sent_userinfo_postfix.sh: Add support for configuration file. Running the script must be confirmed after showing the parameter settings.

2017-08-04 17:44:02 +02:00 · 2017-08-04 17:44:02 +02:00 · 16c22e862e
commit 16c22e862e
parent 118959fab1
4 changed files with 232 additions and 36 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,5 @@
 *.swp
+*.log
+conf/*.conf
+conf/*.email*
+!conf/sent_userinfo_postfix.email.sample
--- a/conf/sent_userinfo_postfix.conf.sample
+++ b/conf/sent_userinfo_postfix.conf.sample
@ -0,0 +1,56 @@
+# ----------------------------------------------------
+# ---
+# - Parameter Settings for script 'sent_userinfo_postfix.sh'.
+# ---
+# ----------------------------------------------------
+
+# - user_info_file
+# -
+# - Full path to file containing the user info. If file is placed in this
+# - configuration directory use '${conf_dir}/<file-name'
+# -
+# - See sent_userinfo_postfix.email.sample
+# -
+# - Defaults to '${conf_dir}/conf/sent_userinfo_postfix.email'
+# -
+#user_info_file="${conf_dir}/conf/sent_userinfo_postfix.email"
+
+
+# - email_from
+# -
+# - From Address of user info
+# -
+# - Example: 'oo@oopen.de'
+# -
+#email_from=""
+
+
+# - email_from_org
+# -
+# - Example: email_from_org="O.OPEN"
+# -
+#email_from_org=""
+
+
+# - mail_user
+# -
+# - The owner of the mailbox directories and within the e-mails itself.
+# -
+# - defaults to 'vmail'
+#mail_user=vmail
+
+
+# - mail_group
+# -
+# - The group of the mailbox directories
+# -
+#mail_group=vmail
+
+
+# - mail_basedir - No more needed!
+# -
+# - The root directory where all mailbox-domains are located.
+# -
+# - Defaults to '/var/vmail'.
+# -
+#mail_basedir=/var/vmail
--- a/conf/sent_userinfo_postfix.email.sample
+++ b/conf/sent_userinfo_postfix.email.sample
@ -0,0 +1,41 @@
+To: %email_to%
+From: %email_from_org% <%email_from%>
+Subject: Heartbleed Bug und so36.net
+Content-type: text/plain; charset=UTF-8
+
+Liebe so36-Nutzer_innen,
+
+Am Dienstag 08.04.2014 ist eine gravierende Sicherheitslücke in der
+Verschlüsselungssoftware OpenSSL bekannt geworden, mit dem u.a. Passwörter
+oder andere geheime Daten offen abrufbar sind. Dieser Programmfehler ist
+unter dem Namen Heartbleed-Bug [1] berühmt geworden.
+
+Wie fast alle Web-Anbieter nutz auch so36.net OpenSSL und damit sind auch
+wir betroffen. Wir haben am Tag des Bekanntwerden der Schwachstelle sofort
+Software-Updates auf allen betroffenen Servern eingsielt. Mittlerweile
+haben wir auf allen Maschinen auch neue SSL-Zertifikate installiert.
+Trotzdem können wir nicht ausschließen, dass auch unsere Server
+kompromitiert wurden und sich Dritte damit eure Passwörter beschaffen
+konnten.
+
+*Daher müssen alle sofort ihre Passwörter ändern.*
+
+Dazu besucht Ihr folgende Seite: https://webmail.so36.net/
+
+Das neue Zertifikat, das Euch der Server präsentiert hat den Fingerprint
+SHA1 Fingerprint = 7C:70:79:C1:30:1E:E8:CC:AF:B5:67:AD:07:53:ED:08:33:C5:8B:D8
+
+Leider müsst ihr davon ausgehen, dass auch andere Webdienste, die ihr
+nutzt, von dieser Sicherheitslücke betroffen sind. Heise.de spricht
+davon, dass über 600 der meistgenutzten Webdiensten davon betroffen
+sind. [2] Ihr könnt dies auch selbst durch Eingabe der URl bei
+http://filippo.io/Heartbleed und http://possible.lv/tools/hb überprüfen.
+
+Schöne Grüsse aus dem Dschungel
+team so36.net
+
+[1] http://heartbleed.com/ und
+http://www.heise.de/newsticker/meldung/Der-GAU-fuer-Verschluesselung-im-Web-Horror-Bug-in-OpenSSL-2165517.html
+
+[2]
+http://www.heise.de/newsticker/meldung/Passwort-Zugriff-Heartbleed-Luecke-mit-katastrophalen-Folgen-2166861.html
--- a/sent_userinfo_postfix.sh
+++ b/sent_userinfo_postfix.sh
@ -1,26 +1,35 @@
-#!/bin/bash
+#!/usr/bin/env bash
+
+script_dir="$(dirname $(realpath $0))"
+conf_dir="${script_dir}/conf"
+conf_file="${conf_dir}/sent_userinfo_postfix.conf"
+
+tmp_dir="$(mktemp -d)"
+logfile="${script_dir}/sent_userinfo_postfix.$(date +%Y-%m-%d-%H%M).log"
+
+#---------------------------------------
+#-----------------------------
+# Setting Defaults
+#-----------------------------
+#---------------------------------------
+
+DEFAULT_user_info_file="${conf_dir}/sent_userinfo_postfix.email"
+DEFAULT_mail_user="vmail"
+DEFAULT_mail_group="vmail"


-user_info_file="/root/Heartbleed-Bug_userinfo.txt"
+#---------------------------------------
+#-----------------------------
+# Base Function(s)
+#-----------------------------
+#---------------------------------------

-email_from="oo@oopen.de"
+clean_up() {

-mail_user=vmail
-mail_group=vmail
-
-mail_basedir=/var/vmail
-
-logfile=/tmp/user_mail.log
-> $logfile
-
-
-curdir=`pwd`
-rc_done="\033[71G[ \033[32mdone\033[m ]"
-rc_failed="\033[71G[ \033[31m\033[1mfailed\033[m ]"
-
-
-## - Functions
-## -
+   # Perform program exit housekeeping
+   rm -rf $tmp_dir
+   exit $1
+}
 echononl(){
   echo X\\c > /tmp/shprompt$$
   if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then
@ -31,32 +40,113 @@ echononl(){
   rm /tmp/shprompt$$
 }

-
 fatal(){
   echo ""
-   echo  Fehler: $*
-   echo -e "\n\t\033[31m\033[1mSkript wird abgebrochen\033[m\033[m\n"
+   echo  -e "[ \033[31m\033[1mFehler\033[m ]: $*"
+   echo -e "\n\t     Script was interupted!\n"
   echo
-   exit 1
+   clean_up 1
 }

-## -
-## - End: Functions
+echo_ok() {
+   echo -e "\033[75G[ \033[32mok\033[m ]"
+}
+echo_failed() {
+   echo -e "\033[75G[ \033[1;31mfailed\033[m ]"
+}
+echo_skipped() {
+   echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]"
+}
+
+trap clean_up SIGHUP SIGINT SIGTERM
+
+clear
+echo ""
+echo -e "\033[32mRunning script \033[1m"$(basename $0)"\033[m .."
+echo ""
+
+echo ""
+echo ""
+echononl "   Loading default Configuration values from $(basename ${conf_file}).."
+if [[ ! -f "$conf_file" ]]; then
+   echo_skipped
+else
+   source "${conf_file}" > /dev/null 2>&1
+   if [[ $? -eq 0 ]]; then
+      echo_ok
+   else
+      echo_failed
+   fi
+fi
+
+if [[ -z "$email_from" ]] ; then
+   fatal "Missing Mail Sender Address (parameter 'email_from')."
+fi
+if [[ -z "$email_from_org" ]] ; then
+   fatal "Missing Mail Sender Organisation (parameter 'email_from_org')."
+fi
+
+
+[[ -n "$user_info_file" ]] || user_info_file="$DEFAULT_user_info_file"
+[[ -n "$mail_user" ]] || mail_user="$DEFAULT_mail_user"
+[[ -n "$mail_group" ]] || mail_group="$DEFAULT_mail_group"
+
+if [[ ! -f $user_info_file ]];then
+  fatal "User Info-file to send '$user_info_file' does not exist !!"
+fi
+
+
+echo ""
+echo ""
+echo -e "\033[32mSettings for script \033[37m\033[1msent_userinfo_postfix.sh\033[m"
+echo ""
+echo "   File containing the mail-body.....: $user_info_file"
+echo ""
+echo "   Mail Sender Address...............: $email_from"
+echo "   Mail Sender Organisation..........: $email_from_org"
+echo ""
+echo "   Mail User.........................: $mail_user"
+echo "   Mail Group........................: $mail_group"
+
+echo ""
+OK=
+while [ "$OK" != "yes" -o "$OK" != "no" ] ; do
+   echononl "\033[1mParameters ok? [yes/no]:\033[m "
+   read OK
+   ## - To lower case
+   OK=${OK,,}
+   if [ "X$OK" = "X" ]; then
+      echo -e "\n\t\033[33m\033[1mAn entry is required!\033[m\n"
+      OK=""
+      continue
+   fi
+   if [ "$OK" != "yes" -o "$OK" != "no" ] ; then
+      break
+   fi
+   echo -e "\n\t\033[33m\033[1mWrong entry!\033[m\n"
+done
+[[ $OK = "yes" ]] || fatal "Repeat execution with different parameters."
+
+
+
+> $logfile
+
+
+curdir=`pwd`
+rc_done="\033[71G[ \033[32mdone\033[m ]"
+rc_failed="\033[71G[ \033[31m\033[1mfailed\033[m ]"
+

 if [ ! -f $user_info_file ]; then
-   fatal "Kann Mailtext nicht finden"
+   fatal "File containing User Info not found!"
 fi

 pwd=`pwd`
 cd /tmp

-clear
+echo ""
 echo -e "\n\t --- Sending userinfo into all local virtual mailboxes --\n" | tee -a $logfile

-if [ ! -f $user_info_file ];then
-  echo "[FATAL]: Info-file to send does not exist !!" >> $logfile
-  fatal "User Info-file to send does not exist !!"
-fi


 ## - list of local virtual domains
@ -67,14 +157,20 @@ declare -i num_dom=0;
 declare -i num_mbox_failed=0;
 declare -i num_mbox=0;

+# - Escape  '@' sign for use in perl regex
+# -
+email_from_regex="$(echo ${email_from//\@/\\@})"
+
 for domain in $domains ;do
   echo -e "\nDOMAIN: $domain\n" | tee -a $logfile
   local_parts=`su postgres -c"psql -At -F ' ' postfix -c\"SELECT local_part  FROM mailbox WHERE domain = '$domain'\""`
   for local_part in $local_parts ; do
-      cp $user_info_file /tmp/
-      perl -i -n -p -e "s/%email_to%/$local_part\@$domain/" /tmp/`basename $user_info_file`
+      cp "$user_info_file"  "$tmp_dir"
+      perl -i -n -p -e "s/%email_to%/$local_part\@$domain/" "${tmp_dir}/$(basename $user_info_file)"
+      perl -i -n -p -e "s/%email_from%/${email_from_regex}/" "${tmp_dir}/$(basename $user_info_file)"
+      perl -i -n -p -e "s/%email_from_org%/${email_from_org}/" "${tmp_dir}/$(basename $user_info_file)"
      echononl "\tSend userinfo to $local_part@$domain.."
-      cat /tmp/`basename $user_info_file` | /usr/sbin/sendmail -F 'Christoph Kuchenbuch' -f $email_from -t "$local_part@$domain"
+      cat ${tmp_dir}/$(basename $user_info_file) | /usr/sbin/sendmail -F "$email_from_org" -f $email_from -t "$local_part@$domain"
      if [ "$?" = "0" ]; then
         num_mbox=num_mbox+1
         echo -e "$rc_done"
@ -97,6 +193,5 @@ fi

 echo
 cd $pwd
-rm /tmp/`basename $user_info_file`

-exit
+clean_up 0