/users/$name") == 0 &&
system('/bin/chmod',
'-R',
'g-s',
"/home/e-smith/files/users/$name/Maildir") == 0
);
}
}
$dovecot->set_prop('SharedMailboxAcl','no');
exit(0);
@ -56,22 +58,22 @@ sub set_acl {
my $user = shift;
die "Missing username\n" unless ($user);
die "Couldn't find $user"."'s home dir\n" unless (-e "/home/e-smith/files/users/$user");
find(\&dirperm, "/home/e-smith/files/users/$user/Maildir");
die "Error applying permissions to $user 's Maildir\n" unless (
# sharedmailbox group needs read / write access on Maildir
system('/usr/bin/setfacl',
'-R',
'-m',
'g:sharedmailbox:rwX,d:g:sharedmailbox:rwX',
'u::rwX,g::rwX,o::rX,g:sharedmailbox:rwX,d:u::rwX,d:g::rwX,d:g:sharedmailbox:rwX,d:o::rX',
"/home/e-smith/files/users/$user/Maildir") == 0 &&
# Grant sharedmailbox group permission to go through
# the home dir so it can access the Maildir, but let it read
# anything else
# the home dir so it can access the Maildir, but don't let it read
# anything (except the Maildir)
system('/usr/bin/setfacl',
'-m',
'g:sharedmailbox:x',
"/home/e-smith/files/users/$user") == 0
);
find(\&sgid, "/home/e-smith/files/users/$user/Maildir");
}
# The kernel will handle group perms when a user
@ -79,7 +81,7 @@ sub set_acl {
# This will prevent dovecot errors, see
# http://wiki2.dovecot.org/SharedMailboxes/Permissions and
# http://wiki2.dovecot.org/Errors/ChgrpNoPerm
sub sgid {
sub dirperm {
system('/bin/chmod',
'g+s',
"$_") if (-d);

@ -14,7 +14,7 @@
$OUT .= "# No local delivery (Dovecot LDA)\n";
}
else{
$OUT .= '| /var/qmail/bin/preline -f /usr/libexec/dovecot/dovecot-lda; if [ $? -ne 0 ] ; then exit -1; else exit 99; fi;';
$OUT .= '| /var/qmail/bin/preline -f /usr/libexec/dovecot/dovecot-lda -a "$RECIPIENT"; if [ $? -ne 0 ] ; then exit -1; else exit 99; fi;';
}
}

@ -1,9 +1,11 @@
{
my $greeting = $dovecot{'Greeting'} || 'SME Server IMAP service powered by doveot';
$OUT .= "login_greeting = \"$greeting\"\n";
our $args = $dovecot{PassDBArgs} || '';
}
passdb \{
driver = pam
{ $OUT .= ($args ne '') ? "args = $args\n" : ''; }
\}
{
if (($dovecot{'AdminIsMaster'} || 'disabled') eq 'enabled'){
@ -11,7 +13,7 @@ if (($dovecot{'AdminIsMaster'} || 'disabled') eq 'enabled'){
passdb {
driver = pam
args = dovecotadmin
args = $args dovecotadmin
master = yes
}
auth_master_user_separator = *

@ -0,0 +1,18 @@
{
my $ConcurrencyLimit = $imap{ConcurrencyLimit} || '400';
my $ConcurrencyLimitPerIP = $imap{ConcurrencyLimitPerIP} || '12';
my $ProcessMemoryLimit = $imap{ProcessMemoryLimit} || '256000000';
$OUT .=<<"END";
service imap {
process_limit = $ConcurrencyLimit
vsz_limit = $ProcessMemoryLimit
}
protocol imap {
mail_max_userip_connections = $ConcurrencyLimitPerIP
}
END
}

@ -15,5 +15,6 @@ if ($subject ne ''){
protocol lda \{
mail_plugins = $mail_plugins {$OUT .= (($sieve{'status'} || 'disabled') eq 'enabled') ? 'sieve':''}
submission_host = 127.0.0.1
\}

@ -50,7 +50,7 @@ namespace {
}
plugin {
acl_shared_dict = file:/var/lib/dovecot/sharedmailbox/dict.db
acl_shared_dict = file:/etc/dovecot/sharedmailbox/dict.db
}
plugin {

@ -33,8 +33,8 @@ my $pem = "./ssl/imapd.pem";
# Now copy system pem file into jail used by ldap
copy("/home/e-smith/ssl.pem/$s.$d.pem", "$pem.$$")
or die "failed to copy SSL PEM: $!";
chmod 0400, "$pem.$$";
esmith::util::chownFile("root", "root", "$pem.$$");
chmod 0440, "$pem.$$";
esmith::util::chownFile("root", "stunnel", "$pem.$$");
rename("$pem.$$", "$pem")
or die "failed to rename $pem.$$ to $pem: $!";

@ -1,5 +1,5 @@
%define version 0.1
%define release 0.beta26
%define version 0.1.6
%define release 1.beta0
%define name smeserver-dovecot
@ -29,6 +29,28 @@ Configure the dovecot IMAP server with sieve scripts support,
quota, ACL, extended logging, master user
%changelog
* Wed Jan 7 2015 Daniel Berteaud <daniel@firewall-services.com> - 0.1.6-1
- Allow args in passdb
* Wed Jul 9 2014 Daniel Berteaud <daniel@firewall-services.com> - 0.1.5-1
- Remove trailing / when defining permissions on sharedmailbox dir
* Fri Feb 7 2014 Daniel Berteaud <daniel@firewall-services.com> - 0.1.4-1
- Migrate limits from imaps to imap DB entry
- Fix permissions on imapd.pem (for pop3s)
* Tue Dec 24 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.3-1
- Apply process limits
* Tue Oct 29 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.2-1
- Use SMTP for sending sieve notifications
* Mon Mar 25 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.1-1
- Fix ACL and default ACL to set 755/644 on maildirs
* Tue Feb 12 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.0-1
- Pass the recipient variable to dovcot-lda
* Tue Nov 29 2011 Daniel Berteaud <daniel@firewall-services.com> - 0.1
- initial release
@ -49,8 +71,8 @@ perl createlinks
--file /var/service/dovecot/log/run 'attr(0755,root,root)' \
--file /var/service/dovecot/control/1 'attr(0755,root,root)' \
--dir /var/log/dovecot 'attr(0750,smelog,smelog)' \
--dir /var/lib/dovecot/sharedmailbox 'attr(2770,root,sharedmailbox)' \
--file /var/lib/dovecot/sharedmailbox/dict.db 'attr(0660,root,sharedmailbox) %config(noreplace)' \
--dir /etc/dovecot/sharedmailbox 'attr(2770,root,sharedmailbox)' \
--file /etc/dovecot/sharedmailbox/dict.db 'attr(0660,root,sharedmailbox) %config(noreplace)' \
--file /usr/bin/imap-postlogin 'attr(0755,root,root)' \
> %{name}-%{version}-filelist

Loading…
Cancel
Save