harden exim

[distro-setup] / epanic-clean

diff --git a/epanic-clean b/epanic-clean
index 8c26855041437f27fb4de093a5432ec64d4739d7..9886cb1228980d1bb1b997efaf82d5166187115f 100755 (executable)
--- a/epanic-clean
+++ b/epanic-clean
@@ -32,6 +32,18 @@ main() {
     return 0
   fi
 
+  # example line:
+  # 2022-02-09 22:08:14.683 [59759] socket bind() to port 25 for address 10.8.0.28 failed: Cannot assign requested address: daemon abandoned
+  if [[ -e /etc/systemd/system/exim4.service.d/backup.conf ]]; then
+    regex="socket bind() to port 25 for address"
+    grep "$regex" $pl >> $pl-archive ||:
+    sed -i "/$regex/d" $pl
+  fi
+
+  # this is a strange message due to running as nonroot
+  # regex='exim user lost privilege for using -C option'
+  # sed -i "/$regex/d" $pl
+
   # seems to randomly be caused by
   # Starting exim4-base housekeeping, exim4-base.service
   regex="^[^ ]* 00:00:0.* Failed writing transport results to pipe: Broken pipe$"
@@ -58,10 +70,10 @@ main() {
     # them. write lock happens less but can fit under the same rule.
     if (( count > 20 )); then
       cat $pl
-      elif ! $newlines; then
+    elif ! $newlines; then
       grep "$regex" $pl >>$pl-archive
       sed -i "/$regex/d" $pl
-      fi
+    fi
   fi
   ## end broken pipe ##