Loading ...
Sorry, an error occurred while loading the content.

Re: misunderstanding INSTALL "vs" compile-time config ? (and MacOSX patch)

Expand Messages
  • ixloran@...
    Hi ... I m building on Linux. Do I need to apply that patch to my source, even though it s for MacOSX? What I get now is: make upgrade ... make: Nothing to
    Message 1 of 20 , Apr 6, 2013
    • 0 Attachment
      Hi

      On Sat, Apr 6, 2013, at 10:39 AM, Viktor Dukhovni wrote:
      > On Sat, Apr 06, 2013 at 09:25:28AM -0700, ixloran@... wrote:
      >
      > > "The non-interactive version ("make upgrade") needs the
      > > /etc/postfix/main.cf file from a previous installation.
      >
      > It works just fine without one. If you don't want to build a package,
      > but want non-interactive installation, that's what "make upgrade" does.
      >
      > I am attaching a patch for "MacOSX", where a bare-metal "make
      > upgrade" with no main.cf fails, because Apple defines "postfix" as
      > a nickname for "_postfix" and "postdrop" as a nickname for "_postdrop",
      > so with default compile-time settings the Postfix installer aborts
      > because its uid appears to be shared.

      I'm building on Linux. Do I need to apply that patch to my source, even
      though it's for MacOSX?

      What I get now is:

      make upgrade
      ...
      make: Nothing to be done for `update'.
      /bin/sh postfix-install -non-interactive
      postfix-install: Error: "postdrop" needs an entry in the group
      file.
      Remember, "postdrop" needs a dedicated group id.
      make: *** [upgrade] Error 1


      Since the distro already installed its version of postfix -- both
      version and config are not what I want/need, so that's why I'm building
      my own -- there exist users/groups for postfix

      grep post /etc/group
      mail:x:12:postfix
      maildrop:!:59:postfix
      postfix:!:51:

      grep post /etc/passwd
      postfix:x:51:51:Postfix Daemon:/var/spool/postfix:/bin/false

      Is it the patch I need here, or do I still need to create a user/group
      above & beyond what the distro had previously installed?

      I THINK it's the latter, but don't want to start mucking around without
      understanding this.

      Thanks!
    • Viktor Dukhovni
      ... Oddly enough perhaps yes, since though the patch is mostly for MacOSX, it provides additional compile-time tuning on other platforms. ... Your system does
      Message 2 of 20 , Apr 6, 2013
      • 0 Attachment
        On Sat, Apr 06, 2013 at 10:53:54AM -0700, ixloran@... wrote:

        > > I am attaching a patch for "MacOSX", where a bare-metal "make
        > > upgrade" with no main.cf fails, because Apple defines "postfix" as
        > > a nickname for "_postfix" and "postdrop" as a nickname for "_postdrop",
        > > so with default compile-time settings the Postfix installer aborts
        > > because its uid appears to be shared.
        >
        > I'm building on Linux. Do I need to apply that patch to my source, even
        > though it's for MacOSX?

        Oddly enough perhaps yes, since though the patch is mostly for
        MacOSX, it provides additional compile-time tuning on other platforms.

        > What I get now is:
        >
        > make upgrade
        > ...
        > make: Nothing to be done for `update'.
        > /bin/sh postfix-install -non-interactive
        > postfix-install: Error: "postdrop" needs an entry in the group
        > file.
        > Remember, "postdrop" needs a dedicated group id.
        > make: *** [upgrade] Error 1

        Your system does not have a "postdrop" group.

        > Since the distro already installed its version of postfix -- both
        > version and config are not what I want/need, so that's why I'm building
        > my own -- there exist users/groups for postfix
        >
        > grep post /etc/group
        > mail:x:12:postfix
        > maildrop:!:59:postfix
        > postfix:!:51:

        Well, "maildrop" is not "postdrop".

        > Is it the patch I need here, or do I still need to create a user/group
        > above & beyond what the distro had previously installed?

        You can either create a "postdrop" group, or with the patch re-use the
        existing "maildrop" group, which makes it easier to transition between
        the system and your custom Postfix, since file permissions will be the
        same. I recommend the latter:

        CCARGS='... -DDEF_SGID_GROUP=\"maildrop\"'

        --
        Viktor.
      • Reindl Harald
        ... and why do you not build a package based on your distros one? you can be pretty sure that Fedora 17 does not have Postfix 2.10 nor have pflogsumm in the
        Message 3 of 20 , Apr 6, 2013
        • 0 Attachment
          Am 06.04.2013 19:53, schrieb ixloran@...:
          > make upgrade
          > ...
          > make: Nothing to be done for `update'.
          > /bin/sh postfix-install -non-interactive
          > postfix-install: Error: "postdrop" needs an entry in the group
          > file.
          > Remember, "postdrop" needs a dedicated group id.
          > make: *** [upgrade] Error 1
          >
          >
          > Since the distro already installed its version of postfix -- both
          > version and config are not what I want/need, so that's why I'm building
          > my own -- there exist users/groups for postfix

          and why do you not build a package based on your distros one?

          you can be pretty sure that Fedora 17 does not have Postfix 2.10
          nor have pflogsumm in the same packages nor avoid "alternatives"
          or build with mysql and without postgresql-deps

          [builduser@buildserver:~]$ cat /rpmbuild/SPECS/postfix.spec
          %define postfix_uid 89
          %define postfix_user postfix
          %define postfix_gid 89
          %define postfix_group postfix
          %define maildrop_group postdrop
          %define maildrop_gid 90
          %define postfix_config_dir %{_sysconfdir}/postfix
          %define postfix_daemon_dir %{_libexecdir}/postfix
          %define postfix_command_dir %{_sbindir}
          %define postfix_queue_dir %{_var}/spool/postfix
          %define postfix_data_dir %{_var}/lib/postfix
          %define postfix_doc_dir %{_docdir}/%{name}-%{version}
          %define postfix_sample_dir %{postfix_doc_dir}/samples
          %define postfix_readme_dir %{postfix_doc_dir}/README_FILES
          %define pflogsumm_ver 1.1.5

          Name: postfix
          Summary: Postfix Mail Transport Agent
          Version: 2.10.0
          Release: 17%{?dist}
          Epoch: 2
          Group: System Environment/Daemons
          URL: http://www.postfix.org
          License: IBM
          Requires: shadow-utils, systemd-units
          Requires(post): shadow-utils, systemd-units
          Requires(pre): shadow-utils, systemd-units
          Requires(preun): shadow-utils, systemd-units
          Requires(postun): shadow-utils, systemd-units
          Provides: MTA smtpd smtpdaemon server(smtp)
          Source0: ftp://ftp.porcupine.org/mirrors/postfix-release/official/%{name}-%{version}.tar.gz
          Source53: http://jimsun.linxnet.com/downloads/pflogsumm-%{pflogsumm_ver}.tar.gz
          Source101: postfix-pam.conf
          Source500: postfix.service
          BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
          BuildRequires: db4-devel, pkgconfig, zlib-devel, mysql-devel, cyrus-sasl-devel, pcre-devel, openssl-devel,
          systemd-units
          Obsoletes: postfix-perl-scripts

          Provides: postfix-perl-scripts
          Provides: postfix-pflogsumm = %{epoch}:%{version}-%{release}

          %description
          Postfix is a Mail Transport Agent, supporting SMTP AUTH and TLS

          %package manpages
          Summary: Postfix manuals
          Group: Applications/System
          %description manpages

          %prep
          %setup -q -n %{name}-%{version}

          gzip -dc %{SOURCE53} | tar xf -
          pushd pflogsumm-%{pflogsumm_ver}
          popd

          for f in README_FILES/TLS_{LEGACY_,}README TLS_ACKNOWLEDGEMENTS; do
          iconv -f iso8859-1 -t utf8 -o ${f}{_,} &&
          touch -r ${f}{,_} && mv -f ${f}{_,}
          done

          %build
          CCARGS=-fPIC
          AUXLIBS=

          CCARGS="${CCARGS} -DHAS_PCRE -I%{_includedir}/pcre"
          AUXLIBS="${AUXLIBS} -lpcre"

          CCARGS="${CCARGS} -DHAS_MYSQL -I%{_includedir}/mysql"
          AUXLIBS="${AUXLIBS} -L%{_libdir}/mysql -lmysqlclient -lm"

          CCARGS="${CCARGS} -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I%{_includedir}/sasl"
          AUXLIBS="${AUXLIBS} -L%{_libdir}/sasl2 -lsasl2"

          CCARGS="${CCARGS} -DUSE_TLS -I/usr/include/openssl"
          AUXLIBS="${AUXLIBS} -lssl -lcrypto"

          CCARGS="${CCARGS} -DDEF_CONFIG_DIR=\\\"%{postfix_config_dir}\\\""
          CCARGS="${CCARGS} $(getconf LFS_CFLAGS)"

          AUXLIBS="${AUXLIBS} -pie -Wl,-z,relro"

          %{__make} %{?_smp_mflags} -f Makefile.init makefiles CCARGS="${CCARGS}" AUXLIBS="${AUXLIBS}" DEBUG=""
          OPT="$RPM_OPT_FLAGS -Wno-comment"
          %{__make} %{?_smp_mflags} CCARGS="${CCARGS}" AUXLIBS="${AUXLIBS}" DEBUG="" OPT="$RPM_OPT_FLAGS -Wno-comment"

          %install
          rm -rf $RPM_BUILD_ROOT
          mkdir -p $RPM_BUILD_ROOT
          sh postfix-install -non-interactive install_root=$RPM_BUILD_ROOT config_directory=%{postfix_config_dir}
          daemon_directory=%{postfix_daemon_dir} command_directory=%{postfix_command_dir}
          queue_directory=%{postfix_queue_dir} data_directory=%{postfix_data_dir}
          sendmail_path=%{postfix_command_dir}/sendmail newaliases_path=%{_bindir}/newaliases mailq_path=%{_bindir}/mailq
          mail_owner=%{postfix_user} setgid_group=%{maildrop_group} manpage_directory=%{_mandir}
          sample_directory=%{postfix_sample_dir} readme_directory=%{postfix_readme_dir} || exit 1
          install -c auxiliary/rmail/rmail $RPM_BUILD_ROOT%{_bindir}/rmail

          for i in active bounce corrupt defer deferred flush incoming private saved maildrop public pid saved trace; do
          mkdir -p $RPM_BUILD_ROOT%{postfix_queue_dir}/$i
          done

          cat $RPM_BUILD_ROOT%{postfix_daemon_dir}/postfix-files

          mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
          install -m 644 %{SOURCE101} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/smtp.postfix

          mkdir -p $RPM_BUILD_ROOT%{postfix_doc_dir}
          mkdir -p $RPM_BUILD_ROOT%{postfix_doc_dir}/examples{,/chroot-setup}
          cp -pr examples/{qmail-local,smtpd-policy} $RPM_BUILD_ROOT%{postfix_doc_dir}/examples
          cp -p examples/chroot-setup/LINUX2 $RPM_BUILD_ROOT%{postfix_doc_dir}/examples/chroot-setup

          mv $RPM_BUILD_ROOT/etc/postfix/bounce.cf.default $RPM_BUILD_ROOT%{postfix_doc_dir}
          mv $RPM_BUILD_ROOT/etc/postfix/main.cf.default $RPM_BUILD_ROOT%{postfix_doc_dir}
          mv $RPM_BUILD_ROOT/etc/postfix/makedefs.out $RPM_BUILD_ROOT%{postfix_doc_dir}
          rm -f $RPM_BUILD_ROOT%{postfix_config_dir}/{TLS_,}LICENSE

          find $RPM_BUILD_ROOT%{postfix_doc_dir} -type f | xargs chmod 644
          find $RPM_BUILD_ROOT%{postfix_doc_dir} -type d | xargs chmod 755

          install -c -m 644 pflogsumm-%{pflogsumm_ver}/pflogsumm-faq.txt $RPM_BUILD_ROOT%{postfix_doc_dir}/pflogsumm-faq.txt
          install -c -m 644 pflogsumm-%{pflogsumm_ver}/pflogsumm.1 $RPM_BUILD_ROOT%{_mandir}/man1/pflogsumm.1
          install -c pflogsumm-%{pflogsumm_ver}/pflogsumm.pl $RPM_BUILD_ROOT%{postfix_command_dir}/pflogsumm

          mantools/srctoman - auxiliary/qshape/qshape.pl > qshape.1
          install -c qshape.1 $RPM_BUILD_ROOT%{_mandir}/man1/qshape.1
          install -c auxiliary/qshape/qshape.pl $RPM_BUILD_ROOT%{postfix_command_dir}/qshape

          mkdir -p $RPM_BUILD_ROOT/%{_unitdir}/
          install -m 0644 %{SOURCE500} $RPM_BUILD_ROOT/%{_unitdir}/

          rm -f $RPM_BUILD_ROOT%{postfix_config_dir}/aliases
          rm -f $RPM_BUILD_ROOT%{_sysconfdir}/postfix/main.cf
          rm -f $RPM_BUILD_ROOT%{_sysconfdir}/postfix/master.cf
          rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/smtp

          %post
          /usr/bin/systemctl --system daemon-reload 2> /dev/null > /dev/null
          %{_sbindir}/postfix set-permissions upgrade-configuration daemon_directory=%{postfix_daemon_dir}
          command_directory=%{postfix_command_dir} mail_owner=%{postfix_user} setgid_group=%{maildrop_group}
          manpage_directory=%{_mandir} sample_directory=%{postfix_sample_dir} readme_directory=%{postfix_readme_dir} &> /dev/null
          %{_bindir}/unlink /etc/alternatives/mta 2> /dev/null
          %{_bindir}/unlink /etc/alternatives/mta-aliasesman 2> /dev/null
          %{_bindir}/unlink /etc/alternatives/mta-mailq 2> /dev/null
          %{_bindir}/unlink /etc/alternatives/mta-mailqman 2> /dev/null
          %{_bindir}/unlink /etc/alternatives/mta-newaliases 2> /dev/null
          %{_bindir}/unlink /etc/alternatives/mta-newaliasesman 2> /dev/null
          %{_bindir}/unlink /etc/alternatives/mta-pam 2> /dev/null
          %{_bindir}/unlink /etc/alternatives/mta-rmail 2> /dev/null
          %{_bindir}/unlink /etc/alternatives/mta-sendmail 2> /dev/null
          %{_bindir}/unlink /etc/alternatives/mta-sendmailman 2> /dev/null
          exit 0

          %pre
          %{_sbindir}/groupadd -g %{maildrop_gid} -r %{maildrop_group} 2> /dev/null
          %{_sbindir}/groupadd -g %{postfix_gid} -r %{postfix_group} 2> /dev/null
          %{_sbindir}/groupadd -g 12 -r mail 2> /dev/null
          %{_sbindir}/useradd -d %{postfix_queue_dir} -s /sbin/nologin -g %{postfix_group} -G mail -M -r -u %{postfix_uid}
          %{postfix_user} 2> /dev/null
          exit 0

          %preun
          if [ "$1" == 0 ]; then
          /usr/bin/systemctl --no-reload disable postfix.service 2> /dev/null > /dev/null
          /usr/bin/systemctl stop postfix.service 2> /dev/null > /dev/null
          fi
          exit 0

          %clean
          rm -rf $RPM_BUILD_ROOT

          %files
          %defattr(-, root, root)
          %attr(0644, root, root) %{_unitdir}/postfix.service
          %dir %attr(0755, root, root) %{postfix_config_dir}
          %dir %attr(0755, root, root) %{postfix_daemon_dir}
          %dir %attr(0755, root, root) %{postfix_queue_dir}
          %dir %attr(0755, root, root) %{postfix_queue_dir}/pid
          %dir %attr(0700, %{postfix_user}, root) %{postfix_data_dir}
          %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/active
          %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/bounce
          %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/corrupt
          %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/defer
          %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/deferred
          %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/flush
          %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/hold
          %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/incoming
          %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/saved
          %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/trace
          %dir %attr(0730, %{postfix_user}, %{maildrop_group}) %{postfix_queue_dir}/maildrop
          %dir %attr(0710, %{postfix_user}, %{maildrop_group}) %{postfix_queue_dir}/public
          %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/private
          %attr(2755, root, %{maildrop_group}) %{postfix_command_dir}/postdrop
          %attr(2755, root, %{maildrop_group}) %{postfix_command_dir}/postqueue
          %attr(0755, root, root) %{postfix_command_dir}/sendmail
          %attr(0755, root, root) %{postfix_command_dir}/postalias
          %attr(0755, root, root) %{postfix_command_dir}/postcat
          %attr(0755, root, root) %{postfix_command_dir}/postconf
          %attr(0755, root, root) %{postfix_command_dir}/postfix
          %attr(0755, root, root) %{postfix_command_dir}/postkick
          %attr(0755, root, root) %{postfix_command_dir}/postlock
          %attr(0755, root, root) %{postfix_command_dir}/postlog
          %attr(0755, root, root) %{postfix_command_dir}/postmap
          %attr(0755, root, root) %{postfix_command_dir}/postmulti
          %attr(0755, root, root) %{postfix_command_dir}/postsuper
          %attr(0755, root, root) %{postfix_command_dir}/qshape
          %attr(0755, root, root) %{postfix_command_dir}/pflogsumm
          %attr(0644, root, root) %config(noreplace) %{postfix_config_dir}/access
          %attr(0644, root, root) %config(noreplace) %{postfix_config_dir}/canonical
          %attr(0644, root, root) %config(noreplace) %{postfix_config_dir}/generic
          %attr(0644, root, root) %config(noreplace) %{postfix_config_dir}/header_checks
          %attr(0644, root, root) %config(noreplace) %{postfix_config_dir}/relocated
          %attr(0644, root, root) %config(noreplace) %{postfix_config_dir}/transport
          %attr(0644, root, root) %config(noreplace) %{postfix_config_dir}/virtual
          %attr(0755, root, root) %{postfix_daemon_dir}/[^mp]*
          %attr(0644, root, root) %{postfix_daemon_dir}/main.cf
          %attr(0644, root, root) %{postfix_daemon_dir}/master.cf
          %attr(0755, root, root) %{postfix_daemon_dir}/master
          %attr(0755, root, root) %{postfix_daemon_dir}/pickup
          %attr(0755, root, root) %{postfix_daemon_dir}/pipe
          %attr(0755, root, root) %{postfix_daemon_dir}/post-install
          %attr(0644, root, root) %{postfix_daemon_dir}/postfix-files
          %attr(0755, root, root) %{postfix_daemon_dir}/postfix-script
          %attr(0755, root, root) %{postfix_daemon_dir}/postfix-wrapper
          %attr(0755, root, root) %{postfix_daemon_dir}/postmulti-script
          %attr(0755, root, root) %{postfix_daemon_dir}/postscreen
          %attr(0755, root, root) %{postfix_daemon_dir}/proxymap
          %attr(0755, root, root) %{_bindir}/mailq
          %attr(0755, root, root) %{_bindir}/newaliases
          %attr(0755, root, root) %{_bindir}/rmail
          %config(noreplace) %{_sysconfdir}/pam.d/smtp.postfix

          %files manpages
          %defattr(-, root, root)
          %{postfix_doc_dir}
          %attr(0644, root, root) %{_mandir}/man1/*
          %attr(0644, root, root) %{_mandir}/man5/*
          %attr(0644, root, root) %{_mandir}/man8/*

          %changelog
          * Fri Feb 1 2013 Reindl Harald <h.reindl@...>
          - remove all the "alternatives" crap - we only use postfix

          * Mon Jan 28 2013 Reindl Harald <h.reindl@...>
          - remove distribution configs from package

          * Thu Jan 24 2013 Reindl Harald <h.reindl@...>
          - combine postfix and pflogsum in one package
          - split out all manpages in a sub-package
        • ixloran@...
          Viktor, Thanks for the answers. I thing I have what I need for now; I ll give it a try in a but. Thanks!
          Message 4 of 20 , Apr 6, 2013
          • 0 Attachment
            Viktor,

            Thanks for the answers. I thing I have what I need for now; I'll give
            it a try in a but.

            Thanks!

            On Sat, Apr 6, 2013, at 10:58 AM, Viktor Dukhovni wrote:
            > On Sat, Apr 06, 2013 at 10:53:54AM -0700, ixloran@... wrote:
            >
            > > > I am attaching a patch for "MacOSX", where a bare-metal "make
            > > > upgrade" with no main.cf fails, because Apple defines "postfix" as
            > > > a nickname for "_postfix" and "postdrop" as a nickname for "_postdrop",
            > > > so with default compile-time settings the Postfix installer aborts
            > > > because its uid appears to be shared.
            > >
            > > I'm building on Linux. Do I need to apply that patch to my source, even
            > > though it's for MacOSX?
            >
            > Oddly enough perhaps yes, since though the patch is mostly for
            > MacOSX, it provides additional compile-time tuning on other platforms.
            >
            > > What I get now is:
            > >
            > > make upgrade
            > > ...
            > > make: Nothing to be done for `update'.
            > > /bin/sh postfix-install -non-interactive
            > > postfix-install: Error: "postdrop" needs an entry in the group
            > > file.
            > > Remember, "postdrop" needs a dedicated group id.
            > > make: *** [upgrade] Error 1
            >
            > Your system does not have a "postdrop" group.
            >
            > > Since the distro already installed its version of postfix -- both
            > > version and config are not what I want/need, so that's why I'm building
            > > my own -- there exist users/groups for postfix
            > >
            > > grep post /etc/group
            > > mail:x:12:postfix
            > > maildrop:!:59:postfix
            > > postfix:!:51:
            >
            > Well, "maildrop" is not "postdrop".
            >
            > > Is it the patch I need here, or do I still need to create a user/group
            > > above & beyond what the distro had previously installed?
            >
            > You can either create a "postdrop" group, or with the patch re-use the
            > existing "maildrop" group, which makes it easier to transition between
            > the system and your custom Postfix, since file permissions will be the
            > same. I recommend the latter:
            >
            > CCARGS='... -DDEF_SGID_GROUP=\"maildrop\"'
            >
            > --
            > Viktor.
          • ixloran@...
            ... Because (1) I m no longer intersted in someone s downstream idea of what version and how I should configure, build & use postfix. (2) I ve had enough of
            Message 5 of 20 , Apr 6, 2013
            • 0 Attachment
              On Sat, Apr 6, 2013, at 10:59 AM, Reindl Harald wrote:
              > and why do you not build a package based on your distros one?

              Because

              (1) I'm no longer intersted in someone's 'downstream idea' of what
              version and how I should configure, build & use postfix.
              (2) I've had enough of being told "go talk to the distro" by the broader
              Postfix community, and the #irc folks specifically.

              If I build it cleanly, from upstream, and according to the Postfix docs,
              and ONLY the Postfix docs, then I can minimize, if not avoid, both
              problems.
            • Reindl Harald
              ... what exactly did you not understand in based on ? ... you missed COMPLETLY what i saied ... and what do you believe does my own build? the point is that
              Message 6 of 20 , Apr 6, 2013
              • 0 Attachment
                Am 06.04.2013 20:25, schrieb ixloran@...:
                > On Sat, Apr 6, 2013, at 10:59 AM, Reindl Harald wrote:
                >> and why do you not build a package based on your distros one?
                >
                > Because
                >
                > (1) I'm no longer intersted in someone's 'downstream idea' of what
                > version and how I should configure, build & use postfix

                what exactly did you not understand in "based on"?

                > (2) I've had enough of being told "go talk to the distro" by the broader
                > Postfix community, and the #irc folks specifically.

                you missed COMPLETLY what i saied

                > If I build it cleanly, from upstream, and according to the Postfix docs,
                > and ONLY the Postfix docs, then I can minimize, if not avoid, both
                > problems

                and what do you believe does my own build?

                the point is that it is a very dirty style to use a system
                with a apckage manager and blindly make && make install away
                from package managmement

                your whole problems with uid/gid would not be present if
                you would not refuse to learn how this all is done in
                your distribution and this does NOT mean mangle anything
                in postfix at all
              • ixloran@...
                Huh? ... Well there s ONE thing you said that makes some sense ...
                Message 7 of 20 , Apr 6, 2013
                • 0 Attachment
                  Huh?

                  On Sat, Apr 6, 2013, at 11:38 AM, Reindl Harald wrote:
                  > you missed COMPLETLY what i saied

                  Well there's ONE thing you said that makes some sense ...
                • ixloran@...
                  Hi Viktor, ... works great! patch -p1
                  Message 8 of 20 , Apr 6, 2013
                  • 0 Attachment
                    Hi Viktor,

                    On Sat, Apr 6, 2013, at 10:58 AM, Viktor Dukhovni wrote:
                    > You can either create a "postdrop" group, or with the patch re-use the
                    > existing "maildrop" group, which makes it easier to transition between
                    > the system and your custom Postfix, since file permissions will be the
                    > same. I recommend the latter:
                    >
                    > CCARGS='... -DDEF_SGID_GROUP=\"maildrop\"'

                    works great!

                    patch -p1 < /usr/local/src/postfix.patch
                    make tidy
                    export CCARGS=' ... -DDEF_SGID_GROUP=\"maildrop\"'
                    make -f Makefile.init makefiles
                    make

                    then wrapping it all up with a 'non-interactive' `make upgrade`

                    checkinstall -R --fstrans=no --nodoc --pkgname="postfix-local"
                    --pkgversion="2.10.0" make upgrade
                    rpm -qlp postfix-local-2.10.0-1.x86_64.rpm

                    looks exactly like I compile-time configured it:

                    http://pastebin.com/XJBa5QJn

                    Will your patch be added to main source tree at any time, or is it
                    something I'll need to tweak/modify & apply when I upgrade?

                    thanks!
                  • Viktor Dukhovni
                    ... No need to hammer your point in. There s more than one way to skin this cat. The OP will use whatever is most comfortable for him. Yes, there are
                    Message 9 of 20 , Apr 6, 2013
                    • 0 Attachment
                      On Sat, Apr 06, 2013 at 08:38:41PM +0200, Reindl Harald wrote:

                      > > (1) I'm no longer intersted in someone's 'downstream idea' of what
                      > > version and how I should configure, build & use postfix
                      >
                      > what exactly did you not understand in "based on"?

                      No need to hammer your point in. There's more than one way to skin
                      this cat. The OP will use whatever is most comfortable for him.
                      Yes, there are benefits in deploying software as a "package", but
                      also drawbacks (the package manager may replace it with an upgrade,
                      ...) that one needs to learn how to work around.

                      Since the OP is installing into /usr/local, a non-packaged version
                      is fine. I would go further and install into:

                      /usr/local/postfix/${version}/{etc,sbin,libexec,man,html}/

                      with "sendmail", "mailq" and "newaliases" in

                      /usr/local/postfix/${version}/sbin/

                      and symlinks from /usr/sbin, /usr/bin to the right version. This
                      makes it easy to switch between versions and delete stale files.
                      For example to build with TLS support:

                      #! /bin/sh
                      DEST=/usr/local/postfix/2.10.0
                      CCARGS='-DUSE_TLS' # + other features
                      AUXLIBS="-lssl -lcrypto" # + other libraries
                      while read -r name val
                      do
                      CCARGS="$CCARGS $(printf -- '-D%s=\\"%s\\"' $name $val)"
                      done <<EOF
                      DEF_COMMAND_DIR $DEST/sbin
                      DEF_CONFIG_DIR $DEST/etc
                      DEF_DAEMON_DIR $DEST/libexec
                      DEF_MAILQ_PATH $DEST/sbin/mailq
                      DEF_HTML_DIR $DEST/html
                      DEF_MANPAGE_DIR $DEST/man
                      DEF_NEWALIAS_PATH $DEST/sbin/newaliases
                      DEF_README_DIR $DEST/readme
                      DEF_SENDMAIL_PATH $DEST/sbin/sendmail
                      DEF_SGID_GROUP maildrop
                      EOF
                      make -f Makefile.init "CCARGS=$CCARGS" "AUXLIBS=$AUXLIBS" makefiles
                      make

                      --
                      Viktor.
                    • Viktor Dukhovni
                      ... My best guess is that Wietse will likely adopt something functionally equivalent wrt the compile-time override for DEF_MAIL_OWNER and DEF_SGID_GROUP. There
                      Message 10 of 20 , Apr 6, 2013
                      • 0 Attachment
                        On Sat, Apr 06, 2013 at 12:17:53PM -0700, ixloran@... wrote:

                        > Will your patch be added to main source tree at any time, or is it
                        > something I'll need to tweak/modify & apply when I upgrade?

                        My best guess is that Wietse will likely adopt something functionally
                        equivalent wrt the compile-time override for DEF_MAIL_OWNER and
                        DEF_SGID_GROUP.

                        There are various ways to handle the internals and apply the right
                        defaults to MacOSX, so the implementation details may be slightly
                        different, but this won't change the behaviour you see.

                        --
                        Viktor.
                      • ixloran@...
                        ... Thanks. I ll keep an eye on the Changelogs.
                        Message 11 of 20 , Apr 6, 2013
                        • 0 Attachment
                          On Sat, Apr 6, 2013, at 12:27 PM, Viktor Dukhovni wrote:
                          > > Will your patch be added to main source tree at any time, or is it
                          > > something I'll need to tweak/modify & apply when I upgrade?
                          >
                          > My best guess is that Wietse will likely adopt something functionally
                          > equivalent wrt the compile-time override for DEF_MAIL_OWNER and
                          > DEF_SGID_GROUP.
                          >
                          > There are various ways to handle the internals and apply the right
                          > defaults to MacOSX, so the implementation details may be slightly
                          > different, but this won't change the behaviour you see.

                          Thanks. I'll keep an eye on the Changelogs.
                        • Reindl Harald
                          ... that s right but I m no longer intersted in someone s downstream idea in context of build your OWN package is in fact the wrong answer
                          Message 12 of 20 , Apr 6, 2013
                          • 0 Attachment
                            Am 06.04.2013 21:22, schrieb Viktor Dukhovni:
                            > On Sat, Apr 06, 2013 at 08:38:41PM +0200, Reindl Harald wrote:
                            >
                            >>> (1) I'm no longer intersted in someone's 'downstream idea' of what
                            >>> version and how I should configure, build & use postfix
                            >>
                            >> what exactly did you not understand in "based on"?
                            >
                            > No need to hammer your point in. There's more than one way to skin
                            > this cat. The OP will use whatever is most comfortable for him

                            that's right

                            but "I'm no longer intersted in someone's downstream idea" in
                            context of "build your OWN package" is in fact the wrong answer
                          • Reindl Harald
                            ... adn exatcly that DOES NOT WORK because the package manager ignores the stuff in /usr/local and you hardly can remove MTA dependencies at all which means
                            Message 13 of 20 , Apr 6, 2013
                            • 0 Attachment
                              Am 06.04.2013 21:22, schrieb Viktor Dukhovni:
                              > Since the OP is installing into /usr/local, a non-packaged version
                              > is fine. I would go further and install into:
                              >
                              > /usr/local/postfix/${version}/{etc,sbin,libexec,man,html}/
                              >
                              > with "sendmail", "mailq" and "newaliases" in
                              >
                              > /usr/local/postfix/${version}/sbin/
                              >
                              > and symlinks from /usr/sbin, /usr/bin to the right version. This
                              > makes it easy to switch between versions and delete stale files.
                              > For example to build with TLS support

                              adn exatcly that DOES NOT WORK because the package manager ignores
                              the stuff in /usr/local and you hardly can remove MTA dependencies
                              at all which means every OS update may randomly overwrite your
                              /usr/sbin/sendmail symlink

                              been there, done that, stopped to mangle this way by learning
                            • Wietse Venema
                              ... No override is needed. You can trivially set these at installation time: # make install mail_owner=foo setgid_group=bar ... # make upgrade mail_owner=foo
                              Message 14 of 20 , Apr 6, 2013
                              • 0 Attachment
                                Viktor Dukhovni:
                                > On Sat, Apr 06, 2013 at 12:17:53PM -0700, ixloran@... wrote:
                                >
                                > > Will your patch be added to main source tree at any time, or is it
                                > > something I'll need to tweak/modify & apply when I upgrade?
                                >
                                > My best guess is that Wietse will likely adopt something functionally
                                > equivalent wrt the compile-time override for DEF_MAIL_OWNER and
                                > DEF_SGID_GROUP.

                                No override is needed.

                                You can trivially set these at installation time:

                                # make install mail_owner=foo setgid_group=bar ...
                                # make upgrade mail_owner=foo setgid_group=bar ...

                                You can even change mail_owner or setgid_group after Postfix
                                is already installed:

                                # postfix set-permissions mail_owner=foo setgid_group=bar ...

                                This *is* documented.

                                Wietse
                              • Wietse Venema
                                ... Also (since this thread mentioned installable packages): make package mail_owner=foo setgid_group=bar ... All the above work even without pre-existing
                                Message 15 of 20 , Apr 6, 2013
                                • 0 Attachment
                                  Wietse Venema:
                                  > Viktor Dukhovni:
                                  > > On Sat, Apr 06, 2013 at 12:17:53PM -0700, ixloran@... wrote:
                                  > >
                                  > > > Will your patch be added to main source tree at any time, or is it
                                  > > > something I'll need to tweak/modify & apply when I upgrade?
                                  > >
                                  > > My best guess is that Wietse will likely adopt something functionally
                                  > > equivalent wrt the compile-time override for DEF_MAIL_OWNER and
                                  > > DEF_SGID_GROUP.
                                  >
                                  > No override is needed.
                                  >
                                  > You can trivially set these at installation time:
                                  >
                                  > # make install mail_owner=foo setgid_group=bar ...
                                  > # make upgrade mail_owner=foo setgid_group=bar ...

                                  Also (since this thread mentioned installable packages):

                                  make package mail_owner=foo setgid_group=bar ...

                                  All the above work even without pre-existing main.cf file.

                                  > You can even change mail_owner or setgid_group after Postfix
                                  > is already installed:
                                  >
                                  > # postfix set-permissions mail_owner=foo setgid_group=bar ...
                                  >
                                  > This *is* documented.

                                  This, of course does require a pre-existing main.cf file.

                                  The only build-time parameter override that's needed is for
                                  config_directory. All other parameters can be specified at
                                  /upgrade/package time. They are configurable for a reason.

                                  Wietse
                                • Viktor Dukhovni
                                  ... Yes, this is an option. It applies to all parameters other than config_directory , and yet we have compile-time overrides for most installation parameters
                                  Message 16 of 20 , Apr 6, 2013
                                  • 0 Attachment
                                    On Sat, Apr 06, 2013 at 04:30:59PM -0400, Wietse Venema wrote:

                                    > > My best guess is that Wietse will likely adopt something functionally
                                    > > equivalent wrt the compile-time override for DEF_MAIL_OWNER and
                                    > > DEF_SGID_GROUP.
                                    >
                                    > No override is needed.
                                    >
                                    > You can trivially set these at installation time:
                                    >
                                    > # make install mail_owner=foo setgid_group=bar ...
                                    > # make upgrade mail_owner=foo setgid_group=bar ...

                                    Yes, this is an option.

                                    It applies to all parameters other than "config_directory", and yet
                                    we have compile-time overrides for most installation parameters to
                                    enable more natural defaults. The "mail_owner" and "setgid_group"
                                    installation parameters are included in the list of parameters
                                    explicitly defined in the target main.cf by "postfix-install". When
                                    I build a test version to run out of /var/tmp/postfix, creat an
                                    empty main.cf file and run "make upgrade" I get:

                                    /var/tmp/postfix/etc/main.cf:
                                    readme_directory = /var/tmp/postfix/readme
                                    sample_directory = /var/tmp/postfix/etc
                                    sendmail_path = /var/tmp/postfix/sbin/sendmail
                                    html_directory = /var/tmp/postfix/html
                                    setgid_group = _postdrop
                                    command_directory = /var/tmp/postfix/sbin
                                    manpage_directory = /var/tmp/postfix/man
                                    daemon_directory = /var/tmp/postfix/libexec
                                    newaliases_path = /var/tmp/postfix/sbin/newaliases
                                    mailq_path = /var/tmp/postfix/sbin/mailq
                                    queue_directory = /var/spool/postfix
                                    mail_owner = _postfix
                                    data_directory = /var/lib/postfix

                                    in which all the installation parameters aside from mail_owner and
                                    setgid_group allow compile-time overrides.

                                    I think it would be more consistent to also allow mail_owner and
                                    setgid_group to have appropriate compile-time defaults for the
                                    target platform whether installing locally, or building packages.

                                    That said, the OP can of course make do with run-time overrides
                                    if that's the only choice.

                                    --
                                    Viktor.
                                  • Viktor Dukhovni
                                    ... This is not a big deal either way. I neglected to mention upthread that when I did install multiple versions of Postfix each rooted in their own tree
                                    Message 17 of 20 , Apr 6, 2013
                                    • 0 Attachment
                                      On Sat, Apr 06, 2013 at 09:01:54PM +0000, Viktor Dukhovni wrote:

                                      > I think it would be more consistent to also allow mail_owner and
                                      > setgid_group to have appropriate compile-time defaults for the
                                      > target platform whether installing locally, or building packages.
                                      >
                                      > That said, the OP can of course make do with run-time overrides
                                      > if that's the only choice.

                                      This is not a big deal either way. I neglected to mention upthread
                                      that when I did install multiple versions of Postfix each rooted
                                      in their own tree (often in AFS) the compile-time config_directory
                                      was in /etc/postfix not the version-specific directory:

                                      -DDEF_CONFIG_DIR=\"/etc/postfix\"

                                      There was however also a version-specific .../etc/ directory in
                                      AFS, which contained stock files created by the package installer
                                      (so I also used command-line overrides:

                                      postfix-install \
                                      config_directory=/some/afs/path/etc \
                                      queue_directory=/some/afs/path/spool \
                                      data_directory=/some/afs/path/data ...

                                      when installing into AFS, since that was not an installation onto
                                      the specific system from which I happened to push content into AFS).

                                      This was not the typical Postfix via O/S packages use-case, rather
                                      Postfix was delivered once into AFS for use by thousands of systems,
                                      and a boot-time shell-script would select the correct version for
                                      a given machine, and build a suitable main.cf/master.cf, ...

                                      --
                                      Viktor.
                                    • Wietse Venema
                                      ... Perhaps some feel that the ./configure approach of customizing settings at build time is more natural than customizing them at or after installation
                                      Message 18 of 20 , Apr 6, 2013
                                      • 0 Attachment
                                        Viktor Dukhovni:
                                        > On Sat, Apr 06, 2013 at 04:30:59PM -0400, Wietse Venema wrote:
                                        >
                                        > > > My best guess is that Wietse will likely adopt something functionally
                                        > > > equivalent wrt the compile-time override for DEF_MAIL_OWNER and
                                        > > > DEF_SGID_GROUP.
                                        > >
                                        > > No override is needed.
                                        > >
                                        > > You can trivially set these at installation time:
                                        > >
                                        > > # make install mail_owner=foo setgid_group=bar ...
                                        > > # make upgrade mail_owner=foo setgid_group=bar ...
                                        >
                                        > Yes, this is an option.
                                        >
                                        > It applies to all parameters other than "config_directory", and yet
                                        > we have compile-time overrides for most installation parameters to
                                        > enable more natural defaults. The "mail_owner" and "setgid_group"
                                        > installation parameters are included in the list of parameters
                                        > explicitly defined in the target main.cf by "postfix-install". When

                                        Perhaps some feel that the ./configure approach of customizing
                                        settings at build time is more "natural" than customizing them
                                        at or after installation time. I am not convinced that the latter
                                        is an inferior approach that one has to "make do" with.

                                        I'm sure that there are more worthy Postfix topics to bitch about.

                                        Wietse

                                        > I build a test version to run out of /var/tmp/postfix, creat an
                                        > empty main.cf file and run "make upgrade" I get:
                                        >
                                        > /var/tmp/postfix/etc/main.cf:
                                        > readme_directory = /var/tmp/postfix/readme
                                        > sample_directory = /var/tmp/postfix/etc
                                        > sendmail_path = /var/tmp/postfix/sbin/sendmail
                                        > html_directory = /var/tmp/postfix/html
                                        > setgid_group = _postdrop
                                        > command_directory = /var/tmp/postfix/sbin
                                        > manpage_directory = /var/tmp/postfix/man
                                        > daemon_directory = /var/tmp/postfix/libexec
                                        > newaliases_path = /var/tmp/postfix/sbin/newaliases
                                        > mailq_path = /var/tmp/postfix/sbin/mailq
                                        > queue_directory = /var/spool/postfix
                                        > mail_owner = _postfix
                                        > data_directory = /var/lib/postfix
                                        >
                                        > in which all the installation parameters aside from mail_owner and
                                        > setgid_group allow compile-time overrides.
                                        >
                                        > I think it would be more consistent to also allow mail_owner and
                                        > setgid_group to have appropriate compile-time defaults for the
                                        > target platform whether installing locally, or building packages.
                                        >
                                        > That said, the OP can of course make do with run-time overrides
                                        > if that's the only choice.
                                        >
                                        > --
                                        > Viktor.
                                        >
                                      Your message has been successfully submitted and would be delivered to recipients shortly.