[Bug 1026261] [NEW] [regression] mail stalls; postfix chroot setup nests /etc/ssl/certs to deep
Matthias Andree
1026261 at bugs.launchpad.net
Wed Jul 18 17:41:40 UTC 2012
Public bug reported:
Since the (overdue) update from maverick to natty, my Postfix no longer
recognizes the certificates.
Apparently the reason is that the smtp_tls_CApath, which is set to /etc/ssl/certs, is improperly copied into the chroot area, namely
to /var/spool/postfix/etc/ssl/certs/etc/ssl/certs,
rather than /var/spool/postfix/etc/ssl/certs where it belongs.
In /etc/postfix/main.cf, I have
smtp_tls_CApath = /etc/ssl/certs
and smtp runs chrooted (from looking at /etc/postfix/master.cf).
The certificate bundle appears to be setup properly, only the .pem/.0
files from the directory seem to be affected.
Workaround:
sudo postconf -e smtp_tls_CAfile=/etc/ssl/certs/ca-certificates.crt
sudo service postfix restart
>From looking at what I get when running sh -x postfix, it would seem
that
+ find /etc/ssl/certs -print0
+ cpio -0pdL /var/spool/postfix/etc/ssl/certs.NEW
causes the duplication of paths - the cpio input file list is fully
concatenated to the cpio destination path.
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: postfix 2.8.5-2~build0.11.04
ProcVersionSignature: Ubuntu 2.6.38-15.61-generic-pae 2.6.38.8
Uname: Linux 2.6.38-15-generic-pae i686
NonfreeKernelModules: nvidia
Architecture: i386
Date: Wed Jul 18 19:30:51 2012
EcryptfsInUse: Yes
ProcEnviron:
LANGUAGE=de_DE:de:en_GB:en
PATH=(custom, no user)
LANG=de_DE.utf8
SHELL=/bin/bash
SourcePackage: postfix
UpgradeStatus: No upgrade log present (probably fresh install)
** Affects: postfix (Ubuntu)
Importance: Undecided
Status: New
** Tags: apport-bug i386 natty regression-release
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/1026261
Title:
[regression] mail stalls; postfix chroot setup nests /etc/ssl/certs to
deep
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1026261/+subscriptions
More information about the Ubuntu-server-bugs
mailing list