Additional fixes for #39 and #37

bokysan · Oct 24, 2020 · bd67c95 · bd67c95
1 parent 5f441fb
commit bd67c95
Show file tree

Hide file tree

Showing 5 changed files with 35 additions and 7 deletions.
diff --git a/scripts/common-run.sh b/scripts/common-run.sh
@@ -246,7 +246,7 @@ postfix_setup_dkim() {
 
  # Fixes #39
  chown opendkim:opendkim /etc/opendkim/keys/${domain}.private
- chmod 444 /etc/opendkim/keys/${domain}.private
+ chmod 400 /etc/opendkim/keys/${domain}.private
 
  chown opendkim:opendkim /etc/opendkim/keys/${domain}.txt
  chmod 644 /etc/opendkim/keys/${domain}.txt
@@ -301,6 +301,13 @@ postfix_setup_dkim() {
  if [ -f $private_key ]; then
  domain_dkim_selector="$(get_dkim_selector "${domain}")"
  echo -e " ...for domain ${emphasis}${domain}${reset} (selector: ${emphasis}${domain_dkim_selector}${reset})"
+ if ! su opendkim -s /bin/bash -c 'cat /etc/opendkim/keys/example.org.private' > /dev/null 2>&1; then
+ echo -e " ...trying to reown ${emphasis}${private_key}${reset} as it's not readable by OpenDKIM..."
+ # Fixes #39
+ chown opendkim:opendkim "${private_key}"
+ chmod u+r "${private_key}"
+ fi
+
  echo "${domain_dkim_selector}._domainkey.${domain} ${domain}:${domain_dkim_selector}:${private_key}" >> /etc/opendkim/KeyTable
  echo "*@${domain} ${domain_dkim_selector}._domainkey.${domain}" >> /etc/opendkim/SigningTable
  else

diff --git a/scripts/common.sh b/scripts/common.sh
@@ -147,10 +147,10 @@ do_postconf() {
  shift
  key="$1"
  shift
- if grep -E "^${key}\s*=" /etc/postfix/main.cf; then
+ if grep -q -E "^${key}\s*=" /etc/postfix/main.cf; then
  has_key="1"
  fi
- if grep -E "^#\s*${key}\s*=" /etc/postfix/main.cf; then
+ if grep -q -E "^#\s*${key}\s*=" /etc/postfix/main.cf; then
  has_commented_key="1"
  fi
  if [[ "${has_key}" == "1" ]] && [[ "${has_commented_key}" == "1" ]]; then
@@ -159,14 +159,15 @@ do_postconf() {
  sed -i -e "/^${key}\s*=/ { :a; N; /^\s/ba; N; d }" /etc/postfix/main.cf
  elif [[ "${has_key}" == "1" ]]; then
  # Comment out the key with postconf
- postconf -# "${key}"
+ postconf -# "${key}" > /dev/null
  else
  # No key or only commented key, do nothing
  :
  fi
  else
  # Add the line normally
- postconf $@
+ shift
+ postconf -e "$@"
  fi
 
 }

diff --git a/unit-tests/dkim_auto_generate.bats b/unit-tests/dkim_auto_generate.bats
@@ -15,6 +15,8 @@ chown -R opendkim:opendkim /etc/opendkim
  local ALLOWED_SENDER_DOMAINS=example.org
  postfix_setup_dkim
 
+ postfix check
+
  su opendkim -s /bin/bash -c 'cat /etc/opendkim/keys/example.org.private' > /dev/null
  su opendkim -s /bin/bash -c 'cat /etc/opendkim/keys/example.org.txt' > /dev/null
 }
diff --git a/unit-tests/postfix_custom_commands.bats b/unit-tests/postfix_custom_commands.bats
@@ -8,10 +8,12 @@ load /code/scripts/common-run.sh
  local POSTFIX_alias_database=hash:/etc/mail/aliases
  postfix_custom_commands
  cat /etc/postfix/main.cf | fgrep -qx "alias_database = hash:/etc/mail/aliases"
+ postfix check
 }
 
 @test "Make sure that postfix_custom_commands removes lines" {
  local POSTFIX_readme_directory=
  postfix_custom_commands
  cat /etc/postfix/main.cf | egrep -q "^#readme_directory"
+ postfix check
 }
diff --git a/unit-tests/test-multi-comment.bats b/unit-tests/test-multi-comment.bats
@@ -15,32 +15,46 @@ fi
 @test "make sure commenting out #myhostname does not incrase count" {
  COMMENT_COUNT=$(grep -E "^#myhostname" /etc/postfix/main.test-multi-comment | wc -l)
  do_postconf -# myhostname
+ postfix check
  result=$(grep -E "^#myhostname" /etc/postfix/main.cf | wc -l)
  [ "$result" == "$COMMENT_COUNT" ]
 }
 
 @test "make sure adding myhostname does not incrase count" {
  COMMENT_COUNT=$(grep -E "^#myhostname" /etc/postfix/main.test-multi-comment | wc -l)
  do_postconf -e myhostname=localhost
+ postfix check
  result=$(grep -E "^#myhostname" /etc/postfix/main.cf | wc -l)
- echo "result=$result"
- echo "COMMENT_COUNT=$COMMENT_COUNT"
  [ "$result" == "$COMMENT_COUNT" ]
 }
 
 @test "make sure adding myhostname is added only once" {
  do_postconf -e myhostname=localhost
+ postfix check
  result=$(grep -E "^myhostname" /etc/postfix/main.cf | wc -l)
  [ "$result" == "1" ]
 }
 
 @test "make sure deleting myhostname does not incrase count" {
  COMMENT_COUNT=$(grep -E "^#myhostname" /etc/postfix/main.test-multi-comment | wc -l)
  do_postconf -# myhostname
+ postfix check
  result=$(grep -E "^#myhostname" /etc/postfix/main.cf | wc -l)
  [ "$result" == "$COMMENT_COUNT" ]
 }
 
+@test "test removing relayhost" {
+ do_postconf -# relayhost
+ grep -q -E "^#relayhost" /etc/postfix/main.cf
+ ! grep -q -E "^relayhost" /etc/postfix/main.cf
+ postfix check
+}
+
+@test "spaces in parameters" {
+ do_postconf -e "smtpd_recipient_restrictions=reject_non_fqdn_recipient, reject_unknown_recipient_domain, check_sender_access hash:example.org, reject"
+ postfix check
+}
+
 @test "no sasl password duplications" {
  local RELAYHOST="demo"
  local RELAYHOST_USERNAME="foo"
@@ -49,6 +63,8 @@ fi
  postfix_setup_relayhost
  postfix_setup_relayhost
 
+ postfix check
+
  result=$(grep -E "^demo" /etc/postfix/sasl_passwd | wc -l)
  [ "$result" == "1" ]
 }