From: Wietse Venema Date: Fri, 18 Nov 2011 05:00:00 +0000 (-0500) Subject: postfix-2.9-20111118 X-Git-Tag: v2.9.0-RC1~26 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ec5ea4ec15b1b9c667d18922dd359bb3dab4a03a;p=thirdparty%2Fpostfix.git postfix-2.9-20111118 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index 31a3b66c5..083a15081 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -17089,6 +17089,17 @@ Apologies for any names omitted. Workaround: don't abort when IPv6 is present but busted. File: util/inet_proto.c. - Portability: Dovecot now officially supports more socket - types for its authentication server. File: + Portability: the Dovecot 2.0 authentication server supports + more socket types for its authentication server. File: xsasl/xsasl_dovecot_server.c. + + Documentation: the Dovecot 2.0 authentication server supports + communication over TCP sockets. Patrick Ben Koetter. File: + proto/SASL_README.html. + +20111118 + + Cleanup: "postconf -M" now supports filtering. For example, + "postconf -M inet" shows only services that listen on the + network, and "postconf -M smtp.unix" shows the SMTP delivery + agent. File: postconf.c. diff --git a/postfix/README_FILES/SASL_README b/postfix/README_FILES/SASL_README index 54c9fb352..77dd9f2e2 100644 --- a/postfix/README_FILES/SASL_README +++ b/postfix/README_FILES/SASL_README @@ -108,8 +108,13 @@ configure and operate the Dovecot authentication server. PPoossttffiixx ttoo DDoovveeccoott SSAASSLL ccoommmmuunniiccaattiioonn Communication between the Postfix SMTP server and Dovecot SASL happens via a -UNIX-domain socket. The socket pathname and the list of mechanisms offered to -Postfix need to be specified on the Dovecot server side in dovecot.conf. +UNIX-domain socket. Additionally, when using Dovecot version 2.0 and later, +communication can take place over a TCP socket. + +UUNNIIXX--ddoommaaiinn ssoocckkeett ccoommmmuunniiccaattiioonn + +The socket pathname and the list of mechanisms offered to Postfix need to be +specified on the Dovecot server side in dovecot.conf. The following example assumes that the Postfix queue is under /var/spool/ postfix/. @@ -138,6 +143,34 @@ Line 3 provides plain and login as mechanisms for the Postfix SMTP server, line Proceed with the section "Enabling SASL authentication and authorization in the Postfix SMTP server" to turn on and use SASL in the Postfix SMTP server. +TTCCPP ssoocckkeett ccoommmmuunniiccaattiioonn + +The TCP port and the list of mechanisms offered to Postfix need to be specified +on the Dovecot server side in 10-auth.conf and 10-master.conf. + +The following examples assume that Postfix should communicate with Dovecot on +TCP port 12345. + + 1 /etc/dovecot/conf.d/10-auth.conf: + 2 auth_mechanisms = plain login + +Line 2 provides plain and login as mechanisms for the Postfix SMTP server. + + 1 /etc/dovecot/conf.d/10-master.conf: + 2 service auth { + 3 unix_listener auth-userdb { + 4 } + 5 inet_listener { + 6 port = 12345 + 7 } + 8 } + +Line 5 creates a new TCP socket and line 6 specifies port 12345 where Dovecot +SASL should wait for Postfix authentication requests. + +Proceed with the section "Enabling SASL authentication and authorization in the +Postfix SMTP server" to turn on and use SASL in the Postfix SMTP server. + CCoonnffiigguurriinngg CCyyrruuss SSAASSLL The Cyrus SASL framework supports a wide variety of applications (POP, IMAP, @@ -646,17 +679,27 @@ dovecot instead of cyrus: /etc/postfix/main.cf: smtpd_sasl_type = dovecot -Additionally set the path where the Postfix SMTP server can find the Dovecot -SASL socket: +Additionally specify how Postfix SMTP server can find the Dovecot +authentication server. This depends on the settings that you have selected in +the section "Postfix to Dovecot SASL communication". + + * If you configured Dovecot for UNIX-domain socket communication, configure + Postfix as follows: /etc/postfix/main.cf: smtpd_sasl_path = private/auth NNoottee - This example uses a pathname relative to the Postfix queue directory, so that it will work whether or not the Postfix SMTP server runs chrooted. + * If you configured Dovecot for TCP socket communication, configure Postfix + as follows (if Dovecot runs on a different machine, replace 127.0.0.1 by + that machine's IP address): + + /etc/postfix/main.cf: + smtpd_sasl_path = inet:127.0.0.1:12345 + EEnnaabblliinngg SSAASSLL aauutthheennttiiccaattiioonn iinn tthhee PPoossttffiixx SSMMTTPP sseerrvveerr Regardless of the SASL implementation type, enabling SMTP authentication in the diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index 101b24f4b..6e8ce5ad1 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -14,6 +14,13 @@ specifies the release date of a stable release or snapshot release. If you upgrade from Postfix 2.7 or earlier, read RELEASE_NOTES-2.8 before proceeding. +Major changes with snapshot 20111118 +==================================== + +The "postconf -M" (display master.cf) command now supports filtering. +For example, specify "postconf -M inet" to display only services +that listen on the network. + Incompatible changes with snapshot 20111113 =========================================== diff --git a/postfix/WISHLIST b/postfix/WISHLIST index aa9f7c5b2..4157fa955 100644 --- a/postfix/WISHLIST +++ b/postfix/WISHLIST @@ -6,10 +6,6 @@ Wish list: Things to do after the stable release: - postconf: add test cases for unused name=value entries in - main.cf and master.cf; add support for per-service parameter - name spaces in master.cf. - TLS_README has the priorities reversed. The section about SMTP client settings begins with an exposition about client certificates, which almost no-one needs. Instead, the text diff --git a/postfix/html/SASL_README.html b/postfix/html/SASL_README.html index cc75f7bc2..eac644919 100644 --- a/postfix/html/SASL_README.html +++ b/postfix/html/SASL_README.html @@ -185,7 +185,13 @@ to configure and operate the Dovecot authentication server.

Postfix to Dovecot SASL communication

Communication between the Postfix SMTP server -and Dovecot SASL happens via a UNIX-domain socket. The socket +and Dovecot SASL happens via a UNIX-domain socket. Additionally, +when using Dovecot version 2.0 and later, communication can take +place over a TCP socket. + +

UNIX-domain socket communication
+ +

The socket pathname and the list of mechanisms offered to Postfix need to be specified on the Dovecot server side in dovecot.conf.

@@ -224,6 +230,46 @@ lines 11-13 limit read+write permissions to user and group SASL authentication and authorization in the Postfix SMTP server" to turn on and use SASL in the Postfix SMTP server.

+
TCP socket communication
+ +

The TCP port and the list of mechanisms offered to Postfix need +to be specified on the Dovecot server side in 10-auth.conf +and 10-master.conf.

+ +

The following examples assume that Postfix should communicate +with Dovecot on TCP port 12345.

+ +
+
+1 /etc/dovecot/conf.d/10-auth.conf:
+2     auth_mechanisms = plain login
+
+
+ +

Line 2 provides plain and login as mechanisms for the Postfix +SMTP server.

+ +
+
+1 /etc/dovecot/conf.d/10-master.conf:
+2     service auth {
+3       unix_listener auth-userdb {
+4       }
+5       inet_listener {
+6         port = 12345
+7       }
+8     }
+
+
+ +

Line 5 creates a new TCP socket and line 6 specifies port 12345 +where Dovecot SASL should wait for Postfix authentication requests. +

+ +

Proceed with the section "Enabling +SASL authentication and authorization in the Postfix SMTP server" +to turn on and use SASL in the Postfix SMTP server.

+

Configuring Cyrus SASL

The Cyrus SASL framework supports a wide variety of applications @@ -1098,17 +1144,20 @@ instead of cyrus:

-

Additionally set the path where the Postfix SMTP server can -find the Dovecot SASL socket:

+

Additionally specify how Postfix SMTP server can find the Dovecot +authentication server. This depends on the settings that you have +selected in the section "Postfix to +Dovecot SASL communication".

+ +

Enabling SASL authentication in the Postfix SMTP server

diff --git a/postfix/html/postconf.1.html b/postfix/html/postconf.1.html index 1b27e795b..652a7becc 100644 --- a/postfix/html/postconf.1.html +++ b/postfix/html/postconf.1.html @@ -10,14 +10,22 @@ POSTCONF(1) POSTCONF(1) postconf - Postfix configuration utility SYNOPSIS - postconf [-dfhnv] [-c config_dir] [parameter ...] + Managing main.cf: - postconf [-aAflmMv] [-c config_dir] + postconf [-dfhnv] [-c config_dir] [parameter ...] postconf [-ev] [-c config_dir] [parameter=value ...] postconf [-#v] [-c config_dir] [parameter ...] + Managing master.cf: + + postconf [-fMv] [-c config_dir] [service ...] + + Managing other configuration: + + postconf [-aAlmv] [-c config_dir] + postconf [-btv] [-c config_dir] [template_file] DESCRIPTION @@ -30,6 +38,12 @@ POSTCONF(1) POSTCONF(1) Options: + -A List the available SASL client plug-in types. The + SASL plug-in type is selected with the + smtp_sasl_type or lmtp_sasl_type configuration + parameters by specifying one of the names listed + below. + -a List the available SASL server plug-in types. The SASL plug-in type is selected with the smtpd_sasl_type configuration parameter by specify- @@ -46,12 +60,6 @@ POSTCONF(1) POSTCONF(1) This feature is available with Postfix 2.3 and later. - -A List the available SASL client plug-in types. The - SASL plug-in type is selected with the - smtp_sasl_type or lmtp_sasl_type configuration - parameters by specifying one of the names listed - below. - cyrus This client plug-in is available when Post- fix is built with Cyrus SASL support. @@ -120,23 +128,40 @@ POSTCONF(1) POSTCONF(1) lock file, as well as stale lock files that were left behind after abnormal termination. + -M Show master.cf file contents instead of main.cf + file contents. Use -Mf to fold long lines for + human readability. + + If service ... is specified, only the matching ser- + vices will be output. For example, a service of + inet will match all services that listen on the + network. + + Specify zero or more argument, each with a service- + type name (inet, unix, fifo, or pass) or with a + service-name.service-type pair, where service-name + is the first field of a master.cf entry. + + This feature is available with Postfix 2.9 and + later. + -m List the names of all supported lookup table types. - In Postfix configuration files, lookup tables are - specified as type:name, where type is one of the - types listed below. The table name syntax depends - on the lookup table type as described in the DATA- + In Postfix configuration files, lookup tables are + specified as type:name, where type is one of the + types listed below. The table name syntax depends + on the lookup table type as described in the DATA- BASE_README document. - btree A sorted, balanced tree structure. This is + btree A sorted, balanced tree structure. This is available on systems with support for Berke- ley DB databases. - cdb A read-optimized structure with no support - for incremental updates. This is available + cdb A read-optimized structure with no support + for incremental updates. This is available on systems with support for CDB databases. - cidr A table that associates values with Class- - less Inter-Domain Routing (CIDR) patterns. + cidr A table that associates values with Class- + less Inter-Domain Routing (CIDR) patterns. This is described in cidr_table(5). dbm An indexed file type based on hashing. This @@ -145,12 +170,12 @@ POSTCONF(1) POSTCONF(1) environ The UNIX process environment array. The - lookup key is the variable name. Originally - implemented for testing, someone may find + lookup key is the variable name. Originally + implemented for testing, someone may find this useful someday. hash An indexed file type based on hashing. This - is available on systems with support for + is available on systems with support for Berkeley DB databases. internal @@ -158,84 +183,77 @@ POSTCONF(1) POSTCONF(1) tent are lost when a process terminates. ldap (read-only) - Perform lookups using the LDAP protocol. + Perform lookups using the LDAP protocol. This is described in ldap_table(5). mysql (read-only) - Perform lookups using the MYSQL protocol. + Perform lookups using the MYSQL protocol. This is described in mysql_table(5). pcre (read-only) A lookup table based on Perl Compatible Reg- - ular Expressions. The file format is + ular Expressions. The file format is described in pcre_table(5). pgsql (read-only) - Perform lookups using the PostgreSQL proto- + Perform lookups using the PostgreSQL proto- col. This is described in pgsql_table(5). proxy (read-only) - A lookup table that is implemented via the - Postfix proxymap(8) service. The table name + A lookup table that is implemented via the + Postfix proxymap(8) service. The table name syntax is type:name. regexp (read-only) A lookup table based on regular expressions. - The file format is described in regexp_ta- + The file format is described in regexp_ta- ble(5). sdbm An indexed file type based on hashing. This - is available on systems with support for + is available on systems with support for SDBM databases. sqlite (read-only) - Perform lookups from SQLite database files. + Perform lookups from SQLite database files. This is described in sqlite_table(5). static (read-only) - A table that always returns its name as - lookup result. For example, static:foobar - always returns the string foobar as lookup + A table that always returns its name as + lookup result. For example, static:foobar + always returns the string foobar as lookup result. tcp (read-only) Perform lookups using a simple request-reply - protocol that is described in tcp_table(5). + protocol that is described in tcp_table(5). texthash (read-only) - Produces similar results as hash: files, + Produces similar results as hash: files, except that you don't need to run the - postmap(1) command before you can use the - file, and that it does not detect changes + postmap(1) command before you can use the + file, and that it does not detect changes after the file is read. unix (read-only) - A limited way to query the UNIX authentica- + A limited way to query the UNIX authentica- tion database. The following tables are implemented: unix:passwd.byname - The table is the UNIX password data- - base. The key is a login name. The - result is a password file entry in + The table is the UNIX password data- + base. The key is a login name. The + result is a password file entry in passwd(5) format. unix:group.byname The table is the UNIX group database. - The key is a group name. The result - is a group file entry in group(5) + The key is a group name. The result + is a group file entry in group(5) format. - Other table types may exist depending on how Post- + Other table types may exist depending on how Post- fix was built. - -M Show master.cf file contents instead of main.cf - file contents. Combine with -f to fold long lines - for human readability. - - This feature is available with Postfix 2.9 and - later. - -n Print main.cf parameter settings that are explic- itly specified in main.cf. diff --git a/postfix/man/man1/postconf.1 b/postfix/man/man1/postconf.1 index 28d35f71b..d9917185c 100644 --- a/postfix/man/man1/postconf.1 +++ b/postfix/man/man1/postconf.1 @@ -9,17 +9,26 @@ Postfix configuration utility .na .nf .fi +\fBManaging main.cf:\fR + \fBpostconf\fR [\fB-dfhnv\fR] [\fB-c \fIconfig_dir\fR] [\fIparameter ...\fR] -\fBpostconf\fR [\fB-aAflmMv\fR] [\fB-c \fIconfig_dir\fR] - \fBpostconf\fR [\fB-ev\fR] [\fB-c \fIconfig_dir\fR] [\fIparameter=value ...\fR] \fBpostconf\fR [\fB-#v\fR] [\fB-c \fIconfig_dir\fR] [\fIparameter ...\fR] +\fBManaging master.cf:\fR + +\fBpostconf\fR [\fB-fMv\fR] [\fB-c \fIconfig_dir\fR] +[\fIservice ...\fR] + +\fBManaging other configuration:\fR + +\fBpostconf\fR [\fB-aAlmv\fR] [\fB-c \fIconfig_dir\fR] + \fBpostconf\fR [\fB-btv\fR] [\fB-c \fIconfig_dir\fR] [\fItemplate_file\fR] .SH DESCRIPTION .ad @@ -32,6 +41,11 @@ parameter values, or display other configuration information about the Postfix mail system. Options: +.IP \fB-A\fR +List the available SASL client plug-in types. The SASL +plug-in type is selected with the \fBsmtp_sasl_type\fR or +\fBlmtp_sasl_type\fR configuration parameters by specifying +one of the names listed below. .IP \fB-a\fR List the available SASL server plug-in types. The SASL plug-in type is selected with the \fBsmtpd_sasl_type\fR @@ -48,11 +62,6 @@ support. .RE .IP This feature is available with Postfix 2.3 and later. -.IP \fB-A\fR -List the available SASL client plug-in types. The SASL -plug-in type is selected with the \fBsmtp_sasl_type\fR or -\fBlmtp_sasl_type\fR configuration parameters by specifying -one of the names listed below. .RS .IP \fBcyrus\fR This client plug-in is available when Postfix is built with @@ -109,6 +118,21 @@ named \fIfilename\fR by creating a file named \fIfilename\fB.lock\fR. The application is expected to remove its own lock file, as well as stale lock files that were left behind after abnormal termination. .RE +.IP \fB-M\fR +Show \fBmaster.cf\fR file contents instead of \fBmain.cf\fR +file contents. Use \fB-Mf\fR to fold long lines for human +readability. + +If \fIservice ...\fR is specified, only the matching services +will be output. For example, a service of \fBinet\fR will +match all services that listen on the network. + +Specify zero or more argument, each with a \fIservice-type\fR +name (\fBinet\fR, \fBunix\fR, \fBfifo\fR, or \fBpass\fR) +or with a \fIservice-name.service-type\fR pair, where +\fIservice-name\fR is the first field of a master.cf entry. + +This feature is available with Postfix 2.9 and later. .IP \fB-m\fR List the names of all supported lookup table types. In Postfix configuration files, @@ -191,12 +215,6 @@ The result is a group file entry in \fBgroup\fR(5) format. .RE .IP Other table types may exist depending on how Postfix was built. -.IP \fB-M\fR -Show \fBmaster.cf\fR file contents instead of \fBmain.cf\fR -file contents. Combine with \fB-f\fR to fold long lines -for human readability. - -This feature is available with Postfix 2.9 and later. .IP \fB-n\fR Print \fBmain.cf\fR parameter settings that are explicitly specified in \fBmain.cf\fR. diff --git a/postfix/proto/SASL_README.html b/postfix/proto/SASL_README.html index d73ae7726..75af77747 100644 --- a/postfix/proto/SASL_README.html +++ b/postfix/proto/SASL_README.html @@ -185,7 +185,13 @@ to configure and operate the Dovecot authentication server.

Postfix to Dovecot SASL communication

Communication between the Postfix SMTP server -and Dovecot SASL happens via a UNIX-domain socket. The socket +and Dovecot SASL happens via a UNIX-domain socket. Additionally, +when using Dovecot version 2.0 and later, communication can take +place over a TCP socket. + +

UNIX-domain socket communication
+ +

The socket pathname and the list of mechanisms offered to Postfix need to be specified on the Dovecot server side in dovecot.conf.

@@ -224,6 +230,46 @@ lines 11-13 limit read+write permissions to user and group SASL authentication and authorization in the Postfix SMTP server" to turn on and use SASL in the Postfix SMTP server.

+
TCP socket communication
+ +

The TCP port and the list of mechanisms offered to Postfix need +to be specified on the Dovecot server side in 10-auth.conf +and 10-master.conf.

+ +

The following examples assume that Postfix should communicate +with Dovecot on TCP port 12345.

+ +
+
+1 /etc/dovecot/conf.d/10-auth.conf:
+2     auth_mechanisms = plain login
+
+
+ +

Line 2 provides plain and login as mechanisms for the Postfix +SMTP server.

+ +
+
+1 /etc/dovecot/conf.d/10-master.conf:
+2     service auth {
+3       unix_listener auth-userdb {
+4       }
+5       inet_listener {
+6         port = 12345
+7       }
+8     }
+
+
+ +

Line 5 creates a new TCP socket and line 6 specifies port 12345 +where Dovecot SASL should wait for Postfix authentication requests. +

+ +

Proceed with the section "Enabling +SASL authentication and authorization in the Postfix SMTP server" +to turn on and use SASL in the Postfix SMTP server.

+

Configuring Cyrus SASL

The Cyrus SASL framework supports a wide variety of applications @@ -1098,17 +1144,20 @@ instead of cyrus:

-

Additionally set the path where the Postfix SMTP server can -find the Dovecot SASL socket:

+

Additionally specify how Postfix SMTP server can find the Dovecot +authentication server. This depends on the settings that you have +selected in the section "Postfix to +Dovecot SASL communication".

+ +

Enabling SASL authentication in the Postfix SMTP server

diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 47907172b..524fbc480 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20111117" +#define MAIL_RELEASE_DATE "20111118" #define MAIL_VERSION_NUMBER "2.9" #ifdef SNAPSHOT diff --git a/postfix/src/global/match_service.c b/postfix/src/global/match_service.c index 3c47df75d..353c4c504 100644 --- a/postfix/src/global/match_service.c +++ b/postfix/src/global/match_service.c @@ -9,6 +9,9 @@ /* ARGV *match_service_init(pattern_list) /* const char *pattern_list; /* +/* ARGV *match_service_init_argv(pattern_list) +/* char **pattern_list; +/* /* int match_service_match(list, name_type) /* ARGV *list; /* const char *name_type; @@ -34,6 +37,9 @@ /* match_service_init() parses the pattern list. The result /* must be passed to match_service_match() or match_service_free(). /* +/* match_service_init_argv() provides an alternate interface +/* for pre-parsed strings. +/* /* match_service_match() matches one service name.type string /* against the specified pattern list. /* @@ -83,12 +89,25 @@ ARGV *match_service_init(const char *patterns) const char *item; while ((item = mystrtok(&bp, delim)) != 0) - argv_add(list, item, (char *) 0); + argv_add(list, item, (char *) 0); argv_terminate(list); myfree(saved_patterns); return (list); } +/* match_service_init_argv - impedance adapter */ + +ARGV *match_service_init_argv(char **patterns) +{ + ARGV *list = argv_alloc(1); + char **cpp; + + for (cpp = patterns; *cpp; cpp++) + argv_add(list, *cpp, (char *) 0); + argv_terminate(list); + return (list); +} + /* match_service_match - match service name.type against pattern list */ int match_service_match(ARGV *list, const char *name_type) diff --git a/postfix/src/global/match_service.h b/postfix/src/global/match_service.h index 1e343336d..28828e15f 100644 --- a/postfix/src/global/match_service.h +++ b/postfix/src/global/match_service.h @@ -14,6 +14,7 @@ /* External interface. */ extern ARGV *match_service_init(const char *); +extern ARGV *match_service_init_argv(char **); extern int match_service_match(ARGV *, const char *); extern void match_service_free(ARGV *); diff --git a/postfix/src/postconf/Makefile.in b/postfix/src/postconf/Makefile.in index eec7626a8..63701be54 100644 --- a/postfix/src/postconf/Makefile.in +++ b/postfix/src/postconf/Makefile.in @@ -36,7 +36,7 @@ Makefile: Makefile.in test: $(TESTPROG) -tests: test1 test2 test3 test4 test5 test6 test7 test8 +tests: test1 test2 test3 test4 test5 test6 test7 test8 test9 test10 test11 root_tests: @@ -142,6 +142,33 @@ test8: $(PROG) test8.ref diff test8.ref test8.tmp rm -f main.cf master.cf test8.tmp +test9: $(PROG) test9.ref + rm -f main.cf master.cf + touch main.cf master.cf + echo foo inet - n n - 0 spawn >> master.cf + echo bar unix - n n - 0 spawn >> master.cf + ./$(PROG) -c . -M inet >test9.tmp 2>&1 + diff test9.ref test9.tmp + rm -f main.cf master.cf test9.tmp + +test10: $(PROG) test10.ref + rm -f main.cf master.cf + touch main.cf master.cf + echo foo inet - n n - 0 spawn >> master.cf + echo bar unix - n n - 0 spawn >> master.cf + ./$(PROG) -c . -M bar.inet foo.unix >test10.tmp 2>&1 + diff test10.ref test10.tmp + rm -f main.cf master.cf test10.tmp + +test11: $(PROG) test11.ref + rm -f main.cf master.cf + touch main.cf master.cf + echo foo inet - n n - 0 spawn >> master.cf + echo bar unix - n n - 0 spawn >> master.cf + ./$(PROG) -c . -M >test11.tmp 2>&1 + diff test11.ref test11.tmp + rm -f main.cf master.cf test11.tmp + printfck: $(OBJS) $(PROG) rm -rf printfck mkdir printfck @@ -188,6 +215,7 @@ postconf.o: ../../include/mail_proto.h postconf.o: ../../include/mail_run.h postconf.o: ../../include/mail_version.h postconf.o: ../../include/master_proto.h +postconf.o: ../../include/match_service.h postconf.o: ../../include/mbox_conf.h postconf.o: ../../include/msg.h postconf.o: ../../include/msg_vstream.h diff --git a/postfix/src/postconf/postconf.c b/postfix/src/postconf/postconf.c index cbc079be1..b6ca2da63 100644 --- a/postfix/src/postconf/postconf.c +++ b/postfix/src/postconf/postconf.c @@ -5,17 +5,26 @@ /* Postfix configuration utility /* SYNOPSIS /* .fi +/* \fBManaging main.cf:\fR +/* /* \fBpostconf\fR [\fB-dfhnv\fR] [\fB-c \fIconfig_dir\fR] /* [\fIparameter ...\fR] /* -/* \fBpostconf\fR [\fB-aAflmMv\fR] [\fB-c \fIconfig_dir\fR] -/* /* \fBpostconf\fR [\fB-ev\fR] [\fB-c \fIconfig_dir\fR] /* [\fIparameter=value ...\fR] /* /* \fBpostconf\fR [\fB-#v\fR] [\fB-c \fIconfig_dir\fR] /* [\fIparameter ...\fR] /* +/* \fBManaging master.cf:\fR +/* +/* \fBpostconf\fR [\fB-fMv\fR] [\fB-c \fIconfig_dir\fR] +/* [\fIservice ...\fR] +/* +/* \fBManaging other configuration:\fR +/* +/* \fBpostconf\fR [\fB-aAlmv\fR] [\fB-c \fIconfig_dir\fR] +/* /* \fBpostconf\fR [\fB-btv\fR] [\fB-c \fIconfig_dir\fR] [\fItemplate_file\fR] /* DESCRIPTION /* By default, the \fBpostconf\fR(1) command displays the @@ -26,6 +35,11 @@ /* about the Postfix mail system. /* /* Options: +/* .IP \fB-A\fR +/* List the available SASL client plug-in types. The SASL +/* plug-in type is selected with the \fBsmtp_sasl_type\fR or +/* \fBlmtp_sasl_type\fR configuration parameters by specifying +/* one of the names listed below. /* .IP \fB-a\fR /* List the available SASL server plug-in types. The SASL /* plug-in type is selected with the \fBsmtpd_sasl_type\fR @@ -42,11 +56,6 @@ /* .RE /* .IP /* This feature is available with Postfix 2.3 and later. -/* .IP \fB-A\fR -/* List the available SASL client plug-in types. The SASL -/* plug-in type is selected with the \fBsmtp_sasl_type\fR or -/* \fBlmtp_sasl_type\fR configuration parameters by specifying -/* one of the names listed below. /* .RS /* .IP \fBcyrus\fR /* This client plug-in is available when Postfix is built with @@ -103,6 +112,21 @@ /* The application is expected to remove its own lock file, as well as /* stale lock files that were left behind after abnormal termination. /* .RE +/* .IP \fB-M\fR +/* Show \fBmaster.cf\fR file contents instead of \fBmain.cf\fR +/* file contents. Use \fB-Mf\fR to fold long lines for human +/* readability. +/* +/* If \fIservice ...\fR is specified, only the matching services +/* will be output. For example, a service of \fBinet\fR will +/* match all services that listen on the network. +/* +/* Specify zero or more argument, each with a \fIservice-type\fR +/* name (\fBinet\fR, \fBunix\fR, \fBfifo\fR, or \fBpass\fR) +/* or with a \fIservice-name.service-type\fR pair, where +/* \fIservice-name\fR is the first field of a master.cf entry. +/* +/* This feature is available with Postfix 2.9 and later. /* .IP \fB-m\fR /* List the names of all supported lookup table types. In Postfix /* configuration files, @@ -185,12 +209,6 @@ /* .RE /* .IP /* Other table types may exist depending on how Postfix was built. -/* .IP \fB-M\fR -/* Show \fBmaster.cf\fR file contents instead of \fBmain.cf\fR -/* file contents. Combine with \fB-f\fR to fold long lines -/* for human readability. -/* -/* This feature is available with Postfix 2.9 and later. /* .IP \fB-n\fR /* Print \fBmain.cf\fR parameter settings that are explicitly /* specified in \fBmain.cf\fR. @@ -313,6 +331,7 @@ #include #include #include +#include /* XSASL library. */ @@ -496,6 +515,19 @@ static const CONFIG_STR_FN_TABLE str_fn_table_2[] = { #define DEF_MODE SHOW_NAME static int cmd_mode = DEF_MODE; +/* set_config_dir - forcibly override var_config_dir */ + +static void set_config_dir(void) +{ + char *config_dir; + + if (var_config_dir) + myfree(var_config_dir); + var_config_dir = mystrdup((config_dir = safe_getenv(CONF_ENV_PATH)) != 0 ? + config_dir : DEF_CONFIG_DIR); /* XXX */ + set_mail_conf_str(VAR_CONFIG_DIR, var_config_dir); +} + /* check_myhostname - lookup hostname and validate */ static const char *check_myhostname(void) @@ -584,7 +616,6 @@ static const char *check_mynetworks(void) static void edit_parameters(int cmd_mode, int argc, char **argv) { - char *config_dir; char *path; EDIT_FILE *ep; VSTREAM *src; @@ -636,20 +667,12 @@ static void edit_parameters(int cmd_mode, int argc, char **argv) htable_enter(table, edit_key, (char *) cvalue); } - /* - * XXX Avoid code duplication by better code decomposition. - */ - if (var_config_dir) - myfree(var_config_dir); - var_config_dir = mystrdup((config_dir = safe_getenv(CONF_ENV_PATH)) != 0 ? - config_dir : DEF_CONFIG_DIR); /* XXX */ - set_mail_conf_str(VAR_CONFIG_DIR, var_config_dir); - /* * Open a temp file for the result. This uses a deterministic name so we * don't leave behind thrash with random names. */ - path = concatenate(var_config_dir, "/", "main.cf", (char *) 0); + set_config_dir(); + path = concatenate(var_config_dir, "/", MAIN_CONF_FILE, (char *) 0); if ((ep = edit_file_open(path, O_CREAT | O_WRONLY, 0644)) == 0) msg_fatal("open %s%s: %m", path, EDIT_FILE_SUFFIX); dst = ep->tmp_fp; @@ -732,19 +755,6 @@ static void edit_parameters(int cmd_mode, int argc, char **argv) htable_free(table, myfree); } -/* set_config_dir - forcibly override var_config_dir */ - -static void set_config_dir(void) -{ - char *config_dir; - - if (var_config_dir) - myfree(var_config_dir); - var_config_dir = mystrdup((config_dir = safe_getenv(CONF_ENV_PATH)) != 0 ? - config_dir : DEF_CONFIG_DIR); /* XXX */ - set_mail_conf_str(VAR_CONFIG_DIR, var_config_dir); -} - /* read_parameters - read parameter info from file */ static void read_parameters(void) @@ -757,7 +767,7 @@ static void read_parameters(void) */ dict_unknown_allowed = 1; set_config_dir(); - path = concatenate(var_config_dir, "/", "main.cf", (char *) 0); + path = concatenate(var_config_dir, "/", MAIN_CONF_FILE, (char *) 0); dict_load_file(CONFIG_DICT, path); myfree(path); } @@ -982,7 +992,6 @@ static void add_user_parameter(const char *name) /* scan_user_parameter_value - extract macro names from parameter value */ -#ifdef MAC_EXP_FLAG_SCAN #define NO_SCAN_RESULT ((VSTRING *) 0) #define NO_SCAN_FILTER ((char *) 0) #define NO_SCAN_MODE (0) @@ -992,9 +1001,6 @@ static void add_user_parameter(const char *name) (void) mac_expand(NO_SCAN_RESULT, (value), MAC_EXP_FLAG_SCAN, \ NO_SCAN_FILTER, check_user_parameter, NO_SCAN_CONTEXT); \ } while (0) -#else -#define scan_user_parameter_value(value) do { /* void */; } while (0) -#endif /* check_user_parameter - try to promote user-defined parameter */ @@ -1650,12 +1656,10 @@ static void show_locks(void) argv_free(locks_argv); } -/* show_master - show master.cf entries */ +/* print_master_line - print one master line */ -static void show_master(int mode) +static void print_master_line(int mode, ARGV *argv) { - ARGV **argvp; - ARGV *argv; char *arg; char *aval; int line_len; @@ -1677,77 +1681,109 @@ static void show_master(int mode) while (0) #define ADD_SPACE ADD_TEXT(" ", 1) - for (argvp = master_table; (argv = *argvp) != 0; argvp++) { - - /* - * Show the standard fields at their preferred column position. Use - * single-space separation when some field does not fit. - */ - for (line_len = 0, field = 0; field < MASTER_FIELD_COUNT; field++) { - arg = argv->argv[field]; - if (line_len > 0) { - while (line_len < column_goal[field] - 1) - ADD_SPACE; + /* + * Show the standard fields at their preferred column position. Use + * single-space separation when some field does not fit. + */ + for (line_len = 0, field = 0; field < MASTER_FIELD_COUNT; field++) { + arg = argv->argv[field]; + if (line_len > 0) { + while (line_len < column_goal[field] - 1) ADD_SPACE; - } - ADD_TEXT(arg, strlen(arg)); + ADD_SPACE; } + ADD_TEXT(arg, strlen(arg)); + } - /* - * Format the daemon command-line options and non-option arguments. - * Here, we have no data-dependent preference for column positions, - * but we do have argument grouping preferences. - */ - in_daemon_options = 1; - for ( /* void */ ; argv->argv[field] != 0; field++) { - arg = argv->argv[field]; - if (in_daemon_options) { - - /* - * Try to show the generic options (-v -D) on the first line, - * and non-options on a later line. - */ - if (arg[0] != '-') { - in_daemon_options = 0; - if ((mode & FOLD_LINE) - && line_len > column_goal[MASTER_FIELD_COUNT - 1]) { - vstream_fputs("\n" INDENT_TEXT, VSTREAM_OUT); - line_len = INDENT_LEN; - } - } + /* + * Format the daemon command-line options and non-option arguments. Here, + * we have no data-dependent preference for column positions, but we do + * have argument grouping preferences. + */ + in_daemon_options = 1; + for ( /* void */ ; argv->argv[field] != 0; field++) { + arg = argv->argv[field]; + if (in_daemon_options) { - /* - * Try to avoid breaking "-o name=value" over multiple lines - * if it would fit on one line. - */ - else if ((mode & FOLD_LINE) - && line_len > INDENT_LEN && strcmp(arg, "-o") == 0 - && (aval = argv->argv[field + 1]) != 0 - && INDENT_LEN + 3 + strlen(aval) < LINE_LIMIT) { + /* + * Try to show the generic options (-v -D) on the first line, and + * non-options on a later line. + */ + if (arg[0] != '-') { + in_daemon_options = 0; + if ((mode & FOLD_LINE) + && line_len > column_goal[MASTER_FIELD_COUNT - 1]) { vstream_fputs("\n" INDENT_TEXT, VSTREAM_OUT); line_len = INDENT_LEN; - ADD_TEXT(arg, strlen(arg)); - arg = aval; - field += 1; } } /* - * Insert a line break when the next argument won't fit (unless, - * of course, we just inserted a line break). + * Try to avoid breaking "-o name=value" over multiple lines if + * it would fit on one line. */ - if (line_len > INDENT_LEN) { - if ((mode & FOLD_LINE) == 0 - || line_len + 1 + strlen(arg) < LINE_LIMIT) { - ADD_SPACE; - } else { - vstream_fputs("\n" INDENT_TEXT, VSTREAM_OUT); - line_len = INDENT_LEN; - } + else if ((mode & FOLD_LINE) + && line_len > INDENT_LEN && strcmp(arg, "-o") == 0 + && (aval = argv->argv[field + 1]) != 0 + && INDENT_LEN + 3 + strlen(aval) < LINE_LIMIT) { + vstream_fputs("\n" INDENT_TEXT, VSTREAM_OUT); + line_len = INDENT_LEN; + ADD_TEXT(arg, strlen(arg)); + arg = aval; + field += 1; } - ADD_TEXT(arg, strlen(arg)); } - vstream_fputs("\n", VSTREAM_OUT); + + /* + * Insert a line break when the next argument won't fit (unless, of + * course, we just inserted a line break). + */ + if (line_len > INDENT_LEN) { + if ((mode & FOLD_LINE) == 0 + || line_len + 1 + strlen(arg) < LINE_LIMIT) { + ADD_SPACE; + } else { + vstream_fputs("\n" INDENT_TEXT, VSTREAM_OUT); + line_len = INDENT_LEN; + } + } + ADD_TEXT(arg, strlen(arg)); + } + vstream_fputs("\n", VSTREAM_OUT); +} + +/* show_master - show master.cf entries */ + +static void show_master(int mode, char **filters) +{ + ARGV **argvp; + ARGV *argv; + VSTRING *service_name = 0; + ARGV *service_filter = 0; + + /* + * Initialize the service filter. + */ + if (filters[0]) { + service_name = vstring_alloc(10); + service_filter = match_service_init_argv(filters); + } + + /* + * Iterate over the master table. + */ + for (argvp = master_table; (argv = *argvp) != 0; argvp++) { + if (service_filter) { + vstring_sprintf(service_name, "%s.%s", + argv->argv[0], argv->argv[1]); + if (match_service_match(service_filter, STR(service_name)) == 0) + continue; + } + print_master_line(mode, argv); + } + if (service_filter) { + argv_free(service_filter); + vstring_free(service_name); } } @@ -2004,7 +2040,7 @@ int main(int argc, char **argv) */ else if (cmd_mode & SHOW_MASTER) { read_master(); - show_master(cmd_mode); + show_master(cmd_mode, argv + optind); } /* @@ -2056,12 +2092,10 @@ int main(int argc, char **argv) * because that ignores all the user-specified parameters and * user-specified macro expansions in main.cf. */ -#ifdef MAC_EXP_FLAG_SCAN if ((cmd_mode & SHOW_DEFS) == 0) { flag_unused_main_parameters(); flag_unused_master_parameters(); } -#endif } vstream_fflush(VSTREAM_OUT); exit(0); diff --git a/postfix/src/postconf/test10.ref b/postfix/src/postconf/test10.ref new file mode 100644 index 000000000..e69de29bb diff --git a/postfix/src/postconf/test11.ref b/postfix/src/postconf/test11.ref new file mode 100644 index 000000000..c4cc727a2 --- /dev/null +++ b/postfix/src/postconf/test11.ref @@ -0,0 +1,2 @@ +foo inet - n n - 0 spawn +bar unix - n n - 0 spawn diff --git a/postfix/src/postconf/test9.ref b/postfix/src/postconf/test9.ref new file mode 100644 index 000000000..b62303fec --- /dev/null +++ b/postfix/src/postconf/test9.ref @@ -0,0 +1 @@ +foo inet - n n - 0 spawn