mailbox deletion script to be launched by pfexec user during account deletion process

#!/bin/sh

# Script for removing a mailbox dir in ecloud

# The script looks at arguments 1 and 2, assuming that they 

# indicate username and domain, respectively.

# the script is actually run by the pfexec user

# the script handles deletion in a bind-mounted dir shared with eelomailserver

# so pfexec user has no right over it. it needs a specific sudo perm 

#to be able to only run this script

# the /etc/sudoers line added to the container during install :

# pfexec ALL=(root) NOPASSWD: /usr/local/bin/postfixadmin-mailbox-postdeletion.sh

# The line states that the pfexec user may run the script without providing a password.

# where the mailbox dirs are bind-mounted on the container.

basedir=/var/mail/vhosts

if [[ -n "$1" && -n "$2" ]]; then

    # double check both arguments are provided

    if [ `echo $1 | fgrep '..'` ]; then

        # not permitted!!

        exit 1

    fi

    if [ `echo $2 | fgrep '..'` ]; then

        # not permitted!!

        exit 1

    fi

    maildir="${basedir}/$2/$1"

    if [ ! -e "$maildir" ]; then

        # not maildir empty, doing nothing

        exit 1

    fi

    rm -rf $maildir

else 

    # args are empty, do nothing

    exit 1

fi   

exit $?

 No newline at end of file

echo "Adding Postfix admin superadmin account"

docker-compose exec -T postfixadmin /postfixadmin/scripts/postfixadmin-cli admin add $ALT_EMAIL --password $PFA_SUPERADMIN_PASSWORD --password2 $PFA_SUPERADMIN_PASSWORD --superadmin

# adding sudo to postfixadmin container

docker-compose exec -T postfixadmin apk add sudo

# giving pfexec user a specific sudo perm ONLY for launching the bind-mounted mailbox-postdeletion script

docker-compose exec -T postfixadmin bash -c 'echo "" >> /etc/sudoers && echo "#pfexec single command perm" >> /etc/sudoers && echo "pfexec ALL=(root) NOPASSWD: /usr/local/bin/postfixadmin-mailbox-postdeletion.sh" >> /etc/sudoers'

# Adding domains to postfix is done by docker exec instead of docker-compose exec on purpose. Reason: with compose the loop aborts after the first item for an unknown reason

echo "Adding domains to Postfix"

# The password_expiry parameter is only a workaround, and does not have any effect

      - ADMIN_SMTP_PASSWORD=${DRIVE_SMTP_PASSWORD}

    volumes:

      - /mnt/repo-base/volumes/mail:/var/mail

      - /mnt/repo-base/scripts/postfixadmin-mailbox-postdeletion.sh:/usr/local/bin/postfixadmin-mailbox-postdeletion.sh

    depends_on:

      - eelomailserver

      - mariadb