# or .forward files if the path ends in "/", which causes it to be treated
# as a directory name rather than a file name.
-# hcoop-change: Add bogus group line to make sure get-token gets executed
+# hcoop-change: Add bogus group line to make sure get-token gets
+# executed and ignore owner
address_directory:
debug_print = "T: address_directory for $local_part@$domain"
driver = appendfile
- group = mail${run{/etc/exim4/get-token ${local_part}}{}}
+ directory = ${address_file}${run{/etc/exim4/get-token ${local_part}}{}}
+# group = mail${run{/etc/exim4/get-token ${local_part}}{}}
delivery_date_add
envelope_to_add
return_path_add
check_string = ""
escape_string = ""
+ check_owner = false
maildir_format
-
+ current_directory = /
+ maildir_retries = 20
+ mode_fail_narrower = false
\ No newline at end of file
REALUSER=$(whoami)
USER=$1
-LOGFILE=/tmp/exim4/weird-error.log
+LOGFILE=/var/local/mail-tokens/weird-error.log
+
+echo "`date` $REALUSER $USER (`groups`): $@" >> $LOGFILE
+#ps -eo euser,ruser,suser,fuser,comm,pid --ppid=$PPID --pid=$PPID --forest >> $LOGFILE
if test "$REALUSER" = "root"; then
if test "$2" = "norecurse"; then
# Make sure USER exists, and resolve UIDs to a login name
USER=$(getent passwd "$USER" | cut -d':' -f 1)
-LOGFILE=/tmp/exim4/get-token-log.$USER
+LOGFILE=/var/local/mail-tokens/get-token-log.$USER
if test -z "$USER"; then
echo "$USER is not a local user, so ignoring them" \
- >> /tmp/exim4/weird-error.log
+ >> /var/local/mail-tokens/weird-error.log
exit 1
fi
echo "Debugging output: $*"
fi
+date
+groups
+
# set the credentials cache
-export KRB5CCNAME=FILE:/tmp/exim4/krb5cc_$USER.email
+export KRB5CCNAME=FILE:/var/local/mail-tokens/krb5cc_$USER.email
# eliminate any previous tokens
-kdestroy
-unlog
+#kdestroy
+#unlog
KEYTAB=/etc/keytabs/user.daemon/$USER
# display command-to-be-invoked as a sanity check
-echo kinit -kt $KEYTAB $USER/daemon@HCOOP.NET
+set -x
-kinit -kt $KEYTAB $USER/daemon@HCOOP.NET
-aklog
+(
+flock -s 666
+krenew -vtH 30 || kinit -V -kt $KEYTAB $USER/daemon@HCOOP.NET
+#aklog
# list tokens, for the sake of debugging
-#tokens
+tokens
+
+) 666>/var/local/mail-tokens/lock.$USER