Loading ...
Sorry, an error occurred while loading the content.

[patch] "post-install" has forgotten to read data_directory value.

Expand Messages
  • YOSHIMURA Keitaro
    Hi. This is Keitaro YOSHIMURA. I was found a bug. post-install has forgotten to read data_directory value. The value of data_directory fails in chown because
    Message 1 of 15 , Jan 24, 2008
    • 0 Attachment
      Hi. This is Keitaro YOSHIMURA.

      I was found a bug.
      "post-install" has forgotten to read data_directory value.

      The value of data_directory fails in chown because of emptiness in
      starting the change of post-install of the owner of data_directory.
      Then, processing of post-install stops because of that.

      Version that influences:
      2.5
      2.5-20071205 〜
      2.6
      All snapshot

      please apply this patch:)
      --
      <|> YOSHIMURA Keitaro/ramsy
      <|> ramsy@...
      <|> http://ramix.jp/~ramsy/
    • Victor Duchovni
      ... How are using post-install . It is not supposed to be invoked directly. Its value is placed in the environment by the postfix(1) driver. The supported
      Message 2 of 15 , Jan 25, 2008
      • 0 Attachment
        On Fri, Jan 25, 2008 at 01:19:13PM +0900, YOSHIMURA Keitaro wrote:

        > I was found a bug.
        > "post-install" has forgotten to read data_directory value.
        >
        > The value of data_directory fails in chown because of emptiness in
        > starting the change of post-install of the owner of data_directory.
        > Then, processing of post-install stops because of that.

        How are using "post-install". It is not supposed to be invoked directly.
        Its value is placed in the environment by the postfix(1) driver. The
        supported commands are:

        postfix set-permissions
        postfix upgrade-package
        ...

        not
        post-install set-permissions
        ...

        post-install should arguably still read the main.cf file, but this should
        not be necessary.

        --
        Viktor.

        Disclaimer: off-list followups get on-list replies or get ignored.
        Please do not ignore the "Reply-To" header.

        To unsubscribe from the postfix-users list, visit
        http://www.postfix.org/lists.html or click the link below:
        <mailto:majordomo@...?body=unsubscribe%20postfix-users>

        If my response solves your problem, the best way to thank me is to not
        send an "it worked, thanks" follow-up. If you must respond, please put
        "It worked, thanks" in the "Subject" so I can delete these quickly.
      • YOSHIMURA Keitaro
        ... There might not be difference in the thing that there is a leakage in the processing when reading from main.cf. Should not this processing be done, and
        Message 3 of 15 , Jan 25, 2008
        • 0 Attachment
          > > I was found a bug.
          > > "post-install" has forgotten to read data_directory value.
          > >
          > > The value of data_directory fails in chown because of emptiness in
          > > starting the change of post-install of the owner of data_directory.
          > > Then, processing of post-install stops because of that.
          >
          > How are using "post-install". It is not supposed to be invoked directly.
          There might not be difference in the thing that there is a leakage in
          the processing when reading from main.cf. Should not this processing be
          done, and should not I shed it as an error if it should not call it
          directly?

          --
          <|> YOSHIMURA Keitaro/ramsy
          <|> ramsy@...
          <|> http://ramix.jp/~ramsy/
        • Victor Duchovni
          ... I don t understand what you are saying. Thanks for the bug report, there is indeed a minor inconsistency in how data_directory is handled, but it should be
          Message 4 of 15 , Jan 25, 2008
          • 0 Attachment
            On Sat, Jan 26, 2008 at 01:15:54AM +0900, YOSHIMURA Keitaro wrote:

            > > > I was found a bug.
            > > > "post-install" has forgotten to read data_directory value.
            > > >
            > > > The value of data_directory fails in chown because of emptiness in
            > > > starting the change of post-install of the owner of data_directory.
            > > > Then, processing of post-install stops because of that.
            > >
            > > How are using "post-install". It is not supposed to be invoked directly.
            >
            > There might not be difference in the thing that there is a leakage in
            > the processing when reading from main.cf. Should not this processing be
            > done, and should not I shed it as an error if it should not call it
            > directly?

            I don't understand what you are saying.

            Thanks for the bug report, there is indeed a minor inconsistency in how
            data_directory is handled, but it should be harmless. What problem did
            you run into and how?

            Did you run "post-install" directly? Don't, you should be using "postfix"
            instead.

            --
            Viktor.

            Disclaimer: off-list followups get on-list replies or get ignored.
            Please do not ignore the "Reply-To" header.

            To unsubscribe from the postfix-users list, visit
            http://www.postfix.org/lists.html or click the link below:
            <mailto:majordomo@...?body=unsubscribe%20postfix-users>

            If my response solves your problem, the best way to thank me is to not
            send an "it worked, thanks" follow-up. If you must respond, please put
            "It worked, thanks" in the "Subject" so I can delete these quickly.
          • Wietse Venema
            ... You MUST NOT invoke the post-install script directly. Wietse
            Message 5 of 15 , Jan 25, 2008
            • 0 Attachment
              YOSHIMURA Keitaro:
              > > > I was found a bug.
              > > > "post-install" has forgotten to read data_directory value.
              > > >
              > > > The value of data_directory fails in chown because of emptiness in
              > > > starting the change of post-install of the owner of data_directory.
              > > > Then, processing of post-install stops because of that.
              > >
              > > How are using "post-install". It is not supposed to be invoked directly.
              > There might not be difference in the thing that there is a leakage in
              > the processing when reading from main.cf. Should not this processing be
              > done, and should not I shed it as an error if it should not call it
              > directly?

              You MUST NOT invoke the post-install script directly.

              Wietse
            • Peter H. Coffin
              ... I ve a similar problem. I just pulled down postfix-2.6-20080127, gave it my usual make makefiles, built it, and ran make upgrade only. Since this was
              Message 6 of 15 , Jan 31, 2008
              • 0 Attachment
                On Fri, Jan 25, 2008 at 06:50:19PM -0500, Wietse Venema wrote:
                > YOSHIMURA Keitaro:
                > > > > I was found a bug.
                > > > > "post-install" has forgotten to read data_directory value.
                > > > >
                > > > > The value of data_directory fails in chown because of emptiness in
                > > > > starting the change of post-install of the owner of data_directory.
                > > > > Then, processing of post-install stops because of that.
                > > >
                > > > How are using "post-install". It is not supposed to be invoked directly.
                > > There might not be difference in the thing that there is a leakage in
                > > the processing when reading from main.cf. Should not this processing be
                > > done, and should not I shed it as an error if it should not call it
                > > directly?
                >
                > You MUST NOT invoke the post-install script directly.

                I've a similar problem. I just pulled down postfix-2.6-20080127, gave it
                my usual make makefiles, built it, and ran make upgrade only. Since this
                was overlaying postfix-2.5-20070614, I checked the data_directory
                creation.

                -----------------
                # ls -l /var/lib/
                total 8
                drwxr-x--- 2 root daemon 512 Jan 26 14:16 dovecot
                drwx------ 2 _postfix daemon 512 Jan 31 15:18 postfix
                -----------------

                I set main.cf to

                -----------------
                ...[rest of main.cf]...

                data_directory = /var/lib/postfix
                -----------------

                Save it and try to start postfix
                -----------------
                "main.cf" 787L, 30558C written
                $ tail main.cf
                check_recipient_access pcre:/etc/postfix/recipient_class.pcre

                smtpd_data_restrictions =
                reject_unauth_pipelining,
                reject_multi_recipient_bounce
                mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
                body_checks = regexp:/etc/postfix/body_checks.regexp
                body_checks_size_limit = 307200

                data_directory = /var/lib/postfix
                $ sudo postfix start
                postsuper: fatal: bad string length 0 < 1: data_directory =
                postfix/postlog: fatal: bad string length 0 < 1: data_directory =
                $ tail main.cf
                check_recipient_access pcre:/etc/postfix/recipient_class.pcre

                smtpd_data_restrictions =
                reject_unauth_pipelining,
                reject_multi_recipient_bounce
                mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
                body_checks = regexp:/etc/postfix/body_checks.regexp
                body_checks_size_limit = 307200

                data_directory =
                $
                -----------------

                I go put back the entry for data_directory again, trying with a trailing
                slash this time.

                -----------------
                "main.cf" 787L, 30559C written
                $ tail main.cf
                check_recipient_access pcre:/etc/postfix/recipient_class.pcre

                smtpd_data_restrictions =
                reject_unauth_pipelining,
                reject_multi_recipient_bounce
                mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
                body_checks = regexp:/etc/postfix/body_checks.regexp
                body_checks_size_limit = 307200

                data_directory = /var/lib/postfix/
                $ sudo postfix start
                postsuper: fatal: bad string length 0 < 1: data_directory =
                postfix/postlog: fatal: bad string length 0 < 1: data_directory =
                $ tail main.cf
                check_recipient_access pcre:/etc/postfix/recipient_class.pcre

                smtpd_data_restrictions =
                reject_unauth_pipelining,
                reject_multi_recipient_bounce
                mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
                body_checks = regexp:/etc/postfix/body_checks.regexp
                body_checks_size_limit = 307200

                data_directory =
                $
                -----------------

                I'm not sure, but it LOOKS like the postfix start is first wiping out
                the data_directory = value, and then complaining that it doesn't have a
                value long enough.

                Any recommendations, or suggestions as to what information might be
                useful?

                --
                It's not hard, it's just asking for a visit by the fuckup fairy.
                -- Peter da Silva
              • Victor Duchovni
                ... postfix start does not modify main.cf. It runs postfix-script with the argument start . This checks the spool and then starts the master daemons. The
                Message 7 of 15 , Jan 31, 2008
                • 0 Attachment
                  On Thu, Jan 31, 2008 at 03:54:32PM -0600, Peter H. Coffin wrote:

                  > smtpd_data_restrictions =
                  > reject_unauth_pipelining,
                  > reject_multi_recipient_bounce
                  > mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
                  > body_checks = regexp:/etc/postfix/body_checks.regexp
                  > body_checks_size_limit = 307200
                  >
                  > data_directory =
                  > $
                  > -----------------
                  >
                  > I'm not sure, but it LOOKS like the postfix start is first wiping out
                  > the data_directory = value, and then complaining that it doesn't have a
                  > value long enough.

                  "postfix start" does not modify main.cf. It runs "postfix-script" with
                  the argument "start". This checks the spool and then starts the master
                  daemons. The checks don't modify main.cf.

                  --
                  Viktor.

                  Disclaimer: off-list followups get on-list replies or get ignored.
                  Please do not ignore the "Reply-To" header.

                  To unsubscribe from the postfix-users list, visit
                  http://www.postfix.org/lists.html or click the link below:
                  <mailto:majordomo@...?body=unsubscribe%20postfix-users>

                  If my response solves your problem, the best way to thank me is to not
                  send an "it worked, thanks" follow-up. If you must respond, please put
                  "It worked, thanks" in the "Subject" so I can delete these quickly.
                • Peter H. Coffin
                  ... That s why I stressed LOOKS . I m not doing anything else not shown in the copy/paste, main.cf is only writable by root, I m the only superuser on the
                  Message 8 of 15 , Jan 31, 2008
                  • 0 Attachment
                    On Thu, Jan 31, 2008 at 05:09:22PM -0500, Victor Duchovni wrote:
                    > On Thu, Jan 31, 2008 at 03:54:32PM -0600, Peter H. Coffin wrote:
                    >
                    > > smtpd_data_restrictions =
                    > > reject_unauth_pipelining,
                    > > reject_multi_recipient_bounce
                    > > mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
                    > > body_checks = regexp:/etc/postfix/body_checks.regexp
                    > > body_checks_size_limit = 307200
                    > >
                    > > data_directory =
                    > > $
                    > > -----------------
                    > >
                    > > I'm not sure, but it LOOKS like the postfix start is first wiping out
                    > > the data_directory = value, and then complaining that it doesn't have a
                    > > value long enough.
                    >
                    > "postfix start" does not modify main.cf. It runs "postfix-script" with
                    > the argument "start". This checks the spool and then starts the master
                    > daemons. The checks don't modify main.cf.

                    That's why I stressed "LOOKS". I'm not doing anything else not shown in
                    the copy/paste, main.cf is only writable by root, I'm the only superuser
                    on the box. There's only a couple of seconds between the commands above,
                    so I don't have the faintest idea what (other than something in the
                    postfix scripts) would be so consistantly altering main.cf underneath
                    me. Can you recommend any way to audit what might be altering main.cf?

                    --
                    "Friendship is born at that moment when one person says to another, 'What!
                    You too? I thought I was the only one!'"
                    --C.S. Lewis
                  • Victor Duchovni
                    ... Are you sure you are running the *new* postfix binary? If using a POSIX shell, report the output of: strings `type -p postfix` | grep mail_version= The
                    Message 9 of 15 , Jan 31, 2008
                    • 0 Attachment
                      On Thu, Jan 31, 2008 at 05:09:22PM -0500, Victor Duchovni wrote:

                      > On Thu, Jan 31, 2008 at 03:54:32PM -0600, Peter H. Coffin wrote:
                      >
                      > > smtpd_data_restrictions =
                      > > reject_unauth_pipelining,
                      > > reject_multi_recipient_bounce
                      > > mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
                      > > body_checks = regexp:/etc/postfix/body_checks.regexp
                      > > body_checks_size_limit = 307200
                      > >
                      > > data_directory =
                      > > $
                      > > -----------------
                      > >
                      > > I'm not sure, but it LOOKS like the postfix start is first wiping out
                      > > the data_directory = value, and then complaining that it doesn't have a
                      > > value long enough.
                      >
                      > "postfix start" does not modify main.cf. It runs "postfix-script" with
                      > the argument "start". This checks the spool and then starts the master
                      > daemons. The checks don't modify main.cf.

                      Are you sure you are running the *new* "postfix" binary? If using a POSIX
                      shell, report the output of:

                      strings `type -p postfix` | grep mail_version=

                      The new postfix-script file has:

                      for name in config_directory $MOST_PARAMETERS
                      do
                      eval test -n \${$name} || {
                      echo "$0: Error: do not invoke this command directly" 1>&2
                      echo Re-run this command as: postfix $0 ... 1>&2
                      exit 1
                      }
                      done

                      this should catch missing "data_directory" initialization. Are you using
                      the wrong postfix-script?

                      Finally report the output of:

                      postfix /bin/env | grep '^[a-z]' | sort

                      --
                      Viktor.

                      Disclaimer: off-list followups get on-list replies or get ignored.
                      Please do not ignore the "Reply-To" header.

                      To unsubscribe from the postfix-users list, visit
                      http://www.postfix.org/lists.html or click the link below:
                      <mailto:majordomo@...?body=unsubscribe%20postfix-users>

                      If my response solves your problem, the best way to thank me is to not
                      send an "it worked, thanks" follow-up. If you must respond, please put
                      "It worked, thanks" in the "Subject" so I can delete these quickly.
                    • Wietse Venema
                      ... This makes no sense. postfix start does not change main.cf. I installed versions of 20080127 on several *BSD and Linux systems. Wietse
                      Message 10 of 15 , Jan 31, 2008
                      • 0 Attachment
                        Peter H. Coffin:
                        > > You MUST NOT invoke the post-install script directly.
                        >
                        > I've a similar problem. I just pulled down postfix-2.6-20080127, gave it
                        > my usual make makefiles, built it, and ran make upgrade only. Since this
                        > was overlaying postfix-2.5-20070614, I checked the data_directory
                        > creation.
                        >
                        > -----------------
                        > # ls -l /var/lib/
                        > total 8
                        > drwxr-x--- 2 root daemon 512 Jan 26 14:16 dovecot
                        > drwx------ 2 _postfix daemon 512 Jan 31 15:18 postfix
                        > -----------------
                        >
                        > I set main.cf to
                        >
                        > -----------------
                        > ...[rest of main.cf]...
                        >
                        > data_directory = /var/lib/postfix
                        > -----------------
                        >
                        > Save it and try to start postfix
                        > -----------------
                        > "main.cf" 787L, 30558C written
                        > $ tail main.cf
                        > check_recipient_access pcre:/etc/postfix/recipient_class.pcre
                        >
                        > smtpd_data_restrictions =
                        > reject_unauth_pipelining,
                        > reject_multi_recipient_bounce
                        > mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
                        > body_checks = regexp:/etc/postfix/body_checks.regexp
                        > body_checks_size_limit = 307200
                        >
                        > data_directory = /var/lib/postfix
                        > $ sudo postfix start
                        > postsuper: fatal: bad string length 0 < 1: data_directory =
                        > postfix/postlog: fatal: bad string length 0 < 1: data_directory =
                        > $ tail main.cf
                        > check_recipient_access pcre:/etc/postfix/recipient_class.pcre
                        >
                        > smtpd_data_restrictions =
                        > reject_unauth_pipelining,
                        > reject_multi_recipient_bounce
                        > mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
                        > body_checks = regexp:/etc/postfix/body_checks.regexp
                        > body_checks_size_limit = 307200
                        >
                        > data_directory =
                        > $

                        This makes no sense. "postfix start" does not change main.cf.
                        I installed versions of 20080127 on several *BSD and Linux systems.

                        Wietse
                      • Victor Duchovni
                        ... The only way that postfix start can change main.cf (via create-missing) is for the environment passed by postfix(1) to postfix-script and hence to
                        Message 11 of 15 , Jan 31, 2008
                        • 0 Attachment
                          On Thu, Jan 31, 2008 at 06:11:29PM -0500, Wietse Venema wrote:

                          > > data_directory =
                          >
                          > This makes no sense. "postfix start" does not change main.cf.
                          > I installed versions of 20080127 on several *BSD and Linux systems.

                          The only way that "postfix start" can change main.cf (via create-missing)
                          is for the environment passed by postfix(1) to postfix-script and hence
                          to post-install to (miraculously) differ from the main.cf settings that
                          post-install computes via "postconf -h". However, even in that case,
                          empty values should not be possible, because the sanity check at the
                          top of post-install should bail out early.

                          I see no code path that matches the reported symptoms, the installation
                          or run-time environment is likely damaged.

                          --
                          Viktor.

                          Disclaimer: off-list followups get on-list replies or get ignored.
                          Please do not ignore the "Reply-To" header.

                          To unsubscribe from the postfix-users list, visit
                          http://www.postfix.org/lists.html or click the link below:
                          <mailto:majordomo@...?body=unsubscribe%20postfix-users>

                          If my response solves your problem, the best way to thank me is to not
                          send an "it worked, thanks" follow-up. If you must respond, please put
                          "It worked, thanks" in the "Subject" so I can delete these quickly.
                        • Wietse Venema
                          ... Note this: for name in config_directory $MOST_PARAMETERS do eval test -n ${$name} || { echo $0: Error: do not invoke this command directly 1 &2 echo
                          Message 12 of 15 , Jan 31, 2008
                          • 0 Attachment
                            Victor Duchovni:
                            > On Thu, Jan 31, 2008 at 06:11:29PM -0500, Wietse Venema wrote:
                            >
                            > > > data_directory =
                            > >
                            > > This makes no sense. "postfix start" does not change main.cf.
                            > > I installed versions of 20080127 on several *BSD and Linux systems.
                            >
                            > The only way that "postfix start" can change main.cf (via create-missing)
                            > is for the environment passed by postfix(1) to postfix-script and hence
                            > to post-install to (miraculously) differ from the main.cf settings that
                            > post-install computes via "postconf -h". However, even in that case,
                            > empty values should not be possible, because the sanity check at the
                            > top of post-install should bail out early.
                            >
                            > I see no code path that matches the reported symptoms, the installation
                            > or run-time environment is likely damaged.


                            Note this:

                            for name in config_directory $MOST_PARAMETERS
                            do
                            eval test -n \${$name} || {
                            echo "$0: Error: do not invoke this command directly" 1>&2
                            echo Re-run this command as: postfix $0 ... 1>&2
                            exit 1
                            }
                            done

                            This does not work reliably because the "test -n" argument needs to
                            be quoted.

                            Correct is this:

                            for name in config_directory $MOST_PARAMETERS
                            do
                            eval test -n \"\${$name}\" || {
                            echo "$0: Error: do not invoke this command directly" 1>&2
                            echo Re-run this command as: postfix $0 ... 1>&2
                            exit 1
                            }
                            done

                            I'll roll out another snapshot.

                            Wietse
                          • Victor Duchovni
                            ... This is half of the puzzle, so an empty setting won t bail out, but how does the empty arise? The only thing that comes to mind is an obsolete postfix(1)
                            Message 13 of 15 , Jan 31, 2008
                            • 0 Attachment
                              On Thu, Jan 31, 2008 at 07:33:45PM -0500, Wietse Venema wrote:

                              > > The only way that "postfix start" can change main.cf (via create-missing)
                              > > is for the environment passed by postfix(1) to postfix-script and hence
                              > > to post-install to (miraculously) differ from the main.cf settings that
                              > > post-install computes via "postconf -h". However, even in that case,
                              > > empty values should not be possible, because the sanity check at the
                              > > top of post-install should bail out early.
                              > >
                              > > I see no code path that matches the reported symptoms, the installation
                              > > or run-time environment is likely damaged.
                              >
                              > Note this:
                              >
                              > for name in config_directory $MOST_PARAMETERS
                              > do
                              > eval test -n \${$name} || {
                              > echo "$0: Error: do not invoke this command directly" 1>&2
                              > echo Re-run this command as: postfix $0 ... 1>&2
                              > exit 1
                              > }
                              > done
                              >
                              > This does not work reliably because the "test -n" argument needs to
                              > be quoted.
                              >
                              > Correct is this:
                              >
                              > for name in config_directory $MOST_PARAMETERS
                              > do
                              > eval test -n \"\${$name}\" || {
                              > echo "$0: Error: do not invoke this command directly" 1>&2
                              > echo Re-run this command as: postfix $0 ... 1>&2
                              > exit 1
                              > }
                              > done

                              This is half of the puzzle, so an empty setting won't bail out, but how
                              does the empty arise? The only thing that comes to mind is an obsolete
                              postfix(1) on the user's path (different command_directory) that invokes
                              the new postfix-script (same config_directory).

                              Finally, perhaps the code that saves installation parameters into
                              main.cf should only run when upgrade-package, upgrade-source,
                              first-install-reminder or set-permissions are specified. Just
                              "create-missing" shoud perhaps not change main.cf even if the install
                              parameters appear to be different. The specific test can be:

                              test -n "${first_install_reminder}${set_perms}${upgrade_conf}${upgrade_perms}"

                              or we can add a new flag that is set when setting one of these. Either
                              way the code that runs "postconf -e" could be disabled with just the
                              create-missing post-install action that is triggered from "postfix start".

                              --
                              Viktor.

                              Disclaimer: off-list followups get on-list replies or get ignored.
                              Please do not ignore the "Reply-To" header.

                              To unsubscribe from the postfix-users list, visit
                              http://www.postfix.org/lists.html or click the link below:
                              <mailto:majordomo@...?body=unsubscribe%20postfix-users>

                              If my response solves your problem, the best way to thank me is to not
                              send an "it worked, thanks" follow-up. If you must respond, please put
                              "It worked, thanks" in the "Subject" so I can delete these quickly.
                            • Wietse Venema
                              ... That would be the most likely explanation ( postfix start using an obsolete postfix executable). ... This change would be inconsistent with the man page
                              Message 14 of 15 , Feb 1, 2008
                              • 0 Attachment
                                Victor Duchovni:
                                > On Thu, Jan 31, 2008 at 07:33:45PM -0500, Wietse Venema wrote:
                                >
                                > > > The only way that "postfix start" can change main.cf (via create-missing)
                                > > > is for the environment passed by postfix(1) to postfix-script and hence
                                > > > to post-install to (miraculously) differ from the main.cf settings that
                                > > > post-install computes via "postconf -h". However, even in that case,
                                > > > empty values should not be possible, because the sanity check at the
                                > > > top of post-install should bail out early.
                                > > >
                                > > > I see no code path that matches the reported symptoms, the installation
                                > > > or run-time environment is likely damaged.
                                > >
                                > > Note this:
                                > >
                                > > for name in config_directory $MOST_PARAMETERS
                                > > do
                                > > eval test -n \${$name} || {
                                > > echo "$0: Error: do not invoke this command directly" 1>&2
                                > > echo Re-run this command as: postfix $0 ... 1>&2
                                > > exit 1
                                > > }
                                > > done
                                > >
                                > > This does not work reliably because the "test -n" argument needs to
                                > > be quoted.
                                > >
                                > > Correct is this:
                                > >
                                > > for name in config_directory $MOST_PARAMETERS
                                > > do
                                > > eval test -n \"\${$name}\" || {
                                > > echo "$0: Error: do not invoke this command directly" 1>&2
                                > > echo Re-run this command as: postfix $0 ... 1>&2
                                > > exit 1
                                > > }
                                > > done
                                >
                                > This is half of the puzzle, so an empty setting won't bail out, but how
                                > does the empty arise? The only thing that comes to mind is an obsolete
                                > postfix(1) on the user's path (different command_directory) that invokes
                                > the new postfix-script (same config_directory).

                                That would be the most likely explanation ("postfix start"
                                using an obsolete "postfix" executable).

                                > Finally, perhaps the code that saves installation parameters into
                                > main.cf should only run when upgrade-package, upgrade-source,
                                > first-install-reminder or set-permissions are specified. Just
                                > "create-missing" shoud perhaps not change main.cf even if the install
                                > parameters appear to be different. The specific test can be:
                                >
                                > test -n "${first_install_reminder}${set_perms}${upgrade_conf}${upgrade_perms}"
                                >
                                > or we can add a new flag that is set when setting one of these. Either
                                > way the code that runs "postconf -e" could be disabled with just the
                                > create-missing post-install action that is triggered from "postfix start".

                                This change would be inconsistent with the man page which says
                                name=value can be used with any command. This change would also
                                be inconsistent with the code which will implement name=value which
                                with any command.

                                Let's fix the real problem: post-install being run in the wrong
                                environment, instead of plugging all the holes that may result from
                                running in the wrong environment.

                                Wietse
                              • Wietse Venema
                                ... Wietse Venema ... The test is corrected, but the error message needs to be updated. When postfix start is done with an old postfix executable, the error
                                Message 15 of 15 , Feb 1, 2008
                                • 0 Attachment
                                  Victor Duchovni:
                                  > The only way that "postfix start" can change main.cf (via create-missing)
                                  > is for the environment passed by postfix(1) to postfix-script and hence
                                  > to post-install to (miraculously) differ from the main.cf settings that
                                  > post-install computes via "postconf -h". However, even in that case,
                                  > empty values should not be possible, because the sanity check at the
                                  > top of post-install should bail out early.

                                  Wietse Venema
                                  > [the bail-out test in 20080127 post-install] does not work reliably
                                  > because the "test -n" argument needs to be quoted.
                                  >
                                  > Correct is this:
                                  >
                                  > for name in config_directory $MOST_PARAMETERS
                                  > do
                                  > eval test -n \"\${$name}\" || {
                                  > echo "$0: Error: do not invoke this command directly" 1>&2
                                  > echo Re-run this command as: postfix $0 ... 1>&2
                                  > exit 1
                                  > }
                                  > done
                                  >
                                  > I'll roll out another snapshot.

                                  The test is corrected, but the error message needs to be updated.
                                  When "postfix start" is done with an old postfix executable, the
                                  error message is the same as when the new post-install script is
                                  invoked directly, because in both cases some environment variable
                                  will be missing.

                                  This will be fixed in a later snapshot release. It's not urgent,
                                  because no harm is done. Sites are unlikely to have mixed-version
                                  Postfix executables, and people who do will find this discussion
                                  on the web.

                                  Wietse
                                Your message has been successfully submitted and would be delivered to recipients shortly.