From 33471972e5f38ccc99f9631d4a0b79c2216f5d0c Mon Sep 17 00:00:00 2001
From: Matthew Saunders Brown <msb@stackaas.com>
Date: Fri, 19 Mar 2021 11:59:41 -0700
Subject: [PATCH] webmail scripts must be run as root

---
 bin/webmail-disable.sh | 8 ++++++--
 bin/webmail-enable.sh  | 8 ++++++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/bin/webmail-disable.sh b/bin/webmail-disable.sh
index f80bed4..99a1755 100755
--- a/bin/webmail-disable.sh
+++ b/bin/webmail-disable.sh
@@ -4,8 +4,10 @@
 # https://git.stack-source.com/msb/vmail-stack
 # MIT License Copyright (c) 2021 Matthew Saunders Brown
 
-# load config
-source /usr/local/etc/vmail.conf || echo "ERROR: Either you do not have vmail user permissions or the config file is missing." && exit
+# must be root to disable apache config
+if [ "$USER" != "root" ]; then
+  exec su "$0" -- "$@"
+fi
 
 # check for and set virtualhost
 if [ -n "$1" ]; then
@@ -15,10 +17,12 @@ else
   exit 1
 fi
 
+# disable webmail vhost & restart apache
 if [ -h "/etc/apache2/sites-enabled/mail.$virtualhost.conf" ]; then
   /usr/sbin/a2dissite --quiet mail.$virtualhost
   /usr/bin/systemctl --quiet reload  apache2
 fi
+
 if [ -f "/etc/apache2/sites-available/mail.$virtualhost.conf" ]; then
   rm /etc/apache2/sites-available/mail.$virtualhost.conf
 fi
diff --git a/bin/webmail-enable.sh b/bin/webmail-enable.sh
index 7f74a85..f2e7ca7 100755
--- a/bin/webmail-enable.sh
+++ b/bin/webmail-enable.sh
@@ -4,8 +4,10 @@
 # https://git.stack-source.com/msb/vmail-stack
 # MIT License Copyright (c) 2021 Matthew Saunders Brown
 
-# load config
-source /usr/local/etc/vmail.conf || echo "ERROR: Either you do not have vmail user permissions or the config file is missing." && exit
+# must be root to enable apache config
+if [ "$USER" != "root" ]; then
+  exec su "$0" -- "$@"
+fi
 
 # check for and set virtualhost
 if [ -n "$1" ]; then
@@ -15,6 +17,7 @@ else
   exit 1
 fi
 
+# check that letsencrypt cert exists
 if [ ! -f /etc/ssl/letsencrypt/mail.$virtualhost.pem ]; then
   echo "Let's Encrypt cert for mail.$virtualhost does not exist, create that first:"
   exit 1
@@ -24,6 +27,7 @@ fi
 if [ ! -f "/etc/apache2/sites-available/mail.$virtualhost.conf" ]; then
   echo "Use VHostMAIL $virtualhost" > /etc/apache2/sites-available/mail.$virtualhost.conf
 fi
+
 if [ ! -h "/etc/apache2/sites-enabled/mail.$virtualhost.conf" ]; then
   /usr/sbin/a2ensite --quiet mail.$virtualhost
   /usr/bin/systemctl --quiet is-active apache2 && systemctl --quiet reload  apache2