From 2b05c2015216e9bd7d164ba4b5c2d93ad01a2dc8 Mon Sep 17 00:00:00 2001
From: Florian Schaal <florian@schaal-24.de>
Date: Sun, 03 Aug 2014 07:15:24 -0400
Subject: [PATCH] make sure the amavis-user can always access the dkim-dir

---
 server/plugins-available/mail_plugin_dkim.inc.php |   43 ++++++++++++++++++++++++++++---------------
 1 files changed, 28 insertions(+), 15 deletions(-)

diff --git a/server/plugins-available/mail_plugin_dkim.inc.php b/server/plugins-available/mail_plugin_dkim.inc.php
index cd106fe..8edd657 100644
--- a/server/plugins-available/mail_plugin_dkim.inc.php
+++ b/server/plugins-available/mail_plugin_dkim.inc.php
@@ -123,7 +123,15 @@
 
             if (!is_dir($mail_config['dkim_path'])) {
                 $app->log('DKIM Path '.$mail_config['dkim_path'].' not found - (re)created.', LOGLEVEL_DEBUG);
-                mkdir($mail_config['dkim_path'], 0750, true);
+				$amavis_user=exec('grep -o "^amavis:\|^vscan:" /etc/passwd');
+				if(!empty($amavis_user)) {
+					$amavis_user=rtrim($amavis_user, ":");
+					mkdir($mail_config['dkim_path'], 0750, true);
+					exec('chown '.$amavis_user.' /var/lib/amavis/dkim');
+					unset $amavis_user;
+				} else {
+					mkdir($mail_config['dkim_path'], 0755, true);
+				}
             }
 
 			if (!is_writeable($mail_config['dkim_path'])) {
@@ -132,7 +140,7 @@
 			}
 
 		} else {
-			$app->log('Unable to write DKIM settings; Check your config!', LOGLEVEL_ERROR);
+			$app->log('Unable to write DKIM settings - no DKIM-Path defined', LOGLEVEL_ERROR);
 			$check=false;
 		}
 		return $check;
@@ -205,19 +213,21 @@
 	 * This function adds the entry to the amavisd-config
 	 * @param string $key_domain mail-domain
 	 */
-	function add_to_amavis($key_domain) {
+	function add_to_amavis($key_domain, $selector, $old_selector) {
 		global $app, $mail_config;
 
+		if (empty($selector)) $selector = 'default';
 		$restart = false;
-		$selector = 'default';
 		$amavis_configfile = $this->get_amavis_config();
+
+		$search_regex = "/(\n|\r)?dkim_key\(\'".$key_domain."\',\ \'(".$selector."|".$old_selector."){1}?\'.*/";
 
 		//* If we are using seperate config-files with amavis remove existing keys from 50-user to avoid duplicate keys
 		if (substr_compare($amavis_configfile, '60-dkim', -7) === 0) {
 			$temp_configfile = str_replace('60-dkim', '50-user', $amavis_configfile);
 			$temp_config = file_get_contents($temp_configfile);
-			if (preg_match("/(\n|\r)?dkim_key.*".$key_domain.".*/", $temp_config)) {
-				$temp_config = preg_replace("/(\n|\r)?dkim_key.*".$key_domain.".*(\n|\r)?/", '', $temp_config)."\n";
+			if (preg_match($search_regex, $temp_config)) {
+				$temp_config = preg_replace($search_regex, '', $temp_config)."\n";
 				file_put_contents($temp_configfile, $temp_config);
 			}
 			unset($temp_configfile);
@@ -226,7 +236,7 @@
 
 		$key_value="dkim_key('".$key_domain."', '".$selector."', '".$mail_config['dkim_path']."/".$key_domain.".private');\n";
 		$amavis_config = file_get_contents($amavis_configfile);
-		$amavis_config = preg_replace("/(\n|\r)?dkim_key.*".$key_domain.".*/", '', $amavis_config).$key_value;
+		$amavis_config = preg_replace($search_regex, '', $amavis_config).$key_value;
 
 		if (file_put_contents($amavis_configfile, $amavis_config)) {
 			$app->log('Adding DKIM Private-key to amavis-config.', LOGLEVEL_DEBUG);
@@ -249,8 +259,10 @@
 		$amavis_configfile = $this->get_amavis_config();
 		$amavis_config = file_get_contents($amavis_configfile);
 
-		if (preg_match("/(\n|\r)?dkim_key.*".$key_domain.".*/", $amavis_config)) {
-			$amavis_config = preg_replace("/(\n|\r)?dkim_key.*".$key_domain.".*(\n|\r)?/", '', $amavis_config);
+		$search_regex = "/(\n|\r)?dkim_key.*".$key_domain.".*(\n|\r)?/";
+
+		if (preg_match($search_regex, $amavis_config)) {
+			$amavis_config = preg_replace($search_regex, '', $amavis_config);
 			file_put_contents($amavis_configfile, $amavis_config);
 			$app->log('Deleted the DKIM settings from amavis-config for '.$key_domain.'.', LOGLEVEL_DEBUG);
 			$restart = true;
@@ -260,8 +272,8 @@
 		if (substr_compare($amavis_configfile, '60-dkim', -7) === 0) {
 			$temp_configfile = str_replace('60-dkim', '50-user', $amavis_configfile);
 			$temp_config = file_get_contents($temp_configfile);
-			if (preg_match("/(\n|\r)?dkim_key.*".$key_domain.".*/", $temp_config)) {
-				$temp_config = preg_replace("/dkim_key.*".$key_domain.".*/", '', $temp_config);
+			if (preg_match($search_regex, $temp_config)) {
+				$temp_config = preg_replace($search_regex, '', $temp_config);
 				file_put_contents($temp_configfile, $temp_config);
 				$restart = true;
 			}
@@ -283,7 +295,7 @@
 			if ( substr($mail_config['dkim_path'], strlen($mail_config['dkim_path'])-1) == '/' )
 				$mail_config['dkim_path'] = substr($mail_config['dkim_path'], 0, strlen($mail_config['dkim_path'])-1);
 			if ($this->write_dkim_key($mail_config['dkim_path']."/".$data['new']['domain'], $data['new']['dkim_private'], $data['new']['domain'])) {
-				if ($this->add_to_amavis($data['new']['domain'])) {
+				if ($this->add_to_amavis($data['new']['domain'], $data['new']['dkim_selector'], $data['old']['dkim_selector'] )) {
 					$this->restart_amavis();
 				} else {
 					$this->remove_dkim_key($mail_config['dkim_path']."/".$data['new']['domain'], $data['new']['domain']);
@@ -291,9 +303,6 @@
 			} else {
 				$app->log('Error saving the DKIM Private-key for '.$data['new']['domain'].' - DKIM is not enabled for the domain.', LOGLEVEL_ERROR);
 			}
-		}
-		else {
-			$app->log('DKIM for '.$data['new']['domain'].' not written to disk - domain is inactive', LOGLEVEL_DEBUG);
 		}
 	}
 
@@ -360,6 +369,10 @@
 				if ($data['new']['dkim_private'] != $data['old']['dkim_private'] && $data['new']['dkim'] == 'y') {
 					$this->add_dkim($data);
 				}
+				/* new selector */
+				if ($data['new']['dkim_selector'] != $data['old']['dkim_selector'] && $data['new']['dkim'] == 'y') {
+					$this->add_dkim($data);
+				}
 				/* new domain-name */
 				if ($data['new']['domain'] != $data['old']['domain']) {
 					$this->remove_dkim($data['old']);

--
Gitblit v1.9.1