postfix: new spam.sh update script that avoids reloading if files did not change.
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2612|5|2607|5|:-1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/306//ansiblelint">Evolix » ansible-roles » unstable #306</a>
gitea/ansible-roles/pipeline/head This commit looks good
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2612|5|2607|5|:-1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/306//ansiblelint">Evolix » ansible-roles » unstable #306</a>
gitea/ansible-roles/pipeline/head This commit looks good
This commit is contained in:
parent
4b4b34e849
commit
3c3db4fefa
|
@ -43,6 +43,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
||||||
* postfix (packmail or when postfix_slow_transport_include is True): change `minimal_backoff_time` from 2h to 15m (see HowtoPostfix)
|
* postfix (packmail or when postfix_slow_transport_include is True): change `minimal_backoff_time` from 2h to 15m (see HowtoPostfix)
|
||||||
* postfix (packmail) : optimize Amavis integration
|
* postfix (packmail) : optimize Amavis integration
|
||||||
* redis: standardize plugins path from /usr/local/share/munin/ to /usr/local/lib/munin/plugins/
|
* redis: standardize plugins path from /usr/local/share/munin/ to /usr/local/lib/munin/plugins/
|
||||||
|
* postfix: new spam.sh update script that avoids reloading if files did not change.
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
|
|
|
@ -1,87 +1,98 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
#set -x
|
#set -x
|
||||||
|
|
||||||
umask 022
|
umask 022
|
||||||
|
|
||||||
tmp_file=$(mktemp)
|
tmp_dir="/tmp/spam_sh"
|
||||||
|
mkdir -p "${tmp_dir}"
|
||||||
|
data_url="http://antispam00.evolix.org/spam"
|
||||||
|
rc=0
|
||||||
|
|
||||||
tmp=$(mktemp -d)
|
function is_installed {
|
||||||
|
dpkg -l "${1}" 2>&1 | grep -v "no packages found matching" | grep -q ^ii
|
||||||
|
}
|
||||||
|
|
||||||
if [ -f $tmp_file ] ;
|
function is_new {
|
||||||
then rm $tmp_file ;
|
# Check whether a file name provided as argument has been changed remotely
|
||||||
fi
|
cd "${tmp_dir}"
|
||||||
|
wget -q -t 3 "${data_url}/${1}.md5" -O "${1}.md5.new"
|
||||||
|
if ! [ -e "${1}.md5" ] || ! cmp -s "$1.md5" "${1}.md5.new"; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
sleep $[ $RANDOM / 1024 ]
|
function download {
|
||||||
|
cd "${tmp_dir}"
|
||||||
|
wget -q -t 3 "${data_url}/${1}" -O "${1}"
|
||||||
|
wget -q -t 3 "${data_url}/${1}.md5" -O "${1}.md5"
|
||||||
|
}
|
||||||
|
|
||||||
# Postfix
|
function check_integrity {
|
||||||
cd $tmp
|
cd "$tmp_dir"
|
||||||
|
md5sum -c "${1}.md5" > /dev/null && [ -e "${1}" ]
|
||||||
|
}
|
||||||
|
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/client.access -O $tmp_file
|
function cleanup {
|
||||||
cp $tmp_file /etc/postfix/client.access
|
rm -f /etc/postfix/header_kill.db
|
||||||
rm $tmp_file
|
rm -f /etc/postfix/header_kill_local.db
|
||||||
|
rm -f "$tmp_dir"/*.md5.new
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/sender.access -O $tmp_file
|
}
|
||||||
cp $tmp_file /etc/postfix/sender.access
|
|
||||||
rm $tmp_file
|
|
||||||
|
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/recipient.access -O $tmp_file
|
|
||||||
cp $tmp_file /etc/postfix/recipient.access
|
|
||||||
rm $tmp_file
|
|
||||||
|
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/header_kill -O $tmp_file
|
|
||||||
cp $tmp_file /etc/postfix/header_kill
|
|
||||||
rm $tmp_file
|
|
||||||
|
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/sa-blacklist.access -O sa-blacklist.access
|
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/sa-blacklist.access.md5 -O $tmp_file
|
|
||||||
if md5sum -c $tmp_file > /dev/null && [ -s sa-blacklist.access ] ; then
|
|
||||||
cp sa-blacklist.access /etc/postfix/sa-blacklist.access
|
|
||||||
fi
|
|
||||||
rm sa-blacklist.access
|
|
||||||
rm $tmp_file
|
|
||||||
|
|
||||||
/usr/sbin/postmap hash:/etc/postfix/client.access
|
|
||||||
/usr/sbin/postmap hash:/etc/postfix/sender.access
|
|
||||||
/usr/sbin/postmap hash:/etc/postfix/recipient.access
|
|
||||||
/usr/sbin/postmap -r hash:/etc/postfix/sa-blacklist.access
|
|
||||||
|
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/spamd.cidr -O spamd.cidr
|
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/spamd.cidr.md5 -O $tmp_file
|
|
||||||
if md5sum -c $tmp_file > /dev/null && [ -s spamd.cidr ] ; then
|
|
||||||
cp spamd.cidr /etc/postfix/spamd.cidr
|
|
||||||
fi
|
|
||||||
rm spamd.cidr
|
|
||||||
rm $tmp_file
|
|
||||||
|
|
||||||
|
postfix_dbs="client.access sender.access recipient.access header_kill sa-blacklist.access spamd.cidr"
|
||||||
|
for db in ${postfix_dbs}; do
|
||||||
|
if is_new "${db}"; then
|
||||||
|
download "${db}"
|
||||||
|
if check_integrity "${db}"; then
|
||||||
|
cp "${tmp_dir}/${db}" /etc/postfix/
|
||||||
|
if [ "${db}" != "header_kill" ]; then
|
||||||
|
/usr/sbin/postmap -r "/etc/postfix/${db}"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
>&2 echo "Integrity check failed for new ${db}."
|
||||||
|
rc=1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
# SpamAssassin
|
# SpamAssassin
|
||||||
cd $tmp
|
sa_db="evolix_rules.cf"
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix_rules.cf -O evolix_rules.cf
|
if is_installed spamassassin; then
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix_rules.cf.md5 -O $tmp_file
|
if is_new "${sa_db}"; then
|
||||||
if md5sum -c $tmp_file > /dev/null && [ -s evolix_rules.cf ] ; then
|
download "${sa_db}"
|
||||||
dpkg -l spamassassin 2>&1 | grep -v "no packages found matching" | grep -q ^ii && cp evolix_rules.cf /etc/spamassassin
|
if check_integrity "${sa_db}"; then
|
||||||
dpkg -l spamassassin 2>&1 | grep -v "no packages found matching" | grep -q ^ii && /etc/init.d/spamassassin reload > /dev/null
|
cp ${tmp_dir}/evolix_rules.cf /etc/spamassassin
|
||||||
if [ -d /etc/spamassassin/sa-update-hooks.d ]; then
|
/etc/init.d/spamassassin reload > /dev/null
|
||||||
|
if [ -d /etc/spamassassin/sa-update-hooks.d ]; then
|
||||||
run-parts --lsbsysinit /etc/spamassassin/sa-update-hooks.d
|
run-parts --lsbsysinit /etc/spamassassin/sa-update-hooks.d
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
>&2 echo "Integrity check failed for ${sa_db}."
|
||||||
|
rc=1
|
||||||
fi
|
fi
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# ClamAV
|
cleanup
|
||||||
cd $tmp
|
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix.ndb -O evolix.ndb
|
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix.ndb.md5 -O $tmp_file
|
|
||||||
dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && chown clamav: evolix.ndb
|
|
||||||
if md5sum -c $tmp_file > /dev/null && [ -s evolix.ndb ] ; then
|
|
||||||
dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && cp -a evolix.ndb /var/lib/clamav/
|
|
||||||
fi
|
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix.hsb -O evolix.hsb
|
|
||||||
wget -q -t 3 http://antispam00.evolix.org/spam/evolix.hsb.md5 -O $tmp_file
|
|
||||||
dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && chown clamav: evolix.hsb
|
|
||||||
if md5sum -c $tmp_file > /dev/null && [ -s evolix.hsb ] ; then
|
|
||||||
dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && cp -a evolix.hsb /var/lib/clamav/
|
|
||||||
fi
|
|
||||||
dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && /etc/init.d/clamav-daemon reload-database > /dev/null
|
|
||||||
rm $tmp_file
|
|
||||||
|
|
||||||
rm -rf $tmp
|
exit "${rc}"
|
||||||
|
|
||||||
|
# Commenté car fichiers plus maintenus (cf. Reg)
|
||||||
|
## ClamAV
|
||||||
|
#cd $tmp
|
||||||
|
#wget -q -t 3 http://antispam00.evolix.org/spam/evolix.ndb -O evolix.ndb
|
||||||
|
#wget -q -t 3 http://antispam00.evolix.org/spam/evolix.ndb.md5 -O $tmp_file
|
||||||
|
#dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && chown clamav: evolix.ndb
|
||||||
|
#if md5sum -c $tmp_file > /dev/null && [ -s evolix.ndb ] ; then
|
||||||
|
# dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && cp -a evolix.ndb /var/lib/clamav/
|
||||||
|
#fi
|
||||||
|
#wget -q -t 3 http://antispam00.evolix.org/spam/evolix.hsb -O evolix.hsb
|
||||||
|
#wget -q -t 3 http://antispam00.evolix.org/spam/evolix.hsb.md5 -O $tmp_file
|
||||||
|
#dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && chown clamav: evolix.hsb
|
||||||
|
#if md5sum -c $tmp_file > /dev/null && [ -s evolix.hsb ] ; then
|
||||||
|
# dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && cp -a evolix.hsb /var/lib/clamav/
|
||||||
|
#fi
|
||||||
|
#dpkg -l clamav-daemon 2>&1 | grep -v "no packages found matching" | grep -q ^ii && /etc/init.d/clamav-daemon reload-database > /dev/null
|
||||||
|
#rm $tmp_file
|
||||||
|
#
|
||||||
|
#rm -rf $tmp
|
||||||
|
|
Loading…
Reference in a new issue