#!/bin/sh
-# postinst script for spamassassin-cn
-#
-# see: dh_installdeb(1)
set -e
-# summary of how this script can be called:
-# * <postinst> `configure' <most-recently-configured-version>
-# * <old-postinst> `abort-upgrade' <new version>
-# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
-# <new-version>
-# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
-# <failed-install-package> <version> `removing'
-# <conflicting-package> <version>
-# for details, see http://www.debian.org/doc/debian-policy/ or
-# the debian-policy package
-#
-
-case "$1" in
- configure|reconfigure)
- # continue below
- ;;
-
- *)
- exit 0
- ;;
-esac
-
-# import CN-functions
+[ "$1" = "configure" ] || exit 0
+[ "$DEBIAN_SCRIPT_DEBUG" ] && set -vx
+
+# Load CARNET Tools
. /usr/share/carnet-tools/functions.sh
-# load Debconf
+# Load Debconf
. /usr/share/debconf/confmodule
+
db_version 2.0
umask 022
if [ "$run_as_user" = "non-root" ]; then
if ! grep -q '^OPTIONS=".*username=spamd"' \
/etc/default/spamassassin; then
- if [ -x /usr/sbin/invoke-rc.d ]; then
- invoke-rc.d --quiet spamassassin stop
- else
- /etc/init.d/spamassassin stop
- fi
- rstart=yes
+ service spamassassin stop
+ rstart=yes
fi
if ! getent group spamd >/dev/null 2>&1; then
elif [ "$run_as_user" = "root" ]; then
if grep -q '^OPTIONS=".*username=spamd"' \
/etc/default/spamassassin; then
- if [ -x /usr/sbin/invoke-rc.d ]; then
- invoke-rc.d --quiet spamassassin stop
- else
- /etc/init.d/spamassassin stop
- fi
- restart=yes
+ service spamassassin stop
+ restart=yes
fi
if [ -d "/var/run/spamd" ]; then
# old enough
if [ -s $confdir/local.cf ] &&
- dpkg --compare-versions "$2" lt "2:3.0.3-3"; then
+ dpkg --compare-versions "$2" lt "2:3.2.5-4"; then
echo "CN: Backing up old version of $confdir/local.cf in /var/backups"
cp_backup_conffile $confdir/local.cf
rm -f $confdir/local.cf
mv -f $confdir/local.cf.$$.$$ $confdir/local.cf.$$
rm -f $confdir/local.cf.$$.$$
+ # calculate trusted networks
+ cp_get_netaddr || true
+ netaddr="$RET"
+ # ... get already configured trusted networks
+ trusted_networks=$(awk '/^trusted_networks/ { print $2 }' \
+ $confdir/local.cf.$$ | sed -e 's/,/ /g')
+ # ... merge with local networks configured on eth interfaces
+ for i in $netaddr; do
+ if ! echo "$trusted_networks" | grep -q "$i"; then
+ trusted_networks="$trusted_networks $i"
+ fi
+ done
+ # ... merge with Postfix ranges
+ if [ -x /usr/sbin/postconf ]; then
+ for i in $(postconf -h mynetworks | sed -e 's/,/ /g'); do
+ if ! echo "$trusted_networks" | grep -q "$i"; then
+ trusted_networks="$trusted_networks $i"
+ fi
+ done
+ fi
+ # ... strip 127/8 range
+ for i in $trusted_networks; do
+ if ! echo "$i" | egrep -q \
+ "127.0.0.0/8|\[::1\]/128|\[::ffff:127.0.0.0\]/104"; then
+ trusted_networks_clean="$trusted_networks_clean $i"
+ fi
+ done
+ # ... strip left and right blanks from final string
+ trusted_networks_clean=$(echo "$trusted_networks_clean" \
+ | sed 's/^[ \t]*//;s/[ \t]*$//')
+ # ... and replace if non-zero
+ if [ ! -z "$trusted_networks_clean" ]; then
+ trusted_networks=$trusted_networks_clean
+ fi
+ cp_check_and_sed "^trusted_networks " \
+ "s#^trusted_networks .*#trusted_networks $trusted_networks#g" \
+ $confdir/local.cf.$$ || true
+ echo "CN: Activated $trusted_networks as trusted networks"
+
+ if dpkg --compare-versions "$2" lt "2:3.3.5"; then
+ cp_check_and_sed "^bayes_auto_expire 1" \
+ "s#^bayes_auto_expire .*#bayes_auto_expire 0#g" \
+ $confdir/local.cf.$$ || true
+ echo "CN: Set bayes_auto_expire to 0"
+ fi
+
# different than template
if ! cmp -s $confdir/local.cf.$$ $confdir/local.cf; then
# backup if not zero size
mv -f $i.$$ $i
fi
rm -f $i.$$
+
+ # enable AWL
+ cp -f $i $i.$$
+ plugin="loadplugin Mail::SpamAssassin::Plugin::AWL"
+ cp_check_and_sed "^#$plugin.*$" \
+ "s/^#$plugin.*$/$plugin/g" $i.$$ || true
+ if ! cmp -s $i.$$ $i; then
+ mv -f $i.$$ $i
+ fi
+ rm -f $i.$$
done
# check and replace /etc/default/spamasassin if needed
# cleanup the AWL
if getent passwd amavis >/dev/null 2>&1; then
- if [ -s ~amavis/.spamassassin/auto-whitelist ]; then
+ AWL=~amavis/.spamassassin/auto-whitelist
+ if [ -s $AWL ]; then
echo "CN: Cleaning the Amavis auto-whitelist"
su -c '/usr/bin/check_whitelist --clean' - amavis >/dev/null 2>&1 \
|| true
+
+ # see if size is still unacceptable
+ SIZE=$(du -ks $AWL | awk '{print $1}')
+ if [ $SIZE -ge 51200 ]; then
+ echo "CN: Size of AWL database > 50MB, doing full cleanup"
+ cp /dev/null $AWL
+ fi
fi
fi
# import SA keys
-echo "CN: Importing SpamAssassin and SARE public PGP keys"
+echo "CN: Importing SpamAssassin channels' public PGP keys"
echo "$(date +'%d-%m-%Y %T'): Importing new SA keys..." >> \
/var/log/sa-update.log
if [ ! -d /etc/spamassassin/sa-update-keys ]; then
/etc/spamassassin/sa-update-keys/secring.gpg
chmod -R go-rwx /etc/spamassassin/sa-update-keys
fi
-sa-update --import /etc/spamassassin/sa-keys.pgp \
+sa-update --gpghomedir /etc/spamassassin/sa-update-keys --import /etc/spamassassin/sa-keys.pgp \
>>/var/log/sa-update.log 2>&1 || true
+# import http://spamassassin.apache.org/updates/GPG.KEY
+echo "CN: Importing new http://spamassassin.apache.org/updates/GPG.KEY..."
+sa-update --gpghomedir /etc/spamassassin/sa-update-keys --import /usr/share/spamassassin-cn/GPG.KEY
+
# clean old RulesDuJour rules
echo "CN: Cleaning old RulesDuJour and SARE rules..."
rm -rf /etc/spamassassin/*_sare_*.cf /etc/spamassassin/RulesDuJour
+find /var/lib/spamassassin -iname \*_sare_\* -print0 | xargs -0r rm -rf
+sed -i -e '/dostech.net/d' /etc/spamassassin/sa-update.channels
echo "CN: Please use /etc/spamassassin/sa-update.channels in future!"
-
+
+# clean old sought.rules.yerp.org
+echo "CN: Cleaning old YERP rules..."
+find /var/lib/spamassassin -iname \*_yerp_\* -print0 | xargs -0r rm -rf
+sed -i -e '/sought.rules.yerp.org/d' /etc/spamassassin/sa-update.channels
+
+# add spamassassin.heinlein-support.de
+#echo "CN: Adding spamassassin.heinlein-support.de to /etc/spamassassin/sa-update.channels..."
+#if ! grep -q spamassassin.heinlein-support.de /etc/spamassassin/sa-update.channels; then
+# echo spamassassin.heinlein-support.de >> /etc/spamassassin/sa-update.channels
+#fi
+
# get/update the rules
echo "CN: Downloading new SpamAssassin rules and updating in background"
echo "$(date +'%d-%m-%Y %T'): Fetching new SA rules..." >> \
/var/log/sa-update.log
sa-update \
--channelfile /etc/spamassassin/sa-update.channels \
- --gpgkey 856AA88A \
- --gpgkey 24F434CE \
- --gpgkey BDE9DC10 >>/var/log/sa-update.log 2>&1 || true
+ --gpghomedir /etc/spamassassin/sa-update-keys \
+ --allowplugins >>/var/log/sa-update.log 2>&1 &
+
echo "CN: SpamAssassin updates are now logged at /var/log/sa-update.log"
# restart the spamasassin
if [ "x$restart" = "xyes" ]; then
- if [ -x /usr/sbin/invoke-rc.d ]; then
- pkill -f /usr/sbin/spamd || true
- invoke-rc.d --quiet spamassassin restart
- else
- /etc/init.d/spamassassin restart
- fi
+ pkill -f /usr/sbin/spamd || true
+ service spamassassin restart
fi
# restart the amavis
if [ "x$restart" = "xyes" -a -x /etc/init.d/amavis ]; then
- if [ -x /usr/sbin/invoke-rc.d ]; then
- invoke-rc.d --quiet amavis restart
- else
- /etc/init.d/amavis restart
- fi
+ service amavis restart
fi
# dh_installdeb will replace this with shell code automatically
projects / spamassassin-cn.git / blobdiff