PostfixAdmin – post-scripts will not run
Running PostfixAdmin 2.92 on a box with dozens of domains. An admin tried to delete mailboxes and got the error: Problems running mailbox postdeletion script!
How I fixed it
To run scripts after deleting a mailbox from the database, PFA runs the script
/usr/local/bin/postfixadmin-mailbox-postdeletion.sh. Since PFA is running as apache and the script needs to run as the postfix user, it recommends adding a line to
/etc/sudoers to allow just that. Problem is, of course, that it failed.
I could run the script as another user who had the exact same privileges in
/etc/sudoers. I could even give apache
c a shell and run the script successfully. So the script worked (well it worked after I changed some assumptions in it; see below). But it didn’t work from the web page.
To make a long story short, the fix was to remove the requirement for the apache user to have a tty. That’s as simple as specifying the sudo defaults for apache.
/etc/sudoers (by running
visudo), and added:
above the line I had added earlier:
apache ALL=(postfix) NOPASSWD: /usr/local/bin/postfixadmin-mailbox-postdeletion.sh
Shout out to http://getasysadmin.blogspot.com/2009/11/postfixadmin-errors-executing.html for the sudoers fix.
Changes in the script itself
The default in PFA (or, at least mine) is for maildirs to live in
/var/spool/postfix/virtual. The script, however, assumes that they go in
/var/spool/maildirs. Can’t blame the authors – we’re a bunch of nerdy bit-heads and we might stick our mailboxes anywhere.
Furthermore, the default names each maildir user@domain (i.e. email@example.com). The script assumes the maildirs the user name as a subdir, with the parent being named the same as the domain (i.e.
In full, the script assumes firstname.lastname@example.org has a maildir of:
Whereas the default is:
To fix this I changed this line:
This assumes that the delete command passes “email@example.com” as the first argument to the post deletion script.
By default, the deleted mail directory will be in a subdirectory of the domain name. If you want to change that behavior, also modify