Hi all, Today CentOS has released the update to 8.2.2004 and I just installed it on a 5210R to see what breaks.
The YUM update on a 5210R is kinda fat - ranging between 580-600 RPMs. To my utter surprise I noticed that RedHat has chosen to update the version number of several RPMs: - PHP: Went from 7.2.11 to 7.2.24 - Dovecot: Went from 2.2.36 to 2.3.8-2 The PHP update is surprising, but uncritical. The Dovecot update? Let me politely put it this way: Redhat, ARE YOU OUT OF YOUR FRIGGIN' MIND?!? /facepalm The configuration API changed between Dovecot 2.2 and 2.3 and the configs aren't exactly compatible. In fact for anything TLS related the old TLS configuration will now cause Dovecot to choke pretty hard and it'll complain six ways 'til Sunday. THAT is an update that rocks the boat and breaks stuff. THIS is exactly what RedHat has avoided in the past by keeping stuff version number locked and by backporting stuff in a way that there is no breakage or unexpected behavior during or after updates. Apparently they no longer give a shit. /shrug The warning messages ... Warning: Obsolete setting in /etc/dovecot/conf.d/10-ssl.conf:46: ssl_dh_parameters_length is no longer needed Warning: Obsolete setting in /etc/dovecot/conf.d/10-ssl.conf:49: ssl_protocols has been replaced by ssl_min_protocol Error: Could not find a minimum ssl_min_protocol setting from ssl_protocols = TLSv1.2 TLSv1.3: Unrecognized protocol 'TLSv1.3' Warning: please set ssl_dh=</etc/dovecot/dh.pem Warning: You can generate it with: dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem ... are of course super helpful and tell us what to do for fixing it. But the credit for that goes entirely to the Dovecot people. RedHat even went one step further to bork Dovecot by adding an 'ExecStartPre' command into the Dovecot Systemd Unit-File which executes a NetworkManager check. Which is super inconvenient and disruptive on 5210R's that have NetworkManager turned off. Such as on OpenVZ. To fix that mess I released an updated set of base-email-* RPMs which (during their YUM install or during a CCEd restart) fix all these issues. So if you did a YUM update on a 5210R and Dovecot broke, run a "yum clean all" and a "yum update" to get the updated base-email-* RPMs as well and that will fix it. -- With best regards Michael Stauber _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx
