diff --git a/.gitattributes b/.gitattributes index 2b205bfe..75c54189 100644 --- a/.gitattributes +++ b/.gitattributes @@ -654,6 +654,7 @@ src/generate_apache_conf.php -text src/generate_bind_conf.php -text src/inotify_do_actions.sh -text src/inotify_update_domains.sh -text +src/mail_add.php -text src/mail_dodelete.php -text src/mem_add -text src/mem_del -text diff --git a/.travis.yml b/.travis.yml index bd2a5e41..4ca24f93 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,5 +1,6 @@ language: php php: + - 5.5 - 5.4 - 5.3 script: phpunit --coverage-clover=coverage.clover diff --git a/awstats/alternc-awstats b/awstats/alternc-awstats index 4ac14dc5..bc23ca6c 100755 --- a/awstats/alternc-awstats +++ b/awstats/alternc-awstats @@ -1,11 +1,12 @@ #!/bin/bash -# Appelé seul, lance les stats AWStats du jour. -# Appelé avec "all" lance les stats avec tous les fichiers .gz situés dans /var/log/apache -# Appelé avec un nom de domaine en paramètre, rescanne tous les fichiers .gz pour ce domaine uniquement. +# Called with no parameters, launch the daily awstats stats +# called with "all", launch all stats with all apache log files from /var/log/alternc/sites/ +# called with a domain name, launch the stats for this domain from all apache log files -# Include some usefull functions -. /usr/lib/alternc/functions.sh +cd /usr/lib/alternc +# AlternC system functions +. ./functions.sh # Regenerate the awstat etc cache files : if [ -x ./awstats.cache.php ] diff --git a/awstats/bureau/class/m_aws.php b/awstats/bureau/class/m_aws.php index eeb6d9bd..932e5f53 100644 --- a/awstats/bureau/class/m_aws.php +++ b/awstats/bureau/class/m_aws.php @@ -478,7 +478,7 @@ class m_aws { $err->raise("aws",_("Login already exist")); return false; } - $pass=_md5cr($pass); + $pass=$this->crypt_apr1_md5($pass); // FIXME retourner une erreur l'insert se passe pas bien $db->query("INSERT INTO aws_users (uid,login,pass) VALUES ('$cuid','$login','$pass');"); return $this->_createhtpasswd(); @@ -498,7 +498,7 @@ class m_aws { $err->raise("aws",_("Login does not exists")); // Login does not exists return false; } - $pass=_md5c($pass); + $pass=$this->crypt_apr1_md5($pass); $db->query("UPDATE aws_users SET pass='$pass' WHERE login='$login';"); return $this->_createhtpasswd(); } @@ -794,6 +794,42 @@ class m_aws { return $str; } + + /* ----------------------------------------------------------------- */ + /** + * from http://php.net/crypt#73619 + */ + function crypt_apr1_md5($plainpasswd) { + $salt = substr(str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789"), 0, 8); + $len = strlen($plainpasswd); + $text = $plainpasswd.'$apr1$'.$salt; + $bin = pack("H32", md5($plainpasswd.$salt.$plainpasswd)); + for($i = $len; $i > 0; $i -= 16) { $text .= substr($bin, 0, min(16, $i)); } + for($i = $len; $i > 0; $i >>= 1) { $text .= ($i & 1) ? chr(0) : $plainpasswd{0}; } + $bin = pack("H32", md5($text)); + for($i = 0; $i < 1000; $i++) { + $new = ($i & 1) ? $plainpasswd : $bin; + if ($i % 3) $new .= $salt; + if ($i % 7) $new .= $plainpasswd; + $new .= ($i & 1) ? $bin : $plainpasswd; + $bin = pack("H32", md5($new)); + } + for ($i = 0; $i < 5; $i++) { + $k = $i + 6; + $j = $i + 12; + if ($j == 16) $j = 5; + $tmp = $bin[$i].$bin[$k].$bin[$j].$tmp; + } + $tmp = chr(0).chr(0).$bin[11].$tmp; + $tmp = strtr(strrev(substr(base64_encode($tmp), 2)), + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", + "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"); + return "$"."apr1"."$".$salt."$".$tmp; + } + + + + } /* CLASSE m_aws */ ?> diff --git a/bureau/admin/index.php b/bureau/admin/index.php index a028342b..d3ca1d8a 100644 --- a/bureau/admin/index.php +++ b/bureau/admin/index.php @@ -74,12 +74,9 @@ if ( empty($logo) || ! $logo ) {
ATTENTION : vous allez acc�der � votre panel en mode *non s�curis�*
- Cliquez ici pour passer en mode s�curis�"; + if (variable_get('https_warning', true, 'warn users to switch to HTTPS') && !isset($_SERVER['HTTPS'])) { + echo '

' . sprintf(_('WARNING: you are trying to access the control panel insecurely, click here to go to secure mode'), $_SERVER["HTTP_HOST"]) . '

'; } - */ ?>
diff --git a/bureau/admin/mail_list.php b/bureau/admin/mail_list.php index 2572cb0b..d0dba089 100644 --- a/bureau/admin/mail_list.php +++ b/bureau/admin/mail_list.php @@ -202,6 +202,7 @@ if (date("Y-m-d")==substr($val["lastlogin"],0,10)) echo substr($val["lastlogin"]
+ srv_submission) { ?>

    @@ -213,6 +214,8 @@ if (date("Y-m-d")==substr($val["lastlogin"],0,10)) echo substr($val["lastlogin"]
  • STARTTLS
+ + srv_smtp) { ?>

    @@ -224,6 +227,8 @@ if (date("Y-m-d")==substr($val["lastlogin"],0,10)) echo substr($val["lastlogin"]
  • STARTTLS
+ + srv_smtps) { ?>

    @@ -235,6 +240,7 @@ if (date("Y-m-d")==substr($val["lastlogin"],0,10)) echo substr($val["lastlogin"]
  • SSL
+
diff --git a/bureau/class/m_admin.php b/bureau/class/m_admin.php index 9f3f1c73..adf5bd98 100644 --- a/bureau/class/m_admin.php +++ b/bureau/class/m_admin.php @@ -173,6 +173,21 @@ class m_admin { return $db->f('uid'); } + /** + * return the name of an alternc account + * + * @global type $db + * @param type $uid + * @return null if missing + */ + function get_login_by_uid($uid) { + global $db; + $db->query("SELECT login FROM membres WHERE uid=$uid;"); + if (! $db->next_record()) { + return null; + } + return $db->f('login'); + } /** * Returns the known information about a hosted account diff --git a/bureau/class/m_dom.php b/bureau/class/m_dom.php index 6dcc8283..a51e6b7b 100644 --- a/bureau/class/m_dom.php +++ b/bureau/class/m_dom.php @@ -2170,6 +2170,7 @@ order by // by subdomain $tmp = array(); foreach ($da['sub'] as $sub) { + if ($sub['web_action']!='OK') continue; if (!$sub['only_dns']) { if (!isset($tmp[$sub['fqdn']])) { $tmp[$sub['fqdn']] = 0; diff --git a/bureau/class/m_ftp.php b/bureau/class/m_ftp.php index 48f7c2ce..c7922fcd 100644 --- a/bureau/class/m_ftp.php +++ b/bureau/class/m_ftp.php @@ -224,7 +224,7 @@ class m_ftp { } // Explicitly look for only allowed chars - if ( ! preg_match("/^[A-Za-z0-9_\.\-]+$/", $l) ) { + if ( ! preg_match("/^[A-Za-z0-9]+[A-Za-z0-9_\.\-]*$/", $l) ) { $err->raise('ftp', _("FTP login is incorrect")); return false; } diff --git a/bureau/class/m_mail.php b/bureau/class/m_mail.php index dbe77023..fe3d9197 100644 --- a/bureau/class/m_mail.php +++ b/bureau/class/m_mail.php @@ -82,9 +82,9 @@ class m_mail { * Constructeur */ function m_mail() { - $this->srv_submission = variable_get('mail_human_submission', '%%FQDN%%','Human name for mail server (submission protocol)', array('desc'=>'Name','type'=>'string')); - $this->srv_smtp = variable_get('mail_human_smtp', '%%FQDN%%','Human name for mail server (SMTP protocol)', array('desc'=>'Name','type'=>'string')); - $this->srv_smtps = variable_get('mail_human_smtps', '%%FQDN%%','Human name for mail server (SMTPS protocol)', array('desc'=>'Name','type'=>'string')); + $this->srv_submission = variable_get('mail_human_submission', '%%FQDN%%','Human name for mail server (submission protocol), leave empty to disable help', array('desc'=>'Name','type'=>'string')); + $this->srv_smtp = variable_get('mail_human_smtp', '%%FQDN%%','Human name for mail server (SMTP protocol), leave empty to disable help', array('desc'=>'Name','type'=>'string')); + $this->srv_smtps = variable_get('mail_human_smtps', '%%FQDN%%','Human name for mail server (SMTPS protocol), leave empty to disable help', array('desc'=>'Name','type'=>'string')); $this->srv_imap = variable_get('mail_human_imap', '%%FQDN%%','Human name for IMAP mail server', array('desc'=>'Name','type'=>'string')); $this->srv_imaps = variable_get('mail_human_imaps', '%%FQDN%%','Human name for IMAPS mail server', array('desc'=>'Name','type'=>'string')); $this->srv_pop3 = variable_get('mail_human_pop3', '%%FQDN%%','Human name for POP3 mail server', array('desc'=>'Name','type'=>'string')); diff --git a/bureau/class/m_piwik.php b/bureau/class/m_piwik.php index 58940475..982fdf1c 100644 --- a/bureau/class/m_piwik.php +++ b/bureau/class/m_piwik.php @@ -102,8 +102,7 @@ class m_piwik { $user_login = $this->clean_user_name($user_login); $user_pass = create_pass(); - $user_mail = $user_mail ? $user_mail : $mem->user['mail']; - $user_mail = create_pass(4) . '@gmail.com'; // FIXME $user_mail; Unicité sur les emails ... Soit on ajoute + random soit, on prompt + $user_mail = $mem->user['mail']; $user_alias = $user_login; $api_data = $this->call_privileged_page('API', 'UsersManager.addUser', array('userLogin' => $user_login, 'password' => $user_pass, 'email' => $user_mail, 'alias' => $user_alias), 'JSON'); @@ -292,9 +291,10 @@ class m_piwik { // Ajoute un site à Piwik // can't figure out how to pass multiple url through the API function site_add($siteName, $urls, $ecommerce = FALSE) { + global $db, $cuid; $urls = is_array($urls) ? implode(',', $urls) : $urls; $api_data = $this->call_privileged_page('API', 'SitesManager.addSite', array('siteName' => $siteName, 'urls' => $urls)); - printvar($api_data); + $db->query("INSERT INTO piwik_sites set uid='$cuid', piwik_id='{$api_data->value}'"); return TRUE; } @@ -344,10 +344,10 @@ class m_piwik { - /* Helper code FIXME: rename those function using "private" + "_" prefix */ - + /* return a clean username with a unique prefix per account */ function clean_user_name($username) { - return mysql_real_escape_string(trim($username)); + global $admin, $cuid; + return 'alternc_' . $admin->get_login_by_uid($cuid) . '_' . mysql_real_escape_string(trim($username)); } diff --git a/debian/alternc-awstats.cron.d b/debian/alternc-awstats.cron.d index 0149d9d0..96cc5555 100644 --- a/debian/alternc-awstats.cron.d +++ b/debian/alternc-awstats.cron.d @@ -1 +1 @@ -30 4 * * * root /usr/lib/alternc/alternc-awstats +30 4 * * * root /usr/lib/alternc/alternc-awstats diff --git a/debian/alternc.config b/debian/alternc.config index 2784ed09..5544818e 100644 --- a/debian/alternc.config +++ b/debian/alternc.config @@ -1,14 +1,11 @@ -#!/bin/bash - -set -e +#!/bin/bash -e # Source debconf library. . /usr/share/debconf/confmodule db_capb backup - -#Return if everything is good, exit error number otherwise +# Validate an IPv4 address. function valid_ip() { local ip=$1 @@ -27,7 +24,7 @@ function valid_ip() } -#checking mysql connectivity and updating local.sh variables accordingly +# Checking mysql connectivity and updating local.sh environment variables accordingly check_mysql() { STATE=0 @@ -68,12 +65,9 @@ check_mysql() done } +# Return the deepest existing directory in a path function get_first_existing_dir() { - # Prend en premier parametre un chemin - # Retourne le répertoire parent existant le plus "proche" - # Exemple: on lui donne /var/www/alternc/gerard/dupont/ mais - # seul /var/www/alternc existe, ca répond /var/www/alternc dir="$1" if [ -z "$dir" ] ; then return 0 @@ -86,7 +80,7 @@ function get_first_existing_dir() } -# default values for local.sh +# Compute default values for local.sh MYSQL_HOST=127.0.0.1 MYSQL_DATABASE=alternc MYSQL_USER=sysusr @@ -114,6 +108,28 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do if [ -r /etc/alternc/local.sh ]; then # source the current config . /etc/alternc/local.sh + # and push it into debconf (its values have priority over anything!) + db_set alternc/hostingname "$HOSTING" + db_set alternc/desktopname "`echo $FQDN | tr '[:upper:]' '[:lower:]'`" + db_set alternc/public_ip "$PUBLIC_IP" + db_set alternc/internal_ip "$INTERNAL_IP" + db_set alternc/ns1 "$NS1_HOSTNAME" + db_set alternc/ns2 "$NS2_HOSTNAME" + db_set alternc/default_mx "$DEFAULT_MX" + db_set alternc/alternc_html "$ALTERNC_HTML" + db_set alternc/alternc_mail "$ALTERNC_MAIL" + db_set alternc/alternc_logs "$ALTERNC_LOGS" + db_set alternc/monitor_ip "$MONITOR_IP" + db_set alternc/default_mx2 "$DEFAULT_SECONDARY_MX" + db_set alternc/mysql/host "$MYSQL_HOST" + db_set alternc/mysql/db "$MYSQL_DATABASE" + db_set alternc/mysql/user "$MYSQL_USER" + db_set alternc/mysql/password "$MYSQL_PASS" + db_set alternc/mysql/client "$MYSQL_CLIENT" + db_set alternc/sql/backup_type "$SQLBACKUP_TYPE" + db_set alternc/sql/backup_overwrite "$SQLBACKUP_OVERWRITE" + db_set alternc/mysql/alternc_mail_user "$MYSQL_MAIL_USER" + db_set alternc/mysql/alternc_mail_password "$MYSQL_MAIL_PASS" fi # upgrade <= 3.0 to >= 3.1 if [ "x$ALTERNC_LOC" != "x" ]; then @@ -121,7 +137,7 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do ALTERNC_MAIL="$ALTERNC_LOC/mail" fi - #We ask for the hosting name and the FQDN + # We ask for the hosting name and the FQDN db_get alternc/hostingname if [ -z "$RET" ]; then db_set alternc/hostingname "$HOSTING" @@ -135,13 +151,12 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do db_set alternc/desktopname "$FQDN" db_input high alternc/desktopname || true fi - # Be sure that the FQDN is lowercase (Bug #1405) + # Ensure that the FQDN is lowercase (Fixes #1405) db_get alternc/desktopname db_set alternc/desktopname "`echo $RET | tr '[:upper:]' '[:lower:]'`" - # End bug #1405 ;; 3) - #we ask for the public and private ip + # Ask for the public and private ip db_get alternc/public_ip if [ -z "$RET" ]; then db_set alternc/public_ip "$PUBLIC_IP" @@ -172,7 +187,7 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do done ;; 4) - #private IP + # Private IP db_get alternc/internal_ip if [ -z "$RET" ]; then db_set alternc/internal_ip "$INTERNAL_IP" @@ -190,7 +205,7 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do done ;; 5) - #We ask for the DNS server for the ip + # Ask for the DNS servers db_get alternc/ns1 if [ -z "$RET" ]; then db_set alternc/ns1 "$NS1_HOSTNAME" @@ -225,7 +240,7 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do 10) db_get alternc/use_remote_mysql if [ "$RET" == "true" ]; then - # user want to use a remote server + # User want to use a remote server check_mysql fi ;; @@ -240,10 +255,10 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do db_get alternc/alternc_html ALTERNC_HTML="$RET" - #checking acl and quota activation. + # Checking acl and quota activation. basedir=`get_first_existing_dir "$ALTERNC_HTML"`; MOUNT_POINT=$(df -P ${basedir} | tail -n 1 | awk '{print $6}') - #we get the first existing dir + # Get the first existing dir aclcheckfile="$basedir/test-acl" touch "$aclcheckfile" setfacl -m u:root:rwx "$aclcheckfile" 2>/dev/null || ( @@ -259,7 +274,6 @@ while [ "$QUEST_STATE" != 0 -a "$QUEST_STATE" != 14 ]; do if [ -z "$RET" ]; then db_input critical alternc/quotauninstalled || true db_go - #db_reset alternc/quotauninstalled || true db_set alternc/quotauninstalled "false" || true fi ) @@ -323,8 +337,8 @@ if [ -z "$RET" ]; then db_set alternc/mysql/host "$MYSQL_HOST" fi -#Even if we asked the question concerning the database earlier in the process -#those calls are needed to pass the variable of remote sql server to AlternC +# Even if we asked the question concerning the database earlier in the process +# Those calls are needed to pass the variable of remote sql server to AlternC db_get alternc/mysql/db if [ -z "$RET" ]; then db_set alternc/mysql/db "$MYSQL_DATABASE" diff --git a/debian/changelog b/debian/changelog index e6b5a2dd..43c9821c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,17 @@ +alternc (3.3~rc1) stable; urgency=low + + * unofficial Prerelease of AlternC 3.3 + * update_domaines now in PHP and using classes and hooks instead of BASH + + -- Benjamin Sonntag Thu, 26 Jun 2014 15:13:00 +0200 + +alternc (3.2.1) stable; urgency=low + + * Version identical to 3.1 for Squeeze + * Includes a small dovecot patch / dependency for dovecot 2.0 for Wheezy + + -- Benjamin Sonntag Thu, 28 Mar 2014 18:19:00 +0200 + alternc (3.1.1) oldstable; urgency=low * many bugfixed from 3.1 / 3.2 : diff --git a/debian/control b/debian/control index dbd3a5b1..f4a7df63 100644 --- a/debian/control +++ b/debian/control @@ -9,7 +9,7 @@ Standards-Version: 3.9.4 Package: alternc Architecture: all Pre-depends: debconf (>= 0.5.00) | debconf-2.0, bash (>= 4), acl -Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, bind9, wget, rsync, ca-certificates, locales, perl-suid | perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), sudo, adduser, mysql-client, dnsutils, dovecot-common (>=1:1.2.15), dovecot-common(<< 1:2.0), dovecot-imapd (>= 1:1.2.15), dovecot-pop3d (>= 1:1.2.15), vlogger, mailutils | mailx, incron, cron, opendkim, mysql-client(>= 5.0), ${misc:Depends} +Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, bind9, wget, rsync, ca-certificates, locales, perl-suid | perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), sudo, adduser, mysql-client, dnsutils, dovecot-common (>=1:2.1.7), dovecot-imapd, dovecot-pop3d, dovecot-mysql, vlogger, mailutils | mailx, incron, cron, opendkim, opendkim-tools, dovecot-sieve, dovecot-managesieved, ${misc:Depends} Recommends: mysql-server(>= 5.0), ntp, quota, unzip, bzip2 Conflicts: alternc-admintools, alternc-awstats (<< 1.0), alternc-webalizer (<= 0.9.4), alternc-mailman (<< 2.0), courier-authlib Provides: alternc-admintools @@ -38,8 +38,8 @@ Description-fr.UTF-8: Suite logicielle d'hébergement mutualisé pour Debian Package: alternc-slave Architecture: all Pre-depends: debconf (>= 0.5.00) | debconf-2.0, acl -Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, postfix-tls, bind9, wget, rsync, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), adduser, mysql-client, sudo, dovecot-common (>= 1:1.2.15), dovecot-imapd, dovecot-pop3d, vlogger, mailutils | mailx, incron, cron, opendkim, ${misc:Depends} -Recommends: dovecot-managesieved, dovecot-sieve, dovecot-mysql, quota +Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, postfix-tls, bind9, wget, rsync, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), adduser, mysql-client, sudo, dovecot-common (>= 1:2.1.7), dovecot-imapd, dovecot-pop3d, dovecot-mysql, vlogger, mailutils | mailx, incron, cron, opendkim, opendkim-tools, dovecot-managesieved, dovecot-sieve, dovecot-mysql, ${misc:Depends} +Recommends: quota Conflicts: alternc-admintools, alternc-awstats (<= 0.3.2), alternc-webalizer (<= 0.9.4), alternc Provides: alternc Replaces: alternc diff --git a/etc/alternc/templates/dovecot/alternc-dict-quota.conf b/etc/alternc/templates/dovecot/alternc-dict-quota.conf new file mode 100644 index 00000000..b22e98ef --- /dev/null +++ b/etc/alternc/templates/dovecot/alternc-dict-quota.conf @@ -0,0 +1,47 @@ +# AUTO GENERATED FILE +# Modify template in /etc/alternc/templates/ +# and launch alternc.install if you want +# to modify this file. +# + +connect=host=%%dbhost%% dbname=%%dbname%% user=%%db_mail_user%% password=%%db_mail_pwd%% +#connect = host=localhost dbname=mails user=testuser password=pass + +# CREATE TABLE quota ( +# username varchar(100) not null, +# bytes bigint not null default 0, +# messages integer not null default 0, +# primary key (username) +# ); + +map { + pattern = priv/quota/storage + table = dovecot_view + username_field = user + value_field = quota_dovecot +} +map { + pattern = priv/quota/messages + table = dovecot_view + username_field = user + value_field = nb_messages +} + +# CREATE TABLE expires ( +# username varchar(100) not null, +# mailbox varchar(255) not null, +# expire_stamp integer not null, +# primary key (username, mailbox) +# ); + +#map { + # pattern = shared/expire/$user/$mailbox + # table = expires + # value_field = expire_stamp + + # fields { + # username = $user + # mailbox = $mailbox + # } +#} + diff --git a/etc/alternc/templates/dovecot/alternc-sql.conf b/etc/alternc/templates/dovecot/alternc-sql.conf new file mode 100644 index 00000000..e4bad783 --- /dev/null +++ b/etc/alternc/templates/dovecot/alternc-sql.conf @@ -0,0 +1,137 @@ +# AUTO GENERATED FILE +# Modify template in /etc/alternc/templates/ +# and launch alternc.install if you want +# to modify this file. +# +# This file is opened as root, so it should be owned by root and mode 0600. +# +# http://wiki2.dovecot.org/AuthDatabase/SQL +# +# For the sql passdb module, you'll need a database with a table that +# contains fields for at least the username and password. If you want to +# use the user@domain syntax, you might want to have a separate domain +# field as well. +# +# If your users all have the same uig/gid, and have predictable home +# directories, you can use the static userdb module to generate the home +# dir based on the username and domain. In this case, you won't need fields +# for home, uid, or gid in the database. +# +# If you prefer to use the sql userdb module, you'll want to add fields +# for home, uid, and gid. Here is an example table: +# +# CREATE TABLE users ( +# username VARCHAR(128) NOT NULL, +# domain VARCHAR(128) NOT NULL, +# password VARCHAR(64) NOT NULL, +# home VARCHAR(255) NOT NULL, +# uid INTEGER NOT NULL, +# gid INTEGER NOT NULL, +# active CHAR(1) DEFAULT 'Y' NOT NULL +# ); + +# Database driver: mysql, pgsql, sqlite +driver = mysql + +# Database connection string. This is driver-specific setting. +# +# HA / round-robin load-balancing is supported by giving multiple host +# settings, like: host=sql1.host.org host=sql2.host.org +# +# pgsql: +# For available options, see the PostgreSQL documention for the +# PQconnectdb function of libpq. +# Use maxconns=n (default 5) to change how many connections Dovecot can +# create to pgsql. +# +# mysql: +# Basic options emulate PostgreSQL option names: +# host, port, user, password, dbname +# +# But also adds some new settings: +# client_flags - See MySQL manual +# ssl_ca, ssl_ca_path - Set either one or both to enable SSL +# ssl_cert, ssl_key - For sending client-side certificates to server +# ssl_cipher - Set minimum allowed cipher security (default: HIGH) +# option_file - Read options from the given file instead of +# the default my.cnf location +# option_group - Read options from the given group (default: client) +# +# You can connect to UNIX sockets by using host: host=/var/run/mysql.sock +# Note that currently you can't use spaces in parameters. +# +# sqlite: +# The path to the database file. +# +# Examples: +# connect = host=192.168.1.1 dbname=users +# connect = host=sql.example.com dbname=virtual user=virtual password=blarg +# connect = /etc/dovecot/authdb.sqlite +# +connect = host=%%dbhost%% dbname=%%dbname%% user=%%db_mail_user%% password=%%db_mail_pwd%% + +# Default password scheme. +# +# List of supported schemes is in +# http://wiki2.dovecot.org/Authentication/PasswordSchemes +# +default_pass_scheme = MD5 + +# passdb query to retrieve the password. It can return fields: +# password - The user's password. This field must be returned. +# user - user@domain from the database. Needed with case-insensitive lookups. +# username and domain - An alternative way to represent the "user" field. +# +# The "user" field is often necessary with case-insensitive lookups to avoid +# e.g. "name" and "nAme" logins creating two different mail directories. If +# your user and domain names are in separate fields, you can return "username" +# and "domain" fields instead of "user". +# +# The query can also return other fields which have a special meaning, see +# http://wiki2.dovecot.org/PasswordDatabase/ExtraFields +# +# Commonly used available substitutions (see http://wiki2.dovecot.org/Variables +# for full list): +# %u = entire user@domain +# %n = user part of user@domain +# %d = domain part of user@domain +# +# Note that these can be used only as input to SQL query. If the query outputs +# any of these substitutions, they're not touched. Otherwise it would be +# difficult to have eg. usernames containing '%' characters. +# +# Example: +# password_query = SELECT userid AS user, pw AS password \ +# FROM users WHERE userid = '%u' AND active = 'Y' +# +#password_query = \ +# SELECT username, domain, password \ +# FROM users WHERE username = '%n' AND domain = '%d' + +# userdb query to retrieve the user information. It can return fields: +# uid - System UID (overrides mail_uid setting) +# gid - System GID (overrides mail_gid setting) +# home - Home directory +# mail - Mail location (overrides mail_location setting) +# +# None of these are strictly required. If you use a single UID and GID, and +# home or mail directory fits to a template string, you could use userdb static +# instead. For a list of all fields that can be returned, see +# http://wiki2.dovecot.org/UserDatabase/ExtraFields +# +# Examples: +# user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' +# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u' +# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u' +# +user_query = SELECT userdb_home AS home, userdb_uid AS uid, 1998 AS gid, userdb_quota_rule AS quota_rule FROM dovecot_view WHERE user = '%u'; + +# If you wish to avoid two SQL lookups (passdb + userdb), you can use +# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll +# also have to return userdb fields in password_query prefixed with "userdb_" +# string. For example: +# +password_query = SELECT user, password, userdb_home, userdb_uid, 1998 AS userdb_gid,userdb_quota_rule FROM dovecot_view where user= '%u'; + +# Query to get a list of all usernames. +#iterate_query = SELECT username AS user FROM users diff --git a/etc/alternc/templates/dovecot/conf.d/95_alternc.conf b/etc/alternc/templates/dovecot/conf.d/95_alternc.conf new file mode 100644 index 00000000..8cda78d0 --- /dev/null +++ b/etc/alternc/templates/dovecot/conf.d/95_alternc.conf @@ -0,0 +1,328 @@ +# AUTO GENERATED FILE +# Modify template in /etc/alternc/templates/ +# and launch alternc.install if you want +# to modify this file. +# +## Dovecot configuration file +# This is a concatenation of all /etc/dovecot/conf.d/* from DEBIAN package +# with rules adapted to AlternC best practices and link with MySQL tables. + +protocols = imap pop3 sieve + +## ------------------------------------------------------------------------- +## 10-auth + +# Disable LOGIN command and all other plaintext authentications unless +# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP +# matches the local IP (ie. you're connecting from the same computer), the +# connection is considered secure and plaintext authentication is allowed. +disable_plaintext_auth = no + +# Space separated list of wanted authentication mechanisms: +# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey +# gss-spnego +# NOTE: See also disable_plaintext_auth setting. +auth_mechanisms = plain login + +## +## Password and user databases +## + +# +# Password database is used to verify user's password (and nothing more). +# You can have multiple passdbs and userdbs. This is useful if you want to +# allow both system users (/etc/passwd) and virtual users to login without +# duplicating the system users into virtual database. +# +# +# +# User database specifies where mails are located and what user/group IDs +# own them. For single-UID configuration use "static" userdb. +# +# + +#!include auth-deny.conf.ext +#!include auth-master.conf.ext + +#!include auth-system.conf.ext +#!include auth-sql.conf.ext +#!include auth-ldap.conf.ext +#!include auth-passwdfile.conf.ext +#!include auth-checkpassword.conf.ext +#!include auth-vpopmail.conf.ext +#!include auth-static.conf.ext + + +# ---------------------------------------------------------------------------- +# 10-login.conf + +# Prefix for each line written to log file. % codes are in strftime(3) +# format. +#log_timestamp = "%b %d %H:%M:%S " +log_timestamp = "%Y-%m-%d %H:%M:%S " + +# ---------------------------------------------------------------------------- +# 10-mail.conf + + +# Location for users' mailboxes. This is the same as the old default_mail_env +# setting. The default is empty, which means that Dovecot tries to find the +# mailboxes automatically. This won't work if the user doesn't have any mail +# yet, so you should explicitly tell Dovecot the full location. +# +# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u) +# isn't enough. You'll also need to tell Dovecot where the other mailboxes are +# kept. This is called the "root mail directory", and it must be the first +# path given in the mail_location setting. +# +# There are a few special variables you can use, eg.: +# +# %u - username +# %n - user part in user@domain, same as %u if there's no domain +# %d - domain part in user@domain, empty if there's no domain +# %h - home directory +# +# See for full list. +# Some examples: +# +# mail_location = maildir:~/Maildir +# mail_location = mbox:~/mail:INBOX=/var/mail/%u +# mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n +# +# +# +mail_location = maildir:~/Maildir + + +# Group to enable temporarily for privileged operations. Currently this is +# used only with INBOX when either its initial creation or dotlocking fails. +# Typically this is set to "mail" to give access to /var/mail. +#mail_privileged_group = +mail_privileged_group = vmail + + +# Valid UID range for users, defaults to 500 and above. This is mostly +# to make sure that users can't log in as daemons or other system users. +# Note that denying root logins is hardcoded to dovecot binary and can't +# be done even if first_valid_uid is set to 0. +first_valid_uid = 2000 +last_valid_uid = 65000 + +# ---------------------------------------------------------------------------- +# 10-master.conf + +passdb { + driver = sql + args = /etc/dovecot/alternc-sql.conf +} + +userdb { + driver = sql + args = /etc/dovecot/alternc-sql.conf +} +userdb { + driver = prefetch +} + +service auth { + unix_listener /var/spool/postfix/private/auth { + group = postfix + mode = 0660 + user = postfix + } + unix_listener auth-master { + mode = 0600 + user = vmail + } +# user = vmail +} + + + + +# ---------------------------------------------------------------------------- +# 10-ssl.conf + +# SSL/TLS support: yes, no, required. +ssl = yes + +# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before +# dropping root privileges, so keep the key file unreadable by anyone but +# root. +#ssl_cert = (e.g. %Uf for the + # filename in uppercase) + # + # %v - Mailbox's IMAP UIDVALIDITY + # %u - Mail's IMAP UID + # %m - MD5 sum of the mailbox headers in hex (mbox only) + # %f - filename (maildir only) + # + # If you want UIDL compatibility with other POP3 servers, use: + # UW's ipop3d : %08Xv%08Xu + # Courier : %f or %v-%u (both might be used simultaneosly) + # Cyrus (<= 2.1.3) : %u + # Cyrus (>= 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + pop3_uidl_format = %08Xu%08Xv + + # Support for dynamically loadable plugins. mail_plugins is a space separated + # list of plugins to load. + mail_plugins = quota + #mail_plugin_dir = /usr/lib/dovecot/modules/pop3 + +} + +service pop3 { + executable = /usr/lib/alternc/popimap-log-login.sh /usr/lib/dovecot/pop3 +} + +# ---------------------------------------------------------------------------- +# 90-plugin.conf + +plugin { + + # Quota plugin. Multiple backends are supported: + # dirsize: Find and sum all the files found from mail directory. + # Extremely SLOW with Maildir. It'll eat your CPU and disk I/O. + # dict: Keep quota stored in dictionary (eg. SQL) + # maildir: Maildir++ quota + # fs: Read-only support for filesystem quota + # + # Quota limits are set using "quota_rule" parameters, either in here or in + # userdb. It's also possible to give mailbox-specific limits, for example: + # quota_rule = *:storage=1048576 + quota_rule = *:storage=100M + quota_rule2 = Trash:storage=+10%% + # quota_rule2 = Trash:storage=102400 + # User has now 1GB quota, but when saving to Trash mailbox the user gets + # additional 100MB. + # + # Multiple quota roots are also possible, for example: + # quota = dict:user::proxy::quota + # quota2 = dict:domain:%d:proxy::quota_domain + # quota_rule = *:storage=102400 + # quota2_rule = *:storage=1048576 + # Gives each user their own 100MB quota and one shared 1GB quota within + # the domain. + # + # You can execute a given command when user exceeds a specified quota limit. + # Each quota root has separate limits. Only the command for the first + # exceeded limit is excecuted, so put the highest limit first. + # Note that % needs to be escaped as %%, otherwise "% " expands to empty. + # quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95 + # quota_warning2 = storage=80%% /usr/local/bin/quota-warning.sh 80 + quota_warning = storage=95%% /usr/lib/alternc/quota-warning.sh 95 + quota_warning2 = storage=80%% /usr/lib/alternc/quota-warning.sh 80 + #quota = maildir + quota = dict:user::proxy::quotadict + + + # Sieve plugin (http://wiki.dovecot.org/LDA/Sieve) and ManageSieve service + # + # Location of the active script. When ManageSieve is used this is actually + # a symlink pointing to the active script in the sieve storage directory. + sieve=~/.dovecot.sieve + # + # The path to the directory where the personal Sieve scripts are stored. For + # ManageSieve this is where the uploaded scripts are stored. + sieve_dir=~/sieve +} + +# Dictionary can be used by some plugins to store key=value lists, such as +# quota, expire and acl plugins. The dictionary can be used either directly or +# though a dictionary server. The following dict block maps dictionary names to +# URIs when the server is used. These can then be referenced using URIs in +# format "proxy::". + +dict { + quotadict = mysql:/etc/dovecot/alternc-dict-quota.conf + #expire = db:/var/lib/dovecot/expire.db +} + + +service auth-worker { + user = vmail +} + +service dict { + unix_listener dict { + mode = 0660 + user = vmail + group = vmail + } +} + diff --git a/etc/alternc/templates/postfix/master.cf b/etc/alternc/templates/postfix/master.cf index 5840dae2..a7016407 100644 --- a/etc/alternc/templates/postfix/master.cf +++ b/etc/alternc/templates/postfix/master.cf @@ -113,6 +113,6 @@ mailman unix - n n - - pipe ${nexthop} ${user} #dovecot LDA, as explained here: http://wiki.dovecot.org/LDA/Postfix dovecot unix - n n - 0 pipe - flags=DRhu user=vmail:vmail argv=/usr/bin/sudo /usr/lib/dovecot/deliver -f ${sender} -d ${recipient} + flags=DRhu user=vmail:vmail argv=/usr/bin/sudo /usr/lib/dovecot/deliver -f ${sender} -a ${recipient} -d ${user}@${nexthop} diff --git a/install/alternc.install b/install/alternc.install index dd82800e..a71bbd59 100644 --- a/install/alternc.install +++ b/install/alternc.install @@ -79,7 +79,7 @@ if [ -e /etc/default/saslauthd ]; then fi if [ -e /etc/dovecot/dovecot.conf ]; then - CONFIG_FILES="$CONFIG_FILES etc/dovecot/dovecot.conf etc/dovecot/dovecot-sql.conf etc/dovecot/dovecot-dict-quota.conf" + CONFIG_FILES="$CONFIG_FILES etc/dovecot/alternc-sql.conf etc/dovecot/alternc-dict-quota.conf etc/dovecot/conf.d/95_alternc.conf" fi INSTALLED_CONFIG_TAR="/var/lib/alternc/backups/etc-installed.tar.gz" @@ -315,7 +315,7 @@ if [ -x /usr/sbin/apache2 ]; then fi # We enable dovecot SSL certificate instructions: (on wheezy we should use a new file in /etc/dovecot/conf.d/ ) - sed -i -e 's#^ssl_cert_file.*$#ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem#' -e 's#^ssl_key_file.*$#ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key#' /etc/dovecot/dovecot.conf + ( echo "ssl_cert = /etc/dovecot/conf.d/96_ssl.conf else # We disable proftpd tls module @@ -324,7 +324,7 @@ if [ -x /usr/sbin/apache2 ]; then cp /etc/proftpd/modules.conf /etc/alternc/templates/proftpd/ # We disable dovecot SSL certificate instructions: (on wheezy we should remove a file in /etc/dovecot/conf.d/ ) - sed -i -e 's#^ssl_cert_file.*$#ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem#' -e 's#^ssl_key_file.*$#ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key#' /etc/dovecot/dovecot.conf + ( echo "ssl_cert = /etc/dovecot/conf.d/96_ssl.conf echo "SSL not configured" echo "create a certificate in /etc/alternc/apache.pem and rerun alternc.install" @@ -569,9 +569,11 @@ if [ "$HAS_ROOT" != "1" ]; then fi fi -#giving vmail user read access on dovecot sql file -chgrp vmail /etc/dovecot/dovecot.conf -chmod g+r /etc/dovecot/dovecot.conf +# giving vmail user read access on dovecot sql file +chgrp vmail /etc/dovecot/alternc-sql.conf +chmod g+r /etc/dovecot/alternc-sql.conf +# Override some dovecot 2.0 configuration that may have happened during dovecot postinst: +sed -i -e 's/^ *!include/#!include/' /etc/dovecot/conf.d/10-auth.conf # Changing owner of web panel's files chown -R alterncpanel:alterncpanel "/usr/share/alternc/panel/" diff --git a/install/mysql.sql b/install/mysql.sql index 867f117a..2f064d1f 100644 --- a/install/mysql.sql +++ b/install/mysql.sql @@ -747,4 +747,4 @@ CREATE TABLE IF NOT EXISTS `alternc_status` ( KEY `name` (`name`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -INSERT INTO alternc_status SET name='alternc_version',value='3.1.0~b.php'; +INSERT INTO alternc_status SET name='alternc_version',value='3.3.0~a.php'; diff --git a/install/upgrades/3.3.0~a.sql b/install/upgrades/3.3.0~a.sql index 5bed9c5d..caa6450e 100644 --- a/install/upgrades/3.3.0~a.sql +++ b/install/upgrades/3.3.0~a.sql @@ -1,6 +1,7 @@ ALTER TABLE variable DROP PRIMARY KEY; -ALTER TABLE variable ADD id bigint(20) UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY FIRST; +# Quick-fix to make setup work again +# ALTER TABLE variable ADD id bigint(20) UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY FIRST; ALTER TABLE variable ADD strata enum('DEFAULT','GLOBAL','FQDN', 'FQDN_CREATOR', 'CREATOR', 'MEMBER', 'DOMAIN') NOT NULL DEFAULT 'DEFAULT'; ALTER TABLE variable ADD strata_id bigint DEFAULT NULL; ALTER TABLE variable ADD type text DEFAULT ''; diff --git a/phpunit/tests/bureau/class/m_ftpTest.php b/phpunit/tests/bureau/class/m_ftpTest.php index dccf94b5..85251f26 100644 --- a/phpunit/tests/bureau/class/m_ftpTest.php +++ b/phpunit/tests/bureau/class/m_ftpTest.php @@ -118,10 +118,13 @@ class m_ftpTest extends PHPUnit_Framework_TestCase */ public function testCheck_login() { - // Remove the following lines when you implement this test. - $this->markTestIncomplete( - 'This test has not been implemented yet.' - ); + // Allowed + $this->assertTrue($this->object->check_login('plop')); + $this->assertTrue($this->object->check_login('00')); + + // Forbidden + $this->assertFalse($this->object->check_login('_plop')); + $this->assertFalse($this->object->check_login('arf+')); } /** @@ -238,9 +241,6 @@ class m_ftpTest extends PHPUnit_Framework_TestCase */ public function testHook_upnp_list() { - // Remove the following lines when you implement this test. - $this->markTestIncomplete( - 'This test has not been implemented yet.' - ); + $this->assertArrayHasKey('ftp', $this->object->hook_upnp_list()); } } diff --git a/roundcube/templates/roundcube/plugins/managesieve/config.inc.php b/roundcube/templates/roundcube/plugins/managesieve/config.inc.php index 3558a104..838c3995 100644 --- a/roundcube/templates/roundcube/plugins/managesieve/config.inc.php +++ b/roundcube/templates/roundcube/plugins/managesieve/config.inc.php @@ -10,7 +10,7 @@ /***********************************************************************/ // managesieve server port -$rcmail_config['managesieve_port'] = 2000; +$rcmail_config['managesieve_port'] = 4190; // managesieve server address, default is localhost. // Replacement variables supported in host name: diff --git a/src/delete_logs.sh b/src/delete_logs.sh index 64e3911e..38eb1a29 100644 --- a/src/delete_logs.sh +++ b/src/delete_logs.sh @@ -17,4 +17,4 @@ done stop_if_jobs_locked # ALTERNC_LOGS is from local.sh -nice -n 10 find "$ALTERNC_LOGS" -mtime +$DAYS -delete +find "$ALTERNC_LOGS" -mtime +$DAYS -delete diff --git a/src/mail_add.php b/src/mail_add.php new file mode 100644 index 00000000..47ff2b9f --- /dev/null +++ b/src/mail_add.php @@ -0,0 +1,147 @@ +#!/usr/bin/php -q + ... + +email: full email adress, including domain, which must exist +alias: one or many aliases the email should forward to, space separated + +EOF; + error_log($u); + exit(1); +} + +if (count($argv) < 2) { + usage(); +} + +$user = preg_split('/@/', $argv[1])[0]; // first argument is user@domain +$domain = preg_split('/@/', $argv[1])[1]; +$recipients = array_slice($argv, 2); // rest is recipients + +// there's no function to do that, oddly enough... +// there's one to extract the compte from the mail_id (!) but we +// haven't created it yet... +$db->query('SELECT id,compte FROM domaines WHERE domaine="'.addslashes($domain).'"'); +if ($db->next_record()) { + $compte = $db->f('compte'); + $domain_id = $db->f('id'); +} +else { + error_log("domain $domain not found"); + exit(2); +} + +foreach ($generators as $generator) { + $password = `$generator 2>/dev/null`; + if (!is_null($password) and strlen($password) > 7) { + $password = trim($password); + break; + } +} +if (is_null($password)) { + error_log('password generators failed to produce 8 characters: ' . join("\n", $generators)); + exit(3); +} + +/* need not to be $quota because that would replace alternc's global + * $quota... even though we don't say global $quota anywhere here, yay + * php scoping. + */ +$quotas = $default_quotas; +$r = join(", ", $recipients); + +print <<su($compte); +print "cuid: $cuid\n"; + +/* function signature is: + * function create($dom_id, $mail,$type="",$dontcheck=false) + * yet $type is never passed anywhere and is actually empty in the + * database (!) $dontcheck is undocumented, so we'll ignore it + * + * also, this function explicitely tells me to not use it, but doesn't + * provide an alternative. i choose to disobey instead of rewriting it + * from scratch + */ +if (!($mail_id = $mail->create($domain_id, $user))) { + error_log('failed to create: ' . $err->errstr()); + exit(4); +} + +/* function set_passwd($mail_id,$pass) + * + * just set the password + * + * no idea why this is a different function. + */ +if (!$mail->set_passwd($mail_id,$password)) { + error_log("failed to set password on mail $mail_id: " . $err->errstr()); + exit(5); +} + +/* function set_details($mail_id, $islocal, $quotamb, + * $recipients,$delivery="dovecot",$dontcheck=false) + * + * you read that right, recipients is a string (!) + * + * if we have no aliases, it's a mailbox. deal with it. + */ +if (!$mail->set_details($mail_id, !count($recipients), $quota, join("\n", $recipients))) { + error_log('failed to set details: ' . $err->errstr()); + exit(6); +} + +// maybe we need to call the hooks? i don't know! + /* $rh=$hooks->invoke("mail_edit_post",array($mail_id)); */ + /* if (in_array(false,$res,true)) { */ + /* include ("mail_edit.php"); */ + /* exit(); */ + /* } else { */ + /* foreach($rh as $h) if ($h) $error.=$h."
"; */ + /* } */ + diff --git a/src/update_quota_mail.sh b/src/update_quota_mail.sh index 0e3f12d4..14d484d7 100755 --- a/src/update_quota_mail.sh +++ b/src/update_quota_mail.sh @@ -4,55 +4,111 @@ #You can call this script either without arguments, inwich case each maildir quotas will be recalculated #or you can call it with a directory reffering to a maildir to just sync one mailbox -#basic checks -if [ $# -gt 1 ]; then - echo "usage : update_quota_mail.sh (Maildir)." +function showhelp() { + echo "FIXME: some help" exit -fi +} -if [ $# -eq 1 ];then - if [ ! -d "$1" ];then - echo "$1 is not a directory, aborting." + +# Generate the $maildirs list based on the arguments +while getopts "a:m:d:c:" optname +do + case "$optname" in + "a") + # All mails + # FIXME replace it by a select in da DB + maildirs=`find "$ALTERNC_MAIL/" -maxdepth 2 -mindepth 2 -type d` + ;; + "m") + # An email + if [[ "$OPTARG" =~ ^[^\@]*@[^\@]*$ ]] ; then + if [[ "$(mysql_query "select userdb_home from dovecot_view where user = '$OPTARG'")" ]]; then + maildirs=$(mysql_query "select userdb_home from dovecot_view where user = '$OPTARG'") + else + echo "Bad mail provided" + showhelp + fi + else + echo "Bad mail provided" + showhelp + fi + ;; + "d") + # Expecting a domain + + # Check if domain is well-formed + if [[ ! "$OPTARG" =~ ^[a-z\-]+(\.[a-z\-]+)+$ ]] ; then + echo "Bad domain provided" + showhelp + fi + + # Attemp to get from database. + if [[ ! "$(mysql_query "select domaine from domaines where domaine = '$OPTARG'")" ]]; then + # Seem to be empty + echo "Bad domain provided" + showhelp + fi + + maildirs=$(mysql_query "select userdb_home from dovecot_view where user like '%@$OPTARG'") + ;; + "c") + # An account + if [[ "$OPTARG" =~ ^[a-z]*$ ]] ; then + if [[ "$(mysql_query "select domaine from domaines where domaine = '$1'")" ]]; then + maildirs=$(mysql_query "select userdb_home from dovecot_view where userdb_uid = $OPTARG") + else + echo "Bad account provided" + showhelp + fi + else + echo "Bad account provided" + showhelp + fi + ;; + "?") + echo "Unknown option $OPTARG - stop processing" + showhelp exit - else - d="$1" - fi -else - #Fist we set the quotas no 0 (infinite for each already existing account - t=`mysql_query "UPDATE mailbox SET quota='0' WHERE quota IS NULL"` - d=`find "$ALTERNC_MAIL/" -maxdepth 2 -mindepth 2 -type d` -fi - - - -#Then we loop through every maildir to get the maildir size -for i in $d ; do - - if [ -d "$i" ];then - user=`ls -l $i| tail -n 1|cut -d' ' -f 3` - # We grep only mails, not the others files - mails=`find $i -type f | egrep "(^$i)*[0-9]+\.M"` - - # This part only count mails size - #size=0 - #for j in $mails - #do - # size=$(( $size + `du -b $j|awk '{print $1}'`)) - #done - - # This part count the total mailbox size (mails + sieve scripts + ...) - size=`du -b -s $i|awk '{print $1}'` - - mail_count=`echo $mails|wc -w` - echo "folder : "$i - echo "mail count : "$mail_count - echo "dir size : "$size - echo "" - #update the mailbox table accordingly - mysql_query "UPDATE mailbox SET bytes=$size WHERE path='$i' " - mysql_query "UPDATE mailbox SET messages=$mail_count WHERE path='$i' " - else - echo "The maildir $i does not exists. It's quota won't be resync" - fi + ;; + ":") + echo "No argument value for option $OPTARG - stop processing" + showhelp + exit + ;; + *) + # Should not occur + echo "Unknown error while processing options" + showhelp + exit + ;; + esac +done + +# Now we have $maildirs, we can work on it + +# FIXME add check if maildir is empty + +#Then we loop through every maildir to get the maildir size +for i in $maildirs ; do + + if [ ! -d "$i" ];then + echo "The maildir $i does not exists. It's quota won't be resync" + continue + fi + + # We grep only mails, not the others files + mails=`find $i -type f | egrep "(^$i)*[0-9]+\.M"` + + # This part count the total mailbox size (mails + sieve scripts + ...) + size=`du -b -s $i|awk '{print $1}'` + + mail_count=`echo $mails|wc -w` + echo "folder : "$i + echo "mail count : "$mail_count + echo "dir size : "$size + echo "" + #update the mailbox table accordingly + mysql_query "UPDATE mailbox SET bytes=$size WHERE path='$i' ; " + mysql_query "UPDATE mailbox SET messages=$mail_count WHERE path='$i' ; " done diff --git a/wheezy/95_alternc.conf b/wheezy/95_alternc.conf index 7db2ff53..8cda78d0 100644 --- a/wheezy/95_alternc.conf +++ b/wheezy/95_alternc.conf @@ -16,13 +16,13 @@ protocols = imap pop3 sieve # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. -disable_plaintext_auth = yes +disable_plaintext_auth = no # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey # gss-spnego # NOTE: See also disable_plaintext_auth setting. -auth_mechanisms = plain +auth_mechanisms = plain login ## ## Password and user databases @@ -144,7 +144,7 @@ service auth { # 10-ssl.conf # SSL/TLS support: yes, no, required. -ssl = required +ssl = yes # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before # dropping root privileges, so keep the key file unreadable by anyone but diff --git a/wheezy/alternc.install.diff b/wheezy/alternc.install.diff index e5681e1b..dc7aa90c 100644 --- a/wheezy/alternc.install.diff +++ b/wheezy/alternc.install.diff @@ -1,6 +1,6 @@ ---- alternc.install 2013-08-22 09:16:54.818542162 +0200 -+++ alternc.install.wheezy 2013-08-22 09:58:06.713339922 +0200 -@@ -78,7 +78,7 @@ +--- alternc.install 2014-03-28 17:30:31.378712101 +0100 ++++ alternc.install.wheezy 2014-04-03 10:57:57.840148474 +0200 +@@ -79,7 +79,7 @@ fi if [ -e /etc/dovecot/dovecot.conf ]; then @@ -9,7 +9,7 @@ fi INSTALLED_CONFIG_TAR="/var/lib/alternc/backups/etc-installed.tar.gz" -@@ -305,7 +305,7 @@ +@@ -315,7 +315,7 @@ fi # We enable dovecot SSL certificate instructions: (on wheezy we should use a new file in /etc/dovecot/conf.d/ ) @@ -18,7 +18,7 @@ else # We disable proftpd tls module -@@ -314,7 +314,7 @@ +@@ -324,7 +324,7 @@ cp /etc/proftpd/modules.conf /etc/alternc/templates/proftpd/ # We disable dovecot SSL certificate instructions: (on wheezy we should remove a file in /etc/dovecot/conf.d/ ) @@ -27,7 +27,7 @@ echo "SSL not configured" echo "create a certificate in /etc/alternc/apache.pem and rerun alternc.install" -@@ -533,9 +533,11 @@ +@@ -569,9 +569,11 @@ fi fi diff --git a/wheezy/changelog.diff b/wheezy/changelog.diff index 04202ea2..14a64f68 100644 --- a/wheezy/changelog.diff +++ b/wheezy/changelog.diff @@ -1,13 +1,13 @@ ---- changelog 2013-10-18 15:17:57.640081683 +0200 -+++ changelog.wheezy 2013-10-18 15:19:58.442690776 +0200 -@@ -1,0 +1,7 @@ +--- changelog 2014-06-24 13:42:50.234304438 +0200 ++++ changelog.wheezy 2014-06-24 13:43:51.978313552 +0200 +@@ -1,3 +1,10 @@ +alternc (3.2.1) stable; urgency=low + + * Version identical to 3.1 for Squeeze + * Includes a small dovecot patch / dependency for dovecot 2.0 for Wheezy + -+ -- Benjamin Sonntag Thu, 28 Mar 2013 18:19:00 +0200 ++ -- Benjamin Sonntag Thu, 28 Mar 2014 18:19:00 +0200 + -alternc (3.1.1) oldstable; urgency=low - - * many bugfixed from 3.1 / 3.2 : + alternc (3.1.1) oldstable; urgency=low + + * many bugfixed from 3.1 / 3.2 :