install/mailsystem
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
20da412413553e3e12f7d02f67b4d789444d0f53
mailsystem/install_opendkim.sh

821 lines
24 KiB
Bash
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/env bash
clear
echo -e "\n \033[32mStart Installation of OpenDKIM..\033[m"
# -------------
# - Settings
# -------------
#_src_base_dir="$(realpath $(dirname $0))"
#conf_file="${_src_base_dir}/conf/install_opendkim.conf"
log_file="$(mktemp)"
backup_date="$(date +%Y-%m-%d-%H%M)"
_opendkim_packages="opendkim opendkim-tools"
opendkim_base_dir="/etc/opendkim"
opendkim_key_dir="${opendkim_base_dir}/keys"
opendkim_conf_file="/etc/opendkim.conf"
postfix_spool_dir="/var/spool/postfix"
opendkim_socket_dir="${postfix_spool_dir}/opendkim"
opendkim_socket_file="${opendkim_socket_dir}/opendkim.sock"
postfix_needs_restart=false
opendkim_needs_restart=false
# -------------
# --- Some functions
# -------------
echononl(){
echo X\\c > /tmp/shprompt$$
if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then
echo -e -n "$*\\c" 1>&2
else
echo -e -n "$*" 1>&2
fi
rm /tmp/shprompt$$
}
fatal(){
echo ""
echo -e "fatal error: $*"
echo ""
echo -e "\t\033[31m\033[1mInstalllation will be interrupted\033[m\033[m"
echo ""
exit 1
}
error(){
echo ""
echo -e "\t[ \033[31m\033[1mFehler\033[m ]: $*"
echo ""
}
warn (){
echo ""
echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*"
echo ""
}
info (){
echo ""
echo -e "\t[ \033[32m\033[1mInfo\033[m ]: $*"
echo ""
}
echo_done() {
echo -e "\033[80G[ \033[32mdone\033[m ]"
}
echo_ok() {
echo -e "\033[80G[ \033[32mok\033[m ]"
}
echo_warning() {
echo -e "\033[80G[ \033[33m\033[1mwarn\033[m ]"
}
echo_failed(){
echo -e "\033[80G[ \033[1;31mfailed\033[m ]"
}
echo_skipped() {
echo -e "\033[80G[ \033[37mskipped\033[m ]"
}
# -------------
# - Some pre-installation tasks
# -------------
# - Is 'systemd' supported on this system
# -
SYSTEMD_EXISTS=false
systemd=$(which systemd)
systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
SYSTEMD_EXISTS=true
fi
# =============
# - Start Installation
# =============
echo ""
# - Synchronise package index files with the repository
# -
echononl " Synchronise package index files with the repository.."
apt-get update > "$log_file" 2>&1
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
# - Install OpenDKIM
# -
echononl " Install needed debian packages.."
opendkim_packages=""
packages_installed=false
for _pkg in $_opendkim_packages ; do
if aptitude search "$_pkg" | grep " $_pkg " | grep -e "^i" > /dev/null 2>&1 ; then
continue
else
opendkim_packages="$opendkim_packages $_pkg"
fi
done
if [[ -n "$opendkim_packages" ]]; then
DEBIAN_FRONTEND=noninteractive apt-get -y install $opendkim_packages > /dev/null 2> "$log_file"
packages_installed=true
opendkim_needs_restart=true
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
else
echo_skipped
fi
# - Add user 'postfix' to group 'opendkim'
# -
echononl " Add user 'postfix' to group 'opendkim'.."
if grep opendkim /etc/group | grep -q postfix 2> /dev/null ; then
echo_skipped
else
adduser postfix opendkim > "$log_file" 2>&1
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
# - Save configuration file from distribution
# -
echononl " Save configuration file from distribution"
if $packages_installed ; then
cp -a $opendkim_conf_file $opendkim_conf_file.ORIG 2> "$log_file"
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
else
echo_skipped
fi
echononl " Backup existing file '${opendkim_conf_file}'.."
if [[ -f "${opendkim_conf_file}" ]] ; then
mv "${opendkim_conf_file}" "${opendkim_conf_file}.${backup_date}"
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
else
echo_skipped
fi
# - Create OpenDKIM configuration
# -
echononl " Create OpenDKIM configuration"
if [[ -f "$opendkim_conf_file" ]] \
&& grep -i -q -E "^\s*Socket\s+local:$opendkim_socket_file" "$opendkim_conf_file" \
&& grep -i -q -E "^\s*SigningTable.*${opendkim_base_dir}/signing.table" "$opendkim_conf_file" \
&& grep -i -q -E "^\s*KeyTable.*${opendkim_base_dir}/key.table" "$opendkim_conf_file" ; then
echo_skipped
warn "OpenDKIM seems already be configured."
else
cat <<EOF > $opendkim_conf_file 2> $log_file
# Datei $opendkim_conf_file
# AuthservID (string)
#
# Sets the "authserv-id" to use when generating the Authentication-Results:
# header field after verifying a message. The default is to use the name of
# the MTA processing the message. If the string "HOSTNAME" is provided, the
# name of the host running the filter (as returned by the gethostname(3)
# function) will be used.
AuthservID HOSTNAME
# Mode (string)
#
# OpenDKIM agiert als Mail Filter (= Milter) in den
# Modi signer (s) und verifier (v) und verwendet eine
# Socket-Datei zur Kommunikation (alternativ: lokaler Port)
Mode sv
# Socket (string)
#
# Specifies the socket that should be established by the filter to receive
# connections from sendmail(8) in order to provide service. socketspec is
# in one of two forms: local:path, which creates a UNIX domain socket at
# the specified path, or inet:port[@host] or inet6:port[@host] which
# creates a TCP socket on the specified port and in the specified protocol
# family. If the host is not given as either a hostname or an IP address,
# the socket will be listening on all interfaces. A literal IP address must
# be enclosed in square brackets. This option is mandatory either in the
# configuration file or on the command line.
#
# Socket local:/var/run/opendkim/opendkim.sock
# Socket local:$opendkim_socket_file
# Socket inet:12345@localhost
Socket local:$opendkim_socket_file
# UserID (string)
#
# Attempts to become the specified userid before starting operations. The
# value is of the form userid[:group]. The process will be assigned all of
# the groups and primary group ID of the named userid unless an alternate
# group is specified.
UserID opendkim:opendkim
# UMask (integer)
#
#Requests a specific permissions mask to be used for file creation. This
# only really applies to creation of the socket when Socket specifies a UNIX
# domain socket, and to the PidFile (if any); temporary files are created by
# the mkstemp(3) function that enforces a specific file mode on creation
# regardless of the process umask. See umask(2) for more information.
#
UMask 002
# PidFile (string)
#
# Specifies the path to a file that should be created at process start
# containing the process ID.
PidFile /var/run/opendkim/opendkim.pid
# AutoRestart (Boolean)
#
# Automatically re-start on failures. Use with caution; if the filter fails
# instantly after it starts, this can cause a tight fork(2) loop.
AutoRestart yes
# AutoRestartRate (string)
#
# Sets the maximum automatic restart rate. If the filter begins restarting
# faster than the rate defined here, it will give up and terminate. This is
# a string of the form n/t[u] where n is an integer limiting the count of
# restarts in the given interval and t[u] defines the time interval through
# which the rate is calculated; t is an integer and u defines the units thus
# represented ("s" or "S" for seconds, the default; "m" or "M" for minutes;
# "h" or "H" for hours; "d" or "D" for days). For example, a value of "10/1h"
# limits the restarts to 10 in one hour. There is no default, meaning restart
# rate is not limited.
AutoRestartRate 10/1h
# Syslog (Boolean)
#
# Log via calls to syslog(3) any interesting activity.
Syslog yes
# SyslogSuccess (Boolean)
#
# Log via calls to syslog(3) additional entries indicating successful signing
# or verification of messages.
SyslogSuccess yes
# LogWhy (boolean)
#
# If logging is enabled (see Syslog below), issues very detailed logging
# about the logic behind the filters decision to either sign a message or
# verify it. The logic behind the decision is non-trivial and can be confusing
# to administrators not familiar with its operation. A description of how the
# decision is made can be found in the OPERATIONS section of the opendkim(8)
# man page. This causes a large increase in the amount of log data generated
# for each message, so it should be limited to debugging use and not enabled
# for general operation.
LogWhy yes
# Verfahren, wie Header und Body durch
# OpenDKIM verarbeitet werden sollen.
Canonicalization relaxed/simple
# ExternalIgnoreList (dataset)
#
# Identifies a set of "external" hosts that may send mail through the server
# as one of the signing domains without credentials as such. This has the
# effect of suppressing the "external host (hostname) tried to send mail as
# (domain)" log messages. Entries in the data set should be of the same form
# as those of the PeerList option below. The set is empty by default.
ExternalIgnoreList refile:${opendkim_base_dir}/trusted
# InternalHosts (dataset)
#
# Identifies a set internal hosts whose mail should be signed rather than
# verified. Entries in this data set follow the same form as those of the
# PeerList option below. If not specified, the default of "127.0.0.1" is applied.
# Naturally, providing a value here overrides the default, so if mail from
# 127.0.0.1 should be signed, the list provided here should include that address
# explicitly.
InternalHosts refile:${opendkim_base_dir}/trusted
# SigningTable (dataset)
#
# Defines a table used to select one or more signatures to apply to a message
# based on the address found in the From: header field. Keys in this table vary
# depending on the type of table used; values in this data set should include
# one field that contains a name found in the KeyTable (see above) that
# identifies which key should be used in generating the signature, and an
# optional second field naming the signer of the message that will be included
# in the "i=" tag in the generated signature. Note that the "i=" value will not
# be included in the signature if it conflicts with the signing domain
# (the "d=" value).
#
# If the first field contains only a "%" character, it will be replaced by the
# domain found in the From: header field. Similarly, within the optional second
# field, any "%" character will be replaced by the domain found in the From:
# header field.
#
# If this table specifies a regular expression file ("refile"), then the keys are
# wildcard patterns that are matched against the address found in the From:
# header field. Entries are checked in the order in which they appear in the file.
#
# For all other database types, the full user@host is checked first, then simply
# host, then user@.domain (with all superdomains checked in sequence, so
# "foo.example.com" would first check "user@foo.example.com", then "user@.example.com",
# then "user@.com"), then .domain, then user@*, and finally *.
SigningTable refile:${opendkim_base_dir}/signing.table
# KeyTable (dataset)
#
# Gives the location of a file mapping key names to signing keys. If present,
# overrides any KeyFile setting in the configuration file. The data set named here
# maps each key name to three values: (a) the name of the domain to use in the
# signature's "d=" value; (b) the name of the selector to use in the signature's
# "s=" value; and (c) either a private key or a path to a file containing a private
# key. If the first value consists solely of a percent sign ("%") character, it
# will be replaced by the apparent domain of the sender when generating a signature.
# If the third value starts with a slash ("/") character, or "./" or "../", then it
# is presumed to refer to a file from which the private key should be read, otherwise
# it is itself a PEM-encoded private key or a base64-encoded DER private key; a "%"
# in the third value in this case will be replaced by the apparent domain name of
# the sender. The SigningTable (see below) is used to select records from this table
# to be used to add signatures based on the message sender.
KeyTable ${opendkim_base_dir}/key.table
# SignatureAlgorithm (string)
#
# Selects the signing algorithm to use when generating signatures. Use 'opendkim -V'
# to see the list of supported algorithms. The default is rsa-sha256 if it is
# available, otherwise it will be rsa-sha1.
SignatureAlgorithm rsa-sha256
# OversignHeaders (dataset)
#
# Specifies a set of header fields that should be included in all signature header
# lists (the "h=" tag) once more than the number of times they were actually present
# in the signed message. The set is empty by default. The purpose of this, and
# especially of listing an absent header field, is to prevent the addition of
# important fields between the signer and the verifier. Since the verifier would
# include that header field when performing verification if it had been added by an
# intermediary, the signed message and the verified message were different and the
# verification would fail. Note that listing a field name here and not listing it in
# the SignHeaders list is likely to generate invalid signatures.
OversignHeaders From
# AlwaysAddARHeader (Boolean)
#
# Add an "Authentication-Results:" header field even to unsigned messages
# from domains with no "signs all" policy. The reported DKIM result will be
# "none" in such cases. Normally unsigned mail from non-strict domains does
# not cause the results header field to be added.
AlwaysAddARHeader yes
# Background (Boolean)
#
# Causes opendkim to fork and exits immediately, leaving the service running
# in the background. The default is "true".
Background yes
# DNSTimeout (integer)
#
# Sets the DNS timeout in seconds. A value of 0 causes an infinite wait. The
# default is 5. Ignored if not using an asynchronous resolver package. See
# also the NOTES section below.
DNSTimeout 5
EOF
opendkim_needs_restart=true
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
# - Assign ownership to the opendkim user and restrict tthe
# - file permissions:
# -
echononl " Assign ownership and file permissions.."
chmod u=rw,go=r $opendkim_conf_file 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
# - Create the directories to hold OpenDKIMs data files, assign
# - ownership to the opendkim user, and restrict the file
# - permissions:
# -
echononl " Create directory '$opendkim_base_dir'"
if [[ -d "$opendkim_base_dir" ]] ; then
echo_skipped
else
opendkim_needs_restart=true
mkdir ${opendkim_base_dir} 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
echononl " Create directory '$opendkim_key_dir'"
if [[ -d "$opendkim_key_dir" ]] ; then
echo_skipped
else
opendkim_needs_restart=true
mkdir $opendkim_key_dir 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
echononl " Set ownership on directory '${opendkim_base_dir}' (recursive).."
chown -R opendkim:opendkim ${opendkim_base_dir} 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
echononl " Set file-permission on $opendkim_key_dir"
chmod go-rw $opendkim_key_dir 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
# - Create empty files
# - ${opendkim_base_dir}/signing.table
# - ${opendkim_base_dir}/key.table
# -
echononl " Create empty file '${opendkim_base_dir}/signing.table'.."
if [[ -f "${opendkim_base_dir}/signing.table" ]] ; then
echo_skipped
else
touch ${opendkim_base_dir}/signing.table 2> $log_file
opendkim_needs_restart=true
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
echononl " Create empty file '${opendkim_base_dir}/key.table'.."
if [[ -f "${opendkim_base_dir}/key.table" ]] ; then
echo_skipped
else
touch ${opendkim_base_dir}/key.table 2> $log_file
opendkim_needs_restart=true
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
# - Create the trusted hosts file ${opendkim_base_dir}/trusted.hosts.
# -
echononl " Create trusted hosts file '${opendkim_base_dir}/trusted'.."
if [[ -f "${opendkim_base_dir}/trusted" ]] ; then
echo_skipped
else
cat <<EOF > ${opendkim_base_dir}/trusted 2> $log_file
127.0.0.1
::1
localhost
$(hostname -f)
EOF
opendkim_needs_restart=true
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
# - Create the OpenDKIM socket directory in Postfixs work area
# - and make sure it has the correct ownership:
# -
echononl " Create the OpenDKIM socket directory in Postfixs work area.."
if [[ -d "${postfix_spool_dir}/opendkim" ]] ; then
echo_skipped
else
mkdir ${postfix_spool_dir}/opendkim 2> $log_file
opendkim_needs_restart=true
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
echononl " Set ownership on directory '${postfix_spool_dir}/opendkim'.."
chown opendkim:postfix ${postfix_spool_dir}/opendkim 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
# - Edit /etc/default/opendkim
# -
# - Set:
# - SOCKET="local:${postfix_spool_dir}/opendkim/opendkim.sock"
# -
echononl " Set 'SOCKET' at file /etc/default/opendkim.."
if grep -q -E "^\s*SOCKET" /etc/default/opendkim 2>/dev/null ; then
if grep -q -E "^\s*SOCKET.*local:$opendkim_socket_file" /etc/default/opendkim 2>/dev/null ; then
echo_skipped
else
perl -i -n -p -e "s#^\s*SOCKET=.*#SOCKET=\"local:$opendkim_socket_file\"#" /etc/default/opendkim 2> $log_file
opendkim_needs_restart=true
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
else
cat <<EOF >>/etc/default/opendkim 2> $log_file
SOCKET="local:$opendkim_socket_file"
EOF
opendkim_needs_restart=true
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
# - Edit /etc/postfix/main.cf and add a section to activate
# - processing of e-mail through the OpenDKIM daemon:
# -
backup_date="$(date +%Y-%m-%d-%H%M)"
echononl " Backup existing postfix configuration (main.cf).."
cp -a /etc/postfix/main.cf /etc/postfix/main.cf.$backup_date 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
echononl " Activate processing of e-mail through the OpenDKIM daemon.."
if grep -q -E "milter_default_action\s*=\s*accept" /etc/postfix/main.cf ; then
echo_skipped
warn "Postfix (main.cf) seems already be configured for milters"
echononl " Delete previosly saved Postfix configuration.."
rm /etc/postfix/main.cf.$backup_date 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
else
cat <<EOF >> /etc/postfix/main.cf 2> $log_file
# ======= Milter configuration =======
# OpenDKIM
milter_default_action = accept
# Postfix ≥ 2.6 milter_protocol = 6, Postfix ≤ 2.5 milter_protocol = 2
milter_protocol = 6
# Note:
# We will sign AFTER sending through AmaVIS, just befor sending out. So
# set 'smtpd_milters =' to an emty string here and add to localhost:10025
# section in master.cf: 'smtpd_milters=local:/opendkim/opendkim.sock'
#
# If you want sign mails before sending through AmaVIS, set
# 'smtpd_milters = local:/opendkim/opendkim.sock' here and add to
# localhost:10025 section in master.cf: 'smtpd_milters='
#
#smtpd_milters = local:/opendkim/opendkim.sock
smtpd_milters = local:/opendkim/opendkim.sock
# Was sind non_smtpd_milters?
#
# non_smtpd_milters gilt für alle Postfix-Prozesse, die Mails verarbeiten, aber NICHT
# der smtpd-Daemon sind.
#
# Das betrifft z. B.:
#
# cleanup Header/Content-Bereinigung
# qmgr Queue-Manager
# lmtp / smtp Auslieferung nach extern
# local lokale Zustellung
#
# Das sind z. B.:
#
# - interne Bounces (MAILER-DAEMON)
#
# - Cron-Mails vom Server
#
# - Weiterleitungen, die Postfix selbst generiert
#
# - Mails, die über sendmail CLI gesendet werden
#
# - Mails, die Amavis über LMTP zurückgibt
#
# - etc.
#
#
# DKIM soll auch die ausgehenden Mails signieren, die nicht über smtpd daemon versendet werden.
non_smtpd_milters = local:/opendkim/opendkim.sock
EOF
postfix_needs_restart=true
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
# - Prevent Postfix from setting the DKIM Header twice (one befor
# - and one after processing amavis
# -
# - To disable milter processing after amavis, add to your master.cf in
# - the after-amavis section:
# - 127.0.0.1:10025 inet n - - - - smtpd
# - [...]
# - -o smtpd_milters=
# -
# - If you want to run the milter after amavis, set in main.cf
# - smtpd_milters=
# - to an empty string and add the smtpd_milters configuration to master.cf
# - (after-section amavis) instead:
# - -o smtpd_milters=local:/opendkim/opendkim.sock
# -
echononl " Backup file '/etc/postfix/master.cf'.."
cp -a /etc/postfix/master.cf /etc/postfix/master.cf.$backup_date 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
echononl " Adjust /etc/postfix/master.cf. Set DKIM after sending throuh AmaVIS.."
_found=false
_changed=false
tmp_master_file="/tmp/postfix_master.cf"
> $tmp_master_file
while IFS='' read -r _line || [[ -n $_line ]] ; do
if $_found && ! echo "$_line" | grep -i -q -E "^\s*-o" 2> /dev/null ; then
echo " -o smtpd_milters=local:/opendkim/opendkim.sock" >> "$tmp_master_file"
_changed=true
_found=false
fi
if $_found && echo "$_line" | grep -i -q -E "^\s*-o\s+smtpd_milters=\s*" ; then
_found=false
if ! echo "$_line" | grep -i -q -E "^\s*-o\s+smtpd_milters=\s*local:/opendkim/opendkim.sock\s*$" ; then
echo " -o smtpd_milters=local:/opendkim/opendkim.sock" >> "$tmp_master_file"
echo " -o milter_macro_daemon_name=ORIGINATING" >> "$tmp_master_file"
_changed=true
continue
fi
fi
if echo "$_line" | grep -i -q -E "^\s*(submission|smtps)\s+inet\s+" 2> /dev/null ; then
_found=true
fi
echo "$_line" >> "$tmp_master_file"
done < "/etc/postfix/master.cf"
if $_changed ; then
cp $tmp_master_file /etc/postfix/master.cf 2> $log_file
postfix_needs_restart=true
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
else
echo_skipped
info "Postfix (master.cf) was not changed - seems already be configured right."
echononl " Delete previosly saved file '/etc/postfix/master.cf'.."
rm /etc/postfix/master.cf.$backup_date 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
rm -f $tmp_master_file
echo ""
# - Restart OpenDKIM
# -
echononl " Restart OpenDKIM.."
if $opendkim_needs_restart ; then
if $SYSTEMD_EXISTS ; then
systemctl restart opendkim > $log_file 2>&1
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
else
/etc/init.d/opendkim restart > $log_file 2>&1
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
else
echo_skipped
fi
# - Restart Postfix so it starts using OpenDKIM when processing mail:
# -
echononl " Restart Postfix.."
if $postfix_needs_restart ; then
if $SYSTEMD_EXISTS ; then
systemctl restart postfix > $log_file 2>&1
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
else
/etc/init.d/postfix restart > $log_file 2>&1
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
else
echo_skipped
fi
echo ""
rm -f "$log_file"
exit 0
Reference in New Issue View Git Blame Copy Permalink