Laudende Default seite entfernen
parent
6f7c035884
commit
4156a0092e
|
|
@ -186,13 +186,13 @@ EOSH
|
|||
chmod 0750 /usr/local/sbin/mailwolt-install-dkim
|
||||
chown root:root /usr/local/sbin/mailwolt-install-dkim
|
||||
|
||||
# --- mailwolt-remove-dkim -------------------------------------
|
||||
cat > /usr/local/sbin/mailwolt-remove-dkim <<'EOSH'
|
||||
# --- 2) mailwolt-remove-dkim ----------------------------------
|
||||
cat >/usr/local/sbin/mailwolt-remove-dkim <<'EOSH'
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
DOMAIN="$1"
|
||||
SELECTOR="$2"
|
||||
DOMAIN="$1" # z.B. kunden.tld oder sysmail.example.com
|
||||
SELECTOR="$2" # z.B. mwl1
|
||||
|
||||
OKDIR="/etc/opendkim"
|
||||
KEYDIR="${OKDIR}/keys/${DOMAIN}"
|
||||
|
|
@ -200,23 +200,41 @@ KEYPRI="${KEYDIR}/${SELECTOR}.private"
|
|||
KT="${OKDIR}/KeyTable"
|
||||
ST="${OKDIR}/SigningTable"
|
||||
|
||||
# Key-Datei löschen (falls vorhanden)
|
||||
[[ -f "${KEYPRI}" ]] && rm -f "${KEYPRI}"
|
||||
|
||||
# Zeilen aus KeyTable und SigningTable entfernen
|
||||
if [[ -f "$KT" ]]; then
|
||||
TMP="$(mktemp)"
|
||||
grep -v -F "${SELECTOR}._domainkey.${DOMAIN}" "$KT" > "$TMP" && mv "$TMP" "$KT"
|
||||
tmp="$(mktemp)"; grep -v -F "${SELECTOR}._domainkey.${DOMAIN} ${DOMAIN}:${SELECTOR}:" "$KT" >"$tmp" && mv "$tmp" "$KT"
|
||||
chown opendkim:opendkim "$KT"; chmod 0640 "$KT"
|
||||
fi
|
||||
if [[ -f "$ST" ]]; then
|
||||
TMP="$(mktemp)"
|
||||
grep -v -F "*@${DOMAIN} ${SELECTOR}._domainkey.${DOMAIN}" "$ST" > "$TMP" && mv "$TMP" "$ST"
|
||||
tmp="$(mktemp)"; grep -v -F "*@${DOMAIN} ${SELECTOR}._domainkey.${DOMAIN}" "$ST" >"$tmp" && mv "$tmp" "$ST"
|
||||
chown opendkim:opendkim "$ST"; chmod 0640 "$ST"
|
||||
fi
|
||||
|
||||
# Verzeichnis ggf. aufräumen
|
||||
rmdir "${KEYDIR}" 2>/dev/null || true
|
||||
|
||||
systemctl is-active --quiet opendkim && systemctl reload opendkim || true
|
||||
# Dienst neu laden, falls aktiv
|
||||
if systemctl is-active --quiet opendkim; then
|
||||
systemctl reload opendkim || true
|
||||
fi
|
||||
|
||||
echo "OK"
|
||||
EOSH
|
||||
chmod 0750 /usr/local/sbin/mailwolt-remove-dkim
|
||||
chown root:root /usr/local/sbin/mailwolt-remove-dkim
|
||||
chmod 0750 /usr/local/sbin/mailwolt-remove-dkim
|
||||
|
||||
# --- Sudoers für beide Helper sicherstellen -------------------
|
||||
APP_USER="${APP_USER:-mailwolt}"
|
||||
cat >/etc/sudoers.d/mailwolt-dkim <<EOF
|
||||
Defaults! /usr/local/sbin/mailwolt-install-dkim !requiretty
|
||||
Defaults! /usr/local/sbin/mailwolt-remove-dkim !requiretty
|
||||
${APP_USER} ALL=(root) NOPASSWD: /usr/local/sbin/mailwolt-install-dkim
|
||||
${APP_USER} ALL=(root) NOPASSWD: /usr/local/sbin/mailwolt-remove-dkim
|
||||
EOF
|
||||
chmod 440 /etc/sudoers.d/mailwolt-dkim
|
||||
|
||||
# --- Sudoers-Regel für App-User --------------------------------
|
||||
APP_USER="${APP_USER:-mailwolt}"
|
||||
|
|
|
|||
Loading…
Reference in New Issue