{ =head1 NAME set-access-defaults -- Set services to appropriate defaults for SystemMode =head1 DESCRIPTION The SystemMode can be changed through the console. When it is changed, console-save is called, which causes services to be reconfigured in accordance with the new SystemMode. In servergateway mode, the following services are enabled on the external interface: HTTP, HTTPS, SMTP, AUTH/IDENT In servergateway-private mode, all external services are disabled This script is a no-op if the SystemMode has not been changed. =cut my $conf = $DB; my $current_mode = $conf->get_value('SystemMode') or return; my $sysconfig = $conf->get("sysconfig") or return; my $previous_mode = $sysconfig->prop('PreviousSystemMode') || "unknown"; if ($previous_mode eq "unknown") { $sysconfig->set_prop('PreviousSystemMode', $current_mode); return; } return unless ( $previous_mode eq 'servergateway-private' or $current_mode eq 'servergateway-private' ); #------------------------------------------------------------ # OK, we have a new SystemMode, go for it #------------------------------------------------------------ my %service2access = ( oidentd => "public", 'httpd-e-smith' => "public", 'qpsmtpd' => "public", 'sqpsmtpd' => "public", ftp => "private", imap => "private", imaps => "private", modSSL => "public", pop3s => "private", popd => "private", sshd => "private", telnet => "private", ); if ( $current_mode eq 'servergateway-private' ) { foreach my $key (keys %service2access) { $service2access{$key} = 'private'; } } #------------------------------------------------------------ # Enforce the default access rights #------------------------------------------------------------ foreach my $service ( keys %service2access ) { my $entry = $conf->get($service); next unless ($entry); $entry->set_prop("access", $service2access{$service}); } $sysconfig->set_prop('PreviousSystemMode', $current_mode); }