def _setUp_postfix(self):
'''Create Postfix server configs.'''
testlib.config_replace(self.postfix_mastercf, "", append=True)
testlib.config_set(self.postfix_maincf,'mydestination','example.com, localhost.localdomain, localhost')
# Move listener to localhost:25
master = open('/etc/postfix/master.cf.new','w')
for cfline in open(self.postfix_mastercf):
if cfline.startswith('smtp') and 'smtpd' in cfline and 'inet' in cfline:
master.write('127.0.0.1:25 inet n - - - - smtpd\n')
else:
master.write(cfline)
master.write('''mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}''')
master.close()
os.rename('/etc/postfix/master.cf.new',self.postfix_mastercf)
# Use mbox only
testlib.config_comment(self.postfix_maincf,'home_mailbox')
testlib.config_set(self.postfix_maincf,'mailbox_command','procmail -a "$EXTENSION"')
# Config mailman
testlib.config_set(self.postfix_maincf,'relay_domains','lists.example.com')
testlib.config_set(self.postfix_maincf,'transport_maps','hash:%s' % self.postfix_transport)
testlib.config_set(self.postfix_maincf,'mailman_destination_recipient_limit','1')
testlib.config_set(self.postfix_maincf,'alias_maps','hash:%s, hash:%s' % (self.postfix_aliases,self.mailman_aliases))
testlib.config_replace(self.postfix_transport, "lists.example.com mailman:")
subprocess.call(['postmap', self.postfix_transport], stdout=subprocess.PIPE)
testlib.config_replace(self.postfix_aliases, '''mailman: "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman"
mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman"
mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman"
mailman-join: "|/var/lib/mailman/mail/mailman join mailman"
mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman"
mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman"
mailman-request: "|/var/lib/mailman/mail/mailman request mailman"
mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"''', append=True)
subprocess.call(['chown', 'root:list', self.postfix_aliases])
subprocess.call(['newaliases'])
# Restart server
self.postfix_daemon.restart()
# Postfix exits its init script before the master listener has started
time.sleep(2)
def _setUp_postfix(self):
'''Create Postfix server configs.'''
testlib.config_replace(self.postfix_mastercf, "", append=True)
testlib.config_set(self.postfix_maincf,'mydestination','example.com, localhost.localdomain, localhost')
# Move listener to localhost:25
master = open('/etc/postfix/master.cf.new','w')
for cfline in open(self.postfix_mastercf):
if cfline.startswith('smtp') and 'smtpd' in cfline and 'inet' in cfline:
master.write('127.0.0.1:25 inet n - - - - smtpd\n')
else:
master.write(cfline)
master.write('''mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}''')
master.close()
os.rename('/etc/postfix/master.cf.new',self.postfix_mastercf)
# Use mbox only
testlib.config_comment(self.postfix_maincf,'home_mailbox')
testlib.config_set(self.postfix_maincf,'mailbox_command','procmail -a "$EXTENSION"')
# Config mailman
testlib.config_set(self.postfix_maincf,'relay_domains','lists.example.com')
testlib.config_set(self.postfix_maincf,'transport_maps','hash:%s' % self.postfix_transport)
testlib.config_set(self.postfix_maincf,'mailman_destination_recipient_limit','1')
testlib.config_set(self.postfix_maincf,'alias_maps','hash:%s, hash:%s' % (self.postfix_aliases,self.mailman_aliases))
testlib.config_replace(self.postfix_transport, "lists.example.com mailman:")
subprocess.call(['postmap', self.postfix_transport], stdout=subprocess.PIPE)
testlib.config_replace(self.postfix_aliases, '''mailman: "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman"
mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman"
mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman"
mailman-join: "|/var/lib/mailman/mail/mailman join mailman"
mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman"
mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman"
mailman-request: "|/var/lib/mailman/mail/mailman request mailman"
mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"''', append=True)
subprocess.call(['chown', 'root:list', self.postfix_aliases])
subprocess.call(['newaliases'])
# Restart server
self.postfix_daemon.restart()
# Postfix exits its init script before the master listener has started
time.sleep(2)
def _setUp(self):
'''Create server configs.'''
# Move listener to localhost:2525
conf_file = '/etc/postfix/master.cf'
lines = open(conf_file)
contents = ''
for cfline in lines:
if cfline.startswith('smtp') and 'smtpd' in cfline and 'inet' in cfline:
contents += '127.0.0.1:2525 inet n - - - - smtpd\n'
else:
contents += "%s\n" % cfline
testlib.config_replace(conf_file, contents, append=False)
conf_file = '/etc/postfix/main.cf'
# Use mbox only
testlib.config_comment(conf_file,'home_mailbox')
testlib.config_set(conf_file,'mailbox_command','procmail -a "$EXTENSION"')
# Turn on sasl
self._setup_sasl("PLAIN")
reply = self._check_auth("PLAIN")
def _setUp(self):
'''Create server configs.'''
# Move listener to localhost:2525
conf_file = '/etc/postfix/master.cf'
lines = open(conf_file)
contents = ''
for cfline in lines:
if cfline.startswith('smtp') and 'smtpd' in cfline and 'inet' in cfline:
contents += '127.0.0.1:2525 inet n - - - - smtpd\n'
else:
contents += "%s\n" % cfline
testlib.config_replace(conf_file, contents, append=False)
conf_file = '/etc/postfix/main.cf'
# Use mbox only
testlib.config_comment(conf_file,'home_mailbox')
testlib.config_set(conf_file,'mailbox_command','procmail -a "$EXTENSION"')
# Turn on sasl
self._setup_sasl("PLAIN")
reply = self._check_auth("PLAIN")
def _setup_sasl(self, mech, other_mech="", force_sasldb=False):
'''Setup sasl for mech'''
conf_file = '/etc/postfix/main.cf'
for field in ['smtpd_sasl_type','smtpd_sasl_local_domain','smtpd_tls_auth_only']:
testlib.config_comment(conf_file,field)
testlib.config_set(conf_file,'smtpd_sasl_path','smtpd')
testlib.config_set(conf_file,'smtpd_sasl_auth_enable','yes')
#testlib.config_set(conf_file,'broken_sasl_auth_clients','yes')
testlib.config_set(conf_file,'smtpd_sasl_authenticated_header','yes')
testlib.config_set(conf_file,'smtpd_tls_loglevel','2')
# setup smtpd.conf and the sasl users
contents = ''
self.assertTrue(mech in ['LOGIN', 'PLAIN', 'CRAM-MD5', 'DIGEST-MD5'], "Invalid mech: %s" % mech)
if not force_sasldb and (mech == "PLAIN" or mech == "LOGIN"):
conf_file = '/etc/default/saslauthd'
testlib.config_set(conf_file, 'START', 'yes', spaces=False)
contents = '''
pwcheck_method: saslauthd
allowanonymouslogin: 0
allowplaintext: 1
mech_list: %s %s
''' % (mech, other_mech)
# attach SASL to postfix chroot
subprocess.call(['mkdir','-p','/var/spool/postfix/var/run/saslauthd'])
subprocess.call(['rm','-rf','/var/run/saslauthd'])
subprocess.call(['ln','-s','/var/spool/postfix/var/run/saslauthd','/var/run/saslauthd'])
subprocess.call(['/usr/sbin/service', 'saslauthd', 'stop'], stdout=subprocess.PIPE)
assert subprocess.call(['/usr/sbin/service', 'saslauthd', 'start'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) == 0
# Force crackful perms so chroot'd postfix can talk to saslauthd
subprocess.call(['chmod','o+x','/var/spool/postfix/var/run/saslauthd'])
else:
plaintext = "1"
if mech == "LOGIN" or mech == "PLAIN":
plaintext = "0"
contents = '''
pwcheck_method: auxprop
allowanonymouslogin: 0
allowplaintext: %s
mech_list: %s %s
''' % (plaintext, mech, other_mech)
# Add user to sasldb2
testlib.config_replace("/etc/sasldb2", '', append=False)
rc, report = testlib.cmd(['postconf', '-h', 'myhostname'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
child = pexpect.spawn('saslpasswd2 -c -u %s %s' % (report.strip(), self.user.login))
time.sleep(0.2)
child.expect(r'(?i)password', timeout=5)
time.sleep(0.2)
child.sendline(self.user.password)
time.sleep(0.2)
child.expect(r'.*(for verification)', timeout=5)
time.sleep(0.2)
child.sendline(self.user.password)
time.sleep(0.2)
rc = child.expect('\n', timeout=5)
time.sleep(0.2)
self.assertEquals(rc, expected, "passwd returned %d" %(rc))
child.kill(0)
os.chmod("/etc/sasldb2", 0640)
rc, report = testlib.cmd(['chgrp', 'postfix', '/etc/sasldb2'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
# Force crackful perms so chroot'd postfix can talk to saslauthd
subprocess.call(['mv', '-f', '/etc/sasldb2', '/var/spool/postfix/etc'])
subprocess.call(['ln', '-s', '/var/spool/postfix/etc/sasldb2', '/etc/sasldb2'])
conf_file = '/etc/postfix/sasl/smtpd.conf'
testlib.config_replace(conf_file, contents, append=False)
# Restart server
self._restart_server()
def _setup_sasl(self, mech, other_mech="", force_sasldb=False):
'''Setup sasl for mech'''
conf_file = '/etc/postfix/main.cf'
for field in ['smtpd_sasl_type','smtpd_sasl_local_domain','smtpd_tls_auth_only']:
testlib.config_comment(conf_file,field)
testlib.config_set(conf_file,'smtpd_sasl_path','smtpd')
testlib.config_set(conf_file,'smtpd_sasl_auth_enable','yes')
#testlib.config_set(conf_file,'broken_sasl_auth_clients','yes')
testlib.config_set(conf_file,'smtpd_sasl_authenticated_header','yes')
testlib.config_set(conf_file,'smtpd_tls_loglevel','2')
# setup smtpd.conf and the sasl users
contents = ''
self.assertTrue(mech in ['LOGIN', 'PLAIN', 'CRAM-MD5', 'DIGEST-MD5'], "Invalid mech: %s" % mech)
if not force_sasldb and (mech == "PLAIN" or mech == "LOGIN"):
conf_file = '/etc/default/saslauthd'
testlib.config_set(conf_file, 'START', 'yes', spaces=False)
contents = '''
pwcheck_method: saslauthd
allowanonymouslogin: 0
allowplaintext: 1
mech_list: %s %s
''' % (mech, other_mech)
# attach SASL to postfix chroot
subprocess.call(['mkdir','-p','/var/spool/postfix/var/run/saslauthd'])
subprocess.call(['rm','-rf','/var/run/saslauthd'])
subprocess.call(['ln','-s','/var/spool/postfix/var/run/saslauthd','/var/run/saslauthd'])
subprocess.call(['/etc/init.d/saslauthd', 'stop'], stdout=subprocess.PIPE)
assert subprocess.call(['/etc/init.d/saslauthd', 'start'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) == 0
# Force crackful perms so chroot'd postfix can talk to saslauthd
subprocess.call(['chmod','o+x','/var/spool/postfix/var/run/saslauthd'])
else:
plaintext = "1"
if mech == "LOGIN" or mech == "PLAIN":
plaintext = "0"
contents = '''
pwcheck_method: auxprop
allowanonymouslogin: 0
allowplaintext: %s
mech_list: %s %s
''' % (plaintext, mech, other_mech)
# Add user to sasldb2
testlib.config_replace("/etc/sasldb2", '', append=False)
rc, report = testlib.cmd(['postconf', '-h', 'myhostname'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
child = pexpect.spawn('saslpasswd2 -c -u %s %s' % (report.strip(), self.user.login))
time.sleep(0.2)
child.expect(r'(?i)password', timeout=5)
time.sleep(0.2)
child.sendline(self.user.password)
time.sleep(0.2)
child.expect(r'.*(for verification)', timeout=5)
time.sleep(0.2)
child.sendline(self.user.password)
time.sleep(0.2)
rc = child.expect('\n', timeout=5)
time.sleep(0.2)
self.assertEquals(rc, expected, "passwd returned %d" %(rc))
child.kill(0)
os.chmod("/etc/sasldb2", 0640)
rc, report = testlib.cmd(['chgrp', 'postfix', '/etc/sasldb2'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
# Force crackful perms so chroot'd postfix can talk to saslauthd
subprocess.call(['mv', '-f', '/etc/sasldb2', '/var/spool/postfix/etc'])
subprocess.call(['ln', '-s', '/var/spool/postfix/etc/sasldb2', '/etc/sasldb2'])
conf_file = '/etc/postfix/sasl/smtpd.conf'
testlib.config_replace(conf_file, contents, append=False)
# Restart server
self._restart_server()