Spec file update

Allow args to passdb
Spec file update
10 changed files with 84 additions and 27 deletions
--- a/2
+++ b/2
@ -23,4 +23,4 @@ event_link("adjust-dovecot", "bootstrap-console-save", "02");
 event_link("dovecot-acl", "email-update", "85");
 event_link("dovecot-acl", "user-create", "85");
-safe_touch("root/var/lib/dovecot/sharedmailbox/dict.db");
+safe_touch("root/etc/dovecot/sharedmailbox/dict.db");
--- a/root/etc/e-smith/db/configuration/migrate/ImapsLimits
+++ b/root/etc/e-smith/db/configuration/migrate/ImapsLimits
@ -0,0 +1,12 @@
 {
 # Those limits are now defined on the imap entry
 foreach my $prop (qw/ConcurrencyLimit ConcurrencyLimitPerIP ProcessMemoryLimit/){
    my $imaps_value = $DB->get_prop_and_delete('imaps', $prop);
    next unless ($imaps_value);
    my $imap_value = $DB->get_prop('imap', $prop);
    next if ($imap_value);
    $DB->set_prop('imap', $prop, $imaps_value);
 }
 }
--- a/root/etc/e-smith/events/actions/dovecot-acl
+++ b/root/etc/e-smith/events/actions/dovecot-acl
@ -16,19 +16,21 @@ my $event = $ARGV[0];
 # SharedMailboxes disabled ?
 if (($dovecot->prop('SharedMailbox') || 'disabled') eq 'disabled'){
-    foreach my $user ($a->users){
+    if (($dovecot->prop('SharedMailboxAcl') || 'yes') ne 'no'){
-        my $name = $user->key;
+        foreach my $user ($a->users){
-        die "Error removing SharedMailbox ACLs ($name"."'s Maildir)\n" unless (
+            my $name = $user->key;
-            system('/usr/bin/setfacl',
+            die "Error removing SharedMailbox ACLs ($name"."'s Maildir)\n" unless (
-                   '-R',
+                system('/usr/bin/setfacl',
-                   '-x',
+                       '-R',
-                   'g:sharedmailbox',
+                       '-x',
-                   "/home/e-smith/files/users/$name") == 0 &&
+                       'g:sharedmailbox',
-            system('/bin/chmod',
+                       "/home/e-smith/files/users/$name") == 0 &&
-                   '-R',
+                system('/bin/chmod',
-                   'g-s',
+                       '-R',
-                   "/home/e-smith/files/users/$name/Maildir") == 0
+                       'g-s',
-        );
+                       "/home/e-smith/files/users/$name/Maildir") == 0
            );
        }
    }
    $dovecot->set_prop('SharedMailboxAcl','no');
    exit(0);
@ -62,11 +64,11 @@ sub set_acl {
        system('/usr/bin/setfacl',
               '-R',
               '-m',
-               'g:sharedmailbox:rwX,d:g:sharedmailbox:rwX',
+               'u::rwX,g::rwX,o::rX,g:sharedmailbox:rwX,d:u::rwX,d:g::rwX,d:g:sharedmailbox:rwX,d:o::rX',
               "/home/e-smith/files/users/$user/Maildir") == 0 &&
        # Grant sharedmailbox group permission to go through
-        # the home dir so it can access the Maildir, but let it read
+        # the home dir so it can access the Maildir, but don't let it read
-        # anything else
+        # anything (except the Maildir)
        system('/usr/bin/setfacl',
               '-m',
               'g:sharedmailbox:x',
@ -81,7 +83,7 @@ sub set_acl {
 # http://wiki2.dovecot.org/Errors/ChgrpNoPerm
 sub dirperm {
    system('/bin/chmod',
-           'g+ws',
+           'g+s',
           "$_") if (-d);
 }
--- a/root/etc/e-smith/templates-user/.qmail/80DovecotLDA
+++ b/root/etc/e-smith/templates-user/.qmail/80DovecotLDA
@ -14,7 +14,7 @@
        $OUT .= "# No local delivery (Dovecot LDA)\n";
    }
    else{
-        $OUT .= '| /var/qmail/bin/preline -f /usr/libexec/dovecot/dovecot-lda; if [ $? -ne 0 ] ; then exit -1; else exit 99; fi;';
+        $OUT .= '| /var/qmail/bin/preline -f /usr/libexec/dovecot/dovecot-lda -a "$RECIPIENT"; if [ $? -ne 0 ] ; then exit -1; else exit 99; fi;';
    }
 }
--- a/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/15auth
+++ b/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/15auth
@ -1,9 +1,11 @@
 {
 my $greeting = $dovecot{'Greeting'} || 'SME Server IMAP service powered by doveot';
 $OUT .= "login_greeting = \"$greeting\"\n";
 our $args = $dovecot{PassDBArgs} || '';
 }
 passdb \{
  driver = pam
  { $OUT .= ($args ne '') ? "args = $args\n" : ''; }
 \}
 {
 if (($dovecot{'AdminIsMaster'} || 'disabled') eq 'enabled'){
@ -11,7 +13,7 @@ if (($dovecot{'AdminIsMaster'} || 'disabled') eq 'enabled'){
 passdb {
  driver = pam
-  args = dovecotadmin
+  args = $args dovecotadmin
  master = yes
 }
 auth_master_user_separator = *
--- a/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/27Limits
+++ b/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/27Limits
@ -0,0 +1,18 @@
 {
 my $ConcurrencyLimit = $imap{ConcurrencyLimit} || '400';
 my $ConcurrencyLimitPerIP = $imap{ConcurrencyLimitPerIP} || '12';
 my $ProcessMemoryLimit = $imap{ProcessMemoryLimit} || '256000000';
 $OUT .=<<"END";
 service imap {
  process_limit = $ConcurrencyLimit
  vsz_limit = $ProcessMemoryLimit
 }
 protocol imap {
  mail_max_userip_connections = $ConcurrencyLimitPerIP
 }
 END
 }
--- a/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/40lda
+++ b/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/40lda
@ -15,5 +15,6 @@ if ($subject ne ''){
 protocol lda \{
  mail_plugins = $mail_plugins {$OUT .= (($sieve{'status'} || 'disabled') eq 'enabled') ? 'sieve':''}
  submission_host = 127.0.0.1
 \}
--- a/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/65pluginAcl
+++ b/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/65pluginAcl
@ -50,7 +50,7 @@ namespace {
 }
 plugin {
-  acl_shared_dict = file:/var/lib/dovecot/sharedmailbox/dict.db
+  acl_shared_dict = file:/etc/dovecot/sharedmailbox/dict.db
 }
 plugin {
--- a/root/var/service/dovecot/control/1
+++ b/root/var/service/dovecot/control/1
@ -33,8 +33,8 @@ my $pem = "./ssl/imapd.pem";
 # Now copy system pem file into jail used by ldap
 copy("/home/e-smith/ssl.pem/$s.$d.pem", "$pem.$$")
  or die "failed to copy SSL PEM: $!";
-chmod 0400, "$pem.$$";
+chmod 0440, "$pem.$$";
-esmith::util::chownFile("root", "root", "$pem.$$");
+esmith::util::chownFile("root", "stunnel", "$pem.$$");
 rename("$pem.$$", "$pem")
  or die "failed to rename $pem.$$ to $pem: $!";
--- a/smeserver-dovecot.spec
+++ b/smeserver-dovecot.spec
@ -1,5 +1,5 @@
-%define version 0.1
+%define version 0.1.6
-%define release 0.beta27
+%define release 1.beta0
 %define name smeserver-dovecot
@ -29,6 +29,28 @@ Configure the dovecot IMAP server with sieve scripts support,
 quota, ACL, extended logging, master user
 %changelog
 * Wed Jan 7 2015 Daniel Berteaud <daniel@firewall-services.com> - 0.1.6-1
 - Allow args in passdb
 * Wed Jul 9 2014 Daniel Berteaud <daniel@firewall-services.com> - 0.1.5-1
 - Remove trailing / when defining permissions on sharedmailbox dir
 * Fri Feb 7 2014 Daniel Berteaud <daniel@firewall-services.com> - 0.1.4-1
 - Migrate limits from imaps to imap DB entry
 - Fix permissions on imapd.pem (for pop3s)
 * Tue Dec 24 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.3-1
 - Apply process limits
 * Tue Oct 29 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.2-1
 - Use SMTP for sending sieve notifications
 * Mon Mar 25 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.1-1
 - Fix ACL and default ACL to set 755/644 on maildirs
 * Tue Feb 12 2013 Daniel Berteaud <daniel@firewall-services.com> - 0.1.0-1
 - Pass the recipient variable to dovcot-lda
 * Tue Nov 29 2011 Daniel Berteaud <daniel@firewall-services.com> - 0.1
 - initial release
@ -49,8 +71,8 @@ perl createlinks
   --file /var/service/dovecot/log/run 'attr(0755,root,root)' \
   --file /var/service/dovecot/control/1 'attr(0755,root,root)' \
   --dir /var/log/dovecot 'attr(0750,smelog,smelog)' \
-   --dir /var/lib/dovecot/sharedmailbox 'attr(2770,root,sharedmailbox)' \
+   --dir /etc/dovecot/sharedmailbox 'attr(2770,root,sharedmailbox)' \
-   --file /var/lib/dovecot/sharedmailbox/dict.db 'attr(0660,root,sharedmailbox) %config(noreplace)' \
+   --file /etc/dovecot/sharedmailbox/dict.db 'attr(0660,root,sharedmailbox) %config(noreplace)' \
   --file /usr/bin/imap-postlogin 'attr(0755,root,root)' \
  > %{name}-%{version}-filelist
Author	SHA1	Message	Date
Daniel Berteaud	8761671533	Spec file update	10 years ago
Daniel Berteaud	405eb1157d	Allow args to passdb	10 years ago
Daniel Berteaud	0075251890	Spec file update	11 years ago
Daniel Berteaud	79b21830af	Spec file update	11 years ago
Daniel Berteaud	07711461cf	Migrate limits from imaps to imap DB entry	11 years ago
Daniel Berteaud	8a97c4d939	Backport fix from http://bugs.contribs.org/show_bug.cgi?id=7570	11 years ago
Daniel Berteaud	af29cbe4dc	Spec file update	11 years ago
Daniel Berteaud	20f8d3181a	Apply process limits	11 years ago
Daniel Berteaud	952bf0e709	update spec file	11 years ago
Daniel Berteaud	0cd9571a65	Use SMTP to send sieve notif (forward, vacation etc...) so the From envolop is correctly set	11 years ago
Daniel Berteaud	bf99846901	update spec file	12 years ago
Daniel Berteaud	c24e5140ec	Fix ACL and default ACL on maildirs which have to be 755/644	12 years ago
Daniel Berteaud	19d0c43c27	update spec file	12 years ago
Daniel Berteaud	c635de001b	Pass the recipient address to dovecot-lda so vacation message can be ignored for unspecified addresses	12 years ago
Daniel Berteaud	2c96405523	update spec file	12 years ago
Daniel Berteaud	238da5d92c	Do not remove ACL all the time if SharedMailbox is disabled	12 years ago
Daniel Berteaud	7d231598c0	Re obsoletes e-smith-imap	12 years ago
Daniel Berteaud	a6c24e6347	Don't obsoletes e-smith-imap, but conflicts so updates cannot install automatically	12 years ago
Daniel Berteaud	fbfdfd783d	move acl dict file to /etc/dovecot	13 years ago
Daniel Berteaud	94d202cae6	Fix an syntax error in dovecot-acl	13 years ago
Daniel Berteaud	5e98fd3ad9	Grant group write perm	13 years ago