diff --git a/index.php b/index.php --- a/index.php +++ b/index.php @@ -192,8 +192,18 @@ if ($_debug) { $vacation_db_file = sprintf('%s/%s', $home, $VACATION_DB_FILE); $forward_file = sprintf('%s/%s', $home, $FORWARD_FILE); $forward_active = test_readable($forward_file, $user); + +$user_alias = ''; +$vacation_args = Array(); +if (array_key_exists($user, $USER_ALIASES)) { + $user_alias = $USER_ALIASES[$user]; + $vacation_args[] = '-a'; + $vacation_args[] = $user_alias; +} +$vacation_args[] = $user; + $forward_settings = Array( - '\\'.$user, '', sprintf($VACATION_FORWARD_ENTRY, $user)); + '\\'.$user, '', sprintf($VACATION_FORWARD_ENTRY, implode(' ', $vacation_args))); if ($forward_active) { $forward_settings = cat_file($forward_file, $user); @@ -203,6 +213,8 @@ if ($forward_active) $forward_settings[2] = $forward_settings[1]; $forward_settings[1] = ''; } + // refresh vacation command +# $forward_settings[2] = sprintf($VACATION_FORWARD_ENTRY, implode(' ', $vacation_args)); } $vacation_setup_raw = isset($_REQUEST["raw"]); @@ -253,6 +265,8 @@ if ( !$vacation_refresh && !$vacation_cl $vacation_forward_to = vacation_find_forward($vacation_headers); } } +// remove domain suffix +$vacation_forward_to = preg_replace('/@.*$/', '', $vacation_forward_to); // -------------------------------------------------- // |||:sec:||| Set vacation(1) parameters @@ -276,9 +290,10 @@ if ($vacation_setup || $vacation_setup_r if ($vacation_forward_to == $user) { $vacation_forward_to = ''; } + $forward_settings = Array( '\\'.$user, $vacation_forward_to, - sprintf($VACATION_FORWARD_ENTRY, $user)); + sprintf($VACATION_FORWARD_ENTRY, implode(' ', $vacation_args))); if ( $vacation_setup_raw ) { $vacation_msg = isset($_REQUEST['message']) ? trim($_REQUEST['message']) : ''; @@ -298,8 +313,17 @@ if ($vacation_setup || $vacation_setup_r while (True) { if ($vacation_del_log) { system(sprintf( - '%s -u %s %s %s -i', - $SUDO_CMD, $user, $SUDO_OPT_H, $VACATION_CMD)); + '%s -u %s %s %s %s', + $SUDO_CMD, $user, $SUDO_OPT_H, $VACATION_CMD, $VACATION_INIT_OPTS)); + $vacation_excl_pipe = popen(sprintf( + '%s -u %s %s %s %s', + $SUDO_CMD, $user, $SUDO_OPT_H, $VACATION_CMD, $VACATION_EXLCUDE_OPTS), + 'w'); + fwrite($vacation_excl_pipe, sprintf("%s%s\n", $user, $DOMAIN_SUFFIX)); + if (!empty($user_alias)) { + fwrite($vacation_excl_pipe, sprintf("%s%s\n", $user_alias, $DOMAIN_SUFFIX)); + } + pclose($vacation_excl_pipe); break; } @@ -337,14 +361,27 @@ if ($vacation_setup || $vacation_setup_r // Initialize vacation(1) if necessary. if (!test_readable($vacation_db_file, $user)) { system(sprintf( - '%s -u %s %s %s -i', - $SUDO_CMD, $user, $SUDO_OPT_H, $VACATION_CMD)); + '%s -u %s %s %s %s', + $SUDO_CMD, $user, $SUDO_OPT_H, $VACATION_CMD, $VACATION_INIT_OPTS)); + $vacation_excl_pipe = popen(sprintf( + '%s -u %s %s %s %s', + $SUDO_CMD, $user, $SUDO_OPT_H, $VACATION_CMD, $VACATION_EXLCUDE_OPTS), + 'w'); + fwrite($vacation_excl_pipe, sprintf("%s%s\n", $user, $DOMAIN_SUFFIX)); + if (!empty($user_alias)) { + fwrite($vacation_excl_pipe, sprintf("%s%s\n", $user_alias, $DOMAIN_SUFFIX)); + } + pclose($vacation_excl_pipe); } // Write or remove .forward file if ($forward_active) { + $expanded_forward_settings = $forward_settings; + if (!empty($expanded_forward_settings[1])) { + $expanded_forward_settings[1] .= $DOMAIN_SUFFIX; + } $use_fs = Array(); - foreach ($forward_settings as $fs) { + foreach ($expanded_forward_settings as $fs) { if (empty($fs)) { continue; } @@ -356,10 +393,27 @@ if ($vacation_setup || $vacation_setup_r 'w'); fwrite($forward_file_pipe, implode(", ", $use_fs)."\n"); pclose($forward_file_pipe); + if (!empty($VACATION_FORWARD_EXT_ENTRY)) { + foreach ($FORWARD_EXTENSIONS as $fe) { + $cmd = sprintf( + '%s -u %s %s %s %s%s', + $SUDO_CMD, $user, $SUDO_OPT_H, $WRITE_TO_CMD, $forward_file, $fe); + $forward_file_pipe = popen($cmd, 'w'); + fwrite($forward_file_pipe, $VACATION_FORWARD_EXT_ENTRY."\n"); + pclose($forward_file_pipe); + } + } } else { system(sprintf( '%s -u %s %s %s %s', $SUDO_CMD, $user, $SUDO_OPT_H, $RM_CMD, $forward_file)); + if (!empty($VACATION_FORWARD_EXT_ENTRY)) { + foreach ($FORWARD_EXTENSIONS as $fe) { + system(sprintf( + '%s -u %s %s %s %s%s', + $SUDO_CMD, $user, $SUDO_OPT_H, $RM_CMD, $forward_file, $fe)); + } + } } break; } diff --git a/lib/config.php b/lib/config.php --- a/lib/config.php +++ b/lib/config.php @@ -38,26 +38,213 @@ // 3. Wenn der Benutzer in $INVALID_USERS angegeben ist, wird er nicht zugelasssen. // 4. Der Benutzer wird zugelassen. +$DOMAIN_SUFFIX = '@ws-gruppe.de'; + // User which are always allowed. // If the user appears in $PASSWD_FILE, he is always enabled. $ALLOWED_USERS = Array( ); +// Administrators can modify the settings of all users. +$ADMIN_USERS = Array( + 'js', + 'sw', + 'wscherer', + 'admin', + 'lm', + 'sc', + ); + +// User aliases for vacation +$USER_ALIASES = Array( + # auto-generated |:conf:| /etc/srvconfig/mail/userdb-user-for-mx.sh --php-alias + 'admin' => 'ws.admin', + 'am' => 'andreas.mogel', + 'ar' => 'steffen.arndt', + 'av' => 'andreas.vehe', + 'aw' => 'anne-marie.wolf', + 'ba' => 'sandra.bauer', + 'be' => 'bernhard.etzelmueller', + 'bk' => 'benjamin.kirner', + 'bm' => 'michael.bayer', + 'bn' => 'bert.nebelung', + 'br' => 'robert.biedermann', + 'bs' => 'bianca.sattes', + 'bt' => 'torhan.bartel', + 'bw' => 'bruno.wendel', + 'ch' => 'christian.heid', + 'chh' => 'christian.hoerner', + 'cl' => 'christian.lindner', + 'cm' => 'claus.mayer', + 'co' => 'concepcion.ocana-moreno', + 'cp' => 'carolin.prinz', + 'cr' => 'christian.roeding', + 'ct' => 'carsten.thieme', + 'de' => 'dieter.ebert', + 'dg' => 'daniel.graf', + 'dk' => 'david.kuehnl', + 'dm' => 'dmitri.riss', + 'dr' => 'dieter.reuthal', + 'ds' => 'david.stroebel', + 'du' => 'denis.uhde', + 'dz' => 'dominik.zimmermann', + 'em' => 'beate.etzelmueller', + 'en' => 'ellen.nicklisch', + 'es' => 'edith.schneider', + 'fg' => 'guido.fischer', + 'fm' => 'frank.mueller', + 'fr' => 'frank.richter', + 'fs' => 'frank.stiegler', + 'fu' => 'friedrich.ullrich', + 'gs' => 'gabi.schoenwald', + 'gw' => 'gudrun.wende', + 'ha' => 'ralf.haubrich', + 'hb' => 'harry.bitterer', + 'he' => 'heiko.simeth', + 'hh' => 'helmut.henning', + 'hm' => 'sebastian.herrmann', + 'ho' => 'bernd.hoffmann', + 'hp' => 'holger.poeschel', + 'hs' => 'hubert.snoppek', + 'iv' => 'irene.vehe', + 'jh' => 'johannes.schaefer', + 'jj' => 'jens.jirschik', + 'jm' => 'juergen.mueller', + 'jn' => 'jochen.neumeier', + 'jo' => 'jonathan.stroebel', + 'jp' => 'johannes.perli', + 'js' => 'juergen.schroll', + 'ju' => 'justin.schwarz', + 'jw' => 'jan.von.wietersheim', + 'kf' => 'katharina.fischer', + 'kk' => 'karl-heinz.kaiser', + 'kl' => 'rolf.kluge', + 'kn' => 'birgit.knaus', + 'kr' => 'karin.reuthal', + 'ks' => 'karol.schuster', + 'lm' => 'michael.letsch', + 'ln' => 'lutz.nicklisch', + 'lotte' => 'lotte.etzelmueller', + 'ma' => 'michael.arz', + 'mb' => 'marika.burggraf', + 'md' => 'markus.dusel', + 'me' => 'marco.melber', + 'mf' => 'frank.macha', + 'mg' => 'martin.glaessner', + 'mi' => 'maria.interrante', + 'mj' => 'mandy.junghans', + 'ml' => 'markus.ludwig', + 'mm' => 'mario.manfrini', + 'mo' => 'karlheinz.mog', + 'mp' => 'marco.pohlenz', + 'mr' => 'marianne.rose', + 'ms' => 'martin.seiler', + 'mt' => 'marcus.thoene', + 'mw' => 'mario.weiler', + 'mz' => 'martin.zeptner', + 'nd' => 'nadine.dehler', + 'ne' => 'nina.etzelmueller', + 'ng' => 'norbert.goess', + 'nm' => 'nikolei.mauckner', + 'no' => 'norbert.wirsching', + 'nt' => 'norbert.zengay', + 'nw' => 'niklas.weickert', + 'ob' => 'ottmar.boettcher', + 'os' => 'oliver.schmidt', + 'ow' => 'odile.weide', + 'pb' => 'praktikant.brehna', + 'pm' => 'praktikant.marktsteft', + 'pn' => 'praktikant.nuernberg', + 'po' => 'iris.posch', + 'pp' => 'pia.lentowitsch', + 'ps' => 'peter.scheck', + 'pw' => 'peter.weigand', + 'qm' => 'uwe.hertlein', + 'ra' => 'andreas.reichelt', + 'rb' => 'rene.becker', + 'rc' => 'roman.conrad', + 're' => 'daniel.reuther', + 'rh' => 'raina.hesse', + 'rj' => 'julian.rueckel', + 'rk' => 'roland.kopitsch', + 'rp' => 'renate.paul', + 'rs' => 'simone.ruetzel', + 'ry' => 'manfred.rychlik', + 'sb' => 'denis.steinberg', + 'sc' => 'markus.schmitt', + 'se' => 'daniel.seemann', + 'sf' => 'sebastian.fick', + 'sh' => 'stefan.holzmann', + 'si' => 'simon.henning', + 'sj' => 'joerg.schmittlein', + 'sk' => 'sandra.kleinschrod', + 'sl' => 'jonas.schroll', + 'sm' => 'stefan.mueller', + 'sr' => 'steffen.reichart', + 'su' => 'uwe.schaaf', + 'sv' => 'benjamin.schraven', + 'sw' => 'wolfgang.scherer', + 'tb' => 'thomas.bachmann', + 'te' => 'tim.etzelmueller', + 'tg' => 'thomas.gruebl', + 'th' => 'thorsten.heim', + 'tm' => 'thorsten.manger', + 'ts' => 'thomas.steinruck', + 'ug' => 'ute.gumler', + 'us' => 'ursula.schleif', + 'vk' => 'volker.kohlhepp', + 'vr' => 'volker.reihs', + 'vs' => 'vitalij.stein', + 'wg' => 'gabi.watl', + 'wh' => 'waldemar.hoppe', + 'wi' => 'ralf.winkler', + 'wk' => 'wolfgang.kirchner', + 'wn' => 'wolfgang.neumayr', + 'wscherer' => 'shop.admin', + 'wv' => 'werner.vehe', + 'yh' => 'yves.hensler', + ); + // Invalid users. // These users are always ignored. $INVALID_USERS = Array( 'clamav', - 'elektriker', - 'info', 'postman', 'vmail', - ); - -// Administrators can modify the settings of all users. -$ADMIN_USERS = Array( - 'js', - 'sw', - 'ws', + 'wscherer', + 'julian', + 'reserviert2', + 'reserviert11', + 'reserviert12', + 'reserviert30', + 'mbak', + 'spam', + 'ws-gruppe', + 'chh', + 'kk', + # |:conf:| auto-generated: /etc/srvconfig/mail/userdb-user-for-mx.sh x | sed "s,^, ',;s/$/',/"// + 'cm', + 'cp', + 'cr', + 'de', + 'dg', + 'ds', + 'fg', + 'fs', + 'hb', + 'hp', + 'jm', + 'jw', + 'me', + 'mo', + 'mz', + 'pw', + 're', + 'sb', + 'sl', + 'sv', + 'ts', + 'wn', ); $LANGUAGE = 'en'; @@ -81,8 +268,12 @@ $VACATION_CMD = '/usr/bin/vacation'; $VACATION_MSG_FILE = '.vacation.msg'; $VACATION_DB_FILE = '.vacation.db'; -$VACATION_FORWARD_ENTRY = sprintf('"| %s -c | %s -t1 %%s"', $FORMAIL_CMD, $VACATION_CMD); // use sprintf($VFE, $user); +$VACATION_INIT_OPTS = '-i -r 1'; +$VACATION_EXLCUDE_OPTS = '-x'; +$VACATION_FORWARD_ENTRY = sprintf('"| %s -c | %s %%s"', $FORMAIL_CMD, $VACATION_CMD); // use sprintf($VFE, $user); $FORWARD_FILE = '.forward'; +$VACATION_FORWARD_EXT_ENTRY = '"| /usr/bin/formail -c | /etc/postfix/dovecot-deliver.sh"'; +$FORWARD_EXTENSIONS = Array('+sent', '+drafts', '+trash'); $EXPERT_ENABLED = True; $HEADER_REMOVE = Array( diff --git a/lib/ws-vacation-sudo.in b/lib/ws-vacation-sudo.in --- a/lib/ws-vacation-sudo.in +++ b/lib/ws-vacation-sudo.in @@ -3,19 +3,23 @@ User_Alias WWWRUN = wwwrun,www-data Runas_Alias NOTROOT = ALL,!root Cmnd_Alias VACATION=/usr/bin/vacation * Cmnd_Alias RM_FORWARD=/bin/rm -f /home/*/.forward +Cmnd_Alias RM_FORWARD_EXT=/bin/rm -f /home/*/.forward+* Cmnd_Alias TEST_FORWARD=@base_dir@/lib/test_readable.sh /home/*/.forward Cmnd_Alias TEST_VACATION_MSG=@base_dir@/lib/test_readable.sh /home/*/.vacation.msg Cmnd_Alias TEST_VACATION_DB=@base_dir@/lib/test_readable.sh /home/*/.vacation.db Cmnd_Alias GET_FORWARD=/bin/cat /home/*/.forward Cmnd_Alias GET_VACATION_MSG=/bin/cat /home/*/.vacation.msg Cmnd_Alias PUT_FORWARD=@base_dir@/lib/write_to.sh /home/*/.forward +Cmnd_Alias PUT_FORWARD_EXT=@base_dir@/lib/write_to.sh /home/*/.forward+* Cmnd_Alias PUT_VACATION_MSG=@base_dir@/lib/write_to.sh /home/*/.vacation.msg WWWRUN ALL=(NOTROOT) NOPASSWD: VACATION WWWRUN ALL=(NOTROOT) NOPASSWD: RM_FORWARD +WWWRUN ALL=(NOTROOT) NOPASSWD: RM_FORWARD_EXT WWWRUN ALL=(NOTROOT) NOPASSWD: TEST_FORWARD WWWRUN ALL=(NOTROOT) NOPASSWD: TEST_VACATION_MSG WWWRUN ALL=(NOTROOT) NOPASSWD: TEST_VACATION_DB WWWRUN ALL=(NOTROOT) NOPASSWD: GET_FORWARD WWWRUN ALL=(NOTROOT) NOPASSWD: GET_VACATION_MSG WWWRUN ALL=(NOTROOT) NOPASSWD: PUT_FORWARD +WWWRUN ALL=(NOTROOT) NOPASSWD: PUT_FORWARD_EXT WWWRUN ALL=(NOTROOT) NOPASSWD: PUT_VACATION_MSG