5
/* Postfix alias database maintenance
8
/* \fBpostalias\fR [\fB-Nfinoprvw\fR] [\fB-c \fIconfig_dir\fR]
9
/* [\fB-d \fIkey\fR] [\fB-q \fIkey\fR]
10
/* [\fIfile_type\fR:]\fIfile_name\fR ...
12
/* The \fBpostalias\fR command creates or queries one or more Postfix
13
/* alias databases, or updates an existing one. The input and output
14
/* file formats are expected to be compatible with Sendmail version 8,
15
/* and are expected to be suitable for the use as NIS alias maps.
17
/* If the result files do not exist they will be created with the
18
/* same group and other read permissions as the source file.
20
/* While a database update is in progress, signal delivery is
21
/* postponed, and an exclusive, advisory, lock is placed on the
22
/* entire database, in order to avoid surprises in spectator
25
/* The format of Postfix alias input files is described in
29
/* .IP "\fB-c \fIconfig_dir\fR"
30
/* Read the \fBmain.cf\fR configuration file in the named directory
31
/* instead of the default configuration directory.
32
/* .IP "\fB-d \fIkey\fR"
33
/* Search the specified maps for \fIkey\fR and remove one entry per map.
34
/* The exit status is zero when the requested information was found.
36
/* If a key value of \fB-\fR is specified, the program reads key
37
/* values from the standard input stream. The exit status is zero
38
/* when at least one of the requested keys was found.
40
/* Do not fold the lookup key to lower case while creating or querying
43
/* Incremental mode. Read entries from standard input and do not
44
/* truncate an existing database. By default, \fBpostalias\fR creates
45
/* a new database from the entries in \fIfile_name\fR.
47
/* Include the terminating null character that terminates lookup keys
48
/* and values. By default, Postfix does whatever is the default for
49
/* the host operating system.
51
/* Don't include the terminating null character that terminates lookup
52
/* keys and values. By default, Postfix does whatever is the default for
53
/* the host operating system.
55
/* Do not release root privileges when processing a non-root
56
/* input file. By default, \fBpostalias\fR drops root privileges
57
/* and runs as the source file owner instead.
59
/* Do not inherit the file access permissions from the input file
60
/* when creating a new file. Instead, create a new file with default
61
/* access permissions (mode 0644).
62
/* .IP "\fB-q \fIkey\fR"
63
/* Search the specified maps for \fIkey\fR and write the first value
64
/* found to the standard output stream. The exit status is zero
65
/* when the requested information was found.
67
/* If a key value of \fB-\fR is specified, the program reads key
68
/* values from the standard input stream and writes one line of
69
/* \fIkey: value\fR output for each key that was found. The exit
70
/* status is zero when at least one of the requested keys was found.
72
/* When updating a table, do not warn about duplicate entries; silently
75
/* Enable verbose logging for debugging purposes. Multiple \fB-v\fR
76
/* options make the software increasingly verbose.
78
/* When updating a table, do not warn about duplicate entries; silently
82
/* .IP \fIfile_type\fR
83
/* The database type. To find out what types are supported, use
84
/* the "\fBpostconf -m" command.
86
/* The \fBpostalias\fR command can query any supported file type,
87
/* but it can create only the following file types:
90
/* The output is a btree file, named \fIfile_name\fB.db\fR.
91
/* This is available only on systems with support for \fBdb\fR databases.
93
/* The output consists of two files, named \fIfile_name\fB.pag\fR and
94
/* \fIfile_name\fB.dir\fR.
95
/* This is available only on systems with support for \fBdbm\fR databases.
97
/* The output is a hashed file, named \fIfile_name\fB.db\fR.
98
/* This is available only on systems with support for \fBdb\fR databases.
100
/* Use the command \fBpostconf -m\fR to find out what types of database
101
/* your Postfix installation can support.
103
/* When no \fIfile_type\fR is specified, the software uses the database
104
/* type specified via the \fBdefault_database_type\fR configuration
106
/* The default value for this parameter depends on the host environment.
108
/* .IP \fIfile_name\fR
109
/* The name of the alias database source file when creating a database.
111
/* Problems are logged to the standard error stream and to
112
/* \fBsyslogd\fR(8). No output means that
113
/* no problems were detected. Duplicate entries are skipped and are
114
/* flagged with a warning.
116
/* \fBpostalias\fR terminates with zero exit status in case of success
117
/* (including successful \fBpostalias -q\fR lookup) and terminates
118
/* with non-zero exit status in case of failure.
122
/* .IP \fBMAIL_CONFIG\fR
123
/* Directory with Postfix configuration files.
124
/* .IP \fBMAIL_VERBOSE\fR
125
/* Enable verbose logging for debugging purposes.
126
/* CONFIGURATION PARAMETERS
129
/* The following \fBmain.cf\fR parameters are especially relevant to
132
/* The text below provides only a parameter summary. See
133
/* postconf(5) for more details including examples.
134
/* .IP "\fBalias_database (see 'postconf -d' output)\fR"
135
/* The alias databases for local(8) delivery that are updated with
136
/* "\fBnewaliases\fR" or with "\fBsendmail -bi\fR".
137
/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
138
/* The default location of the Postfix main.cf and master.cf
139
/* configuration files.
140
/* .IP "\fBberkeley_db_create_buffer_size (16777216)\fR"
141
/* The per-table I/O buffer size for programs that create Berkeley DB
142
/* hash or btree tables.
143
/* .IP "\fBberkeley_db_read_buffer_size (131072)\fR"
144
/* The per-table I/O buffer size for programs that read Berkeley DB
145
/* hash or btree tables.
146
/* .IP "\fBdefault_database_type (see 'postconf -d' output)\fR"
147
/* The default database type for use in newaliases(1), postalias(1)
148
/* and postmap(1) commands.
149
/* .IP "\fBsyslog_facility (mail)\fR"
150
/* The syslog facility of Postfix logging.
151
/* .IP "\fBsyslog_name (postfix)\fR"
152
/* The mail system name that is prepended to the process name in syslog
153
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
155
/* RFC 822 (ARPA Internet Text Messages)
157
/* aliases(5), format of alias database input file.
158
/* local(8), Postfix local delivery agent.
159
/* postconf(1), supported database types
160
/* postconf(5), configuration parameters
161
/* postmap(1), create/update/query lookup tables
162
/* newaliases(1), Sendmail compatibility interface.
163
/* syslogd(8), system logging
167
/* Use "\fBpostconf readme_directory\fR" or
168
/* "\fBpostconf html_directory\fR" to locate this information.
171
/* DATABASE_README, Postfix lookup table overview
175
/* The Secure Mailer license must be distributed with this software.
178
/* IBM T.J. Watson Research
180
/* Yorktown Heights, NY 10598, USA
183
/* System library. */
185
#include <sys_defs.h>
186
#include <sys/stat.h>
193
/* Utility library. */
196
#include <mymalloc.h>
199
#include <msg_vstream.h>
200
#include <msg_syslog.h>
201
#include <readlline.h>
202
#include <stringops.h>
203
#include <split_at.h>
204
#include <vstring_vstream.h>
205
#include <set_eugid.h>
207
/* Global library. */
210
#include <mail_conf.h>
211
#include <mail_dict.h>
212
#include <mail_params.h>
214
#include <mail_task.h>
216
/* Application-specific. */
218
#define STR vstring_str
220
#define POSTALIAS_FLAG_AS_OWNER (1<<0) /* open dest as owner of source */
221
#define POSTALIAS_FLAG_SAVE_PERM (1<<1) /* copy access permission
224
/* postalias - create or update alias database */
226
static void postalias(char *map_type, char *path_name, int postalias_flags,
227
int open_flags, int dict_flags)
230
VSTRING *line_buffer;
234
VSTRING *value_buffer;
245
line_buffer = vstring_alloc(100);
246
key_buffer = vstring_alloc(100);
247
value_buffer = vstring_alloc(100);
248
if ((open_flags & O_TRUNC) == 0) {
249
source_fp = VSTREAM_IN;
250
vstream_control(source_fp, VSTREAM_CTL_PATH, "stdin", VSTREAM_CTL_END);
251
} else if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0) {
252
msg_fatal("open %s: %m", path_name);
254
if (fstat(vstream_fileno(source_fp), &st) < 0)
255
msg_fatal("fstat %s: %m", path_name);
258
* Turn off group/other read permissions as indicated in the source file.
260
if ((postalias_flags & POSTALIAS_FLAG_SAVE_PERM) && S_ISREG(st.st_mode))
261
saved_mask = umask(022 | (~st.st_mode & 077));
264
* If running as root, run as the owner of the source file, so that the
265
* result shows proper ownership, and so that a bug in postalias does not
266
* allow privilege escalation.
268
if ((postalias_flags & POSTALIAS_FLAG_AS_OWNER) && getuid() == 0
269
&& (st.st_uid != geteuid() || st.st_gid != getegid()))
270
set_eugid(st.st_uid, st.st_gid);
274
* Open the database, create it when it does not exist, truncate it when
275
* it does exist, and lock out any spectators.
277
mkmap = mkmap_open(map_type, path_name, open_flags, dict_flags);
280
* And restore the umask, in case it matters.
282
if ((postalias_flags & POSTALIAS_FLAG_SAVE_PERM) && S_ISREG(st.st_mode))
286
* Add records to the database.
289
while (readlline(line_buffer, source_fp, &lineno)) {
292
* Tokenize the input, so that we do the right thing when a quoted
293
* localpart contains special characters such as "@", ":" and so on.
295
if ((tok_list = tok822_scan(STR(line_buffer), (TOK822 **) 0)) == 0)
299
* Enforce the key:value format. Disallow missing keys, multi-address
300
* keys, or missing values. In order to specify an empty string or
301
* value, enclose it in double quotes.
303
if ((colon = tok822_find_type(tok_list, ':')) == 0
304
|| colon->prev == 0 || colon->next == 0
305
|| tok822_rfind_type(colon, ',')) {
306
msg_warn("%s, line %d: need name:value pair",
307
VSTREAM_PATH(source_fp), lineno);
308
tok822_free_tree(tok_list);
313
* Key must be local. XXX We should use the Postfix rewriting and
314
* resolving services to handle all address forms correctly. However,
315
* we can't count on the mail system being up when the alias database
316
* is being built, so we're guessing a bit.
318
if (tok822_rfind_type(colon, '@') || tok822_rfind_type(colon, '%')) {
319
msg_warn("%s, line %d: name must be local",
320
VSTREAM_PATH(source_fp), lineno);
321
tok822_free_tree(tok_list);
326
* Split the input into key and value parts, and convert from token
327
* representation back to string representation. Convert the key to
328
* internal (unquoted) form, because the resolver produces addresses
329
* in internal form. Convert the value to external (quoted) form,
330
* because it will have to be re-parsed upon lookup. Discard the
331
* token representation when done.
335
value_list = tok822_cut_after(colon);
336
tok822_unlink(colon);
339
tok822_internalize(key_buffer, key_list, TOK822_STR_DEFL);
340
tok822_free_tree(key_list);
342
tok822_externalize(value_buffer, value_list, TOK822_STR_DEFL);
343
tok822_free_tree(value_list);
346
* Store the value under a case-insensitive key.
348
if (dict_flags & DICT_FLAG_FOLD_KEY)
349
lowercase(STR(key_buffer));
350
mkmap_append(mkmap, STR(key_buffer), STR(value_buffer));
354
* Update or append sendmail and NIS signatures.
356
if ((open_flags & O_TRUNC) == 0)
357
mkmap->dict->flags |= DICT_FLAG_DUP_REPLACE;
360
* Sendmail compatibility: add the @:@ signature to indicate that the
361
* database is complete. This might be needed by NIS clients running
364
mkmap_append(mkmap, "@", "@");
367
* NIS compatibility: add time and master info. Unlike other information,
368
* this information MUST be written without a trailing null appended to
371
mkmap->dict->flags &= ~DICT_FLAG_TRY1NULL;
372
mkmap->dict->flags |= DICT_FLAG_TRY0NULL;
373
vstring_sprintf(value_buffer, "%010ld", (long) time((time_t *) 0));
374
#if (defined(HAS_NIS) || defined(HAS_NISPLUS))
375
mkmap_append(mkmap, "YP_LAST_MODIFIED", STR(value_buffer));
376
mkmap_append(mkmap, "YP_MASTER_NAME", var_myhostname);
380
* Close the alias database, and release the lock.
385
* Cleanup. We're about to terminate, but it is a good sanity check.
387
vstring_free(value_buffer);
388
vstring_free(key_buffer);
389
vstring_free(line_buffer);
390
if (source_fp != VSTREAM_IN)
391
vstream_fclose(source_fp);
394
/* postalias_queries - apply multiple requests from stdin */
396
static int postalias_queries(VSTREAM *in, char **maps, const int map_count,
397
const int dict_flags)
400
VSTRING *keybuf = vstring_alloc(100);
402
const char *map_name;
410
msg_panic("postalias_queries: bad map count");
413
* Prepare to open maps lazily.
415
dicts = (DICT **) mymalloc(sizeof(*dicts) * map_count);
416
for (n = 0; n < map_count; n++)
420
* Perform all queries. Open maps on the fly, to avoid opening unecessary
423
while (vstring_get_nonl(keybuf, in) != VSTREAM_EOF) {
424
if (dict_flags & DICT_FLAG_FOLD_KEY)
425
lowercase(STR(keybuf));
426
for (n = 0; n < map_count; n++) {
428
dicts[n] = ((map_name = split_at(maps[n], ':')) != 0 ?
429
dict_open3(maps[n], map_name, O_RDONLY, DICT_FLAG_LOCK) :
430
dict_open3(var_db_type, maps[n], O_RDONLY, DICT_FLAG_LOCK));
431
if ((value = dict_get(dicts[n], STR(keybuf))) != 0) {
433
msg_warn("table %s:%s: key %s: empty string result is not allowed",
434
dicts[n]->type, dicts[n]->name, STR(keybuf));
435
msg_warn("table %s:%s should return NO RESULT in case of NOT FOUND",
436
dicts[n]->type, dicts[n]->name);
438
vstream_printf("%s: %s\n", STR(keybuf), value);
445
vstream_fflush(VSTREAM_OUT);
450
for (n = 0; n < map_count; n++)
452
dict_close(dicts[n]);
453
myfree((char *) dicts);
454
vstring_free(keybuf);
459
/* postalias_query - query a map and print the result to stdout */
461
static int postalias_query(const char *map_type, const char *map_name,
467
dict = dict_open3(map_type, map_name, O_RDONLY, DICT_FLAG_LOCK);
468
if ((value = dict_get(dict, key)) != 0) {
470
msg_warn("table %s:%s: key %s: empty string result is not allowed",
471
map_type, map_name, key);
472
msg_warn("table %s:%s should return NO RESULT in case of NOT FOUND",
475
vstream_printf("%s\n", value);
476
vstream_fflush(VSTREAM_OUT);
482
/* postalias_deletes - apply multiple requests from stdin */
484
static int postalias_deletes(VSTREAM *in, char **maps, const int map_count)
487
VSTRING *keybuf = vstring_alloc(100);
489
const char *map_name;
496
msg_panic("postalias_deletes: bad map count");
499
* Open maps ahead of time.
501
dicts = (DICT **) mymalloc(sizeof(*dicts) * map_count);
502
for (n = 0; n < map_count; n++)
503
dicts[n] = ((map_name = split_at(maps[n], ':')) != 0 ?
504
dict_open3(maps[n], map_name, O_RDWR, DICT_FLAG_LOCK) :
505
dict_open3(var_db_type, maps[n], O_RDWR, DICT_FLAG_LOCK));
508
* Perform all requests.
510
while (vstring_get_nonl(keybuf, in) != VSTREAM_EOF)
511
for (n = 0; n < map_count; n++)
512
found |= (dict_del(dicts[n], STR(keybuf)) == 0);
517
for (n = 0; n < map_count; n++)
519
dict_close(dicts[n]);
520
myfree((char *) dicts);
521
vstring_free(keybuf);
526
/* postalias_delete - delete a key value pair from a map */
528
static int postalias_delete(const char *map_type, const char *map_name,
534
dict = dict_open3(map_type, map_name, O_RDWR, DICT_FLAG_LOCK);
535
status = dict_del(dict, key);
537
return (status == 0);
540
/* usage - explain */
542
static NORETURN usage(char *myname)
544
msg_fatal("usage: %s [-Nfinorvw] [-c config_dir] [-d key] [-q key] [map_type:]file...",
548
int main(int argc, char **argv)
555
int postalias_flags = POSTALIAS_FLAG_AS_OWNER | POSTALIAS_FLAG_SAVE_PERM;
556
int open_flags = O_RDWR | O_CREAT | O_TRUNC;
557
int dict_flags = DICT_FLAG_DUP_WARN | DICT_FLAG_FOLD_KEY;
563
* Be consistent with file permissions.
568
* To minimize confusion, make sure that the standard file descriptors
569
* are open before opening anything else. XXX Work around for 44BSD where
570
* fstat can return EBADF on an open file descriptor.
572
for (fd = 0; fd < 3; fd++)
573
if (fstat(fd, &st) == -1
574
&& (close(fd), open("/dev/null", O_RDWR, 0)) != fd)
575
msg_fatal("open /dev/null: %m");
578
* Process environment options as early as we can. We are not set-uid,
579
* and we are supposed to be running in a controlled environment.
581
if (getenv(CONF_ENV_VERB))
585
* Initialize. Set up logging, read the global configuration file and
586
* extract configuration information.
588
if ((slash = strrchr(argv[0], '/')) != 0 && slash[1])
590
msg_vstream_init(argv[0], VSTREAM_ERR);
591
msg_syslog_init(mail_task(argv[0]), LOG_PID, LOG_FACILITY);
596
while ((ch = GETOPT(argc, argv, "Nc:d:finopq:rvw")) > 0) {
602
dict_flags |= DICT_FLAG_TRY1NULL;
603
dict_flags &= ~DICT_FLAG_TRY0NULL;
606
if (setenv(CONF_ENV_PATH, optarg, 1) < 0)
607
msg_fatal("out of memory");
611
msg_fatal("specify only one of -q or -d");
615
dict_flags &= ~DICT_FLAG_FOLD_KEY;
618
open_flags &= ~O_TRUNC;
621
dict_flags |= DICT_FLAG_TRY0NULL;
622
dict_flags &= ~DICT_FLAG_TRY1NULL;
625
postalias_flags &= ~POSTALIAS_FLAG_AS_OWNER;
628
postalias_flags &= ~POSTALIAS_FLAG_SAVE_PERM;
632
msg_fatal("specify only one of -q or -d");
636
dict_flags &= ~(DICT_FLAG_DUP_WARN | DICT_FLAG_DUP_IGNORE);
637
dict_flags |= DICT_FLAG_DUP_REPLACE;
643
dict_flags &= ~(DICT_FLAG_DUP_WARN | DICT_FLAG_DUP_REPLACE);
644
dict_flags |= DICT_FLAG_DUP_IGNORE;
652
* Use the map type specified by the user, or fall back to a default
655
if (delkey) { /* remove entry */
656
if (optind + 1 > argc)
658
if (strcmp(delkey, "-") == 0)
659
exit(postalias_deletes(VSTREAM_IN, argv + optind, argc - optind) == 0);
661
while (optind < argc) {
662
if ((path_name = split_at(argv[optind], ':')) != 0) {
663
found |= postalias_delete(argv[optind], path_name, delkey);
665
found |= postalias_delete(var_db_type, argv[optind], delkey);
670
} else if (query) { /* query map(s) */
671
if (optind + 1 > argc)
673
if (strcmp(query, "-") == 0)
674
exit(postalias_queries(VSTREAM_IN, argv + optind, argc - optind,
676
if (dict_flags & DICT_FLAG_FOLD_KEY)
678
while (optind < argc) {
679
if ((path_name = split_at(argv[optind], ':')) != 0) {
680
found = postalias_query(argv[optind], path_name, query);
682
found = postalias_query(var_db_type, argv[optind], query);
689
} else { /* create/update map(s) */
690
if (optind + 1 > argc)
692
while (optind < argc) {
693
if ((path_name = split_at(argv[optind], ':')) != 0) {
694
postalias(argv[optind], path_name, postalias_flags,
695
open_flags, dict_flags);
697
postalias(var_db_type, argv[optind], postalias_flags,
698
open_flags, dict_flags);