[Bug 684304] New: server:mail/postfix: Bugs in SuSEconfig chroot setup script
https://bugzilla.novell.com/show_bug.cgi?id=684304 https://bugzilla.novell.com/show_bug.cgi?id=684304#c0 Summary: server:mail/postfix: Bugs in SuSEconfig chroot setup script Classification: openSUSE Product: openSUSE.org Version: unspecified Platform: i686 OS/Version: openSUSE 11.4 Status: NEW Severity: Normal Priority: P5 - None Component: 3rd party software AssignedTo: varkoly@novell.com ReportedBy: matthias.andree@gmx.de QAContact: opensuse-communityscreening@forge.provo.novell.com Found By: --- Blocker: --- /sbin/conf.d/SuSEconfig.postfix as of postfix-2.8.2-75.1 cannot set up my chroot properly. After the script runs (and throws some errors), postfix check still detects differences between the chroot and the outside world: # SuSEconfig --module postfix --verbose Starting SuSEconfig, the SuSE Configuration Tool... Running module postfix only Running in verbose mode. Reading /etc/sysconfig and updating the system... Executing /sbin/conf.d/SuSEconfig.postfix... checking postfix chroot environment... ln: accessing `/var/run/sasl2/mux': No such file or directory ln: accessing `/var/lib/imap/socket/lmtp': No such file or directory No changes for /etc/postfix/master.cf *** WARNING *** Found /etc/postfix/main.cf.SuSEconfig, exiting... *** WARNING *** Finished. # postfix check postfix/postfix-script: warning: /var/spool/postfix/etc/ssl/certs/DigiCert_Assured_ID_Root_CA.pem and /etc/ssl/certs/DigiCert_Assured_ID_Root_CA.pem differ postfix/postfix-script: warning: /var/spool/postfix/etc/ssl/certs/DigiCert_High_Assurance_EV_Root_CA.pem and /etc/ssl/certs/DigiCert_High_Assurance_EV_Root_CA.pem differ postfix/postfix-script: warning: /var/spool/postfix/etc/ssl/certs/DigiCert_Global_Root_CA.pem and /etc/ssl/certs/DigiCert_Global_Root_CA.pem differ # ls -l /etc/ssl/certs/DigiCert_Assured_ID_Root_CA.pem lrwxrwxrwx 1 root root 66 Jul 21 2010 /etc/ssl/certs/DigiCert_Assured_ID_Root_CA.pem -> /usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_CA.pem Tracing variables with bash -x /sbin/conf.d/SuSEconfig.postfix: + export LC_ALL=POSIX + LC_ALL=POSIX + r= + test -s /etc/sysconfig/postfix + . /etc/sysconfig/postfix ++ POSTFIX_RELAYHOST= ++ POSTFIX_MASQUERADE_DOMAIN= ++ POSTFIX_LOCALDOMAINS='$myhostname, localhost.$mydomain, localhost' ++ POSTFIX_NULLCLIENT=no ++ POSTFIX_DIALUP=no ++ POSTFIX_NODNS=no ++ POSTFIX_CHROOT=yes ++ POSTFIX_UPDATE_CHROOT_JAIL=yes ++ POSTFIX_LAPTOP=no ++ POSTFIX_UPDATE_MAPS=yes ++ POSTFIX_MAP_LIST='virtual transport access canonical sender_canonical relocated sasl_passwd:600 relay_ccerts tls_policy relay' ++ POSTFIX_RBL_HOSTS= ++ POSTFIX_BASIC_SPAM_PREVENTION=off ++ POSTFIX_MDA=local ++ POSTFIX_SMTP_AUTH_SERVER=no ++ POSTFIX_SMTP_AUTH=yes ++ POSTFIX_SMTP_AUTH_OPTIONS='noplaintext noanonymous' ++ POSTFIX_SMTP_TLS_SERVER=no ++ POSTFIX_SMTP_TLS_SERVER_LEGACY_SUPPORT=no ++ POSTFIX_SMTP_TLS_CLIENT=yes ++ POSTFIX_SSL_PATH=/etc/postfix/ssl ++ POSTFIX_TLS_CAFILE=cacert.pem ++ POSTFIX_TLS_CERTFILE=certs/postfixcert.pem ++ POSTFIX_TLS_KEYFILE=certs/postfixkey.pem ++ POSTFIX_SSL_COUNTRY=XX ++ POSTFIX_SSL_STATE='Some state' ++ POSTFIX_SSL_LOCALITY='Some locality' ++ POSTFIX_SSL_ORGANIZATION='Some Organization' ++ POSTFIX_SSL_ORGANIZATIONAL_UNIT='Some Organizational Unit' ++ POSTFIX_SSL_COMMON_NAME='A common name' ++ POSTFIX_SSL_EMAIL_ADDRESS=postmaster ++ POSTFIX_ADD_MAILBOX_SIZE_LIMIT=0 ++ POSTFIX_ADD_MESSAGE_SIZE_LIMIT=16777216 ++ POSTFIX_REGISTER_SLP=yes ++ POSTFIX_ADD_MYNETWORKS_STYLE=subnet ++ POSTFIX_ADD_SMTP_HELO_NAME=REMOVED-FROM-BUGREPORT ++ POSTFIX_LISTEN= ++ POSTFIX_INET_PROTO= ++ POSTFIX_MYHOSTNAME= ++ POSTFIX_WITH_MYSQL=no ++ POSTFIX_TRANSPORT_MAPS= ++ POSTFIX_SMTPD_CLIENT_RESTRICTIONS= ++ POSTFIX_SMTPD_HELO_RESTRICTIONS= ++ POSTFIX_SMTPD_SENDER_RESTRICTIONS= ++ POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS= ++ POSTFIX_MYSQL_CONN=socket ++ POSTFIX_WITH_LDAP=no + test -s /etc/sysconfig/mail + . /etc/sysconfig/mail ++ MAIL_CREATE_CONFIG=yes ++ FROM_HEADER= ++ SMTPD_LISTEN_REMOTE=yes ++ SKIP_ASK=no ++ CONFIG_TYPE=undef + test -s /etc/sysconfig/clock + . /etc/sysconfig/clock ++ HWCLOCK=-u ++ SYSTOHC=yes ++ TIMEZONE=Europe/Berlin ++ DEFAULT_TIMEZONE=US/Eastern + '[' -z '' ']' + test -s /var/run/dhcp-hostname + case $FQHOSTNAME in + unset FQHOSTNAME + test -z '' -a -s /etc/HOSTNAME + read -t 1 FQHOSTNAME + grep '\.' + echo REMOVED-FROM-BUGREPORT + test -z REMOVED-FROM-BUGREPORT + '[' -x /usr/sbin/amavisd ']' + test -s /etc/sysconfig/amavis + . /etc/sysconfig/amavis ++ USE_AMAVIS=no ++ AMAVIS_SENDMAIL_MILTER=no + '[' no = yes ']' + test -f /lib/YaST/SuSEconfig.functions + . /lib/YaST/SuSEconfig.functions ++ test -z '' ++ MD5DIR=/var/adm/SuSEconfig/md5 ++ echo 'Warning! MD5DIR is not set: you probably called this script outside SuSEconfig...!' Warning! MD5DIR is not set: you probably called this script outside SuSEconfig...! ++ echo 'Using MD5DIR="/var/adm/SuSEconfig/md5"...' Using MD5DIR="/var/adm/SuSEconfig/md5"... + mkchroot + PF_CHROOT=/var/spool/postfix + '[' '!' -d /var/spool/postfix ']' + cd /var/spool/postfix ++ tr A-Z a-z ++ echo socket ++ tr A-Z a-z ++ echo no + '[' socket == socket -a no '!=' no ']' ++ tr A-Z a-z ++ echo yes ++ tr A-Z a-z ++ echo yes + '[' yes '!=' yes -a yes '!=' no ']' ++ tr A-Z a-z ++ echo yes + '[' yes '!=' no ']' + echo 'checking postfix chroot environment...' .. full log upon request (would be confidential) Just in case: # postconf -n alias_maps = hash:/etc/aliases biff = no canonical_maps = hash:/etc/postfix/canonical command_directory = /usr/sbin config_directory = /etc/postfix content_filter = daemon_directory = /usr/lib/postfix data_directory = /var/lib/postfix debug_peer_level = 2 defer_transports = delay_warning_time = 1h disable_dns_lookups = no disable_mime_output_conversion = no html_directory = /usr/share/doc/packages/postfix-doc/html inet_interfaces = all inet_protocols = all mail_owner = postfix mail_spool_directory = /var/mail mailbox_command = mailbox_size_limit = 0 mailbox_transport = mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man masquerade_classes = envelope_sender, header_sender, header_recipient masquerade_domains = masquerade_exceptions = root message_size_limit = 16777216 message_strip_characters = \0 mydestination = $myhostname, localhost.$mydomain, localhost myhostname = OMITTED.FROM.BUGREPORT.example.org mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES recipient_delimiter = + relay_domains = $mydestination, hash:/etc/postfix/relay relayhost = relocated_maps = hash:/etc/postfix/relocated sample_directory = /usr/share/doc/packages/postfix-doc/samples sender_canonical_maps = hash:/etc/postfix/sender_canonical sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay sendmail_path = /usr/sbin/sendmail setgid_group = maildrop smtp_enforce_tls = no smtp_sasl_auth_enable = yes smtp_sasl_mechanism_filter = !gssapi, !external, static:all smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noplaintext noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_CApath = /etc/ssl/certs smtp_tls_loglevel = 0 smtp_tls_note_starttls_offer = yes smtp_tls_policy_maps = hash:/etc/postfix/tls_policy smtp_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtp_tls_session_cache_timeout = 3600s smtp_use_tls = no smtpd_client_restrictions = smtpd_helo_required = no smtpd_helo_restrictions = smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination smtpd_sasl_auth_enable = no smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_restrictions = hash:/etc/postfix/access smtpd_tls_cert_file = /etc/ssl/certs/dovecot.pem smtpd_tls_key_file = /etc/ssl/private/dovecot.pem smtpd_use_tls = no soft_bounce = yes strict_8bitmime = no strict_rfc821_envelopes = no transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_domains = hash:/etc/postfix/virtual virtual_alias_maps = hash:/etc/postfix/virtual # egrep -v '^[[:space:]]*#' /etc/postfix/master.cf smtp inet n - y - - smtpd smtp inet n - y - - smtpd submission inet n - - - - smtpd -o smtpd_use_tls=yes -o smtpd_tls_security_level=encrypt -o smtpd_etrn_restrictions=reject -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_local_domain=$myhostname pickup fifo n - y 60 1 pickup cleanup unix n - y - 0 cleanup qmgr fifo n - y 300 1 qmgr tlsmgr unix - - y 1000? 1 tlsmgr rewrite unix - - y - - trivial-rewrite bounce unix - - y - 0 bounce defer unix - - y - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - y - - smtp relay unix - - n - - smtp -o fallback_relay= showq unix n - y - - showq error unix - - y - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n y - - virtual lmtp unix - - y - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} cyrus unix - n n - - pipe user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient procmail unix - n n - - pipe flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient} retry unix - - n - - error proxywrite unix - - n - 1 proxymap -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=684304
https://bugzilla.novell.com/show_bug.cgi?id=684304#c1
Peter Varkoly
https://bugzilla.novell.com/show_bug.cgi?id=684304
https://bugzilla.novell.com/show_bug.cgi?id=684304#c2
--- Comment #2 from Peter Varkoly
https://bugzilla.novell.com/show_bug.cgi?id=684304
https://bugzilla.novell.com/show_bug.cgi?id=684304#c3
--- Comment #3 from Matthias Andree
https://bugzilla.novell.com/show_bug.cgi?id=684304
https://bugzilla.novell.com/show_bug.cgi?id=684304#c4
Matthias Andree
https://bugzilla.novell.com/show_bug.cgi?id=684304
https://bugzilla.novell.com/show_bug.cgi?id=684304#c5
--- Comment #5 from Matthias Andree
https://bugzilla.novell.com/show_bug.cgi?id=684304
https://bugzilla.novell.com/show_bug.cgi?id=684304#c6
Peter Varkoly
https://bugzilla.novell.com/show_bug.cgi?id=684304
https://bugzilla.novell.com/show_bug.cgi?id=684304#c7
--- Comment #7 from Bernhard Wiedemann
participants (1)
-
bugzilla_noreply@novell.com