usr/local/cpanel/scripts/checkexim.pl000075500000006144147204334030013705 0ustar00#!/usr/local/cpanel/3rdparty/bin/perl # cpanel - scripts/checkexim.pl Copyright 2022 cPanel, L.L.C. # All rights reserved. # copyright@cpanel.net http://cpanel.net # This code is subject to the cPanel license. Unauthorized copying is prohibited # package scripts::checkexim; use strict; use Cpanel::FileUtils::TouchFile (); use Cpanel::SafetyBits::Chown (); use Cpanel::Lchown (); __PACKAGE__->main() unless caller; sub main { checkeximlogs(); checkeximperms(); } sub checkeximlogs { require Cpanel::PwCache; my $mailnull_uid = ( Cpanel::PwCache::getpwnam('mailnull') )[2]; my $mail_gid = ( getgrnam('mail') )[2]; if ( opendir( my $exim_dir_fh, '/var/log' ) ) { my %log_files = map { $_ => undef } grep { /^exim_/ } readdir($exim_dir_fh); $log_files{'exim_mainlog'} = undef; $log_files{'exim_paniclog'} = undef; $log_files{'exim_rejectlog'} = undef; foreach my $log_file ( keys %log_files ) { my ( $mode, $uid, $gid ) = ( stat( '/var/log/' . $log_file ) )[ 2, 4, 5 ]; if ( !$mode ) { Cpanel::FileUtils::TouchFile::touchfile( '/var/log/' . $log_file ) } Cpanel::Lchown::lchown( $mailnull_uid, $mail_gid, '/var/log/' . $log_file ) if ( $uid != $mailnull_uid || $gid != $mail_gid ); chmod( 0640, '/var/log/' . $log_file ) if ( $mode & 00777 != 0640 ); } } } sub checkeximperms { my $no_chown_spool = shift; require Cpanel::PwCache; if ( Cpanel::PwCache::getpwnam("mailnull") ) { my $mailnull_uid = ( Cpanel::PwCache::getpwnam('mailnull') )[2]; my $mail_gid = ( getgrnam('mail') )[2]; checkeximlogs(); # Only chown what really needs it: directories under /var/spool/exim. # Chowning everything takes too long on systems with large queues. unless ($no_chown_spool) { safe_chown_maxdepth( '/var/spool/exim', $mailnull_uid, $mail_gid, 2 ); # scripts/updatemailscanner needs this. If it's not installed, this will just return. safe_chown_maxdepth( '/var/spool/exim_incoming', $mailnull_uid, $mail_gid, 1 ); safe_chown_maxdepth( '/var/spool/exim_incoming/db', $mailnull_uid, $mail_gid, 1 ); safe_chown_maxdepth( '/var/spool/exim_incoming/input', $mailnull_uid, $mail_gid, 1 ); } chown $mailnull_uid, $mail_gid, '/etc/exim.crt', '/etc/exim.key'; } } sub safe_chown_maxdepth { my ( $path, $uid, $gid, $depth ) = @_; return if $depth == 0; return unless -e $path; my @files_to_chown = ($path); my @dirs_to_search; opendir( my $dh, $path ) or return 0; foreach ( grep { /^[^.]/ } readdir($dh) ) { if ( -d "$path/$_" ) { push @dirs_to_search, "$path/$_" } push @files_to_chown, "$path/$_"; } Cpanel::SafetyBits::Chown::safe_chown( $uid, $gid, @files_to_chown ); foreach (@dirs_to_search) { safe_chown_maxdepth( $_, $uid, $gid, $depth - 1 ); } } 1;