/usr/sbin/apachectl configtest
設定ファイル(httpd.conf)に文法エラーが無ければ
Syntax OK と表示されるはず。
何らかのエラーがある場合は
Syntax error on line 31 of /etc/httpd/conf/httpd.conf:
Invalid command ‘¥x11′, perhaps mis-spelled or defined by a module not included in the server configuration
などとエラーメッセージを表示する。
/etc/httpd/conf.d 以下にある設定ファイルはチェックされないので注意。
webサーバのlogwatchから送信されてくるメールの容量が400kbyteとか600kbyteとか、かなり大きいので対処方法を検索した所以下のページを発見。
参考:logwatch に大量の Apache アクセスログが添付される | futuremix
CentOS や Fedora Core には LogWatch というアプリケーションがついており、毎晩各種ログを検査して、問題のある部分を抜き出して送ってきてくれます。しかし Apache のログが大量に記録されてメールに添付され、私のサイトでは毎日数100KB のメールが届きます…
対処方法は参考ページにあるのだけれど、一応コピペ。
vi /etc/log.d/scripts/services/http
$content_types = $content_types.'|\.htm|\.html|\.jhtml|\.phtml|\.shtml|\/';
↓追記
$content_types = $content_types.'|\.html#.*|\/[a-zA-Z0-9\-_\/\!]+|\/[a-zA-Z0-9\-_\/\!]+#.*|\/';
$content_types = $content_types.'|\.inc|\.php|\.php3|\.asp|\.pl|\.wml|\/';
検査するときの条件を付け加える事で全部ではないけれど抑えられる。
postfixadminを使ってバーチャルドメインでメールサーバを構築するまではうまくいったのだけど、procmailを使うと自動でメールボックスが作成されない。
もともとメールアカウント削除してもメールボックスが自動で削除されないので付属のシェルスクリプト改で行ってみるテスト。
postfixadminは /var/www/postfixadmin に設置してあるとし、
メールは/mail 以下に保存される設定で。
/mail/hoge.com/user@hoge.com な感じ。
メールディレクトリ作成・削除スクリプトは/usr/local/bin/postfixadmin へ保存。
メールボックス作成用スクリプト
/usr/local/bin/postfixadmin/postfixadmin-mailbox-postcreation.shメールボックス削除用スクリプト
/usr/local/bin/postfixadmin/postfixadmin-mailbox-postdeletion.shドメイン削除用スクリプト?
/usr/local/bin/postfixadmin/postfixadmin-domain-postdeletion.sh
どうやら最近のマシンではエラーが出るらしいので併せて対処。
参考:sudoが「sudo: sorry, you must have a tty to run sudo」と文句を言うときは
webサーバ(apache)のhttpd.conf設定は
User apache
Group apache
としています。
visudo # # Disable "ssh hostname sudo ", because it will show the password in clear. # You have to run "ssh -t hostname sudo ". # #Defaults requiretty ←コメントアウト ## The COMMANDS section may have other options added to it. ## ## Allow root to run any commands anywhere root ALL=(ALL) ALL apache ALL=(ALL) NOPASSWD: /usr/local/bin/postfixadmin/postfixadmin-mailbox-postcreation.sh ←追記 apache ALL=(ALL) NOPASSWD: /usr/local/bin/postfixadmin/postfixadmin-mailbox-postdeletion.sh ←追記 apache ALL=(ALL) NOPASSWD: /usr/local/bin/postfixadmin/postfixadmin-domain-postdeletion.sh ←追記
保存用ディレクトリを作成し、postfixadmin/ADDITIONS 内にある、
postfixadmin-domain-postdeletion.sh
postfixadmin-mailbox-postcreation.sh
postfixadmin-mailbox-postdeletion.sh
を/usr/local/bin/postfixadmin 以下にコピーする。
mkdir /usr/local/bin/postfixadmin cp /var/www/postfixadmin/ADDITIONS/postfixadmin-domain-postdeletion.sh /usr/local/bin/postfixadmin cp /var/www/postfixadmin/ADDITIONS/postfixadmin-mailbox-postcreation.sh /usr/local/bin/postfixadmin cp /var/www/postfixadmin/ADDITIONS/postfixadmin-mailbox-postdeletion.sh /usr/local/bin/postfixadmin
削除したメールボックスは/mail/.deleted-maildirs 以下に保存されるようにする。
削除したメールボックスを保存するディレクトリ作成
mkdir /mail/.deleted-maildirs chmod 771 /mail/.deleted-maildirs chown vuser:vuser /mail/.deleted-maildirs
#!/bin/sh # Example script for adding a Maildir to a Courier-IMAP virtual mail # hierarchy. # The script only looks at argument 3, assuming that it # indicates the relative name of a maildir, such as # "somedomain.com/peter/". # This script should be run as the user which owns the maildirs. If # the script is actually run by the apache user (e.g. through PHP), # then you could use "sudo" to grant apache the rights to run # this script as the relevant user. # Assume this script has been saved as # /usr/local/bin/postfixadmin-mailbox-postcreation.sh and has been # made executable. Now, an example /etc/sudoers line: # apache ALL=(courier) NOPASSWD: /usr/local/bin/postfixadmin-mailbox-postcreation.sh # The line states that the apache user may run the script as the # user "courier" without providing a password. # Change this to where you keep your virtual mail users' maildirs. #basedir=/var/spool/maildirs ←コメントアウト basedir=/mail ←追記 if [ ! -e "$basedir" ]; then echo "$0: basedir '$basedir' does not exist; bailing out." exit 1 fi if [ `echo $3 | fgrep '..'` ]; then echo "$0: An argument contained a double-dot sequence; bailing out." exit 1 fi maildir="${basedir}/$3" parent=`dirname "$maildir"` if [ ! -d "$parent" ]; then if [ -e "$parent" ]; then echo "$0: strange - directory '$parent' exists, but is not a directory; bailing out." exit 1 else mkdir -p "${parent}" if [ $? -ne 0 ]; then echo "$0: mkdir -p '$parent' returned non-zero; bailing out." exit 1 fi fi fi if [ -e "$maildir" ]; then echo "$0: Directory '$maildir' already exists! bailing out" exit 1 fi #maildirmake "$maildir" ←コメントアウト #if [ ! -d "$maildir" ]; then # echo "$0: maildirmake didn't produce a directory; bailing out." # exit 1 #fi # 以下を追記 mkdir "$maildir" if [ ! -d "$maildir" ]; then echo "$0: mkdir didn't produce a directory; bailing out." exit 1 fi mkdir "${maildir}cur" if [ ! -d "${maildir}cur" ]; then echo "$0: mkdir didn't produce a directory; bailing out." exit 1 fi mkdir "${maildir}new" if [ ! -d "${maildir}new" ]; then echo "$0: mkdir didn't produce a directory; bailing out." exit 1 fi mkdir "${maildir}tmp" if [ ! -d "${maildir}tmp" ]; then echo "$0: mkdir didn't produce a directory; bailing out." exit 1 fi chown -R vuser:vuser "$maildir" chmod -R 700 "$maildir" exit 0
ユーザーメールボックスは、/mail/hoge.com/user@hoge.com の形式としています。
#!/bin/sh # Example script for removing a Maildir from a Courier-IMAP virtual mail # hierarchy. # The script looks at arguments 1 and 2, assuming that they # indicate username and domain, respectively. # The script will not actually delete the maildir. I moves it # to a special directory which may once in a while be cleaned up # by the system administrator. # This script should be run as the user which owns the maildirs. If # the script is actually run by the apache user (e.g. through PHP), # then you could use "sudo" to grant apache the rights to run # this script as the relevant user. # Assume this script has been saved as # /usr/local/bin/postfixadmin-mailbox-postdeletion.sh and has been # made executable. Now, an example /etc/sudoers line: # apache ALL=(courier) NOPASSWD: /usr/local/bin/postfixadmin-mailbox-postdeletion.sh # The line states that the apache user may run the script as the # user "courier" without providing a password. # Change this to where you keep your virtual mail users' maildirs. #basedir=/var/spool/maildirs ←コメントアウト basedir=/mail ←追記 # Change this to where you would like deleted maildirs to reside. #trashbase=/var/spool/deleted-maildirs ←コメントアウト trashbase=/mail/.deleted-maildirs ← 追記 if [ ! -e "$trashbase" ]; then echo "trashbase '$trashbase' does not exist; bailing out." exit 1 fi if [ `echo $1 | fgrep '..'` ]; then echo "First argument contained a double-dot sequence; bailing out." exit 1 fi if [ `echo $2 | fgrep '..'` ]; then echo "First argument contained a double-dot sequence; bailing out." exit 1 fi #subdir=`echo "$1" | sed 's/@.*//'` ←コメントアウト subdir=$1 ← 追記 maildir="${basedir}/$2/${subdir}" trashdir="${trashbase}/$2/`date +%F_%T`_${subdir}" parent=`dirname "$trashdir"` if [ ! -d "$parent" ]; then if [ -e "$parent" ]; then echo "Strainge - directory '$parent' exists, but is not a directory." echo "Bailing out." exit 1 else mkdir -p "$parent" if [ $? -ne 0 ]; then echo "mkdir -p '$parent' returned non-zero; bailing out." exit 1 fi fi fi if [ ! -e "$maildir" ]; then echo "maildir '$maildir' does not exist; nothing to do." exit 1 fi if [ -e "$trashdir" ]; then echo "trashdir '$trashdir' already exists; bailing out." exit 1 fi mv $maildir $trashdir exit $?
ドメイン削除用スクリプトの編集
#!/bin/sh # Example script for removing a Maildir domain top-level folder # from a Courier-IMAP virtual mail hierarchy. # The script only looks at argument 1, assuming that it # indicates the relative name of a domain, such as # "somedomain.com". If $basedir/somedomain.com exists, it will # be removed. # The script will not actually delete the directory. I moves it # to a special directory which may once in a while be cleaned up # by the system administrator. # This script should be run as the user which owns the maildirs. If # the script is actually run by the apache user (e.g. through PHP), # then you could use "sudo" to grant apache the rights to run # this script as the relevant user. # Assume this script has been saved as # /usr/local/bin/postfixadmin-domain-postdeletion.sh and has been # made executable. Now, an example /etc/sudoers line: # apache ALL=(courier) NOPASSWD: /usr/local/bin/postfixadmin-domain-postdeletion.sh # The line states that the apache user may run the script as the # user "courier" without providing a password. # Change this to where you keep your virtual mail users' maildirs. #basedir=/var/spool/maildirs ←コメントアウト basedir=/mail ←追記 # Change this to where you would like deleted maildirs to reside. trashbase=/var/spool/deleted-maildirs ←コメントアウト trashbase=/mail/.deleted-maildirs ←追記 if [ `echo $1 | fgrep '..'` ]; then echo "First argument contained a double-dot sequence; bailing out." exit 1 fi if [ ! -e "$trashbase" ]; then echo "trashbase '$trashbase' does not exist; bailing out." exit 1 fi trashdir="${trashbase}/`date +%F_%T`_$1" domaindir="${basedir}/$1" if [ ! -e "$domaindir" ]; then echo "Directory '$domaindir' does not exits; nothing to do." exit 0; fi if [ ! -d "$domaindir" ]; then echo "'$domaindir' is not a directory; bailing out." exit 1 fi if [ -e "$trashdir" ]; then echo "Directory '$trashdir' already exits; bailing out." exit 1; fi mv $domaindir $trashdir exit $?
実行権を与える
chmod 700 /usr/local/bin/postfixadmin/postfixadmin*
vi /var/www/postfixadmin/config.inc.php // Optional: // Script to run after creation of mailboxes. // Note that this may fail if PHP is run in "safe mode", or if // operating system features (such as SELinux) or limitations // prevent the web-server from executing external scripts. // $CONF['mailbox_postcreation_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postcreation.sh'; $CONF['mailbox_postcreation_script']='sudo /usr/local/bin/postfixadmin/postfixadmin-mailbox-postcreation.sh'; ←追記 // Optional: // Script to run after deletion of mailboxes. // Note that this may fail if PHP is run in "safe mode", or if // operating system features (such as SELinux) or limitations // prevent the web-server from executing external scripts. // $CONF['mailbox_postdeletion_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postdeletion.sh'; $CONF['mailbox_postdeletion_script']='sudo /usr/local/bin/postfixadmin/postfixadmin-mailbox-postdeletion.sh'; ←追記 // Optional: // Script to run after deletion of domains. // Note that this may fail if PHP is run in "safe mode", or if // operating system features (such as SELinux) or limitations // prevent the web-server from executing external scripts. // $CONF['domain_postdeletion_script']='sudo -u courier /usr/local/bin/postfixadmin-domain-postdeletion.sh'; $CONF['domain_postdeletion_script']='sudo /usr/local/bin/postfixadmin/postfixadmin-domain-postdeletion.sh';
postfixadminでメールアカウントの作成・削除を行って、該当のメールボックスの状況を確認する。
ドメイン追加・削除を行う場合は、ドメインの追加後メールユーザーを1つ以上追加する必要がある。(ドメイン追加のみだとディレクトリが作成されない為)
visudo でコメントアウトした
#Defaults requiretty ←コメントアウト
が、セキュリティー面でどうなのか、と。