some minor hackery for ubuntu 24

management/ssl_certificates.py

@@ -93,13 +93,13 @@ def get_file_list():
 
 	# Sort the certificates to prefer good ones.
 	import datetime
-	now = datetime.datetime.utcnow()
+	now = datetime.datetime.now(datetime.UTC)
 	ret = { }
 	for domain, cert_list in domains.items():
 		#for c in cert_list: print(domain, c.not_valid_before, c.not_valid_after, "("+str(now)+")", c.issuer, c.subject, c._filename)
 		cert_list.sort(key = lambda cert : (
 			# must be valid NOW
-			cert["cert"].not_valid_before <= now <= cert["cert"].not_valid_after,
+			cert["cert"].not_valid_before.astimezone(datetime.UTC) <= now <= cert["cert"].not_valid_after.astimezone(datetime.UTC),
 
 			# prefer one that is not self-signed
 			cert["cert"].issuer != cert["cert"].subject,
@@ -567,8 +567,8 @@ def check_certificate(domain, ssl_certificate, ssl_private_key, warn_if_expiring
 	# Check that the certificate hasn't expired. The datetimes returned by the
 	# certificate are 'naive' and in UTC. We need to get the current time in UTC.
 	import datetime
-	now = datetime.datetime.utcnow()
-	if not(cert.not_valid_before <= now <= cert.not_valid_after):
+	now = datetime.datetime.now(datetime.UTC)
+	if not(cert.not_valid_before.astimezone(datetime.UTC) <= now <= cert.not_valid_after.astimezone(datetime.UTC)):
 		return (f"The certificate has expired or is not yet valid. It is valid from {cert.not_valid_before} to {cert.not_valid_after}.", None)
 
 	# Next validate that the certificate is valid. This checks whether the certificate
@@ -604,7 +604,7 @@ def check_certificate(domain, ssl_certificate, ssl_private_key, warn_if_expiring
 
 		# But is it expiring soon?
 		cert_expiration_date = cert.not_valid_after
-		ndays = (cert_expiration_date-now).days
+		ndays = (cert_expiration_date.astimezone(datetime.UTC)-now).days
 		if not rounded_time or ndays <= 10:
 			# Yikes better renew soon!
 			expiry_info = "The certificate expires in %d days on %s." % (ndays, cert_expiration_date.date().isoformat())

management/status_checks.py

@@ -259,6 +259,7 @@ def check_free_memory(rounded_values, env, output):
 		if rounded_values: memory_msg = "System free memory is below 10%."
 		output.print_error(memory_msg)
 
+import subprocess
 def run_network_checks(env, output):
 	# Also see setup/network-checks.sh.
 
@@ -269,8 +270,8 @@ def run_network_checks(env, output):
 	# Stop if we cannot make an outbound connection on port 25. Many residential
 	# networks block outbound port 25 to prevent their network from sending spam.
 	# See if we can reach one of Google's MTAs with a 5-second timeout.
-	_code, ret = shell("check_call", ["/bin/nc", "-z", "-w5", "aspmx.l.google.com", "25"], trap=True)
-	if ret == 0:
+	ret = subprocess.run("/usr/bin/nc -z -w5 aspmx.l.google.com 25", shell=True, capture_output=True)
+	if ret.returncode == 0:
 		output.print_ok("Outbound mail (SMTP port 25) is not blocked.")
 	else:
 		output.print_error("""Outbound mail (SMTP port 25) seems to be blocked by your network. You
@@ -968,6 +969,8 @@ def check_miab_version(env, output):
 			output.print_ok("Mail-in-a-Box is up to date. You are running version %s." % this_ver)
 		elif latest_ver is None:
 			output.print_error("Latest Mail-in-a-Box version could not be determined. You are running version %s." % this_ver)
+		elif re.match(r'[A-F,0-9]{40}', this_ver, re.I):
+			output.print_ok("This version appears to be a git checkout (%s). Good luck!" % this_ver[0:7])
 		else:
 			output.print_error(f"A new version of Mail-in-a-Box is available. You are running version {this_ver}. The latest version is {latest_ver}. For upgrade instructions, see https://mailinabox.email. ")
 

setup/management.sh

@@ -105,7 +105,6 @@ exec gunicorn -b localhost:10222 -w 1 --timeout 630 wsgi:app
 EOF
 chmod +x $inst_dir/start
 cp --remove-destination conf/mailinabox.service /lib/systemd/system/mailinabox.service # target was previously a symlink so remove it first
-hide_output systemctl link -f /lib/systemd/system/mailinabox.service
 hide_output systemctl daemon-reload
 hide_output systemctl enable mailinabox.service
 

setup/munin.sh

@@ -65,7 +65,6 @@ mkdir -p /var/lib/munin-node/plugin-state/
 ln -sf "$PWD/management/munin_start.sh" /usr/local/lib/mailinabox/munin_start.sh
 chmod 0744 /usr/local/lib/mailinabox/munin_start.sh
 cp --remove-destination conf/munin.service /lib/systemd/system/munin.service # target was previously a symlink so remove first
-hide_output systemctl link -f /lib/systemd/system/munin.service
 hide_output systemctl daemon-reload
 hide_output systemctl unmask munin.service
 hide_output systemctl enable munin.service

setup/preflight.sh

@@ -12,8 +12,8 @@ fi
 # Pull in the variables defined in /etc/os-release but in a
 # namespace to avoid polluting our variables.
 source <(cat /etc/os-release | sed s/^/OS_RELEASE_/)
-if [ "${OS_RELEASE_ID:-}" != "ubuntu" ] || [ "${OS_RELEASE_VERSION_ID:-}" != "22.04" ]; then
-	echo "Mail-in-a-Box only supports being installed on Ubuntu 22.04, sorry. You are running:"
+if [ "${OS_RELEASE_ID:-}" != "ubuntu" ] || [ "${OS_RELEASE_VERSION_ID:-}" != "24.04" ]; then
+	echo "Mail-in-a-Box only supports being installed on Ubuntu 24.04, sorry. You are running:"
 	echo
 	echo "${OS_RELEASE_ID:-"Unknown linux distribution"} ${OS_RELEASE_VERSION_ID:-}"
 	echo