#!/bin/bash # Created by: downtownallday # # This mod will configure ubuntu's "unattended-upgrades" package to # send email whenever unattended upgrades fail. # # When enabling the mod on a mailinabox-ldap installation, you must be # able to receive mail from root by creating an alias "root@" directed to "administrator@" using the admin # console. # # you can confirm this by running as root on miab-ldap: # # setup/ldap.sh -search "(mail=root@$(hostname --fqdn))" # # should return something like this: # dn: cn=b6e5b8cb-78b1-4051-a482-36ef792edae9,ou=aliases,ou=Users,dc=mailinabox # mail: root@mail.mydomain.com # cn: b6e5b8cb-78b1-4051-a482-36ef792edae9 # mailMember: administrator@mail.mydomain.com # description: Local root mail # objectClass: mailGroup # objectClass: namedProperties # # # When enabling the mod on a cloudinabox installation: # # a. the ssmtp package must be installed and working (typically it # has already been configured by setup) # b. a smart host setup in mailinabox-ldap must be configured so # that mail from cloudinabox will be accepted. # # Configuring a smart host is accomplished by creating a catch-all # alias "@" with a permitted sender list containing # the email address that ssmtp is using to authenticate with. The # forward-to field is empty. # # eg. assuming "cloud.mydomain.com" is the hostname of your # cloudinabox, and "alerts@mydomain.com" is the email address that # ssmtp is using to authenticate with mailinabox-ldap (see # /etc/ssmtp/ssmtp.conf), then running this on mailinabox-ldap: # # setup/ldap.sh -search "(mail=@cloud.mydomain.com)" # # should return two entries that look something like these: # dn: cn=d7a41a6b-7c7c-4a36-8298-aa11875051db,ou=aliases,ou=Users,dc=mailinabox # mail: @cloud.mydomain.com # cn: d7a41a6b-7c7c-4a36-8298-aa11875051db # description: Smart host setup # objectClass: mailGroup # objectClass: namedProperties # # dn: cn=03cb077c-ea40-5de1-f656-dc1a321775f8,ou=permitted-senders,ou=Config,dc=mailinabox # mail: @cloud.mydomain.com # description: Permitted to MAIL FROM this address # objectClass: mailGroup # cn: 03cb077c-ea40-5de1-f656-dc1a321775f8 # member: alerts@mydomain.com # #^ uid=c2994711-e92f-5d91-bca7-7995ea66de52,ou=Users,dc=mailinabox # # # To remove this mod, manually edit # /etc/apt/apt.conf.d/50unattended-upgrades and comment out the line # "Unattended-Upgrade::Mail" # source setup/functions.sh # load our functions source /etc/os-release changed=false conf="/etc/apt/apt.conf.d/50unattended-upgrades" # install the "mailx" mail client, which is required by the # unattended-upgrades script. if [ ! -x /usr/bin/mailx ]; then apt_install bsd-mailx changed=true fi # configure unattended-upgrades to email whenever there is an # error. Do not overwrite existing settings. if ! grep -E "^Unattended-Upgrade::Mail\s+" "$conf" >/dev/null then tools/editconf.py "$conf" -s 'Unattended-Upgrade::Mail="root";' changed=true fi if [ "$VERSION_CODENAME" = "bionic" ]; then # Ubuntu 18 (bionic) if ! grep -E "^Unattended-Upgrade::MailOnlyOnError\s+" "$conf" >/dev/null then tools/editconf.py "$conf" -s \ 'Unattended-Upgrade::MailOnlyOnError="true";' changed=true fi else if ! grep -E "^Unattended-Upgrade::MailReport\s+" "$conf" >/dev/null then # besides "only-on-error", other options are "always" and "on-change" tools/editconf.py "$conf" -s \ 'Unattended-Upgrade::MailReport="only-on-error";' changed=true fi fi if $changed; then echo "Unattended-upgrades setup mod: email notifications have been enabled" fi