diff --git a/management/daily_tasks.sh b/management/daily_tasks.sh index 8c36da5c..8341fcd6 100755 --- a/management/daily_tasks.sh +++ b/management/daily_tasks.sh @@ -14,7 +14,7 @@ export LC_TYPE=en_US.UTF-8 if [ `date "+%u"` -eq 1 ]; then management/mail_log.py -t week | management/email_administrator.py "Mail-in-a-Box Usage Report" - pflogsumm -u 5 -h 5 --problems_first /var/log/mail.log.1 | management/email_administrator.py "Postfix log analysis summary" + /usr/sbin/pflogsumm -u 5 -h 5 --problems_first /var/log/mail.log.1 | management/email_administrator.py "Postfix log analysis summary" fi # Take a backup. diff --git a/management/status_checks.py b/management/status_checks.py index be3def9f..529b09b3 100755 --- a/management/status_checks.py +++ b/management/status_checks.py @@ -40,7 +40,7 @@ def get_services(): { "name": "Mail Filters (Sieve/dovecot)", "port": 4190, "public": True, }, { "name": "HTTP Web (nginx)", "port": 80, "public": True, }, { "name": "HTTPS Web (nginx)", "port": 443, "public": True, }, - { "name": "Solr Full Text Search (Jetty)", "port": 8983, "public": False, }, + { "name": "Solr Full Text Search", "port": 8983, "public": False, }, ] def run_checks(rounded_values, env, output, pool): diff --git a/setup/additionals.sh b/setup/additionals.sh index 57d2eaad..378dab84 100644 --- a/setup/additionals.sh +++ b/setup/additionals.sh @@ -2,7 +2,7 @@ source /etc/mailinabox.conf source setup/functions.sh # Add additional packages -apt_install pflogsumm +apt_install pflogsumm rkhunter chkrootkit # Cleanup old spam and trash email hide_output install -m 755 conf/cron/miab_clean_mail /etc/cron.weekly/ @@ -25,3 +25,33 @@ hide_output systemctl restart systemd-journald.service cat > /root/.forward << EOF; administrator@$PRIMARY_HOSTNAME EOF + +# Install fake mail script +if [ ! -f /usr/local/bin/mail ]; then + hide_output install -m 755 tools/fake_mail /usr/local/bin + mv -f /usr/local/bin/fake_mail /usr/local/bin/mail +fi + +tools/editconf.py /etc/rkhunter.conf \ + UPDATE_MIRRORS=1 \ + MIRRORS_MODE=0 \ + WEB_CMD='""' \ + ALLOWHIDDENDIR=/etc/.java + +# Check presence of whitelist +if ! grep -Fxq "SCRIPTWHITELIST=/usr/local/bin/mail" /etc/rkhunter.conf > /dev/null; then + echo "SCRIPTWHITELIST=/usr/local/bin/mail" >> /etc/rkhunter.conf +fi + +tools/editconf.py /etc/default/rkhunter \ + CRON_DAILY_RUN='"true"' \ + CRON_DB_UPDATE='"true"' \ + APT_AUTOGEN='"true"' + +tools/editconf.py /etc/chkrootkit.conf \ + RUN_DAILY='"true"' \ + DIFF_MODE='"true"' + +# Should be last, update expected output +rkhunter --propupd +chkrootkit -q > /var/log/chkrootkit/log.expected diff --git a/setup/solr.sh b/setup/solr.sh index eadb819a..caab1bef 100644 --- a/setup/solr.sh +++ b/setup/solr.sh @@ -45,7 +45,7 @@ if [ $needs_update == 1 ]; then wget_verify \ "https://www.apache.org/dyn/closer.lua?action=download&filename=lucene/solr/$VERSION/solr-$VERSION.tgz" \ $HASH \ - /tmp/solr.tgz + /tmp/solr-$VERSION.tgz tar xzf /tmp/solr-$VERSION.tgz -C /tmp solr-$VERSION/bin/install_solr_service.sh --strip-components=2 # install to usr/local, force update, do not start service on installation complete @@ -61,10 +61,10 @@ fi # Add security tools/editconf.py /etc/default/solr.in.sh \ - SOLR_IP_WHITELIST="127.0.0.1, [::1]" + SOLR_IP_WHITELIST='"127.0.0.1, [::1]"' # Change log dir -if [! -d "/var/log/solr" ]; then +if [ ! -d "/var/log/solr" ]; then mkdir /var/log/solr fi diff --git a/setup/start.sh b/setup/start.sh index 3a3414b4..54932d62 100755 --- a/setup/start.sh +++ b/setup/start.sh @@ -111,7 +111,7 @@ source setup/dns.sh source setup/mail-postfix.sh source setup/mail-dovecot.sh source setup/mail-users.sh -#source setup/solr.sh +source setup/solr.sh source setup/dkim.sh source setup/spamassassin.sh source setup/web.sh diff --git a/tools/fake_mail b/tools/fake_mail new file mode 100644 index 00000000..0beb37ce --- /dev/null +++ b/tools/fake_mail @@ -0,0 +1,22 @@ +#!/bin/bash +# Save the command-line information passed to the function +# so that I can translate info to call sendmail +if read -t 0; then + message=`cat` +fi +script="$0" + +for arg in "$@"; do + if [ "$lastarg" == "-s" ]; then + subject="$arg" + fi + if [[ $arg =~ [[:space:]] ]]; then + arg=\"$arg\" + fi + lastarg="$arg" +done + +# send message using sendmail +echo "Subject: $subject + +$message" | sendmail -F "`hostname -f`" "$lastarg"