1 #!/bin/sh 2 # $NetBSD: post-install,v 1.5 2025/02/25 19:15:41 christos Exp $ 3 # 4 5 # To view the formatted manual page of this file, type: 6 # POSTFIXSOURCE/mantools/srctoman - post-install | nroff -man 7 8 #++ 9 # NAME 10 # post-install 11 # SUMMARY 12 # Postfix post-installation script 13 # SYNOPSIS 14 # postfix post-install [name=value] command ... 15 # DESCRIPTION 16 # The post-install script performs the finishing touch of a Postfix 17 # installation, after the executable programs and configuration 18 # files are installed. Usage is one of the following: 19 # .IP o 20 # While installing Postfix from source code on the local machine, the 21 # script is run by the postfix-install script to update selected file 22 # or directory permissions and to update Postfix configuration files. 23 # .IP o 24 # While installing Postfix from a pre-built package, the script is run 25 # by the package management procedure to set all file or directory 26 # permissions and to update Postfix configuration files. 27 # .IP o 28 # The script can be used to change installation parameter settings such 29 # as mail_owner or setgid_group after Postfix is already installed. 30 # .IP o 31 # The script can be used to upgrade configuration files and to upgrade 32 # file/directory permissions of a secondary Postfix instance. 33 # .IP o 34 # At Postfix start-up time, the script is run from "postfix check" to 35 # create missing queue directories. 36 # .PP 37 # The post-install script is controlled by installation parameters. 38 # Specific parameters are described at the end of this document. 39 # All installation parameters must be specified ahead of time via 40 # one of the methods described below. 41 # 42 # Arguments 43 # .IP create-missing 44 # Create missing queue directories with ownerships and permissions 45 # according to the contents of $meta_directory/postfix-files 46 # and optionally in $meta_directory/postfix-files.d/*, using 47 # the mail_owner and setgid_group parameter settings from the 48 # command line, process environment or from the installed 49 # main.cf file. 50 # 51 # This is required at Postfix start-up time. 52 # .IP set-permissions 53 # Set all file/directory ownerships and permissions according to the 54 # contents of $meta_directory/postfix-files and optionally 55 # in $meta_directory/postfix-files.d/*, using the mail_owner 56 # and setgid_group parameter settings from the command line, 57 # process environment or from the installed main.cf file. 58 # Implies create-missing. 59 # 60 # This is required when installing Postfix from a pre-built package, 61 # or when changing the mail_owner or setgid_group installation parameter 62 # settings after Postfix is already installed. 63 # .IP upgrade-permissions 64 # Update ownership and permission of existing files/directories as 65 # specified in $meta_directory/postfix-files and optionally 66 # in $meta_directory/postfix-files.d/*, using the mail_owner 67 # and setgid_group parameter settings from the command line, 68 # process environment or from the installed main.cf file. 69 # Implies create-missing. 70 # 71 # This is required when upgrading an existing Postfix instance. 72 # .IP upgrade-configuration 73 # Edit the installed main.cf and master.cf files, in order to account 74 # for missing services and to fix deprecated parameter settings. 75 # 76 # This is required when upgrading an existing Postfix instance. 77 # .IP upgrade-source 78 # Short-hand for: upgrade-permissions upgrade-configuration. 79 # 80 # This is recommended when upgrading Postfix from source code. 81 # .IP upgrade-package 82 # Short-hand for: set-permissions upgrade-configuration. 83 # 84 # This is recommended when upgrading Postfix from a pre-built package. 85 # .IP first-install-reminder 86 # Remind the user that they still need to configure main.cf and the 87 # aliases file, and that newaliases still needs to be run. 88 # 89 # This is recommended when Postfix is installed for the first time. 90 # MULTIPLE POSTFIX INSTANCES 91 # .ad 92 # .fi 93 # Multiple Postfix instances on the same machine can share command and 94 # daemon program files but must have separate configuration and queue 95 # directories. 96 # 97 # To create a secondary Postfix installation on the same machine, 98 # copy the configuration files from the primary Postfix instance to 99 # a secondary configuration directory and execute: 100 # 101 # postfix post-install config_directory=secondary-config-directory \e 102 # .in +4 103 # queue_directory=secondary-queue-directory \e 104 # .br 105 # create-missing 106 # .PP 107 # This creates secondary Postfix queue directories, sets their access 108 # permissions, and saves the specified installation parameters to the 109 # secondary main.cf file. 110 # 111 # Be sure to list the secondary configuration directory in the 112 # alternate_config_directories parameter in the primary main.cf file. 113 # 114 # To upgrade a secondary Postfix installation on the same machine, 115 # execute: 116 # 117 # postfix post-install config_directory=secondary-config-directory \e 118 # .in +4 119 # upgrade-permissions upgrade-configuration 120 # INSTALLATION PARAMETER INPUT METHODS 121 # .ad 122 # .fi 123 # Parameter settings can be specified through a variety of 124 # mechanisms. In order of decreasing precedence these are: 125 # .IP "command line" 126 # Parameter settings can be given as name=value arguments on 127 # the post-install command line. These have the highest precedence. 128 # Settings that override the installed main.cf file are saved. 129 # .IP "process environment" 130 # Parameter settings can be given as name=value environment 131 # variables. 132 # Settings that override the installed main.cf file are saved. 133 # .IP "installed configuration files" 134 # If a parameter is not specified via the command line or via the 135 # process environment, post-install will attempt to extract its 136 # value from the already installed Postfix main.cf configuration file. 137 # These settings have the lowest precedence. 138 # INSTALLATION PARAMETER DESCRIPTION 139 # .ad 140 # .fi 141 # The description of installation parameters is as follows: 142 # .IP config_directory 143 # The directory for Postfix configuration files. 144 # .IP daemon_directory 145 # The directory for Postfix daemon programs. This directory 146 # should not be in the command search path of any users. 147 # .IP command_directory 148 # The directory for Postfix administrative commands. This 149 # directory should be in the command search path of administrative users. 150 # .IP queue_directory 151 # The directory for Postfix queues. 152 # .IP data_directory 153 # The directory for Postfix writable data files (caches, etc.). 154 # .IP sendmail_path 155 # The full pathname for the Postfix sendmail command. 156 # This is the Sendmail-compatible mail posting interface. 157 # .IP newaliases_path 158 # The full pathname for the Postfix newaliases command. 159 # This is the Sendmail-compatible command to build alias databases 160 # for the Postfix local delivery agent. 161 # .IP mailq_path 162 # The full pathname for the Postfix mailq command. 163 # This is the Sendmail-compatible command to list the mail queue. 164 # .IP mail_owner 165 # The owner of the Postfix queue. Its numerical user ID and group ID 166 # must not be used by any other accounts on the system. 167 # .IP setgid_group 168 # The group for mail submission and for queue management commands. 169 # Its numerical group ID must not be used by any other accounts on the 170 # system, not even by the mail_owner account. 171 # .IP html_directory 172 # The directory for the Postfix HTML files. 173 # .IP manpage_directory 174 # The directory for the Postfix on-line manual pages. 175 # .IP sample_directory 176 # The directory for the Postfix sample configuration files. 177 # This feature is obsolete as of Postfix 2.1. 178 # .IP readme_directory 179 # The directory for the Postfix README files. 180 # .IP shlib_directory 181 # The directory for the Postfix shared-library files, and for 182 # the Postfix dabatase plugin files with a relative pathname 183 # in the file dynamicmaps.cf. 184 # .IP meta_directory 185 # The directory for non-executable files that are shared 186 # among multiple Postfix instances, such as postfix-files, 187 # dynamicmaps.cf, as well as the multi-instance template files 188 # main.cf.proto and master.cf.proto. 189 # SEE ALSO 190 # postfix-install(1) Postfix primary installation script. 191 # FILES 192 # $config_directory/main.cf, Postfix installation parameters. 193 # $meta_directory/postfix-files, installation control file. 194 # $meta_directory/postfix-files.d/*, optional control files. 195 # $config_directory/install.cf, obsolete configuration file. 196 # LICENSE 197 # .ad 198 # .fi 199 # The Secure Mailer license must be distributed with this software. 200 # AUTHOR(S) 201 # Wietse Venema 202 # IBM T.J. Watson Research 203 # P.O. Box 704 204 # Yorktown Heights, NY 10598, USA 205 # 206 # Wietse Venema 207 # Google, Inc. 208 # 111 8th Avenue 209 # New York, NY 10011, USA 210 # 211 # Wietse Venema 212 # porcupine.org 213 # Amawalk, NY 10501, USA 214 #-- 215 216 umask 022 217 218 PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/usr/ucb:/usr/bsd 219 SHELL=/bin/sh 220 IFS=" 221 " 222 BACKUP_IFS="$IFS" 223 debug=: 224 #debug=echo 225 MOST_PARAMETERS="command_directory daemon_directory data_directory 226 html_directory mail_owner mailq_path manpage_directory 227 newaliases_path queue_directory readme_directory sample_directory 228 sendmail_path setgid_group shlib_directory meta_directory" 229 NON_SHARED="config_directory queue_directory data_directory" 230 231 USAGE="Usage: $0 [name=value] command 232 create-missing Create missing queue directories. 233 upgrade-source When installing or upgrading from source code. 234 upgrade-package When installing or upgrading from pre-built package. 235 first-install-reminder Remind of mandatory first-time configuration steps. 236 name=value Specify an installation parameter". 237 238 # Process command-line options and parameter settings. Work around 239 # brain damaged shells. "IFS=value command" should not make the 240 # IFS=value setting permanent. But some broken standard allows it. 241 242 create=; set_perms=; upgrade_perms=; upgrade_conf=; first_install_reminder= 243 obsolete=; keep_list=; 244 245 for arg 246 do 247 case $arg in 248 *[" "]*) echo $0: "Error: argument contains whitespace: '$arg'" 249 exit 1;; 250 *=*) IFS= eval $arg; IFS="$BACKUP_IFS";; 251 create-missing) create=1;; 252 set-perm*) create=1; set_perms=1;; 253 upgrade-perm*) create=1; upgrade_perms=1;; 254 upgrade-conf*) upgrade_conf=1;; 255 upgrade-source) create=1; upgrade_conf=1; upgrade_perms=1;; 256 upgrade-package) create=1; upgrade_conf=1; set_perms=1;; 257 first-install*) first_install_reminder=1;; 258 *) echo "$0: Error: $USAGE" 1>&2; exit 1;; 259 esac 260 shift 261 done 262 263 # Sanity checks. 264 265 test -n "$create$upgrade_conf$first_install_reminder" || { 266 echo "$0: Error: $USAGE" 1>&2 267 exit 1 268 } 269 270 # Bootstrapping problem. 271 272 if [ -n "$command_directory" ] 273 then 274 POSTCONF="$command_directory/postconf" 275 else 276 POSTCONF="postconf" 277 fi 278 279 $POSTCONF -d mail_version >/dev/null 2>/dev/null || { 280 echo $0: Error: no $POSTCONF command found. 1>&2 281 echo Re-run this command as $0 command_directory=/some/where. 1>&2 282 exit 1 283 } 284 285 # Also used to require license etc. files only in the default instance. 286 287 def_config_directory=`$POSTCONF -d -h config_directory` || exit 1 288 test -n "$config_directory" || 289 config_directory="$def_config_directory" 290 291 test -d "$config_directory" || { 292 echo $0: Error: $config_directory is not a directory. 1>&2 293 exit 1 294 } 295 296 # If this is a secondary instance, don't touch shared files. 297 # XXX Solaris does not have "test -e". 298 299 instances=`test ! -f $def_config_directory/main.cf || 300 $POSTCONF -qc $def_config_directory -h multi_instance_directories | 301 sed 'y/,/ /'` || exit 1 302 303 update_shared_files=1 304 for name in $instances 305 do 306 case "$name" in 307 "$def_config_directory") ;; 308 "$config_directory") update_shared_files=; break;; 309 esac 310 done 311 312 test -f $meta_directory/postfix-files || { 313 echo $0: Error: $meta_directory/postfix-files is not a file. 1>&2 314 exit 1 315 } 316 317 # SunOS5 fmt(1) truncates lines > 1000 characters. 318 319 fake_fmt() { 320 sed ' 321 :top 322 /^\( *\)\([^ ][^ ]*\) */{ 323 s//\1\2\ 324 \1/ 325 P 326 D 327 b top 328 } 329 ' | fmt 330 } 331 332 case `uname -s` in 333 HP-UX*) FMT=cat;; 334 SunOS*) FMT=fake_fmt;; 335 *) FMT=fmt;; 336 esac 337 338 # If a parameter is not set via the command line or environment, 339 # try to use settings from installed configuration files. 340 341 # Extract parameter settings from the obsolete install.cf file, as 342 # a transitional aid. 343 344 grep setgid_group $config_directory/main.cf >/dev/null 2>&1 || { 345 test -f $config_directory/install.cf && { 346 for name in sendmail_path newaliases_path mailq_path setgid manpages 347 do 348 eval junk=\$$name 349 case "$junk" in 350 "") eval unset $name;; 351 esac 352 eval : \${$name="\`. $config_directory/install.cf; echo \$$name\`"} \ 353 || exit 1 354 done 355 : ${setgid_group=$setgid} 356 : ${manpage_directory=$manpages} 357 } 358 } 359 360 # Extract parameter settings from the installed main.cf file. 361 362 test -f $config_directory/main.cf && { 363 for name in $MOST_PARAMETERS 364 do 365 eval junk=\$$name 366 case "$junk" in 367 "") eval unset $name;; 368 esac 369 eval : \${$name=\`$POSTCONF -qc $config_directory -h $name\`} || exit 1 370 done 371 } 372 373 # Sanity checks 374 375 case $manpage_directory in 376 no) echo $0: Error: manpage_directory no longer accepts \"no\" values. 1>&2 377 echo Try again with \"$0 manpage_directory=/pathname ...\". 1>&2; exit 1;; 378 esac 379 380 case $setgid_group in 381 no) echo $0: Error: setgid_group no longer accepts \"no\" values. 1>&2 382 echo Try again with \"$0 setgid_group=groupname ...\" 1>&2; exit 1;; 383 esac 384 385 for path in "$daemon_directory" "$command_directory" "$queue_directory" \ 386 "$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory" \ 387 "$meta_directory" 388 do 389 case "$path" in 390 /*) ;; 391 *) echo $0: Error: \"$path\" should be an absolute path name. 1>&2; exit 1;; 392 esac 393 done 394 395 for path in "$html_directory" "$readme_directory" "$shlib_directory" 396 do 397 case "$path" in 398 /*) ;; 399 no) ;; 400 *) echo $0: Error: \"$path\" should be \"no\" or an absolute path name. 1>&2; exit 1;; 401 esac 402 done 403 404 # Find out what parameters were not specified via command line, 405 # via environment, or via installed configuration files. 406 407 missing= 408 for name in $MOST_PARAMETERS 409 do 410 eval test -n \"\$$name\" || missing="$missing $name" 411 done 412 413 # All parameters must be specified at this point. 414 415 test -n "$non_interactive" -a -n "$missing" && { 416 cat <<EOF | ${FMT} 1>&2 417 $0: Error: some required installation parameters are not defined. 418 419 - Either the parameters need to be given in the $config_directory/main.cf 420 file from a recent Postfix installation, 421 422 - Or the parameters need to be specified through the process 423 environment. 424 425 - Or the parameters need to be specified as name=value arguments 426 on the $0 command line, 427 428 The following parameters were missing: 429 430 $missing 431 432 EOF 433 exit 1 434 } 435 436 POSTCONF="$command_directory/postconf" 437 438 # Save settings, allowing command line/environment override. 439 440 # Undo MAIL_VERSION expansion at the end of a parameter value. If 441 # someone really wants the expanded mail version in main.cf, then 442 # we're sorry. 443 444 # Confine side effects from mail_version unexpansion within a subshell. 445 446 (case "$mail_version" in 447 "") mail_version="`$POSTCONF -dhx mail_version`" || exit 1 448 esac 449 450 for name in $MOST_PARAMETERS 451 do 452 eval junk=\$$name 453 case "$junk" in 454 *"$mail_version"*) 455 case "$pattern" in 456 "") pattern=`echo "$mail_version" | sed 's/\./\\\\./g'` || exit 1 457 esac 458 val=`echo "$junk" | sed "s/$pattern"'$/${mail_version}/g'` || exit 1 459 eval ${name}='"$val"' 460 esac 461 done 462 463 # XXX Maybe update main.cf only with first install, upgrade, set 464 # permissions, and what else? Should there be a warning otherwise? 465 466 override= 467 for name in $MOST_PARAMETERS 468 do 469 eval junk=\"\$$name\" 470 test "$junk" = "`$POSTCONF -qc $config_directory -h $name`" || { 471 override=1 472 break 473 } 474 done 475 476 test -n "$override" && { 477 $POSTCONF -qc $config_directory -e \ 478 "daemon_directory = $daemon_directory" \ 479 "command_directory = $command_directory" \ 480 "queue_directory = $queue_directory" \ 481 "data_directory = $data_directory" \ 482 "mail_owner = $mail_owner" \ 483 "setgid_group = $setgid_group" \ 484 "sendmail_path = $sendmail_path" \ 485 "mailq_path = $mailq_path" \ 486 "newaliases_path = $newaliases_path" \ 487 "html_directory = $html_directory" \ 488 "manpage_directory = $manpage_directory" \ 489 "sample_directory = $sample_directory" \ 490 "readme_directory = $readme_directory" \ 491 "shlib_directory = $shlib_directory" \ 492 "meta_directory = $meta_directory" \ 493 || exit 1 494 } || exit 0) || exit 1 495 496 # Use file/directory status information in $meta_directory/postfix-files. 497 498 test -n "$create" && { 499 postfix_files_d=$meta_directory/postfix-files.d 500 for postfix_file in $meta_directory/postfix-files \ 501 `test -d $postfix_files_d && { find $postfix_files_d -type f | sort; }` 502 do 503 exec <$postfix_file || exit 1 504 while IFS=: read path type owner group mode flags junk 505 do 506 IFS="$BACKUP_IFS" 507 set_permission= 508 # Skip comments. Skip shared files, if updating a secondary instance. 509 case $path in 510 [$]*) case "$update_shared_files" in 511 1) $debug keep non-shared or shared $path;; 512 *) non_shared= 513 for name in $NON_SHARED 514 do 515 case $path in 516 "\$$name"*) non_shared=1; break;; 517 esac 518 done 519 case "$non_shared" in 520 1) $debug keep non-shared $path;; 521 *) $debug skip shared $path; continue;; 522 esac;; 523 esac;; 524 *) continue;; 525 esac 526 # Skip hard links and symbolic links. 527 case $type in 528 [hl]) continue;; 529 [df]) ;; 530 *) echo unknown type $type for $path in $postfix_file 1>&2; exit 1;; 531 esac 532 # Expand $name, and canonicalize null fields. 533 for name in path owner group flags 534 do 535 eval junk=\${$name} 536 case $junk in 537 [$]*) eval $name=$junk;; 538 -) eval $name=;; 539 *) ;; 540 esac 541 done 542 # Skip uninstalled files. 543 case $path in 544 no|no/*) continue;; 545 esac 546 # Pick up the flags. 547 case $flags in *u*) upgrade_flag=1;; *) upgrade_flag=;; esac 548 case $flags in *c*) create_flag=1;; *) create_flag=;; esac 549 case $flags in *r*) recursive="-R";; *) recursive=;; esac 550 case $flags in *o*) obsolete_flag=1;; *) obsolete_flag=;; esac 551 case $flags in *[1i]*) test ! -r "$path" -a "$config_directory" != \ 552 "$def_config_directory" && continue;; esac 553 # Flag obsolete objects. XXX Solaris 2..9 does not have "test -e". 554 if [ -n "$obsolete_flag" ] 555 then 556 test -r $path -a "$type" != "d" && obsolete="$obsolete $path" 557 continue; 558 else 559 keep_list="$keep_list $path" 560 fi 561 # Create missing directories with proper owner/group/mode settings. 562 if [ -n "$create" -a "$type" = "d" -a -n "$create_flag" -a ! -d "$path" ] 563 then 564 mkdir $path || exit 1 565 set_permission=1 566 # Update all owner/group/mode settings. 567 elif [ -n "$set_perms" ] 568 then 569 set_permission=1 570 # Update obsolete owner/group/mode settings. 571 elif [ -n "$upgrade_perms" -a -n "$upgrade_flag" ] 572 then 573 set_permission=1 574 fi 575 test -n "$set_permission" && { 576 chown $recursive $owner $path || exit 1 577 test -z "$group" || chgrp $recursive $group $path || exit 1 578 # Don't "chmod -R"; queue file status is encoded in mode bits. 579 if [ "$type" = "d" -a -n "$recursive" ] 580 then 581 find $path -type d -exec chmod $mode "{}" ";" 582 else 583 chmod $mode $path 584 fi || exit 1 585 } 586 done 587 IFS="$BACKUP_IFS" 588 done 589 } 590 591 # Upgrade existing Postfix configuration files if necessary. 592 593 test -n "$upgrade_conf" && { 594 595 # Postfix 2.0. 596 # Add missing relay service to master.cf. 597 598 grep '^relay' $config_directory/master.cf >/dev/null || { 599 echo Editing $config_directory/master.cf, adding missing entry for relay service 600 cat >>$config_directory/master.cf <<EOF || exit 1 601 relay unix - - n - - smtp 602 EOF 603 } 604 605 # Postfix 1.1. 606 # Add missing flush service to master.cf. 607 608 grep '^flush.*flush' $config_directory/master.cf >/dev/null || { 609 echo Editing $config_directory/master.cf, adding missing entry for flush service 610 cat >>$config_directory/master.cf <<EOF || exit 1 611 flush unix - - n 1000? 0 flush 612 EOF 613 } 614 615 # Postfix 2.1. 616 # Add missing trace service to master.cf. 617 618 grep 'trace.*bounce' $config_directory/master.cf >/dev/null || { 619 echo Editing $config_directory/master.cf, adding missing entry for trace service 620 cat >>$config_directory/master.cf <<EOF || exit 1 621 trace unix - - n - 0 bounce 622 EOF 623 } 624 625 # Postfix 2.1. 626 # Add missing verify service to master.cf. 627 628 grep '^verify.*verify' $config_directory/master.cf >/dev/null || { 629 echo Editing $config_directory/master.cf, adding missing entry for verify service 630 cat >>$config_directory/master.cf <<EOF || exit 1 631 verify unix - - n - 1 verify 632 EOF 633 } 634 635 # Postfix 2.1. 636 # Fix verify service process limit. 637 638 grep '^verify.*[ ]0[ ]*verify' \ 639 $config_directory/master.cf >/dev/null && { 640 echo Editing $config_directory/master.cf, setting verify process limit to 1 641 ed $config_directory/master.cf <<EOF || exit 1 642 /^verify.*[ ]0[ ]*verify/ 643 s/\([ ]\)0\([ ]\)/\11\2/ 644 p 645 w 646 q 647 EOF 648 } 649 650 # Postfix 1.1. 651 # Change privileged pickup service into unprivileged. 652 653 grep "^pickup[ ]*fifo[ ]*n[ ]*n" \ 654 $config_directory/master.cf >/dev/null && { 655 echo Editing $config_directory/master.cf, making the pickup service unprivileged 656 ed $config_directory/master.cf <<EOF || exit 1 657 /^pickup[ ]*fifo[ ]*n[ ]*n/ 658 s/\(n[ ]*\)n/\1-/ 659 p 660 w 661 q 662 EOF 663 } 664 665 # Postfix 1.1. 666 # Change private cleanup and flush services into public. 667 668 for name in cleanup flush 669 do 670 grep "^$name[ ]*unix[ ]*[-y]" \ 671 $config_directory/master.cf >/dev/null && { 672 echo Editing $config_directory/master.cf, making the $name service public 673 ed $config_directory/master.cf <<EOF || exit 1 674 /^$name[ ]*unix[ ]*[-y]/ 675 s/[-y]/n/ 676 p 677 w 678 q 679 EOF 680 } 681 done 682 683 # Postfix 2.2. 684 # File systems have improved since Postfix came out, and all we 685 # require now is that defer and deferred are hashed because those 686 # can contain lots of files. 687 688 found=`$POSTCONF -qc $config_directory -h hash_queue_names` 689 missing= 690 (echo "$found" | grep defer >/dev/null) || missing="$missing defer" 691 (echo "$found" | grep deferred>/dev/null)|| missing="$missing deferred" 692 test -n "$missing" && { 693 echo fixing main.cf hash_queue_names for missing $missing 694 $POSTCONF -qc $config_directory -e hash_queue_names="$found$missing" || 695 exit 1 696 } 697 698 # Turn on safety nets for new features that could bounce mail that 699 # would be accepted by a previous Postfix version. 700 701 # [The "unknown_local_recipient_reject_code = 450" safety net, 702 # introduced with Postfix 2.0 and deleted after Postfix 2.3.] 703 704 # Postfix 2.0. 705 # Add missing proxymap service to master.cf. 706 707 grep '^proxymap.*proxymap' $config_directory/master.cf >/dev/null || { 708 echo Editing $config_directory/master.cf, adding missing entry for proxymap service 709 cat >>$config_directory/master.cf <<EOF || exit 1 710 proxymap unix - - n - - proxymap 711 EOF 712 } 713 714 # Postfix 2.1. 715 # Add missing anvil service to master.cf. 716 717 grep '^anvil.*anvil' $config_directory/master.cf >/dev/null || { 718 echo Editing $config_directory/master.cf, adding missing entry for anvil service 719 cat >>$config_directory/master.cf <<EOF || exit 1 720 anvil unix - - n - 1 anvil 721 EOF 722 } 723 724 # Postfix 2.2. 725 # Add missing scache service to master.cf. 726 727 grep '^scache.*scache' $config_directory/master.cf >/dev/null || { 728 echo Editing $config_directory/master.cf, adding missing entry for scache service 729 cat >>$config_directory/master.cf <<EOF || exit 1 730 scache unix - - n - 1 scache 731 EOF 732 } 733 734 # Postfix 2.2. 735 # Add missing discard service to master.cf. 736 737 grep '^discard.*discard' $config_directory/master.cf >/dev/null || { 738 echo Editing $config_directory/master.cf, adding missing entry for discard service 739 cat >>$config_directory/master.cf <<EOF || exit 1 740 discard unix - - n - - discard 741 EOF 742 } 743 744 # Postfix 2.2. 745 # Update the tlsmgr fifo->unix service. 746 747 grep "^tlsmgr[ ]*fifo[ ]" \ 748 $config_directory/master.cf >/dev/null && { 749 echo Editing $config_directory/master.cf, updating the tlsmgr from fifo to unix service 750 ed $config_directory/master.cf <<EOF || exit 1 751 /^tlsmgr[ ]*fifo[ ]/ 752 s/fifo/unix/ 753 s/[0-9][0-9]*/&?/ 754 p 755 w 756 q 757 EOF 758 } 759 760 # Postfix 2.2. 761 # Add missing tlsmgr service to master.cf. 762 763 grep '^tlsmgr.*tlsmgr' $config_directory/master.cf >/dev/null || { 764 echo Editing $config_directory/master.cf, adding missing entry for tlsmgr service 765 cat >>$config_directory/master.cf <<EOF || exit 1 766 tlsmgr unix - - n 1000? 1 tlsmgr 767 EOF 768 } 769 770 # Postfix 2.2. 771 # Add missing retry service to master.cf. 772 773 grep '^retry.*error' $config_directory/master.cf >/dev/null || { 774 echo Editing $config_directory/master.cf, adding missing entry for retry service 775 cat >>$config_directory/master.cf <<EOF || exit 1 776 retry unix - - n - - error 777 EOF 778 } 779 780 # Postfix 2.5. 781 # Add missing proxywrite service to master.cf. 782 783 grep '^proxywrite.*proxymap' $config_directory/master.cf >/dev/null || { 784 echo Editing $config_directory/master.cf, adding missing entry for proxywrite service 785 cat >>$config_directory/master.cf <<EOF || exit 1 786 proxywrite unix - - n - 1 proxymap 787 EOF 788 } 789 790 # Postfix 2.5. 791 # Fix a typo in the default master.cf proxywrite entry. 792 793 grep '^proxywrite.*-[ ]*proxymap' $config_directory/master.cf >/dev/null && { 794 echo Editing $config_directory/master.cf, setting proxywrite process limit to 1 795 ed $config_directory/master.cf <<EOF || exit 1 796 /^proxywrite.*-[ ]*proxymap/ 797 s/-\([ ]*proxymap\)/1\1/ 798 p 799 w 800 q 801 EOF 802 } 803 804 # Postfix 2.8. 805 # Add missing postscreen service to master.cf. 806 807 grep '^#*smtp.*postscreen' $config_directory/master.cf >/dev/null || { 808 echo Editing $config_directory/master.cf, adding missing entry for postscreen TCP service 809 cat >>$config_directory/master.cf <<EOF || exit 1 810 #smtp inet n - n - 1 postscreen 811 EOF 812 } 813 814 # Postfix 2.8. 815 # Add missing smtpd (unix-domain) service to master.cf. 816 817 grep '^#*smtpd.*smtpd' $config_directory/master.cf >/dev/null || { 818 echo Editing $config_directory/master.cf, adding missing entry for smtpd unix-domain service 819 cat >>$config_directory/master.cf <<EOF || exit 1 820 #smtpd pass - - n - - smtpd 821 EOF 822 } 823 824 # Postfix 2.8. 825 # Add temporary dnsblog (unix-domain) service to master.cf. 826 827 grep '^#*dnsblog.*dnsblog' $config_directory/master.cf >/dev/null || { 828 echo Editing $config_directory/master.cf, adding missing entry for dnsblog unix-domain service 829 cat >>$config_directory/master.cf <<EOF || exit 1 830 #dnsblog unix - - n - 0 dnsblog 831 EOF 832 } 833 834 # Postfix 2.8. 835 # Add tlsproxy (unix-domain) service to master.cf. 836 837 grep '^#*tlsproxy.*tlsproxy' $config_directory/master.cf >/dev/null || { 838 echo Editing $config_directory/master.cf, adding missing entry for tlsproxy unix-domain service 839 cat >>$config_directory/master.cf <<EOF || exit 1 840 #tlsproxy unix - - n - 0 tlsproxy 841 EOF 842 } 843 844 # Report (but do not remove) obsolete files. 845 846 test -n "$obsolete" && { 847 cat <<EOF | ${FMT} 848 849 Note: the following files or directories still exist but are 850 no longer part of Postfix: 851 852 $obsolete 853 854 EOF 855 } 856 857 # Postfix 2.9. 858 # Safety net for incompatible changes in IPv6 defaults. 859 # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO AVOID AN 860 # UNEXPECTED DROP IN PERFORMANCE AFTER UPGRADING FROM POSTFIX 861 # BEFORE 2.9. 862 # This code assumes that the default is "inet_protocols = ipv4" 863 # when IPv6 support is not compiled in. See util/sys_defs.h. 864 865 test "`$POSTCONF -dh inet_protocols`" = "ipv4" || 866 test -n "`$POSTCONF -qc $config_directory -n inet_protocols`" || { 867 cat <<EOF | ${FMT} 868 COMPATIBILITY: editing $config_directory/main.cf, setting 869 inet_protocols=ipv4. Specify inet_protocols explicitly if you 870 want to enable IPv6. 871 In a future release IPv6 will be enabled by default. 872 EOF 873 $POSTCONF -qc $config_directory inet_protocols=ipv4 || exit 1 874 } 875 876 # Disabled because unhelpful down-stream maintainers disable the safety net. 877 # # Postfix 2.10. 878 # # Safety net for incompatible changes due to the introduction 879 # # of the smtpd_relay_restrictions feature to separate the 880 # # mail relay policy from the spam blocking policy. 881 # # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO PREVENT 882 # # INBOUND MAIL FROM UNEXPECTEDLY BOUNCING AFTER UPGRADING FROM 883 # # POSTFIX BEFORE 2.10. 884 # test -n "`$POSTCONF -qc $config_directory -n smtpd_relay_restrictions`" || { 885 # cat <<EOF | ${FMT} 886 # COMPATIBILITY: editing $config_directory/main.cf, overriding 887 # smtpd_relay_restrictions to prevent inbound mail from 888 # unexpectedly bouncing. 889 # Specify an empty smtpd_relay_restrictions value to keep using 890 # smtpd_recipient_restrictions as before. 891 #EOF 892 # $POSTCONF -qc $config_directory "smtpd_relay_restrictions = \ 893 # permit_mynetworks permit_sasl_authenticated \ 894 # defer_unauth_destination" || exit 1 895 # } 896 897 # Postfix 3.4 898 # Add a postlog service entry. 899 900 grep '^postlog' $config_directory/master.cf >/dev/null || { 901 echo Editing $config_directory/master.cf, adding missing entry for postlog unix-domain datagram service 902 cat >>$config_directory/master.cf <<EOF || exit 1 903 postlog unix-dgram n - n - 1 postlogd 904 EOF 905 } 906 } 907 908 # A reminder if this is the first time Postfix is being installed. 909 910 test -n "$first_install_reminder" && { 911 912 ALIASES=`$POSTCONF -qc $config_directory -h alias_database | sed 's/^[^:]*://'` 913 NEWALIASES_PATH=`$POSTCONF -qc $config_directory -h newaliases_path` 914 cat <<EOF | ${FMT} 915 916 Warning: you still need to edit myorigin/mydestination/mynetworks 917 parameter settings in $config_directory/main.cf. 918 919 See also https://www.postfix.org/STANDARD_CONFIGURATION_README.html 920 for information about dialup sites or about sites inside a 921 firewalled network. 922 923 BTW: Check your $ALIASES file and be sure to set up aliases 924 that send mail for root and postmaster to a real person, then 925 run $NEWALIASES_PATH. 926 927 EOF 928 929 } 930 931 exit 0 932
Indexes created Sun Mar 01 05:31:48 UTC 2026