rename our SUSE Linux 10 Templates to SUSE Linux Enterprise 10.

Come on, SUSE 10 is long time EOL upstream, upgrade your stuff.
the Templates should work unmodified on SLE10.
We currently plan to keep the Templates until general support for SLE10 ends (which is mid-2013 as of now) and / or upstream stops building froxlor for SLE10 in the OBS. (this is of course, subject to change.)

templates/misc/configfiles/sle_10/courier/etc_authlib_authdaemonrc

@@ -0,0 +1,103 @@
+##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $
+#
+# Copyright 2000-2005 Double Precision, Inc.  See COPYING for
+# distribution information.
+#
+# authdaemonrc created from authdaemonrc.dist by sysconftool
+#
+# Do not alter lines that begin with ##, they are used when upgrading
+# this configuration.
+#
+# This file configures authdaemond, the resident authentication daemon.
+#
+# Comments in this file are ignored.  Although this file is intended to
+# be sourced as a shell script, authdaemond parses it manually, so
+# the acceptable syntax is a bit limited.  Multiline variable contents,
+# with the \ continuation character, are not allowed.  Everything must
+# fit on one line.  Do not use any additional whitespace for indentation,
+# or anything else.
+
+##NAME: authmodulelist:2
+#
+# The authentication modules that are linked into authdaemond.  The
+# default list is installed.  You may selectively disable modules simply
+# by removing them from the following list.  The available modules you
+# can use are: authuserdb authpam authldap authmysql authcustom authpipe
+
+authmodulelist="authmysql"
+
+##NAME: authmodulelistorig:3
+#
+# This setting is used by Courier's webadmin module, and should be left
+# alone
+
+authmodulelistorig="authcustom authcram authuserdb authldap authmysql authpam"
+
+##NAME: daemons:0
+#
+# The number of daemon processes that are started.  authdaemon is typically
+# installed where authentication modules are relatively expensive: such
+# as authldap, or authmysql, so it's better to have a number of them running.
+# PLEASE NOTE:  Some platforms may experience a problem if there's more than
+# one daemon.  Specifically, SystemV derived platforms that use TLI with
+# socket emulation.  I'm suspicious of TLI's ability to handle multiple
+# processes accepting connections on the same filesystem domain socket.
+#
+# You may need to increase daemons if as your system load increases.  Symptoms
+# include sporadic authentication failures.  If you start getting
+# authentication failures, increase daemons.  However, the default of 5
+# SHOULD be sufficient.  Bumping up daemon count is only a short-term
+# solution.  The permanent solution is to add more resources: RAM, faster
+# disks, faster CPUs...
+
+daemons=5
+
+##NAME: authdaemonvar:2
+#
+# authdaemonvar is here, but is not used directly by authdaemond.  It's
+# used by various configuration and build scripts, so don't touch it!
+
+authdaemonvar=/var/run/authdaemon.courier-imap
+
+##NAME: DEBUG_LOGIN:0
+#
+# Dump additional diagnostics to syslog
+#
+# DEBUG_LOGIN=0   - turn off debugging
+# DEBUG_LOGIN=1   - turn on debugging
+# DEBUG_LOGIN=2   - turn on debugging + log passwords too
+#
+# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.
+#
+# Note that most information is sent to syslog at level 'debug', so
+# you may need to modify your /etc/syslog.conf to be able to see it.
+
+DEBUG_LOGIN=0
+
+##NAME: DEFAULTOPTIONS:0
+#
+# A comma-separated list of option=value pairs. Each option is applied
+# to an account if the account does not have its own specific value for
+# that option. So for example, you can set
+#   DEFAULTOPTIONS="disablewebmail=1,disableimap=1"
+# and then enable webmail and/or imap on individual accounts by setting
+# disablewebmail=0 and/or disableimap=0 on the account.
+
+DEFAULTOPTIONS=""
+
+##NAME: LOGGEROPTS:0
+#
+# courierlogger(1) options, e.g. to set syslog facility
+#
+
+LOGGEROPTS=""
+
+##NAME: LDAP_TLS_OPTIONS:0
+#
+# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'.
+# Examples:
+#
+#LDAPTLS_CACERT=/path/to/cacert.pem
+#LDAPTLS_REQCERT=demand
+#LDAPTLS_CERT=/path/to/clientcert.pem
+#LDAPTLS_KEY=/path/to/clientkey.pem

templates/misc/configfiles/sle_10/courier/etc_authlib_authmysqlrc

@@ -0,0 +1,14 @@
+MYSQL_SERVER <SQL_HOST>
+MYSQL_USERNAME <SQL_UNPRIVILEGED_USER>
+MYSQL_PASSWORD <SQL_UNPRIVILEGED_PASSWORD>
+MYSQL_PORT 3306
+MYSQL_DATABASE <SQL_DB>
+MYSQL_USER_TABLE mail_users
+MYSQL_CRYPT_PWFIELD password_enc
+MYSQL_UID_FIELD uid
+MYSQL_GID_FIELD gid
+MYSQL_LOGIN_FIELD username
+MYSQL_HOME_FIELD homedir
+MYSQL_MAILDIR_FIELD maildir
+MYSQL_QUOTA_FIELD (quota*1024*1024)
+MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)

templates/misc/configfiles/sle_10/cron/etc_cron.d_froxlor

@@ -0,0 +1,8 @@
+#
+# Set PATH, otherwise restart-scripts won't find start-stop-daemon
+#
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+#
+# Regular cron jobs for the froxlor package
+#
+*/5 * * * *	root	/usr/bin/php5 -q <BASE_PATH>scripts/froxlor_master_cronjob.php

templates/misc/configfiles/sle_10/dkim/dkim-filter.conf

@@ -0,0 +1,3 @@
+Syslog			yes
+Domain			/etc/postfix/dkim/domains
+KeyList			/etc/postfix/dkim/dkim-keys.conf

templates/misc/configfiles/sle_10/postfix/etc_postfix_main.cf

@@ -0,0 +1,65 @@
+queue_directory = /var/spool/postfix
+command_directory = /usr/sbin
+daemon_directory = /usr/lib/postfix
+mail_owner = postfix
+inet_interfaces = all
+unknown_local_recipient_reject_code = 550
+debug_peer_level = 2
+debugger_command =
+         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
+         xxgdb $daemon_directory/$process_name $process_id & sleep 5
+sendmail_path = /usr/sbin/sendmail
+newaliases_path = /usr/bin/newaliases
+mailq_path = /usr/bin/mailq
+setgid_group = maildrop
+html_directory = /usr/share/doc/packages/postfix/html
+manpage_directory = /usr/share/man
+sample_directory = /usr/share/doc/packages/postfix/samples
+readme_directory = /usr/share/doc/packages/postfix/README_FILES
+inet_protocols = all
+biff = no
+append_dot_mydomain = no
+mail_spool_directory = /var/mail
+canonical_maps = hash:/etc/postfix/canonical
+virtual_mailbox_base = /var/kunden/mail/
+virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
+virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
+virtual_alias_domains =
+virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
+smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual_sender_permissions.cf
+virtual_uid_maps = static:<VIRTUAL_UID_MAPS>
+virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
+virtual_maps = hash:/etc/postfix/virtual
+relocated_maps = hash:/etc/postfix/relocated
+transport_maps = hash:/etc/postfix/transport
+sender_canonical_maps = hash:/etc/postfix/sender_canonical
+masquerade_exceptions = root
+masquerade_classes = envelope_sender, header_sender, header_recipient
+myhostname = <SERVERNAME>
+mydomain = <SERVERNAME>
+program_directory = /usr/lib/postfix
+masquerade_domains =
+mydestination = $myhostname $mydomain localhost localhost.$mydomain
+mynetworks = 127.0.0.0/8
+defer_transports =
+disable_dns_lookups = no
+relayhost =
+mailbox_command =
+mailbox_transport =
+strict_8bitmime = no
+disable_mime_output_conversion = no
+smtpd_client_restrictions =
+smtpd_helo_required = no
+smtpd_helo_restrictions =
+strict_rfc821_envelopes = no
+smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
+smtpd_sasl_auth_enable = yes
+smtpd_sasl_local_domain = $myhostname
+smtpd_sasl_security_options = noanonymous
+broken_sasl_auth_clients = yes
+#smtpd_use_tls = no
+#smtp_use_tls = no
+alias_maps = $alias_database
+mailbox_size_limit = 0
+virtual_mailbox_limit = 0
+message_size_limit = 10240000

templates/misc/configfiles/sle_10/postfix/etc_postfix_mysql-virtual_alias_maps.cf

@@ -0,0 +1,8 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = mail_virtual
+select_field = destination
+where_field = email
+additional_conditions = and TRIM(destination) <> ''
+hosts = <SQL_HOST> 

templates/misc/configfiles/sle_10/postfix/etc_postfix_mysql-virtual_mailbox_domains.cf

@@ -0,0 +1,8 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = panel_domains
+select_field = domain
+where_field = domain
+additional_conditions = and isemaildomain = '1'
+hosts = <SQL_HOST> 

templates/misc/configfiles/sle_10/postfix/etc_postfix_mysql-virtual_mailbox_maps.cf

@@ -0,0 +1,7 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+table = mail_users
+select_field = maildir
+where_field = email
+hosts = <SQL_HOST> 

templates/misc/configfiles/sle_10/postfix/etc_postfix_mysql-virtual_sender_permissions.cf

@@ -0,0 +1,5 @@
+user = <SQL_UNPRIVILEGED_USER>
+password = <SQL_UNPRIVILEGED_PASSWORD>
+dbname = <SQL_DB>
+query = select distinct username from mail_users where email in ((select mail_virtual.email_full from mail_virtual where mail_virtual.email = '%s' union select mail_virtual.destination from mail_virtual where mail_virtual.email = '%s'));
+hosts = <SQL_HOST>

templates/misc/configfiles/sle_10/postfix/usr_lib_sasl2_smtpd.conf

@@ -0,0 +1,9 @@
+pwcheck_method: auxprop
+auxprop_plugin: sql
+mech_list: plain login cram-md5 digest-md5
+sql_engine: mysql
+sql_hostnames: <SQL_HOST>
+sql_user: <SQL_UNPRIVILEGED_USER>
+sql_passwd: <SQL_UNPRIVILEGED_PASSWORD>
+sql_database: <SQL_DB>
+sql_select: select password from mail_users where username='%u@%r'

templates/misc/configfiles/sle_10/postfix_mxaccess/etc_postfix_main.cf

@@ -0,0 +1,25 @@
+#
+# ATTENTION - this is not the full postfix-main.cf file
+#
+# it only provides additional configuration-entries!
+#
+
+#
+# look for the follow statement
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient
+
+#
+# and extend it with the following line
+# so it looks like this
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient,
+	check_recipient_mx_access cidr:/etc/postfix/mx_access

templates/misc/configfiles/sle_10/postfix_mxaccess/etc_postfix_mx_access

@@ -0,0 +1,9 @@
+0.0.0.0/8         REJECT Domain MX in broadcast network
+10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
+169.254.0.0/16    REJECT Domain MX in link local network
+172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
+192.0.2.0/24      REJECT Domain MX in TEST-NET network
+192.168.0.0/16    REJECT Domain MX in RFC 1918 private network
+224.0.0.0/4       REJECT Domain MX in class D multicast network
+240.0.0.0/5       REJECT Domain MX in class E reserved network
+248.0.0.0/5       REJECT Domain MX in reserved network

templates/misc/configfiles/sle_10/proftpd/etc_proftpd_modules.conf

@@ -0,0 +1,30 @@
+#
+# This file is used to manage DSO modules and features.
+#
+
+# This is the directory where DSO modules resides
+
+ModulePath /usr/lib/proftpd
+
+# Allow only user root to load and unload modules, but allow everyone
+# to see which modules have been loaded
+
+ModuleControlsACLs insmod,rmmod allow user root
+ModuleControlsACLs lsmod allow user *
+
+#LoadModule mod_ctrls_admin.c
+LoadModule mod_tls.c
+LoadModule mod_sql.c
+#LoadModule mod_ldap.c
+LoadModule mod_sql_mysql.c
+#LoadModule mod_sql_postgres.c
+LoadModule mod_quotatab.c
+#LoadModule mod_quotatab_file.c
+#LoadModule mod_quotatab_ldap.c
+LoadModule mod_quotatab_sql.c
+#LoadModule mod_radius.c
+LoadModule mod_wrap.c
+LoadModule mod_rewrite.c
+
+# keep this module the last one
+LoadModule mod_ifsession.c

templates/misc/configfiles/sle_10/proftpd/etc_proftpd_proftpd.conf

@@ -0,0 +1,84 @@
+Include /etc/proftpd/modules.conf
+
+ServerName                      "<SERVERNAME> FTP Server"
+ServerType                      standalone
+DeferWelcome                    off
+
+MultilineRFC2228                on
+DefaultServer                   on
+ShowSymlinks                    on
+AllowOverwrite                  on
+
+TimeoutNoTransfer               600
+TimeoutStalled                  600
+TimeoutIdle                     1200
+
+DisplayLogin                    welcome.msg
+DisplayChdir                   .message
+ListOptions                     "-l"
+
+DenyFilter                      \*.*/
+
+Port                            21
+MaxInstances                    30
+UseIPv6                         off
+
+TransferLog						/var/log/proftpd/xferlog
+SystemLog						/var/log/proftpd/proftpd.log
+
+# Allow up- and downloads to be continued
+AllowRetrieveRestart	On
+AllowStoreRestart		On
+
+# make proftpd faster / do not perform ident and reverse dns lookup
+UseReverseDNS off
+
+# Set the user and group that the server normally runs at.
+User                            nobody
+Group                           nogroup
+
+<Directory /*>
+# Umask 022 is a good standard umask to prevent new files and dirs
+# (second parm) from being group and world writable.
+  Umask                         022  022
+# Normally, we want files to be overwriteable.
+  AllowOverwrite                on
+</Directory>
+
+<Global>
+# CH-Root all users
+DefaultRoot ~
+# Reject rootlogin (just for security)
+RootLogin off
+# Noo need to require valid shell, because user is virtual
+RequireValidShell off
+</Global>
+
+AuthOrder mod_sql.c
+
+SQLAuthTypes Crypt Plaintext
+SQLAuthenticate users* groups*
+SQLConnectInfo <SQL_DB>@<SQL_HOST> <SQL_UNPRIVILEGED_USER> <SQL_UNPRIVILEGED_PASSWORD>
+SQLUserInfo ftp_users username password uid gid homedir shell
+SQLGroupInfo ftp_groups groupname gid members
+SQLUserWhereClause "login_enabled = 'y'"
+
+SQLLog PASS login
+SQLNamedQuery login UPDATE "last_login=now(), login_count=login_count+1 WHERE username='%u'" ftp_users
+
+SQLLog RETR download
+SQLNamedQuery download UPDATE "down_count=down_count+1, down_bytes=down_bytes+%b WHERE username='%u'" ftp_users
+
+SQLLog STOR upload
+SQLNamedQuery upload UPDATE "up_count=up_count+1, up_bytes=up_bytes+%b WHERE username='%u'" ftp_users
+
+QuotaEngine on
+QuotaShowQuotas on
+QuotaDisplayUnits Mb
+QuotaLock /var/lock/ftpd.quotatab.lock
+QuotaLimitTable sql:/get-quota-limit
+QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
+SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimits.quota_type, ftp_quotalimits.per_session, ftp_quotalimits.limit_type, panel_customers.diskspace*1024 AS bytes_in_avail, ftp_quotalimits.bytes_out_avail, ftp_quotalimits.bytes_xfer_avail, ftp_quotalimits.files_in_avail, ftp_quotalimits.files_out_avail, ftp_quotalimits.files_xfer_avail FROM ftp_users, ftp_quotalimits, panel_customers WHERE ftp_users.username = '%{0}' AND panel_customers.loginname = SUBSTRING_INDEX('%{0}', 'ftp', 1) AND quota_type ='%{1}'"
+SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
+SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies
+SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies