diff --git a/src/fixperms_mail.sh b/src/fixperms_mail.sh new file mode 100755 index 00000000..eca88a02 --- /dev/null +++ b/src/fixperms_mail.sh @@ -0,0 +1,154 @@ +#!/bin/bash -e +# +# ---------------------------------------------------------------------- +# AlternC - Web Hosting System +# Copyright (C) 2000-2016 by the AlternC Development Team. +# https://alternc.org/ +# ---------------------------------------------------------------------- +# LICENSE +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License (GPL) +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# To read the license please visit http://www.gnu.org/copyleft/gpl.html +# ---------------------------------------------------------------------- +# Original Author of file: Remi - 2016-04-27 +# Purpose of file: Fixes permissions and ownerships of AlternC mailboxes +# ---------------------------------------------------------------------- +# + + +show_help() { +cat << EOT +Usage: `basename $0` [-c] [-n] [-l ] [-u ] [-p ] [-d ] + +Fixes rights of AlternC mailboxes + + -c + Compatibility mode: adapts rights for both pre 1.X and newer versions (using acl) + + -l + login of an AlternC account + + -u + uid of an AlternC account + + -p + path to a directory, if the path does not contain an underscore (_), + this is considered as a prefix. + + -d + fix mails belonging to a FQDN + + -n + dry run. Causes the program to show the modifications, without actually executing them. + + -h + shows this help message + +EOT +} + +DRY_RUN=0 +ACL=0 + +execute_cmd() { + if [ $DRY_RUN -eq 1 ]; then + echo $@ + else + eval $@ + fi +} + +query="select m.path, mem.uid from mailbox m join address a on m.address_id=a.id join domaines d on a.domain_id=d.id join membres mem on d.compte=mem.uid where delivery='dovecot'" + +while getopts "hl:u:p:d:cn" optname +do + case "$optname" in + "c") + ACL=1 + ;; + "n") + DRY_RUN=1 + ;; + ## login + "l") + if [[ "$OPTARG" =~ ^[a-zA-Z0-9_]+$ ]]; then + query="$query and mem.login='$OPTARG'" + else + echo "error: \"$OPTARG\" is not a valid login" 1>&2 + show_help + exit 1 + fi + ;; + ## uid + "u") + if [[ "$OPTARG" =~ ^[0-9]+$ ]]; then + query="$query and mem.uid='$OPTARG'" + else + echo "error: \"$OPTARG\" is not a valid uid" 1>&2 + show_help + exit 1 + fi + ;; + ## domain + "d") + if [[ "$OPTARG" != *"'"* ]]; then + query="$query and d.domaine='$OPTARG'" + fi + ;; + ## path + "p") + ## if path contains an underscore it's a full path, otherwise it's a prefix + if [ -d "$OPTARG" ]; then + if [[ $OPTARG == *"_"* ]]; then + query="$query and m.path='${OPTARG%/}'" + else + query="$query and m.path LIKE '$OPTARG%'" + fi + else + echo "error: \"$OPTARG\" is not a valid directory" 1>&2 + show_help + exit 1 + fi + ;; + ## show help + "h") + show_help + exit 0 + ;; + "?") + echo "Unkown option: $OPTARG" 1>&2 + show_help + exit 1 + ;; + *) + show_help + exit 1 + ;; + esac +done + + +echo $query | mysql --defaults-file=/etc/alternc/my.cnf -N -B | while read path uid; do + echo "** Fixing $path ($uid)" + + if [ $ACL -eq 1 ]; then + execute_cmd chown -R www-data.$uid $path + execute_cmd find $path -type d -exec chmod 2755 {} \\\; + execute_cmd setfacl -bknR -m d:u:$uid:rwx -m u:$uid:rwx -m d:o::--- -m o::---\ + -m d:u:www-data:rwx -m u:www-data:rwx -m d:g:$uid:rwx -m g:$uid:rwx\ + -m d:mask:rwx -m mask:rwx "$path" + else + execute_cmd chown -R $uid.vmail $path + execute_cmd find $path -type d -exec chmod 0700 {} \\\; + fi + +done