diff -Nur --no-dereference e-smith-base-5.8.1.old/createlinks e-smith-base-5.8.1/createlinks --- e-smith-base-5.8.1.old/createlinks 2023-11-23 22:07:39.027000000 -0500 +++ e-smith-base-5.8.1/createlinks 2023-11-23 22:19:11.493000000 -0500 @@ -308,6 +308,7 @@ event_link("systemd-journald", $event, "02"); event_link("fix-startup", $event, "05"); event_link("init-accounts", $event, "05"); +event_link("mail-spool-fix", $event, "05"); event_link("logrotate-migrate", $event, "06"); event_link("rotate_logfiles", $event, "07"); event_link("set-hostname", $event, "10"); diff -Nur --no-dereference e-smith-base-5.8.1.old/root/etc/e-smith/events/actions/group-delete-unix e-smith-base-5.8.1/root/etc/e-smith/events/actions/group-delete-unix --- e-smith-base-5.8.1.old/root/etc/e-smith/events/actions/group-delete-unix 2013-01-31 10:52:04.000000000 -0500 +++ e-smith-base-5.8.1/root/etc/e-smith/events/actions/group-delete-unix 2023-11-23 22:10:23.904000000 -0500 @@ -51,4 +51,6 @@ system("/usr/sbin/cpu", "groupdel", "$groupName") == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) group $groupName.\n" ); +unless ($x == 255) { unlink("/var/spool/mail/$groupName") or ( $x = 255, warn "Failed to delete /var/spool/mail/$groupName.\n" );} + exit ($x); diff -Nur --no-dereference e-smith-base-5.8.1.old/root/etc/e-smith/events/actions/mail-spool-fix e-smith-base-5.8.1/root/etc/e-smith/events/actions/mail-spool-fix --- e-smith-base-5.8.1.old/root/etc/e-smith/events/actions/mail-spool-fix 1969-12-31 19:00:00.000000000 -0500 +++ e-smith-base-5.8.1/root/etc/e-smith/events/actions/mail-spool-fix 2023-11-23 22:16:43.273000000 -0500 @@ -0,0 +1,47 @@ +#! /bin/bash + +#---------------------------------------------------------------------- +# copyright (C) 2023 Koozali SME Server +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +#---------------------------------------------------------------------- + +# fix ownership of spool folder content +pushd /var/spool/mail/ >/dev/null +for file in *; do + if [ ! -f "$file" ]; then + continue + fi + if ( ! `id -u $file 2>/dev/null 1>&2`) ; then + echo "$file user does not exist deleting mail spool file" + rm -f /var/spool/mail/$file + continue + fi + userf=$(stat -c %U /var/spool/mail/$file 2>/dev/null) + if [[ "$userf" != "$file" ]]; then + uidf=$(stat -c %u /var/spool/mail/$file 2>/dev/null) + uiduser=$(id -u $file 2>/dev/null ) + # extra step needed if username has an alias eg www=apache + if [[ "$uidf" != "$uiduser" ]]; then + echo "fixing ownership of $file spool mail" + # extra security we want to clean it from sensitive information + echo ""> /var/spool/mail/$file + chown $file /var/spool/mail/$file + fi + fi +done +popd >/dev/null +