[regression] mail stalls; postfix chroot setup nests /etc/ssl/certs to deep
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
postfix (Ubuntu) |
Fix Released
|
High
|
Unassigned |
Bug Description
Since the (overdue) update from maverick to natty, my Postfix no longer recognizes the certificates.
Apparently the reason is that the smtp_tls_CApath, which is set to /etc/ssl/certs, is improperly copied into the chroot area, namely
to /var/spool/
rather than /var/spool/
In /etc/postfix/
smtp_tls_CApath = /etc/ssl/certs
and smtp runs chrooted (from looking at /etc/postfix/
The certificate bundle appears to be setup properly, only the .pem/.0 files from the directory seem to be affected.
Workaround:
sudo postconf -e smtp_tls_
sudo service postfix restart
From looking at what I get when running sh -x postfix, it would seem that
+ find /etc/ssl/certs -print0
+ cpio -0pdL /var/spool/
causes the duplication of paths - the cpio input file list is fully concatenated to the cpio destination path.
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: postfix 2.8.5-2~
ProcVersionSign
Uname: Linux 2.6.38-
NonfreeKernelMo
Architecture: i386
Date: Wed Jul 18 19:30:51 2012
EcryptfsInUse: Yes
ProcEnviron:
LANGUAGE=
PATH=(custom, no user)
LANG=de_DE.utf8
SHELL=/bin/bash
SourcePackage: postfix
UpgradeStatus: No upgrade log present (probably fresh install)
I can confirm this. Looking into it a bit.