#!/bin/bash # create postfix user getent group postfix >/dev/null 2>&1 || addgroup --system postfix getent group postdrop >/dev/null 2>&1 || addgroup --system postdrop getent passwd postfix >/dev/null 2>&1 || adduser --system --home /var/spool/postfix --no-create-home --disabled-password --shell /bin/false --ingroup postfix postfix # create dovecot user getent group dovecot >/dev/null 2>&1 || addgroup --system dovecot getent passwd dovecot >/dev/null 2>&1 || adduser --system --home /usr/lib/dovecot --no-create-home --disabled-password --shell /bin/false --ingroup dovecot dovecot getent passwd dovecot |grep "Dovecot mail server" >/dev/null 2>&1 || chfn -f "Dovecot mail server" dovecot # create dovenull user getent passwd dovenull >/dev/null 2>&1 || adduser --system --home /nonexistent --no-create-home --disabled-password --shell /bin/false --ingroup nogroup dovenull getent passwd dovenull |grep "Dovecot login user" >/dev/null 2>&1 || chfn -f "Dovecot login user" dovenull # create clamav user getent group clamav >/dev/null 2>&1 || addgroup --system clamav getent passwd clamav >/dev/null 2>&1 || adduser --system --home /var/lib/clamav --no-create-home --disabled-password --shell /bin/false --ingroup clamav clamav # create amavis user getent group amavis >/dev/null 2>&1 || addgroup --system amavis getent passwd amavis >/dev/null 2>&1 || adduser --system --home /var/lib/amavis --no-create-home --disabled-password --shell /bin/sh --ingroup amavis amavis getent passwd amavis |grep "AMaViS system user" >/dev/null 2>&1 || chfn -f "AMaViS system user" amavis getent group amavis |grep clamav >/dev/null 2>&1 || usermod -a -G amavis clamav # create debian-spamd user getent group debian-spamd >/dev/null 2>&1 || addgroup --system debian-spamd getent passwd debian-spamd >/dev/null 2>&1 || adduser --system --home /var/lib/spamassassin --no-create-home --disabled-password --shell /bin/sh --ingroup debian-spamd debian-spamd # create opendkim user getent group opendkim >/dev/null 2>&1 || addgroup --system opendkim getent passwd opendkim >/dev/null 2>&1 || adduser --system --home /nonexistent --no-create-home --disabled-password --shell /bin/false --ingroup opendkim opendkim getent group opendkim |grep postfix >/dev/null 2>&1 || usermod -a -G opendkim postfix # create cluebringer user getent group cluebringer >/dev/null 2>&1 || addgroup --system cluebringer getent passwd cluebringer >/dev/null 2>&1 || adduser --system --home /nonexistent --no-create-home --disabled-password --shell /usr/sbin/nologin --ingroup cluebringer cluebringer # create policyd-rate-limit user getent group policyd-rate-limit >/dev/null 2>&1 || addgroup --system policyd-rate-limit getent passwd policyd-rate-limit >/dev/null 2>&1 || adduser --system --home /nonexistent --no-create-home --disabled-password --shell /usr/sbin/nologin --ingroup policyd-rate-limit policyd-rate-limit # create postsrsd user getent group postsrsd >/dev/null 2>&1 || addgroup --system postsrsd getent passwd postsrsd >/dev/null 2>&1 || adduser --system --home /var/lib/postsrsd --no-create-home --disabled-password --shell /usr/sbin/nologin --ingroup postsrsd postsrsd INITSYS=`readlink -f /proc/1/exe` if [ "$INITSYS" == "/lib/systemd/systemd" -o "$INITSYS" == "/usr/lib/systemd/systemd" ]; then ### systemd if deb-systemd-helper --quiet was-enabled postfix-chroot.service; then deb-systemd-helper enable postfix-chroot.service >/dev/null || true else deb-systemd-helper update-state postfix-chroot.service >/dev/null || true fi #systemctl enable postfix-chroot@.service if deb-systemd-helper --quiet was-enabled dovecot-chroot.service; then deb-systemd-helper enable dovecot-chroot.service >/dev/null || true else deb-systemd-helper update-state dovecot-chroot.service >/dev/null || true fi if deb-systemd-helper --quiet was-enabled amavis-chroot.service; then deb-systemd-helper enable amavis-chroot.service >/dev/null || true else deb-systemd-helper update-state amavis-chroot.service >/dev/null || true fi if deb-systemd-helper --quiet was-enabled clamav-daemon-chroot.service; then deb-systemd-helper enable clamav-daemon-chroot.service >/dev/null || true else deb-systemd-helper update-state clamav-daemon-chroot.service >/dev/null || true fi if deb-systemd-helper --quiet was-enabled clamav-freshclam-chroot.service; then deb-systemd-helper enable clamav-freshclam-chroot.service >/dev/null || true else deb-systemd-helper update-state clamav-freshclam-chroot.service >/dev/null || true fi if deb-systemd-helper --quiet was-enabled opendkim-chroot.service; then deb-systemd-helper enable opendkim-chroot.service >/dev/null || true else deb-systemd-helper update-state opendkim-chroot.service >/dev/null || true fi if [ -f /chroot/maild/usr/sbin/cbpolicyd -a ! -f /chroot/maild/usr/bin/policyd-rate-limit ]; then if deb-systemd-helper --quiet was-enabled postfix-cluebringer-chroot.service; then deb-systemd-helper enable postfix-cluebringer-chroot.service >/dev/null || true else deb-systemd-helper update-state postfix-cluebringer-chroot.service >/dev/null || true fi else if deb-systemd-helper --quiet was-enabled postfix-cluebringer-chroot.service; then systemctl stop postfix-cluebringer-chroot.service >/dev/null 2>&1 || true fi deb-systemd-helper disable postfix-cluebringer-chroot.service >/dev/null || true deb-systemd-helper mask postfix-cluebringer-chroot.service >/dev/null || true fi if [ -f /chroot/maild/usr/bin/policyd-rate-limit ]; then if deb-systemd-helper --quiet was-enabled policyd-rate-limit-chroot.service; then deb-systemd-helper enable policyd-rate-limit-chroot.service >/dev/null || true else deb-systemd-helper update-state policyd-rate-limit-chroot.service >/dev/null || true fi else deb-systemd-helper disable policyd-rate-limit-chroot.service >/dev/null || true deb-systemd-helper mask policyd-rate-limit-chroot.service >/dev/null || true fi if deb-systemd-helper --quiet was-enabled postsrsd-chroot.service; then deb-systemd-helper enable postsrsd-chroot.service >/dev/null || true else deb-systemd-helper update-state postsrsd-chroot.service >/dev/null || true fi systemctl restart rsyslog if ! [ -e /chroot/maild/dev/log ]; then ln -s ../run/systemd/journal/dev-log /chroot/maild/dev/log fi elif [ "$INITSYS" == "/sbin/init" ]; then ### sysvinit if [ -x "/etc/init.d/postfix-chroot" ]; then update-rc.d postfix-chroot defaults >/dev/null fi if [ -x "/etc/init.d/dovecot-chroot" ]; then update-rc.d dovecot-chroot defaults >/dev/null fi if [ -x "/etc/init.d/amavis-chroot" ]; then update-rc.d amavis-chroot defaults >/dev/null fi if [ -x "/etc/init.d/clamav-daemon-chroot" ]; then update-rc.d clamav-daemon-chroot defaults >/dev/null fi if [ -x "/etc/init.d/clamav-freshclam-chroot" ]; then update-rc.d clamav-freshclam-chroot defaults >/dev/null fi if [ -x "/etc/init.d/opendkim-chroot" ]; then update-rc.d opendkim-chroot defaults >/dev/null fi if [ -x "/etc/init.d/postsrsd-chroot" ]; then update-rc.d postsrsd-chroot defaults >/dev/null fi if [ -f /chroot/maild/usr/sbin/cbpolicyd -a ! -f /chroot/maild/usr/bin/policyd-rate-limit ]; then if [ -x "/etc/init.d/postfix-cluebringer-chroot" ]; then update-rc.d postfix-cluebringer-chroot defaults >/dev/null fi fi if [ -f /chroot/maild/usr/bin/policyd-rate-limit ]; then if [ -x "/etc/init.d/policyd-rate-limit-chroot" ]; then update-rc.d policyd-rate-limit-chroot defaults >/dev/null fi fi if [ -x "/etc/init.d/rsyslog" ]; then /etc/init.d/rsyslog restart fi else echo "No init system found, check manually" fi echo "Checking systemd socket placeholders" /usr/lib/3gsystools/chr_placeholder_check /chroot/maild/run /systemd/notify file /usr/lib/3gsystools/chr_placeholder_check /chroot/maild/run /systemd/journal/dev-log file /usr/lib/3gsystools/chr_placeholder_check /chroot/maild/var/spool/postfix /dev/log file /usr/lib/3gsystools/chr_placeholder_check /chroot/maild/var/spool/postfix-nl /dev/log file echo "Checking mysql socket placeholder dirs" /usr/lib/3gsystools/chr_placeholder_check /chroot/maild/run /mysqld dir /usr/lib/3gsystools/chr_placeholder_check /chroot/maild/var/spool/postfix /run/mysqld dir echo "Checking opendkim socket placeholder dirs" /usr/lib/3gsystools/chr_placeholder_check /chroot/maild/var/spool/postfix /run/opendkim dir /usr/lib/3gsystools/chr_placeholder_check /chroot/maild/var/spool/postfix-nl /run/opendkim dir /usr/lib/3gsystools/chr_placeholder_check /var/spool/postfix /run/opendkim dir echo "Checking SSL cert placeholder dirs" /usr/lib/3gsystools/chr_placeholder_check /chroot/maild/etc/ssl /sys dir echo "Checking fstab" /usr/local/sbin/fstab-chr exit 0