From 2e7d50617524f44e632d292f643fe0de732898b0 Mon Sep 17 00:00:00 2001
From: Wietse Venema <wietse@porcupine.org>
Date: Sun, 13 Jan 2002 00:00:00 -0500
Subject: [PATCH] snapshot-20020113

---
 postfix/HISTORY                   |   7 +
 postfix/Makefile.in               |   2 +-
 postfix/RELEASE_NOTES             |  12 +-
 postfix/conf/post-install         | 383 ++++++++++++++++-----
 postfix/conf/postfix-files        | 164 +++++++++
 postfix/postfix-install           | 536 ++++++++++++++----------------
 postfix/src/global/mail_version.h |   2 +-
 postfix/src/showq/showq.c         |   4 +-
 postfix/src/virtual/mailbox.c     |   6 +-
 9 files changed, 726 insertions(+), 390 deletions(-)
 create mode 100644 postfix/conf/postfix-files

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 0bbafeadb..50756ce4c 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -5949,6 +5949,13 @@ Apologies for any names omitted.
 	Feedback: feedback, bugfixes, and brain-dead shell workarounds
 	for the install scripts by Victor Duchovny and Simon Mudd.
 
+20020113
+
+	Rewrote postfix-install. The postfix-files file now controls
+	what is installed.  Refined the semantics of many post-install
+	operations. post-install now auto-saves settings that override
+	main.cf.
+
 Open problems:
 
 	Low: don't do user@domain and @domain lookups in
diff --git a/postfix/Makefile.in b/postfix/Makefile.in
index 46e70b22a..0dca600a9 100644
--- a/postfix/Makefile.in
+++ b/postfix/Makefile.in
@@ -58,7 +58,7 @@ cleanmakefiles:
 tidy:	clean
 	rm -f Makefile */Makefile src/*/Makefile
 	cp Makefile.init Makefile
-	rm -f bin/* lib/* include/* libexec/* \
+	rm -f bin/[!CRS]* lib/[!CRS]* include/[!CRS]* libexec/[!CRS]* \
 	    junk */junk */*/junk \
 	    *core */*core */*/*core \
 	    .nfs* */.nfs* */*/.nfs* \
diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES
index cdfc8924d..9b9c46455 100644
--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@@ -1,3 +1,13 @@
+Incompatible changes with snapshot-20020113
+===========================================
+
+Another revision of installation procedures. The command interface
+of the postfix-install and $config_directory/post-install scripts
+has changed; see embedded documentation.  postfix-install no longer has
+hard-coded commands to install files:  $config_directory/postfix-files
+now controls what files are installed. The post-install script now
+automatically saves installation parameters to the main.cf file.
+
 Incompatible changes with snapshot-20020111
 ===========================================
 
@@ -10,7 +20,7 @@ parameters such as mail_owner and setgid_group after installing
 Postfix, and apply the correct file/directory ownerships and
 permissions by executing the post-install script as:
 
-    post-install set-permissions config_directory=/etc/postfix
+    post-install set-permissions setgid_group=groupname
 
 Incompatible changes with snapshot-20020110
 ===========================================
diff --git a/postfix/conf/post-install b/postfix/conf/post-install
index 72cf1b953..e19a34bec 100644
--- a/postfix/conf/post-install
+++ b/postfix/conf/post-install
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# To view the formatted manual page of this file, type: 
+# To view the formatted manual page of this file, type:
 #	POSTFIXSOURCE/mantools/srctoman - post-install | nroff -man
 
 #++
@@ -15,67 +15,157 @@
 #	installation, after the executable programs and configuration
 #	files are installed. Usage is one of the following:
 # .IP o
-#	While installing Postfix from source code on the local machine, the 
+#	While installing Postfix from source code on the local machine, the
 #	script is run by the postfix-install script to update selected file
-#	or directory permissions and to update selected configuration files.
+#	or directory permissions and to update Postfix configuration files.
 # .IP o
-#	While installing Postfix from a pre-built package, the script is run 
-#	by the package management procedure to set all file or directory 
-#	permissions and to update existing Postfix configuration files.
+#	While installing Postfix from a pre-built package, the script is run
+#	by the package management procedure to set all file or directory
+#	permissions and to update Postfix configuration files.
 # .IP o
-#	At Postfix start-up time, the script is run from "postfix check" to 
+#	The script can be used to change installation parameter settings such
+#	as mail_owner or setgid_group after Postfix is already installed.
+# .IP o
+#	The script can be used to upgrade configuration files and to upgrade
+#	file/directory permissions of a secondary Postfix instance.
+# .IP o
+#	At Postfix start-up time, the script is run from "postfix check" to
 #	create missing queue directories.
 # .PP
+#	The post-install script is controlled by installation parameters.
+#	Specific parameters are described at the end of this document.
+#	All installation parameters must be specified ahead of time via
+#	one of the methods described below.
+#
 #	Arguments
 # .IP create-missing
 #	Create missing queue directories with ownerships and permissions
-#	according to the contents of $config_directory/postfix-files.
+#	according to the contents of $config_directory/postfix-files, using
+#	the mail_owner and setgid_group parameter settings from the command
+#	line, process environment or from the installed main.cf file.
 #
 #	This is required at Postfix start-up time.
 # .IP set-permissions
-#	Set all file/directory ownerships and permissions according to the 
-#	contents of $config_directory/postfix-files. Implies create-missing.
+#	Set all file/directory ownerships and permissions according to the
+#	contents of $config_directory/postfix-files, using the mail_owner
+#	and setgid_group parameter settings from the command line, process
+#	environment or from the installed main.cf file. Implies create-missing.
 #
-#	This is required when installing Postfix from a pre-built package.
+#	This is required when installing Postfix from a pre-built package,
+#	or when changing the mail_owner or setgid_group installation parameter
+#	settings after Postfix is already installed.
 # .IP upgrade-permissions
-#	Update ownership and permission of selected files/directories as
-#	specified in $config_directory/postfix-files. Implies create-missing.
+#	Update ownership and permission of existing files/directories as
+#	specified in $config_directory/postfix-files, using the mail_owner
+#	and setgid_group parameter settings from the command line, process
+#	environment or from the installed main.cf file. Implies create-missing.
 #
-#	This is required when installing Postfix from source code, while
-#	Postfix was already installed on the machine.
+#	This is required when upgrading an existing Postfix instance.
 # .IP upgrade-configuration
-#	Edit the installed main.cf and master.cf files, in order to account 
-#	for missing services and to fix deprecated parameter settings. 
+#	Edit the installed main.cf and master.cf files, in order to account
+#	for missing services and to fix deprecated parameter settings.
 #
-#	This is required when Postfix was already installed on the machine.
+#	This is required when upgrading an existing Postfix instance.
 # .IP upgrade-source
-#	Short-hand for upgrade-permissions upgrade-configuration.
+#	Short-hand for: upgrade-permissions upgrade-configuration.
 #
 #	This is recommended when upgrading Postfix from source code.
 # .IP upgrade-package
-#	Short-hand for set-permissions upgrade-configuration.
+#	Short-hand for: set-permissions upgrade-configuration.
 #
 #	This is recommended when upgrading Postfix from a pre-built package.
 # .IP first-install-reminder
 #	Remind the user that they still need to configure main.cf and the
-#	aliases file, and that newaliases needs to be run.
+#	aliases file, and that newaliases still needs to be run.
 #
 #	This is recommended when Postfix is installed for the first time.
-# .IP config_directory=pathname
-#	Absolute pathname of the directory with Postfix configuration files.
-#	This information must be specified if it is not given via the 
-#	process environment. 
-# .IP command_directory=pathname
-#	Absolute pathname of the directory with the postconf command.
-#	This information must be specified if it is not given via the 
-#	process environment, and if the directory is not a standard
-#	system directory.
+# MULTIPLE POSTFIX INSTANCES
+# .ad
+# .fi
+#	Multiple Postfix instances on the same machine can share command and
+#	daemon program files but must have separate configuration and queue
+#	directories.
+#
+#	To create a secondary Postfix installation on the same machine,
+#	copy the configuration files from the primary Postfix instance to
+#	a secondary configuration directory and execute:
+#
+#	post-install config_directory=secondary-config-directory \e
+# .in +4
+#		queue_directory=secondary-queue-directory \e
+# .br
+#		create-missing
+# .PP
+#	This creates secondary Postfix queue directories, sets their access
+#	permissions, and saves the specified installation parameters to the
+#	secondary main.cf file.
+#
+#	Be sure to list the secondary configuration directory in the
+#	alternate_config_directories parameter in the primary main.cf file.
+#
+#	To upgrade a secondary Postfix installation on the same machine,
+#	execute:
+#
+#	post-install config_directory=secondary-config-directory \e
+# .in +4
+#		upgrade-permissions upgrade-configuration
+# INSTALLATION PARAMETER INPUT METHODS
+# .ad
+# .fi
+#	Parameter settings can be specified through a variety of
+#	mechanisms.  In order of decreasing precedence these are:
+# .IP "command line"
+#	Parameter settings can be given as name=value arguments on
+#	the post-install command line. These have the highest precedence.
+#	Settings that override the installed main.cf file are saved.
+# .IP "process environment"
+#	Parameter settings can be given as name=value environment
+#	variables.
+#	Settings that override the installed main.cf file are saved.
+# .IP "installed configuration files"
+#	If a parameter is not specified via the command line or via the
+#	process environment, post-install will attempt to extract its
+#	value from the already installed Postfix main.cf configuration file.
+#	These settings have the lowest precedence.
+# INSTALLATION PARAMETER DESCRIPTION
+# .ad
+# .fi
+#	The description of installation parameters is as follows:
+# .IP config_directory
+#	The directory for Postfix configuration files.
+# .IP daemon_directory
+#	The directory for Postfix daemon programs. This directory
+#	should not be in the command search path of any users.
+# .IP command_directory
+#	The directory for Postfix administrative commands. This
+#	directory should be in the command search path of adminstrative users.
+# .IP queue_directory
+#	The directory for Postfix queues.
+# .IP sendmail_path
+#	The full pathname for the Postfix sendmail command.
+#	This is the Sendmail-compatible mail posting interface.
+# .IP newaliases_path
+#	The full pathname for the Postfix newaliases command.
+#	This is the Sendmail-compatible command to build alias databases
+#	for the Postfix local delivery agent.
+# .IP mailq_path
+#	The full pathname for the Postfix mailq command.
+#	This is the Sendmail-compatible command to list the mail queue.
+# .IP mail_owner
+#	The owner of the Postfix queue. Its numerical user ID and group ID
+#	must not be used by any other accounts on the system.
+# .IP setgid_group
+#	The group for mail submission and for queue management commands.
+#	Its numerical group ID must not be used by any other accounts on the
+#	system, not even by the mail_owner account.
+# .IP manpage_path
+#	The directory for the Postfix on-line manual pages.
 # SEE ALSO
 #	postfix-install(1) Postfix primary installation script.
 # FILES
-#	$config_directory/main.cf, Postfix installation configuration.
-#	$config_directory/postfix-files, permissions and ownerships.
-#	This file is created by postfix-install.
+#	$config_directory/main.cf, Postfix installation parameters.
+#	$config_directory/postfix-files, installation control file.
+#	$config_directory/install.cf, obsolete configuration file.
 # LICENSE
 # .ad
 # .fi
@@ -93,25 +183,25 @@ PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/
 SHELL=/bin/sh
 IFS=" 	
 "
+BACKUP_IFS="$IFS"
 
 USAGE="Usage: $0 [name=value] command
     create-missing          Create missing queue directories.
-    upgrade-source          Use when upgrading from source.
-    upgrade-package         Use when upgrading from pre-built package.
-    first-install-reminder  Remind of mandatory configuration steps.
-    config_directory=path   Specify an absolute path name.
-    command_directory=path  Specify an absolute path name."
+    upgrade-source          When installing or upgrading from source code.
+    upgrade-package         When installing or upgrading from pre-built package.
+    first-install-reminder  Remind of mandatory first-time configuration steps.
+    name=value              Specify an installation parameter".
 
 # Process command-line options and parameter settings. Work around
-# brain damaged shells. "name=value command" should not make the
-# name=value setting permanent.
+# brain damaged shells. "IFS=value command" should not make the
+# IFS=value setting permanent. But some broken standard allows it.
 
 create=; set_perms=; upgrade_perms=; upgrade_conf=; first_install_reminder=
 
 for arg
 do
     case $arg in
-                *=*) SAVED_IFS="$IFS"; IFS= eval $arg; IFS="$SAVED_IFS";;
+                *=*) IFS= eval $arg; IFS="$BACKUP_IFS";;
      create-missing) create=1;;
 	  set-perm*) create=1; set_perms=1;;
       upgrade-perm*) create=1; upgrade_perms=1;;
@@ -119,8 +209,7 @@ do
      upgrade-source) create=1; upgrade_conf=1; upgrade_perms=1;;
     upgrade-package) create=1; upgrade_conf=1; set_perms=1;;
      first-install*) first_install_reminder=1;;
-		 "") break;;
-		  *) echo "Error: $USAGE" 1>&2; exit 1;;
+		  *) echo "$0: Error: $USAGE" 1>&2; exit 1;;
     esac
     shift
 done
@@ -128,37 +217,10 @@ done
 # Sanity checks.
 
 test -n "$create$upgrade_conf$first_install_reminder" || {
-    echo "Error: $USAGE" 1>&2
+    echo "$0: Error: $USAGE" 1>&2
     exit 1
 }
 
-test -n "$config_directory" || {
-    echo "Error: no config_directory parameter setting." 1>&2
-    echo "$USAGE" 1>&2
-    exit 1
-}
-
-test -d "$config_directory" || {
-    echo Error: $config_directory is not a directory. 1>&2
-    exit 1
-}
-
-test -f $config_directory/postfix-files || {
-    Error: $config_directory/postfix-files is not a file. 1>&2
-    exit 1
-}
-
-# 
-# LINUX by default does not synchronously update directories -
-# that's dangerous for mail.
-#
-if [ -f /usr/bin/chattr ]
-then
-    CHATTR="/usr/bin/chattr +S"
-else
-    CHATTR=echo
-fi
-
 # Bootstrapping problem.
 
 if [ -n "$command_directory" ]
@@ -168,33 +230,170 @@ else
     POSTCONF="postconf"
 fi
 
-# Settings from main.cf must override command line or environment settings.
+test -n "$config_directory" ||
+    config_directory=`$POSTCONF -d -h config_directory` || exit 1
 
+test -d "$config_directory" || {
+    echo $0: Error: $config_directory is not a directory. 1>&2
+    exit 1
+}
+
+test -f $config_directory/postfix-files || {
+    $0: Error: $config_directory/postfix-files is not a file. 1>&2
+    exit 1
+}
+
+#
+# LINUX by default does not synchronously update directories -
+# that's dangerous for mail.
+#
+if [ -f /usr/bin/chattr ]
+then
+    CHATTR="/usr/bin/chattr +S"
+else
+    CHATTR=echo
+fi
+
+case `uname -s` in
+HP-UX*) FMT=cat;;
+     *) FMT=fmt;;
+esac
+
+# If a parameter is not set via the command line or environment,
+# try to use settings from installed configuration files.
+
+# Extract parameter settings from the obsolete install.cf file, as
+# a transitional aid.
+
+grep setgid_group $config_directory/main.cf >/dev/null 2>&1 || {
+    test -f $config_directory/install.cf  && {
+        for name in sendmail_path newaliases_path mailq_path setgid manpages
+        do
+	   eval : \${$name="\`. $config_directory/install.cf; echo \$$name\`"} \
+		|| exit 1
+        done
+        : ${setgid_group=$setgid}
+        : ${manpage_path=$manpages}
+    }
+}
+
+# Extract parameter settings from the installed main.cf file.
+
+test -f $config_directory/main.cf && {
+    for name in daemon_directory command_directory queue_directory mail_owner \
+        setgid_group sendmail_path newaliases_path mailq_path manpage_path
+    do
+        eval : \${$name=\`$POSTCONF -c $config_directory -h $name\`} || exit 1
+    done
+}
+
+# Sanity checks
+
+case $manpage_path in
+ no) echo $0: Error: manpage_path no longer accepts \"no\" values. 1>&2
+     echo Re-run this script as \"$0 manpage_path=/pathname $*\". 1>&2; exit 1;;
+esac
+
+case $setgid_group in
+ no) echo $0: Error: setgid_group no longer accepts \"no\" values. 1>&2
+     echo Re-run this script as \"$0 setgid_group=groupname $*\" 1>&2; exit 1;;
+esac
+
+for path in $daemon_directory $command_directory \
+    $queue_directory $sendmail_path $newaliases_path $mailq_path $manpage_path
+do
+   case $path in
+   /*) ;;
+    *) echo $0: Error: $path should be an absolute path name. 1>&2; exit 1;;
+   esac
+done
+
+# Find out what parameters were not specified via command line,
+# via environment, or via installed configuration files.
+
+missing=
 for name in daemon_directory command_directory queue_directory mail_owner \
     setgid_group sendmail_path newaliases_path mailq_path manpage_path
 do
-    eval $name=\`$POSTCONF -c $config_directory -h $name\` || kill $$
+    eval test -n \"\$$name\" || missing="$missing $name"
 done
 
+# All parameters must be specified at this point.
+
+test -n "$non_interactive" -a -n "$missing" && {
+    cat <<EOF | ${FMT} 1>&2
+$0: Error: some required installation parameters are not defined.
+
+- Either the parameters need to be given in the $config_directory/main.cf
+file from a recent Postfix installation,
+
+- Or the parameters need to be specified as name=value arguments
+on the $0 command line,
+
+- Or the parameters need to be specified through the process
+environment.
+
+The following parameters were missing:
+
+    $missing
+
+EOF
+    exit 1
+}
+
 POSTCONF="$command_directory/postconf"
 
+# Save settings, allowing command line/environment override.
+
+override=
+for name in daemon_directory command_directory queue_directory mail_owner \
+    setgid_group sendmail_path newaliases_path mailq_path manpage_path
+do
+    eval test \"\$$name\" = \"`$POSTCONF -c $config_directory -h $name`\" || {
+	override=1
+	break
+    }
+done
+
+test -n "$override" && {
+    $POSTCONF -c $config_directory -e \
+	"daemon_directory = $daemon_directory" \
+	"command_directory = $command_directory" \
+	"queue_directory = $queue_directory" \
+	"mail_owner = $mail_owner" \
+	"setgid_group = $setgid_group" \
+	"sendmail_path = $sendmail_path" \
+	"mailq_path = $mailq_path" \
+	"newaliases_path = $newaliases_path" \
+	"manpage_path = $manpage_path" \
+    || exit 1
+}
+
 # Use file/directory status information in $config_directory/postfix-files.
 
 test -n "$create" && {
-    while IFS=: read path type owner group mode upgrade_flag create_flag junk
+    exec <$config_directory/postfix-files || exit 1
+    while IFS=: read path type owner group mode flags junk
     do
+	IFS="$BACKUP_IFS"
 	set_permission=
+	# Skip comments.
 	case $path in
-	[$]*) eval path=$path;;
-	  /*) ;;
-	   *) continue;;
-	esac
-	case $owner in
-	[$]*) eval owner=$owner;;
-	esac
-	case $group in
-	[$]*) eval group=$group;;
+	[/$]*) ;;
+	    *) continue;;
 	esac
+	# Expand $name, and canonicalize null fields.
+	for name in path owner group flags
+	do
+	    eval junk=\${$name}
+	    case $junk in
+	    [$]*) eval $name=$junk;;
+	       -) eval $name=;;
+	       *) ;;
+	    esac
+	done
+	case $flags in *u*) upgrade_flag=1;; *) upgrade_flag=;; esac
+	case $flags in *c*) create_flag=1;; *) create_flag=;; esac
 	# Create missing directories with proper owner/group/mode settings.
 	if [ -n "$create" -a "$type" = "d" -a -n "$create_flag" -a ! -d "$path" ]
 	then
@@ -215,7 +414,7 @@ test -n "$create" && {
 	    test -z "$group" || chgrp $group $path || exit 1
 	    chmod $mode $path || exit 1
 	}
-    done <$config_directory/postfix-files
+    done
 }
 
 # Upgrade existing Postfix configuration files if necessary.
@@ -226,7 +425,7 @@ test -n "$upgrade_conf" && {
 
     grep 'flush.*flush' $config_directory/master.cf >/dev/null || {
 	echo Editing $config_directory/master.cf, adding missing entry for flush service
-	cat >>$config_directory/master.cf <<EOF
+	cat >>$config_directory/master.cf <<EOF || exit 1
 flush     unix  -       -       n       1000?   0       flush
 EOF
     }
@@ -236,7 +435,7 @@ EOF
     grep "^pickup[ 	]*fifo[ 	]*n[ 	]*n" \
 	$config_directory/master.cf >/dev/null && {
 	    echo Editing $config_directory/master.cf, making the pickup service unprivileged
-	    ed $config_directory/master.cf <<EOF
+	    ed $config_directory/master.cf <<EOF || exit 1
 /^pickup[ 	]*fifo[ 	]*n[ 	]*n/
 s/\(n[ 	]*\)n/\1-/
 p
@@ -252,7 +451,7 @@ EOF
 	grep "^$name[ 	]*unix[ 	]*-" \
 	    $config_directory/master.cf >/dev/null && {
 		echo Editing $config_directory/master.cf, making the $name service public
-	    ed $config_directory/master.cf <<EOF
+	    ed $config_directory/master.cf <<EOF || exit 1
 /^$name[ 	]*unix[ 	]*-/
 s/-/n/
 p
@@ -266,8 +465,8 @@ EOF
     # be hashed, and so should the other directories, because they
     # can contain even more mail.
     #
-    # Unfortunately, this sucks mailq performance on unloaded systems. 
-    # 
+    # Unfortunately, this sucks mailq performance on unloaded systems.
+    #
     # If you don't want slow mailq, be sure to hash defer and deferred,
     # because those two directories can contain lots of files.
 
@@ -281,9 +480,9 @@ EOF
     (echo "$found" | grep deferred>/dev/null)|| missing="$missing deferred"
     test -n "$missing" && {
 	echo fixing main.cf hash_queue_names for missing $missing
-	$POSTCONF -c $config_directory -e hash_queue_names="$found$missing"
+	$POSTCONF -c $config_directory -e hash_queue_names="$found$missing" ||
+	    exit 1
     }
-
 }
 
 # A reminder if this is the first time Postfix is being installed.
@@ -292,7 +491,7 @@ test -n "$first_install_reminder" && {
 
     ALIASES=`$POSTCONF -h alias_database | sed 's/^[^:]*://'`
     NEWALIASES_PATH=`$POSTCONF -h newaliases_path`
-    cat <<EOF 1>&2
+    cat <<EOF | ${FMT}
 
     Warning: you still need to edit myorigin/mydestination/mynetworks
     parameter settings in $config_directory/main.cf.
diff --git a/postfix/conf/postfix-files b/postfix/conf/postfix-files
new file mode 100644
index 000000000..662dc18b9
--- /dev/null
+++ b/postfix/conf/postfix-files
@@ -0,0 +1,164 @@
+#
+# Do not edit this file.
+#
+# This file controls the postfix-install script for installation of
+# Postfix programs, configuration files and documentation, as well
+# as the post-install script for setting permissions and for updating
+# Postfix configuration files. See the respective manual pages within
+# the script files.
+#
+# Do not list $command_directory in this file, or it will be blown
+# away by a future Postfix uninstallation procedure. You would not
+# want to lose all files in /usr/sbin.
+#
+# Each record in this file describes one file or directory.
+# Fields are separated by ":". Specify a null field as "-".
+# Missing fields or separators at the end are OK.
+#
+# File format:
+#	name:type:owner:group:permission:flags
+#	No group means don't change group ownership.
+#
+# File types:
+#	d=directory
+#	f=regular file
+#	l=symlink to $sendmail_path
+#
+# File flags:
+#	No flag means the flag is not active.
+#	p=preserve existing file, do not replace (postfix-install).
+#	u=update owner/group/mode (post-install upgrade-permissions).
+#	c=create missing directory (post-install create-missing).
+#
+# Note: the "u" flag is for upgrading the permissions of existing files
+# or directories after changes in Postfix architecture.
+#
+$config_directory:d:root:-:755:u
+$daemon_directory:d:root:-:755:u
+$queue_directory:d:root:-:755:uc
+$queue_directory/active:d:$mail_owner:-:700:uc
+$queue_directory/bounce:d:$mail_owner:-:700:uc
+$queue_directory/corrupt:d:$mail_owner:-:700:uc
+$queue_directory/defer:d:$mail_owner:-:700:uc
+$queue_directory/deferred:d:$mail_owner:-:700:uc
+$queue_directory/flush:d:$mail_owner:-:700:uc
+$queue_directory/incoming:d:$mail_owner:-:700:uc
+$queue_directory/private:d:$mail_owner:-:700:uc
+$queue_directory/saved:d:$mail_owner:-:700:uc
+$queue_directory/maildrop:d:$mail_owner:$setgid_group:730:uc
+$queue_directory/public:d:$mail_owner:$setgid_group:710:uc
+$queue_directory/pid:d:root:-:755:uc
+$daemon_directory/bounce:f:root:-:755
+$daemon_directory/cleanup:f:root:-:755
+$daemon_directory/error:f:root:-:755
+$daemon_directory/flush:f:root:-:755
+$daemon_directory/lmtp:f:root:-:755
+$daemon_directory/local:f:root:-:755
+$daemon_directory/master:f:root:-:755
+$daemon_directory/nqmgr:f:root:-:755
+$daemon_directory/pickup:f:root:-:755
+$daemon_directory/pipe:f:root:-:755
+$daemon_directory/qmgr:f:root:-:755
+$daemon_directory/qmqpd:f:root:-:755
+$daemon_directory/showq:f:root:-:755
+$daemon_directory/smtp:f:root:-:755
+$daemon_directory/smtpd:f:root:-:755
+$daemon_directory/spawn:f:root:-:755
+$daemon_directory/trivial-rewrite:f:root:-:755
+$daemon_directory/virtual:f:root:-:755
+$command_directory/postalias:f:root:-:755
+$command_directory/postcat:f:root:-:755
+$command_directory/postconf:f:root:-:755
+$command_directory/postfix:f:root:-:755
+$command_directory/postkick:f:root:-:755
+$command_directory/postlock:f:root:-:755
+$command_directory/postlog:f:root:-:755
+$command_directory/postmap:f:root:-:755
+$command_directory/postsuper:f:root:-:755
+$command_directory/postdrop:f:root:$setgid_group:2755
+$command_directory/postqueue:f:root:$setgid_group:2755
+$sendmail_path:f:root:-:755
+$newaliases_path:l:root:-:755
+$mailq_path:l:root:-:755
+$config_directory/LICENSE:f:root:-:644
+$config_directory/access:f:root:-:644:p
+$config_directory/aliases:f:root:-:644:p
+$config_directory/canonical:f:root:-:644:p
+$config_directory/main.cf:f:root:-:644:p
+$config_directory/main.cf.default:f:root:-:644
+$config_directory/master.cf:f:root:-:644:p
+$config_directory/pcre_table:f:root:-:644:p
+$config_directory/postfix-files:f:root:-:644
+$config_directory/regexp_table:f:root:-:644:p
+$config_directory/relocated:f:root:-:644:p
+$config_directory/sample-aliases.cf:f:root:-:644
+$config_directory/sample-auth.cf:f:root:-:644
+$config_directory/sample-canonical.cf:f:root:-:644
+$config_directory/sample-compatibility.cf:f:root:-:644
+$config_directory/sample-debug.cf:f:root:-:644
+$config_directory/sample-filter.cf:f:root:-:644
+$config_directory/sample-flush.cf:f:root:-:644
+$config_directory/sample-ldap.cf:f:root:-:644
+$config_directory/sample-lmtp.cf:f:root:-:644
+$config_directory/sample-local.cf:f:root:-:644
+$config_directory/sample-misc.cf:f:root:-:644
+$config_directory/sample-pcre-access.cf:f:root:-:644
+$config_directory/sample-pcre-body.cf:f:root:-:644
+$config_directory/sample-pcre-header.cf:f:root:-:644
+$config_directory/sample-qmqpd.cf:f:root:-:644
+$config_directory/sample-rate.cf:f:root:-:644
+$config_directory/sample-regexp-access.cf:f:root:-:644
+$config_directory/sample-regexp-body.cf:f:root:-:644
+$config_directory/sample-regexp-header.cf:f:root:-:644
+$config_directory/sample-relocated.cf:f:root:-:644
+$config_directory/sample-resource.cf:f:root:-:644
+$config_directory/sample-rewrite.cf:f:root:-:644
+$config_directory/sample-smtp.cf:f:root:-:644
+$config_directory/sample-smtpd.cf:f:root:-:644
+$config_directory/sample-transport.cf:f:root:-:644
+$config_directory/sample-virtual.cf:f:root:-:644
+$config_directory/transport:f:root:-:644:p
+$config_directory/virtual:f:root:-:644:p
+$config_directory/postfix-script:f:root:-:755
+$config_directory/post-install:f:root:-:755
+$manpage_path/man1/mailq.1:f:root:-:644
+$manpage_path/man1/newaliases.1:f:root:-:644
+$manpage_path/man1/postalias.1:f:root:-:644
+$manpage_path/man1/postcat.1:f:root:-:644
+$manpage_path/man1/postconf.1:f:root:-:644
+$manpage_path/man1/postdrop.1:f:root:-:644
+$manpage_path/man1/postfix.1:f:root:-:644
+$manpage_path/man1/postkick.1:f:root:-:644
+$manpage_path/man1/postlock.1:f:root:-:644
+$manpage_path/man1/postlog.1:f:root:-:644
+$manpage_path/man1/postmap.1:f:root:-:644
+$manpage_path/man1/postqueue.1:f:root:-:644
+$manpage_path/man1/postsuper.1:f:root:-:644
+$manpage_path/man1/sendmail.1:f:root:-:644
+$manpage_path/man5/access.5:f:root:-:644
+$manpage_path/man5/aliases.5:f:root:-:644
+$manpage_path/man5/canonical.5:f:root:-:644
+$manpage_path/man5/pcre_table.5:f:root:-:644
+$manpage_path/man5/regexp_table.5:f:root:-:644
+$manpage_path/man5/relocated.5:f:root:-:644
+$manpage_path/man5/transport.5:f:root:-:644
+$manpage_path/man5/virtual.5:f:root:-:644
+$manpage_path/man8/bounce.8:f:root:-:644
+$manpage_path/man8/cleanup.8:f:root:-:644
+$manpage_path/man8/defer.8:f:root:-:644
+$manpage_path/man8/error.8:f:root:-:644
+$manpage_path/man8/flush.8:f:root:-:644
+$manpage_path/man8/lmtp.8:f:root:-:644
+$manpage_path/man8/local.8:f:root:-:644
+$manpage_path/man8/master.8:f:root:-:644
+$manpage_path/man8/nqmgr.8:f:root:-:644
+$manpage_path/man8/pickup.8:f:root:-:644
+$manpage_path/man8/pipe.8:f:root:-:644
+$manpage_path/man8/qmgr.8:f:root:-:644
+$manpage_path/man8/qmqpd.8:f:root:-:644
+$manpage_path/man8/showq.8:f:root:-:644
+$manpage_path/man8/smtp.8:f:root:-:644
+$manpage_path/man8/smtpd.8:f:root:-:644
+$manpage_path/man8/spawn.8:f:root:-:644
+$manpage_path/man8/trivial-rewrite.8:f:root:-:644
+$manpage_path/man8/virtual.8:f:root:-:644
diff --git a/postfix/postfix-install b/postfix/postfix-install
index 20589cb1d..5e9580179 100644
--- a/postfix/postfix-install
+++ b/postfix/postfix-install
@@ -9,12 +9,12 @@
 # SUMMARY
 #	Postfix installation procedure
 # SYNOPSIS
-#	sh postfix-install [-non-interactive] [name=value] ...
+#	sh postfix-install [options] [name=value] ...
 # DESCRIPTION
 #	The postfix-install script is to be run from the top-level
 #	Postfix source directory. It implements the following operations:
 # .IP o
-#	Install or upgrade Postfix from source code. This mode requires
+#	Install or upgrade Postfix from source code. This requires
 #	super-user privileges.
 # .IP o
 #	Build a package that can be distributed to other systems, in order
@@ -27,8 +27,8 @@
 #	Specific parameters are described at the end of this document.
 #
 #	By default, postfix-install asks the user for installation
-#	parameter settings. Settings are stored in the installed
-#	main.cf file. These settings are used as site-specific defaults
+#	parameter settings. Most settings are stored in the installed
+#	main.cf file. Stored settings are used as site-specific defaults
 #	when the postfix-install script is run later.
 #
 #	The names of Postfix files and directories, as well as their
@@ -41,20 +41,17 @@
 #
 #	Arguments
 # .IP -non-interactive
-#	Do not ask the user for parameter settings. This is useful for
-#	upgrading an existing Postfix installation from source code,
-#	or for preparing a pre-built package for distribution to other
-#	systems. Installation parameters must be specified via one of
-#	the non-interactive methods described below.
+#	Do not ask the user for parameter settings. Installation parameters
+#	are specified via one of the non-interactive methods described
+#	below.
 # INSTALLATION PARAMETER INPUT METHODS
 # .ad
 # .fi
 #	Parameter settings can be specified through a variety of
 #	mechanisms.  In order of decreasing precedence these are:
 # .IP "interactive mode"
-#	By default, postfix-install will ask the user for
-#	installation parameter settings. These settings have the highest
-#	precedence.
+#	By default, postfix-install will ask the user for installation
+#	parameter settings. These settings have the highest precedence.
 # .IP "command line"
 #	Parameter settings can be given as name=value arguments on
 #	the postfix-install command line.
@@ -77,63 +74,74 @@
 #	Prefix that is prepended to the pathnames of installed files.
 #	This is useful for creating a pre-built package for distribution to
 #	other systems. The built-in default is "/", the local root directory.
+#	This parameter setting is not recorded in the installed main.cf file.
 # .IP tempdir
 #	Directory for scratch files while installing Postfix.
 #	You must must have write permission in this directory.
 #	The built-in default directory name is the current directory.
+#	This parameter setting is not recorded in the installed main.cf file.
 # .IP config_directory
-#	Destination directory for Postfix configuration files. The
-#	built-in default directory name is /etc/postfix.
+#	The destination directory for Postfix configuration files.
+#	The built-in default directory name is /etc/postfix.
+#	This parameter setting is not recorded in the installed main.cf file.
 # .IP daemon_directory
-#	Destination directory for Postfix daemon programs. This directory
-#	should not be in the command search path of any users. The built-in
-#	default directory name is /usr/libexec/postfix.
+#	The destination directory for Postfix daemon programs. This directory
+#	should not be in the command search path of any users.
+#	The built-in default directory name is /usr/libexec/postfix.
 # .IP command_directory
-#	Destination directory for Postfix administrative commands. This
+#	The destination directory for Postfix administrative commands. This
 #	directory should be in the command search path of adminstrative users.
 #	The built-in default directory name is system dependent.
+#	This parameter setting is recorded in the installed main.cf file.
 # .IP queue_directory
-#	The destination directory for Postfix queues. The built-in default
-#	directory name is /var/spool/postfix.
+#	The destination directory for Postfix queues.
+#	The built-in default directory name is /var/spool/postfix.
+#	This parameter setting is recorded in the installed main.cf file.
 # .IP sendmail_path
 #	The full destination pathname for the Postfix sendmail command.
 #	This is the Sendmail-compatible mail posting interface.
 #	The built-in default pathname is system dependent.
+#	This parameter setting is recorded in the installed main.cf file.
 # .IP newaliases_path
 #	The full destination pathname for the Postfix newaliases command.
 #	This is the Sendmail-compatible command to build alias databases
 #	for the Postfix local delivery agent.
 #	The built-in default pathname is system dependent.
+#	This parameter setting is recorded in the installed main.cf file.
 # .IP mailq_path
 #	The full destination pathname for the Postfix mailq command.
 #	This is the Sendmail-compatible command to list the mail queue.
 #	The built-in default pathname is system dependent.
+#	This parameter setting is recorded in the installed main.cf file.
 # .IP mail_owner
 #	The owner of the Postfix queue. Its numerical user ID and group ID
-#	must not be used by any other accounts on the system. The built-in
-#	default account name is postfix.
+#	must not be used by any other accounts on the system.
+#	The built-in default account name is postfix.
+#	This parameter setting is recorded in the installed main.cf file.
 # .IP setgid_group
 #	The group for mail submission and for queue management commands.
 #	Its numerical group ID must not be used by any other accounts on the
-#	system, not even by the mail_owner account. The built-in default group
-#	name is postdrop.
+#	system, not even by the mail_owner account.
+#	The built-in default group name is postdrop.
+#	This parameter setting is recorded in the installed main.cf file.
 # .IP manpage_path
 #	The destination directory for the Postfix on-line manual pages.
+#	This parameter setting is recorded in the installed main.cf file.
 # SEE ALSO
 #	post-install(1) post-installation procedure
 # FILES
 #	$config_directory/main.cf, Postfix installation configuration.
-#	$config_directory/postfix-files, permissions and ownerships.
-#	This file is created by postfix-install.
+#	$config_directory/postfix-files, installation control file.
+#	$config_directory/install.cf, obsolete configuration file.
 # LICENSE
 # .ad
 # .fi
-#       The Secure Mailer license must be distributed with this software.
+#	The Secure Mailer license must be distributed with this software.
 # AUTHOR(S)
-#       Wietse Venema
-#       IBM T.J. Watson Research
-#       P.O. Box 704
-#       Yorktown Heights, NY 10598, USA
+#	Wietse Venema
+#	IBM T.J. Watson Research
+#	P.O. Box 704
+#	Yorktown Heights, NY 10598, USA
 #--
 
 # Initialize.
@@ -144,18 +152,22 @@ PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/
 SHELL=/bin/sh
 IFS=" 	
 "
+BACKUP_IFS="$IFS"
+
+USAGE="Usage: $0 [name=value] [option]
+    -non-interactive        Do not ask for installation parameters.
+    name=value              Specify an installation parameter".
 
 # Process command-line options and parameter settings. Work around
-# brain damaged shells. "name=value command" should not make the
-# name=value setting permanent.
+# brain damaged shells. "IFS=value command" should not make the
+# IFS=value setting permanent. But some broken standard allows it.
 
 for arg
 do
     case $arg in
-             *=*) SAVED_IFS="$IFS"; IFS= eval $arg; IFS="$SAVED_IFS";;
--non-interactive) non_interactive=1;;
-               *) echo Error: usage: $0 [-non-interactive] name=value ... 1>&2
-		  exit 1;;
+      *=*) IFS= eval $arg; IFS="$BACKUP_IFS";;
+-non-int*) non_interactive=1;;
+        *) echo $0: Error: $USAGE 1>&2; exit 1;;
     esac
     shift
 done
@@ -163,12 +175,12 @@ done
 # Sanity checks.
 
 test -z "$non_interactive" -a ! -t 0 && {
-    echo Error: for non-interactive use, run: \"$0 -non-interactive\" 1>&2
+    echo $0: Error: for non-interactive use, run: \"$0 -non-interactive\" 1>&2
     exit 1
 }
 
 test -x bin/postconf || {
-    echo Error: no bin/postconf file. Did you forget to run \"make\"? 1>&2
+    echo $0: Error: no bin/postconf file. Did you forget to run \"make\"? 1>&2
     exit 1
 }
 
@@ -197,20 +209,20 @@ EOF
 # when upgrading Postfix on a live machine. It also avoids surprises
 # when building a Postfix package for distribution to other systems.
 
-censored_ls() {
-    ls "$@" | egrep -v '^\.|/\.|CVS|RCS|SCCS'
-}
-
 compare_or_replace() {
-    (cmp $2 $3 >/dev/null 2>&1 && echo Skipping $3...) || {
-	echo Updating $3...
+    mode=$1
+    owner=$2
+    group=$3
+    src=$4
+    dst=$5
+    (cmp $src $dst >/dev/null 2>&1 && echo Skipping $dst...) || {
+	echo Updating $dst...
 	rm -f $tempdir/junk || exit 1
-	cp $2 $tempdir/junk || exit 1
-	test -z "$4" || chgrp $4 $tempdir/junk || exit 1
-	chmod $1 $tempdir/junk || exit 1
-	mv -f $tempdir/junk $3 || exit 1
-	test -z "$4" || chgrp $4 $3 || exit 1
-	chmod $1 $3 || exit 1
+	cp $src $tempdir/junk || exit 1
+	mv -f $tempdir/junk $dst || exit 1
+	test -z "$owner" || chown $owner $dst || exit 1
+	test -z "$group" || chgrp $group $dst || exit 1
+	chmod $mode $dst || exit 1
     }
 }
 
@@ -235,7 +247,7 @@ compare_or_symlink() {
 	'`
 	ln -s $link $tempdir/junk || exit 1
 	mv -f $tempdir/junk $2 || {
-	    echo Error: your mv command is unable to rename symlinks. 1>&2
+	    echo $0: Error: your mv command is unable to rename symlinks. 1>&2
 	    echo If you run Linux, upgrade to GNU fileutils-4.0 or better, 1>&2
 	    echo or choose a tempdir that is in the same file system as $2. 1>&2
 	    exit 1
@@ -243,12 +255,12 @@ compare_or_symlink() {
     }
 }
 
-compare_or_move() {
-    (cmp $2 $3 >/dev/null 2>&1 && echo Skipping $3...) || {
-	echo Updating $3...
-	mv -f $2 $3 || exit 1
-	chmod $1 $3 || exit 1
-    }
+check_parent() {
+    for path
+    do
+	dir=`echo $path|sed -e 's/[/][/]*[^/]*$//' -e 's/^$/\//'`
+	test -d $dir || mkdir -p $dir || exit 1
+    done
 }
 
 # How to supress newlines in echo.
@@ -325,8 +337,8 @@ do
 	case $ans in
 	"") break;;
 	 *) case $ans in
-	    /*) eval $name=\$ans; break;;
-	     *) echo; echo Error: $name should be an absolute path name. 1>&2;;
+	    /*) eval $name=$ans; break;;
+	     *) echo; echo $0: Error: $name should be an absolute path name. 1>&2;;
 	    esac;;
 	esac
     done
@@ -343,76 +355,41 @@ CONFIG_DIRECTORY=$install_root$config_directory
 # If a parameter is not set via the command line or environment,
 # try to use settings from installed configuration files.
 
-# Extract parameter settings from the installed main.cf file.
-
-test -f $CONFIG_DIRECTORY/main.cf && {
-    for name in daemon_directory command_directory queue_directory mail_owner \
-	setgid_group sendmail_path newaliases_path mailq_path manpage_path
-    do
-	eval : \${$name=\`bin/postconf -c $CONFIG_DIRECTORY -h $name\`} || kill $$
-    done
-}
-
-# Grandfathering: some parameters used to be stored in install.cf.
-# They are now part of main.cf. Some names have changed as well.
+# Extract parameter settings from the obsolete install.cf file, as
+# a transitional aid.
 
 grep setgid_group $CONFIG_DIRECTORY/main.cf >/dev/null 2>&1 || {
-    test -f $CONFIG_DIRECTORY/install.cf  && {
+    test -f $CONFIG_DIRECTORY/install.cf && {
 	for name in sendmail_path newaliases_path mailq_path setgid manpages
 	do
-	    eval : \${$name=`. $CONFIG_DIRECTORY/install.cf; echo \$name`}
+	   eval : \${$name="\`. $CONFIG_DIRECTORY/install.cf; echo \$$name\`"} \
+		|| exit 1
 	done
 	: ${setgid_group=$setgid}
 	: ${manpage_path=$manpages}
     }
 }
 
-# Find out what parameters were not specified via command line,
-# via environment, or via installed configuration files.
+# Extract parameter settings from the installed main.cf file.
+
+test -f $CONFIG_DIRECTORY/main.cf && {
+    for name in daemon_directory command_directory queue_directory mail_owner \
+	setgid_group sendmail_path newaliases_path mailq_path manpage_path
+    do
+	eval : \${$name=\`bin/postconf -c $CONFIG_DIRECTORY -h $name\`} ||
+	    exit 1
+    done
+}
+
+# Use built-in defaults as the final source of parameter settings.
 
-missing=
 for name in daemon_directory command_directory queue_directory mail_owner \
     setgid_group sendmail_path newaliases_path mailq_path manpage_path
 do
-    eval test -n \"\$$name\" || missing="$missing $name"
+    eval : \${$name=\`bin/postconf -d -h $name\`} || exit 1
 done
 
-# In the case of non-interactive installation, all parameters must
-# be specified at this point.
-
-test -n "$non_interactive" -a -n "$missing" && {
-    cat <<EOF | ${FMT} 1>&2
-Error: non-interactive installation requires that all parameters
-be specified ahead of time.
-
-- Either the parameters must be given in the $CONFIG_DIRECTORY/main.cf
-file from a recent Postfix installation,
-
-- Or the parameters need to be specified as name=value arguments
-on the $0 command line,
-
-- Or the parameters need to be specified through the process
-environment.
-
-The following parameters were missing:
-
-    $missing
-
-For interactive installation use "make install".
-EOF
-    exit 1
-}
-
-# Use built-in defaults for parameters that weren't set via the
-# environment, via the command line, or via installed configuration
-# files.
-
-for name in $missing
-do
-    eval : \${$name=\`bin/postconf -d -h $name\`} || kill $$
-done
-
-# Override default settings.
+# Override settings manually.
 
 test -z "$non_interactive" && for name in daemon_directory command_directory \
     queue_directory sendmail_path newaliases_path mailq_path mail_owner \
@@ -426,21 +403,27 @@ do
 	read ans
 	case $ans in
 	"") break;;
-	 *) eval $name=\$ans; break;;
+	 *) eval $name=$ans; break;;
 	esac
     done
 done
 
 # Sanity checks
 
-case $manpage_path in
- no) echo Error: manpage_path no longer accepts \"no\" values. 1>&2
-     echo Re-run this script with \"make install\". 1>&2; exit 1;;
+case $setgid_group in
+ no) echo $0: Error: the setgid_group parameter no longer accepts 1>&2
+     echo \"no\" values. Try again with \"setgid_group=groupname\" on the 1>&2
+     echo command line or execute \"make install\" and specify setgid_group 1>&2
+     echo interactively. 1>&2
+     exit 1;;
 esac
 
-case $setgid_group in
- no) echo Error: setgid_group no longer accepts \"no\" values. 1>&2
-     echo Re-run this script with \"make install\". 1>&2; exit 1;;
+case $manpage_path in
+ no) echo $0: Error: the manpage_path parameter no longer accepts 1>&2
+     echo \"no\" values.  Try again with \"manpage_path=/path/name\" on the 1>&2
+     echo command line or execute \"make install\" and specify manpage_path 1>&2
+     echo interactively. 1>&2
+     exit 1;;
 esac
 
 for path in $daemon_directory $command_directory \
@@ -448,19 +431,44 @@ for path in $daemon_directory $command_directory \
 do
    case $path in
    /*) ;;
-    *) echo Error: $path should be an absolute path name. 1>&2; exit 1;;
+    *) echo $0: Error: $path should be an absolute path name. 1>&2; exit 1;;
    esac
 done
 
 test -d $tempdir || mkdir -p $tempdir || exit 1
 
+trap "rm -f $tempdir/junk" 0 1 2 3 15
+
 ( rm -f $tempdir/junk && touch $tempdir/junk ) || {
-    echo Error: you have no write permission to $tempdir. 1>&2
+    echo $0: Error: you have no write permission to $tempdir. 1>&2
     echo Specify an alternative directory for scratch files. 1>&2
     exit 1
 }
 
-rm -f $tempdir/junk
+test -z "$install_root" && {
+
+    chown root $tempdir/junk >/dev/null 2>&1 || {
+	echo Error: you have no permission to change file ownership. 1>&2
+	exit 1
+    }
+
+    chown "$mail_owner" $tempdir/junk >/dev/null 2>&1 || {
+	echo $0: Error: $mail_owner needs an entry in the passwd file. 1>&2
+	echo Remember, $mail_owner needs a dedicated user id and group id. 1>&2
+	exit 1
+    }
+
+    chgrp "$setgid_group" $tempdir/junk >/dev/null 2>&1 || {
+	echo $0: Error: $setgid needs an entry in the group file. 1>&2
+	echo Remember, $setgid needs a dedicated group id. 1>&2
+	exit 1
+    }
+
+}
+
+rm -f $tempdir/junk || exit 1
+
+trap 0 1 2 3 15
 
 # Avoid clumsiness.
 
@@ -472,183 +480,131 @@ NEWALIASES_PATH=$install_root$newaliases_path
 MAILQ_PATH=$install_root$mailq_path
 MANPAGE_PATH=$install_root$manpage_path
 
-# Create any missing directories.
+# Avoid repeated tests for existence of these.
 
-test -d $CONFIG_DIRECTORY || mkdir -p $CONFIG_DIRECTORY || exit 1
 test -d $DAEMON_DIRECTORY || mkdir -p $DAEMON_DIRECTORY || exit 1
 test -d $COMMAND_DIRECTORY || mkdir -p $COMMAND_DIRECTORY || exit 1
-test -d $QUEUE_DIRECTORY || mkdir -p $QUEUE_DIRECTORY || exit 1
-for path in $SENDMAIL_PATH $NEWALIASES_PATH $MAILQ_PATH
-do
-    dir=`echo $path|sed -e 's/[/][/]*[^/]*$//' -e 's/^$/\//'`
-    test -d $dir || mkdir -p $dir || exit 1
-done
 
-# Install files. Keep a record of pathnames, ownerships and permissions
-# so that "postfix check" and "post-install" can do the right thing.
-
-# If building a package for distribution to other systems, don't
-# enable execute permission.
-
-if [ -n "$install_root" ]
-then
-    EXE=644
-else
-    EXE=755
-fi
-
-cat <<EOF >$CONFIG_DIRECTORY/postfix-files || exit 1
-#
-# Do not edit. This file was generated by $0.
-#
-# Do not list \$command_directory here, or it will be blown
-# away by a future Postfix uninstallation procedure.
-#
-# File format:
-#	name:type:owner:group:permission:upgrade:create
-#	No group means don't change group ownership.
-#
-# File flags:
-#	No flag means the flag is not active.
-#	update=update owner/group/mode (upgrade mode).
-#	create=create missing directory.
-#
-\$config_directory:d:root::755:u
-\$daemon_directory:d:root::755:u
-\$queue_directory:d:root::755:u:c
-EOF
-
-# Generate instructions only for queue subdirectories.
-
-for dir in active bounce corrupt defer deferred flush incoming private saved
-do
-    echo \$queue_directory/$dir:d:\$mail_owner::700:u:c \
-	>>$CONFIG_DIRECTORY/postfix-files || exit 1
-done
-
-echo \$queue_directory/maildrop:d:\$mail_owner:\$setgid_group:730:u:c \
-    >>$CONFIG_DIRECTORY/postfix-files || exit 1
-
-echo \$queue_directory/public:d:\$mail_owner:\$setgid_group:710:u:c \
-    >>$CONFIG_DIRECTORY/postfix-files || exit 1
-
-echo \$queue_directory/pid:d:root::755:u:c \
-    >>$CONFIG_DIRECTORY/postfix-files || exit 1
-
-# Install daemon programs.
-
-for file in `censored_ls libexec`
-do
-    compare_or_replace $EXE libexec/$file $DAEMON_DIRECTORY/$file || exit 1
-    echo \$daemon_directory/$file:f:root::755 \
-	>>$CONFIG_DIRECTORY/postfix-files || exit 1
-done
-
-# Install administrative commands.
-
-for file in `censored_ls bin | grep '^post' | egrep -v '^post(drop|queue)$'`
-do
-    compare_or_replace $EXE bin/$file $COMMAND_DIRECTORY/$file || exit 1
-    echo \$command_directory/$file:f:root::755 \
-	>>$CONFIG_DIRECTORY/postfix-files || exit 1
-done
-
-# Don't set privilege bits when building a package for distribution
-# to other systems.
-
-if [ -n "$install_root" ]
-then
-    for file in postdrop postqueue
-    do
-	compare_or_replace $EXE bin/$file $COMMAND_DIRECTORY/$file || exit 1
-	echo \$command_directory/$file:f:root:\$setgid_group:2755 \
-	    >>$CONFIG_DIRECTORY/postfix-files || exit 1
-    done
-else
-    for file in postdrop postqueue
-    do
-	compare_or_replace 2$EXE bin/$file $COMMAND_DIRECTORY/$file postdrop \
-	    || exit 1
-	echo \$command_directory/$file:f:root:\$setgid_group:2755 \
-	    >>$CONFIG_DIRECTORY/postfix-files || exit 1
-    done
-fi
-
-# Install the Sendmail-compatible user interface.
-
-test -f bin/sendmail && {
-    compare_or_replace $EXE bin/sendmail $SENDMAIL_PATH || exit 1
-    compare_or_symlink $SENDMAIL_PATH $NEWALIASES_PATH
-    compare_or_symlink $SENDMAIL_PATH $MAILQ_PATH
-cat <<EOF >>$CONFIG_DIRECTORY/postfix-files || exit 1
-\$sendmail_path:f:root::755
-\$newaliases_path:f:root::755
-\$mailq_path:f:root::755
-EOF
-}
-
-# Preserve installed configuration files. Update scripts, license, samples.
+# Upgrade or first-time installation?
 
 if [ -f $CONFIG_DIRECTORY/main.cf ]
 then
-    for file in LICENSE `cd conf; censored_ls sample*` main.cf.default
-    do
-	compare_or_replace 644 conf/$file $CONFIG_DIRECTORY/$file || exit 1
-    done
+    post_install_options="upgrade-source"
 else
-    for file in `censored_ls conf | egrep -v '^(postfix-script|post-install)$'`
-    do
-	compare_or_replace 644 conf/$file $CONFIG_DIRECTORY/$file || exit 1
-    done
-    test -z "$install_root" && need_config="create-missing first-install"
+    post_install_options="first-install"
 fi
 
-for file in `censored_ls conf | egrep -v 'postfix-script|post-install'`
+# Install files, using information from the postfix-files file.
+
+exec < conf/postfix-files || exit 1
+while IFS=: read path type owner group mode flags junk
 do
-    echo \$config_directory/$file:f:root::644 \
-	>>$CONFIG_DIRECTORY/postfix-files || exit 1
+    IFS="$BACKUP_IFS"
+
+    # Skip comments.
+
+    case $path in
+    [$]*) ;;
+       *) continue;;
+    esac
+
+    # Skip over files that must be preserved.
+
+    case $flags in
+    *p*) eval test -f $install_root$path && {
+	    eval echo "Skipping $install_root$path..."
+	    continue
+	 };;
+    esac
+
+    # If installing from source code, apply special permissions or ownership.
+    # If building a package, don't apply special permissions or ownership.
+
+    case $install_root in
+    "") case $owner in
+	[$]*) eval owner=$owner;;
+	root) owner=;;
+	esac
+	case $group in
+	[$]*) eval group=$group;;
+	   -) group=;;
+	esac;;
+     *) case $mode in
+	[1-7]755) mode=755;;
+	esac
+	owner=
+	group=;;
+    esac
+
+    # Create directory.
+
+    case $type in
+       d) eval path=$install_root$path
+	  test -d $path || {
+	      mkdir -p $path || exit 1
+	      test -z "$owner" || chown $owner $path || exit 1
+	      test -z "$group" || chgrp $group $path || exit 1
+	      chmod $mode $path || exit 1
+	  }
+	  continue;;
+    [fl]) ;;
+       *) echo $0: Error: unknown type for $path in conf/postfix-files; exit 1;;
+    esac
+
+    # Install or replace file.
+
+    echo $path | (IFS=/ read prefix file; IFS="$BACKUP_IFS"
+	case $prefix in
+	'$daemon_directory')
+	    compare_or_replace $mode "$owner" "$group" libexec/$file \
+		$DAEMON_DIRECTORY/$file || exit 1;;
+	'$command_directory')
+	    compare_or_replace $mode "$owner" "$group" bin/$file \
+		$COMMAND_DIRECTORY/$file || exit 1;;
+	'$config_directory')
+	    compare_or_replace $mode "$owner" "$group" conf/$file \
+		$CONFIG_DIRECTORY/$file || exit 1;;
+	'$sendmail_path')
+	    check_parent $SENDMAIL_PATH || exit 1
+	    compare_or_replace $mode "$owner" "$group" bin/sendmail \
+		$SENDMAIL_PATH || exit 1;;
+	'$mailq_path')
+	    check_parent $MAILQ_PATH || exit 1
+	    compare_or_symlink $SENDMAIL_PATH $MAILQ_PATH || exit 1;;
+	'$newaliases_path')
+	    check_parent $NEWALIASES_PATH || exit 1
+	    compare_or_symlink $SENDMAIL_PATH $NEWALIASES_PATH || exit 1;;
+	'$manpage_path')
+	    check_parent $MANPAGE_PATH/$file || exit 1
+	    compare_or_replace 644 "$owner" "$group" man/$file \
+		$MANPAGE_PATH/$file || exit 1;;
+	 *) echo $0: Error: unknown entry $path in conf/postfix-files; exit 1;;
+    esac) || exit 1
 done
 
-for file in postfix-script post-install
-do
-    compare_or_replace $EXE conf/$file $CONFIG_DIRECTORY/$file || exit 1
-    echo \$config_directory/$file:f:root::755 \
-	>>$CONFIG_DIRECTORY/postfix-files || exit 1
-done
+# If Postfix is being installed locally from source code, do the
+# post-install processing now. The post-install script will update
+# main.cf with actual installaton parameter settings.
+#
+# If Postfix is being packaged for distribution to other systems,
+# save the installation parameters to main.cf so they can be used
+# as default settings when the post-install script is executed.
 
-# Save settings.
-
-bin/postconf -c $CONFIG_DIRECTORY -e \
-    "daemon_directory = $daemon_directory" \
-    "command_directory = $command_directory" \
-    "queue_directory = $queue_directory" \
-    "mail_owner = $mail_owner" \
-    "setgid_group = $setgid_group" \
-    "sendmail_path = $sendmail_path" \
-    "mailq_path = $mailq_path" \
-    "newaliases_path = $newaliases_path" \
-    "manpage_path = $manpage_path" \
-|| exit 1
-
-# Install manual pages.
-
-(cd man || exit 1
- for dir in man?
-     do test -d $MANPAGE_PATH/$dir || mkdir -p $MANPAGE_PATH/$dir || exit 1
- done
- for file in `censored_ls man?/*`
- do
-     compare_or_replace 644 $file $MANPAGE_PATH/$file || exit 1
-     echo \$manpage_path/$file:f:root::644 \
-	>>$CONFIG_DIRECTORY/postfix-files || exit 1
- done)
-
-# If Postfix is being installed locally from source code, as opposed to
-# being packaged for distribution to other systems, do the post-install
-# processing now.
-
-test -n "$install_root" && exit 0
-
-export command_directory config_directory
-
-${SHELL} conf/post-install ${need_config-"upgrade-source"}
+if [ -z "$install_root" ]
+then
+    export daemon_directory command_directory queue_directory mail_owner \
+	setgid_group sendmail_path newaliases_path mailq_path manpage_path
+    ${SHELL} conf/post-install $post_install_options || exit 1
+else
+    bin/postconf -c $CONFIG_DIRECTORY -e \
+	"daemon_directory = $daemon_directory" \
+	"command_directory = $command_directory" \
+	"queue_directory = $queue_directory" \
+	"mail_owner = $mail_owner" \
+	"setgid_group = $setgid_group" \
+	"sendmail_path = $sendmail_path" \
+	"mailq_path = $mailq_path" \
+	"newaliases_path = $newaliases_path" \
+	"manpage_path = $manpage_path" \
+    || exit 1
+fi
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 4a2918ca8..f62be5b14 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -15,7 +15,7 @@
   * Version of this program.
   */
 #define VAR_MAIL_VERSION	"mail_version"
-#define DEF_MAIL_VERSION	"Snapshot-20020112"
+#define DEF_MAIL_VERSION	"Snapshot-20020113"
 extern char *var_mail_version;
 
 /* LICENSE
diff --git a/postfix/src/showq/showq.c b/postfix/src/showq/showq.c
index c85795677..97147adea 100644
--- a/postfix/src/showq/showq.c
+++ b/postfix/src/showq/showq.c
@@ -92,7 +92,7 @@ int     var_dup_filter_limit;
 
 #define STRING_FORMAT	"%-10s %8s %-20s %s\n"
 #define DATA_FORMAT	"%-10s%c%8ld %20.20s %s\n"
-#define DROP_FORMAT	"%-10s%c%8ld %20.20s (maildrop queue, sender UID %d)\n"
+#define DROP_FORMAT	"%-10s%c%8ld %20.20s (maildrop queue, sender UID %u)\n"
 
 static void showq_reasons(VSTREAM *, BOUNCE_LOG *, HTABLE *);
 
@@ -278,7 +278,7 @@ static void showq_service(VSTREAM *client, char *unused_service, char **argv)
 		    vstream_fprintf(client, DROP_FORMAT, id, ' ',
 				    (long) st.st_size,
 				    asctime(localtime(&st.st_mtime)),
-				    st.st_uid);
+				    (unsigned) st.st_uid);
 		} else if (errno != ENOENT)
 		    msg_fatal("open %s %s: %m", qp->name, id);
 		file_count++;
diff --git a/postfix/src/virtual/mailbox.c b/postfix/src/virtual/mailbox.c
index cff9239ec..21782404b 100644
--- a/postfix/src/virtual/mailbox.c
+++ b/postfix/src/virtual/mailbox.c
@@ -225,9 +225,9 @@ int     deliver_mailbox(LOCAL_STATE state, USER_ATTR usr_attr, int *statusp)
     usr_attr.gid = (gid_t) n;
 
     if (msg_verbose)
-	msg_info("%s[%d]: set user_attr: %s, uid = %d, gid = %d",
-		 myname, state.level,
-		 usr_attr.mailbox, usr_attr.uid, usr_attr.gid);
+	msg_info("%s[%d]: set user_attr: %s, uid = %u, gid = %u",
+		 myname, state.level, usr_attr.mailbox,
+		 (unsigned) usr_attr.uid, (unsigned) usr_attr.gid);
 
     /*
      * Deliver to mailbox or to external command.