[Bug 1553928] [NEW] postfix-pgsql SSL connection to postgres
Magosányi Árpád
1553928 at bugs.launchpad.net
Mon Mar 7 08:45:44 UTC 2016
Public bug reported:
postfix-pgsql cannot be configured to use ssl connection, because it
uses the old PQsetdbLogin API.
This patch makes it possible to use any postgresql connect string by
using the PQconnectdb api.
I did not find where to report such things to upstream (beyond mailing list, which I don't intend to subscribe),
so please send it to them. I will be happy to refactor the patch to be accepted upstream, just please don't
make me subscribe yet another mailing list.
usage notes:
1. You put the connection string instead of hostname.
It is detected based on the "postgresql:" prefix.
dbname is not used, but you have to define it.
My postgres.cf looks like this:
-----------------------------------------
hosts = postgresql://ssopostfix.edemokraciagep.org@db.edemokraciagep.org/pdoauth?sslmode=require
query = select email from email_map where proxy='%s';
dbname = notused
-----------------------------------------
2. When daemons are chrooted,
a) you should put a passwd file in the chroots /etc, with an entry for postfix. It is /var/spool/postfixx/etc in case of ubuntu
b) you should have the proper ssl key and cert in ~postfix within the chrooted environment
c) other files in /etc, like resolv.conf, ... are also used within the chroot
The patch is attached. There might be whitespace discrepancies.
** Affects: postfix (Ubuntu)
Importance: Undecided
Status: New
** Tags: patch
** Patch added: "postfix-2.11.0.pgsql.connstring.diff"
https://bugs.launchpad.net/bugs/1553928/+attachment/4591279/+files/postfix-2.11.0.pgsql.connstring.diff
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/1553928
Title:
postfix-pgsql SSL connection to postgres
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1553928/+subscriptions
More information about the Ubuntu-server-bugs
mailing list