Loading ...
Sorry, an error occurred while loading the content.

FYI - Postfix 2.8.2 and CentOS 5.6

Expand Messages
  • Steve Jenkins
    This isn t a Postfix issue, just an FYI for those running updated versions of Postfix on CentOS. I recently updated one of my CentOS 5.5 systems (which was
    Message 1 of 5 , May 2, 2011
    • 0 Attachment
      This isn't a Postfix issue, just an FYI for those running updated
      versions of Postfix on CentOS.

      I recently updated one of my CentOS 5.5 systems (which was running
      Postfix 2.8.2 compiled from source) to CentOS 5.6. The Postfix package
      appeared nowhere on the upgrade list, and my /etc/yum.conf has
      "exclude=postfix*" However, after the upgrade and a reboot, Postfix
      wouldn't start. The maillog complained about the "smtpd pass" settings
      in master.cf that I had uncommented to enable Postscreen.

      A postconf -d | grep version revealed that somehow, my Postfix version
      had reverted to 2.3.3 (the default for new CentOS installs). I thought
      this was strange, but since I had previously downloaded and compiled
      Postfix 2.8.2 on that system, I did a "cd
      /usr/local/src/postfix-2.8.2" and a "make upgrade" and was able to
      start Postfix 2.8.2 successfully within a few seconds.

      I wasn't sure if this was a one time thing, but confirmed the issue
      last night when the same thing happened after upgrading another system
      from CentOS 5.5 -> 5.6. I haven't been able to find the exact cause
      yet, but I at least wanted to post a workaround for the archives in
      case anyone else goes searching for this issue.

      Thanks,

      SteveJ
    • Ned Slider
      ... There was a (Red Hat/CentOS) security update to Postfix issued almost 3 months after the upstream release of 5.6:
      Message 2 of 5 , May 2, 2011
      • 0 Attachment
        On 02/05/11 17:21, Steve Jenkins wrote:
        > This isn't a Postfix issue, just an FYI for those running updated
        > versions of Postfix on CentOS.
        >
        > I recently updated one of my CentOS 5.5 systems (which was running
        > Postfix 2.8.2 compiled from source) to CentOS 5.6. The Postfix package
        > appeared nowhere on the upgrade list, and my /etc/yum.conf has
        > "exclude=postfix*" However, after the upgrade and a reboot, Postfix
        > wouldn't start. The maillog complained about the "smtpd pass" settings
        > in master.cf that I had uncommented to enable Postscreen.
        >

        There was a (Red Hat/CentOS) security update to Postfix issued almost 3
        months after the upstream release of 5.6:

        https://rhn.redhat.com/errata/RHSA-2011-0422.html

        However, because CentOS were slow with the release of 5.6, the base
        update from 5.5 to 5.6, and subsequent errata to 5.6 were all rolled out
        simultaneously, including the Postfix update.

        To exclude postfix updates, you'd need to add the exclude line to both
        the [base] and [updates] sections of your
        /etc/yum.repos.d/CentOS-Base.repo config file. From your description I'd
        guess you've perhaps only excluded postfix from [base] and not [updates].

        Looking at the install scripts run from the Postfix RPM package in
        CentOS, looks like it's reset itself as the default Postfix install as
        you've surmised.

        Running 'rpm -q postfix' would confirm if the latest Postfix RPM package
        slipped through your net during the 5.6 update.
      • Steve Jenkins
        ... Ah, yep! That would explain it! ... I actually didn t have it in either - I was under the (apparently false) impression that just putting the exclude in
        Message 3 of 5 , May 2, 2011
        • 0 Attachment
          On Mon, May 2, 2011 at 2:39 PM, Ned Slider <ned@...> wrote:
          > There was a (Red Hat/CentOS) security update to Postfix issued almost 3
          > months after the upstream release of 5.6:
          >
          > https://rhn.redhat.com/errata/RHSA-2011-0422.html
          >
          > However, because CentOS were slow with the release of 5.6, the base update
          > from 5.5 to 5.6, and subsequent errata to 5.6 were all rolled out
          > simultaneously, including the Postfix update.

          Ah, yep! That would explain it!

          > To exclude postfix updates, you'd need to add the exclude line to both the
          > [base] and [updates] sections of your /etc/yum.repos.d/CentOS-Base.repo
          > config file. From your description I'd guess you've perhaps only excluded
          > postfix from [base] and not [updates].

          I actually didn't have it in either - I was under the (apparently
          false) impression that just putting the exclude in yum.conf would
          apply to any repo. It's in the CentOS-Base.repo file in [base] and
          [updates] now, tho. Thank you. :)

          > Looking at the install scripts run from the Postfix RPM package in CentOS,
          > looks like it's reset itself as the default Postfix install as you've
          > surmised.
          >
          > Running 'rpm -q postfix' would confirm if the latest Postfix RPM package
          > slipped through your net during the 5.6 update.

          Yep!

          % rpm -q postfix
          postfix-2.3.3-2.2.el5_6

          Thanks for the excellent detective work, Ned. :)

          SteveJ
        • Nikolaos Milas
          ... I also have servers with compiled Postfix (2.8.1 and 2.8.2), thanks to your blog Steve, and I also recently upgraded all of them to CentOS 5.6. I only have
          Message 4 of 5 , May 3, 2011
          • 0 Attachment
            On 3/5/2011 1:35 πμ, Steve Jenkins wrote:


            > I actually didn't have it in either - I was under the (apparently
            > false) impression that just putting the exclude in yum.conf would
            > apply to any repo. It's in the CentOS-Base.repo file in [base] and
            > [updates] now, tho. Thank you. :)
            >

            I also have servers with compiled Postfix (2.8.1 and 2.8.2), thanks to
            your blog Steve, and I also recently upgraded all of them to CentOS 5.6.

            I only have an exclude for postfix* in yum.conf and all upgrades (with
            "yum update") went without problems. My Postfix was not replaced by the
            distribution's package.

            In one server where I had forgotten the exclude in yum.conf, I saw
            Postfix was in the results of yum check-update, but then I added it and
            re-run yum check-update, and Postfix was no more included in the offered
            updates.

            So, from my point of view, an exclude at the bottom of yum.conf does the
            job! :-)

            Perhaps you used "yum upgrade"? This could possibly have more radical
            effects to installable packages? Yet, from the man page:

            "Upgrade: Is the same as the update command with the --obsoletes
            flag set... "
            "--obsoletes: This option only has affect for an update, it enables
            yum΄s obsoletes processing logic."
            "If the main obsoletes configure option is true (default) or the
            --obsoletes flag is present yum will include package obsoletes in
            its calculations..."

            ...it seems that (since obsoletes configure option is by default true)
            upgrade = update, so there should not be a difference.

            In any case, I used "yum update" in all cases.

            Nick
          • Steve Jenkins
            ... Ahhh... found the problem. I had excluded postfix-* instead of postfix* Just tested it on a diff box, and changing that in the /etc/yum.conf excluded it
            Message 5 of 5 , May 3, 2011
            • 0 Attachment
              On Tue, May 3, 2011 at 2:48 AM, Nikolaos Milas <nmilas@...> wrote:
              > I only have an exclude for postfix* in yum.conf and all upgrades (with "yum
              > update") went without problems. My Postfix was not replaced by the
              > distribution's package.

              Ahhh... found the problem. I had excluded postfix-* instead of postfix*

              Just tested it on a diff box, and changing that in the /etc/yum.conf
              excluded it properly with a yum check-update. :)

              Thanks!

              SteveJ
            Your message has been successfully submitted and would be delivered to recipients shortly.