From 6144f7967cdfe88b2e6b1ba4f4264d357e195594 Mon Sep 17 00:00:00 2001 From: Spitap Date: Thu, 12 Jan 2023 11:22:26 +0100 Subject: [PATCH 1/4] make use of mailbox_owner --- .gitignore | 3 +++ modoboa_installer/scripts/dovecot.py | 20 +++++++++++++++----- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index ba74660..e12944a 100644 --- a/.gitignore +++ b/.gitignore @@ -55,3 +55,6 @@ docs/_build/ # PyBuilder target/ + +# PyCharm +.idea/ diff --git a/modoboa_installer/scripts/dovecot.py b/modoboa_installer/scripts/dovecot.py index a1f5988..dfac55a 100644 --- a/modoboa_installer/scripts/dovecot.py +++ b/modoboa_installer/scripts/dovecot.py @@ -30,6 +30,16 @@ class Dovecot(base.Installer): "conf.d/10-master.conf", "conf.d/20-lmtp.conf", "conf.d/10-ssl-keys.try"] with_user = True + def setup_user(self): + """Setup mailbox user.""" + self.mailboxes_owner = self.app_config["mailboxes_owner"] + if self.config.has_option(self.appname, "home_dir"): + self.home_dir = self.config.get(self.appname, "home_dir") + else: + self.home_dir = None + system.create_user(self.mailbox_owner, self.home_dir) + super(Dovecot, self).setup_user() + def get_config_files(self): """Additional config files.""" return self.config_files + [ @@ -58,7 +68,7 @@ class Dovecot(base.Installer): def get_template_context(self): """Additional variables.""" context = super(Dovecot, self).get_template_context() - pw = pwd.getpwnam(self.user) + pw_mailbox = pwd.getpwnam(self.mailboxes_owner) dovecot_package = {"deb": "dovecot-core", "rpm": "dovecot"} ssl_protocol_parameter = "ssl_protocols" if package.backend.get_installed_version(dovecot_package[package.backend.FORMAT]) > "2.3": @@ -79,8 +89,8 @@ class Dovecot(base.Installer): protocols = "" context.update({ "db_driver": self.db_driver, - "mailboxes_owner_uid": pw[2], - "mailboxes_owner_gid": pw[3], + "mailboxes_owner_uid": pw_mailbox[2], + "mailboxes_owner_gid": pw_mailbox[3], "modoboa_user": self.config.get("modoboa", "user"), "modoboa_dbname": self.config.get("modoboa", "dbname"), "modoboa_dbuser": self.config.get("modoboa", "dbuser"), @@ -161,10 +171,10 @@ class Dovecot(base.Installer): shutil.copytree(mail_dir, home_dir) # Resetting permission for vmail for dirpath, dirnames, filenames in os.walk(home_dir): - shutil.chown(dirpath, self.user, self.user) + shutil.chown(dirpath, self.mailboxes_owner, self.mailboxes_owner) for filename in filenames: shutil.chown(os.path.join(dirpath, filename), - self.user, self.user) + self.mailboxes_owner, self.mailboxes_owner) else: utils.printcolor( "It seems that emails were not backed up, skipping restoration.", From 7cae12b32eee083127d83e6ddc785403c5988858 Mon Sep 17 00:00:00 2001 From: Spitap Date: Mon, 23 Jan 2023 19:24:28 +0100 Subject: [PATCH 2/4] Fix multiple hard-coded vmail --- modoboa_installer/config_dict_template.py | 2 +- modoboa_installer/scripts/dovecot.py | 6 ++---- .../scripts/files/dovecot/conf.d/10-mail.conf | 4 ++-- .../scripts/files/dovecot/conf.d/10-master.conf.tpl | 12 ++++++------ .../scripts/files/postfix/master.cf.tpl | 2 +- 5 files changed, 12 insertions(+), 14 deletions(-) diff --git a/modoboa_installer/config_dict_template.py b/modoboa_installer/config_dict_template.py index fea3b94..a18437d 100644 --- a/modoboa_installer/config_dict_template.py +++ b/modoboa_installer/config_dict_template.py @@ -256,7 +256,7 @@ ConfigDictTemplate = [ }, { "option": "user", - "default": "vmail", + "default": "dovecot", }, { "option": "home_dir", diff --git a/modoboa_installer/scripts/dovecot.py b/modoboa_installer/scripts/dovecot.py index dfac55a..954e391 100644 --- a/modoboa_installer/scripts/dovecot.py +++ b/modoboa_installer/scripts/dovecot.py @@ -91,6 +91,7 @@ class Dovecot(base.Installer): "db_driver": self.db_driver, "mailboxes_owner_uid": pw_mailbox[2], "mailboxes_owner_gid": pw_mailbox[3], + "mailbox_owner": self.mailboxes_owner, "modoboa_user": self.config.get("modoboa", "user"), "modoboa_dbname": self.config.get("modoboa", "dbname"), "modoboa_dbuser": self.config.get("modoboa", "dbuser"), @@ -125,10 +126,7 @@ class Dovecot(base.Installer): utils.exec_cmd("chmod +x /usr/local/bin/postlogin.sh") # Add mailboxes user to dovecot group for modoboa mailbox commands. # See https://github.com/modoboa/modoboa/issues/2157. - system.add_user_to_group( - self.config.get("dovecot", "mailboxes_owner"), - 'dovecot' - ) + system.add_user_to_group(self.mailboxes_owner, 'dovecot') def restart_daemon(self): """Restart daemon process. diff --git a/modoboa_installer/scripts/files/dovecot/conf.d/10-mail.conf b/modoboa_installer/scripts/files/dovecot/conf.d/10-mail.conf index 8e555ea..0512161 100644 --- a/modoboa_installer/scripts/files/dovecot/conf.d/10-mail.conf +++ b/modoboa_installer/scripts/files/dovecot/conf.d/10-mail.conf @@ -104,8 +104,8 @@ namespace inbox { # System user and group used to access mails. If you use multiple, userdb # can override these by returning uid or gid fields. You can use either numbers # or names. -#mail_uid = -#mail_gid = +mail_uid = %{mailboxes_owner_uid} +mail_gid = %{mailboxes_owner_gid} # Group to enable temporarily for privileged operations. Currently this is # used only with INBOX when either its initial creation or dotlocking fails. diff --git a/modoboa_installer/scripts/files/dovecot/conf.d/10-master.conf.tpl b/modoboa_installer/scripts/files/dovecot/conf.d/10-master.conf.tpl index 5552396..604b5d7 100644 --- a/modoboa_installer/scripts/files/dovecot/conf.d/10-master.conf.tpl +++ b/modoboa_installer/scripts/files/dovecot/conf.d/10-master.conf.tpl @@ -92,14 +92,14 @@ service postlogin { service stats { # To allow modoboa to access available cipher list. unix_listener stats-reader { - user = vmail - group = vmail + user = %{mailboxes_owner} + group = %{mailboxes_owner} mode = 0660 } unix_listener stats-writer { - user = vmail - group = vmail + user = %{mailboxes_owner} + group = %{mailboxes_owner} mode = 0660 } } @@ -120,7 +120,7 @@ service auth { # permissions (e.g. 0777 allows everyone full permissions). unix_listener auth-userdb { #mode = 0666 - user = vmail + user = %{mailboxes_owner} #group = } @@ -154,7 +154,7 @@ service dict { # For example: mode=0660, group=vmail and global mail_access_groups=vmail unix_listener dict { mode = 0600 - user = vmail + user = %{mailboxes_owner} #group = } } diff --git a/modoboa_installer/scripts/files/postfix/master.cf.tpl b/modoboa_installer/scripts/files/postfix/master.cf.tpl index b48a5be..af790c1 100644 --- a/modoboa_installer/scripts/files/postfix/master.cf.tpl +++ b/modoboa_installer/scripts/files/postfix/master.cf.tpl @@ -78,7 +78,7 @@ scache unix - - - - 1 scache # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe - flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} + flags=DRhu user=%{dovecot_mailboxes_owner} argv=/usr/bin/maildrop -d ${recipient} # # ==================================================================== # From a6935bba8948bf15e665ff0c13461d97a0212bec Mon Sep 17 00:00:00 2001 From: Spitap Date: Tue, 24 Jan 2023 09:25:18 +0100 Subject: [PATCH 3/4] Simplifeid setup_user Co-Authored-By: Antoine Nguyen --- modoboa_installer/scripts/dovecot.py | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/modoboa_installer/scripts/dovecot.py b/modoboa_installer/scripts/dovecot.py index 954e391..3890997 100644 --- a/modoboa_installer/scripts/dovecot.py +++ b/modoboa_installer/scripts/dovecot.py @@ -32,13 +32,9 @@ class Dovecot(base.Installer): def setup_user(self): """Setup mailbox user.""" + super().setup_user() self.mailboxes_owner = self.app_config["mailboxes_owner"] - if self.config.has_option(self.appname, "home_dir"): - self.home_dir = self.config.get(self.appname, "home_dir") - else: - self.home_dir = None system.create_user(self.mailbox_owner, self.home_dir) - super(Dovecot, self).setup_user() def get_config_files(self): """Additional config files.""" From 81129d287539cfb67fffeb35e15bc8068980d999 Mon Sep 17 00:00:00 2001 From: Spitap Date: Tue, 24 Jan 2023 09:29:51 +0100 Subject: [PATCH 4/4] Removed globally set mail_uid and mail_gid Co-Authored-By: Antoine Nguyen --- modoboa_installer/scripts/files/dovecot/conf.d/10-mail.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modoboa_installer/scripts/files/dovecot/conf.d/10-mail.conf b/modoboa_installer/scripts/files/dovecot/conf.d/10-mail.conf index 0512161..8e555ea 100644 --- a/modoboa_installer/scripts/files/dovecot/conf.d/10-mail.conf +++ b/modoboa_installer/scripts/files/dovecot/conf.d/10-mail.conf @@ -104,8 +104,8 @@ namespace inbox { # System user and group used to access mails. If you use multiple, userdb # can override these by returning uid or gid fields. You can use either numbers # or names. -mail_uid = %{mailboxes_owner_uid} -mail_gid = %{mailboxes_owner_gid} +#mail_uid = +#mail_gid = # Group to enable temporarily for privileged operations. Currently this is # used only with INBOX when either its initial creation or dotlocking fails.