Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package postfix for openSUSE:Factory checked in at 2022-05-12 22:57:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/postfix (Old) and /work/SRC/openSUSE:Factory/.postfix.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "postfix" Thu May 12 22:57:42 2022 rev:217 rq:976135 version:3.6.6 Changes: -------- --- /work/SRC/openSUSE:Factory/postfix/postfix-bdb.changes 2022-04-28 23:07:02.440626850 +0200 +++ /work/SRC/openSUSE:Factory/.postfix.new.1538/postfix-bdb.changes 2022-05-12 22:57:50.544593962 +0200 @@ -1,0 +2,25 @@ +Tue May 10 20:14:54 UTC 2022 - [email protected] + +- remove *.swp from postfix-SUSE.tar.gz + +------------------------------------------------------------------- +Tue May 3 20:16:49 UTC 2022 - [email protected] + +- fix config.postfix 'hash' leftover with relay_recipients +- update postfix-main.cf.patch about + * smtp_tls_security_level (obsoletes smtp_use_tls, smtp_enforce_tls) + * smtpd_tls_security_level (obsoletes smtpd_use_tls, smtpd_enforce_tls) +- rebase/refresh patches + * harden_postfix.service.patch + * postfix-avoid-infinit-loop-if-no-permission.patch + * postfix-master.cf.patch + * postfix-vda-v14-3.0.3.patch + * set-default-db-type.patch + +------------------------------------------------------------------- +Mon May 2 07:27:19 UTC 2022 - Dominique Leuenberger <[email protected]> + +- Change ed requires to /usr/bin/ed: allow busybox-ed to be used + inside containers. + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/postfix/postfix.changes 2022-05-04 15:10:42.168138984 +0200 +++ /work/SRC/openSUSE:Factory/.postfix.new.1538/postfix.changes 2022-05-12 22:57:50.608594048 +0200 @@ -1,0 +2,19 @@ +Tue May 10 20:14:54 UTC 2022 - [email protected] + +- remove *.swp from postfix-SUSE.tar.gz + +------------------------------------------------------------------- +Tue May 3 20:16:49 UTC 2022 - [email protected] + +- fix config.postfix 'hash' leftover with relay_recipients +- update postfix-main.cf.patch about + * smtp_tls_security_level (obsoletes smtp_use_tls, smtp_enforce_tls) + * smtpd_tls_security_level (obsoletes smtpd_use_tls, smtpd_enforce_tls) +- rebase/refresh patches + * harden_postfix.service.patch + * postfix-avoid-infinit-loop-if-no-permission.patch + * postfix-master.cf.patch + * postfix-vda-v14-3.0.3.patch + * set-default-db-type.patch + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ postfix-bdb.spec ++++++ --- /var/tmp/diff_new_pack.70PcE6/_old 2022-05-12 22:57:51.556595321 +0200 +++ /var/tmp/diff_new_pack.70PcE6/_new 2022-05-12 22:57:51.560595326 +0200 @@ -166,7 +166,7 @@ %patch8 %patch9 %patch10 -%patch12 -p1 +%patch12 # --------------------------------------------------------------------------- ++++++ postfix.spec ++++++ --- /var/tmp/diff_new_pack.70PcE6/_old 2022-05-12 22:57:51.596595374 +0200 +++ /var/tmp/diff_new_pack.70PcE6/_new 2022-05-12 22:57:51.600595380 +0200 @@ -184,7 +184,7 @@ %patch9 %patch10 %patch11 -%patch12 -p1 +%patch12 # --------------------------------------------------------------------------- ++++++ harden_postfix.service.patch ++++++ --- /var/tmp/diff_new_pack.70PcE6/_old 2022-05-12 22:57:51.636595428 +0200 +++ /var/tmp/diff_new_pack.70PcE6/_new 2022-05-12 22:57:51.640595434 +0200 @@ -1,7 +1,7 @@ -Index: postfix-3.6.2/postfix-SUSE/postfix.service +Index: postfix-SUSE/postfix.service =================================================================== ---- postfix-3.6.2.orig/postfix-SUSE/postfix.service -+++ postfix-3.6.2/postfix-SUSE/postfix.service +--- postfix-SUSE/postfix.service.orig ++++ postfix-SUSE/postfix.service @@ -19,6 +19,24 @@ After=amavis.service mysql.service cyrus Conflicts=sendmail.service exim.service ++++++ postfix-SUSE.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-SUSE/config.postfix new/postfix-SUSE/config.postfix --- old/postfix-SUSE/config.postfix 2022-04-04 11:00:41.175540721 +0200 +++ new/postfix-SUSE/config.postfix 2022-05-03 21:22:12.670190072 +0200 @@ -670,6 +670,8 @@ warn_user 1>&2 "You have activated POSTFIX_SMTP_TLS_SERVER, but you don't have created or configured certificates." else $PCONF -e "smtpd_use_tls = yes" + $PCONF -e "smtpd_enforce_tls = no" + $PCONF -e "smtpd_tls_security_level = may" if [ -n "$POSTFIX_TLS_CAFILE" -a -s "$POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE" ]; then $PCONF -e "smtpd_tls_CAfile = $POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE" else @@ -702,6 +704,8 @@ fi else $PCONF -e "smtpd_use_tls = no" + $PCONF -e "smtpd_enforce_tls = no" + $PCONF -e "smtpd_tls_security_level =" $PCONF -e "smtpd_tls_CAfile =" $PCONF -e "smtpd_tls_CApath =" $PCONF -e "smtpd_tls_cert_file =" @@ -714,11 +718,12 @@ if test "$POSTFIX_SMTP_TLS_CLIENT" == "no"; then $PCONF -e "smtp_use_tls = no" $PCONF -e "smtp_enforce_tls = no" + $PCONF -e "smtp_tls_security_level =" fi if test "$POSTFIX_SMTP_TLS_CLIENT" == "yes"; then $PCONF -e "smtp_use_tls = yes" $PCONF -e "smtp_enforce_tls = no" - $PCONF -e "smtp_tls_security_level = encrypt" + $PCONF -e "smtp_tls_security_level = may" fi if test "$POSTFIX_SMTP_TLS_CLIENT" == "must"; then $PCONF -e "smtp_use_tls = yes" @@ -726,40 +731,43 @@ $PCONF -e "smtp_tls_security_level = encrypt" fi if test "$POSTFIX_SMTP_TLS_CLIENT" = "yes" -o "$POSTFIX_SMTP_TLS_CLIENT" = "must" ; then - if [ -n "$POSTFIX_TLS_CAFILE" -a -s "$POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE" ]; then - $PCONF -e "smtp_tls_CAfile = $POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE" - else - $PCONF -e "smtp_tls_CApath = $POSTFIX_SSL_PATH/cacerts" - fi - if [ -n "$POSTFIX_TLS_CERTFILE" ]; then + if [[ "${POSTFIX_SMTP_AUTH}" = 'yes' ]]; then + $PCONF -e "smtp_tls_security_level = encrypt" + fi + if [ -n "$POSTFIX_TLS_CAFILE" -a -s "$POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE" ]; then + $PCONF -e "smtp_tls_CAfile = $POSTFIX_SSL_PATH/$POSTFIX_TLS_CAFILE" + else + $PCONF -e "smtp_tls_CApath = $POSTFIX_SSL_PATH/cacerts" + fi + if [ -n "$POSTFIX_TLS_CERTFILE" ]; then if [ -s "$POSTFIX_SSL_PATH/$POSTFIX_TLS_CERTFILE" ]; then $PCONF -e "smtp_tls_cert_file = $POSTFIX_SSL_PATH/$POSTFIX_TLS_CERTFILE" else warn_user 1>&2 "\t smtp_tls_cert_file (POSTFIX_SSL_PATH/POSTFIX_TLS_CERTFILE) does not exist!!\n" fi - else + else $PCONF -e "smtp_tls_cert_file =" - fi - if [ -n "$POSTFIX_TLS_KEYFILE" ]; then + fi + if [ -n "$POSTFIX_TLS_KEYFILE" ]; then if [ -s "$POSTFIX_SSL_PATH/$POSTFIX_TLS_KEYFILE" ]; then $PCONF -e "smtp_tls_key_file = $POSTFIX_SSL_PATH/$POSTFIX_TLS_KEYFILE" else warn_user 1>&2 "\t smtp_tls_key_file (POSTFIX_SSL_PATH/POSTFIX_TLS_KEYFILE) does not exist!!\n" fi - else + else $PCONF -e "smtp_tls_key_file =" - fi + fi if [ $DEF_DB_TYPE = "hash" ]; then $PCONF -e "smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache" else $PCONF -e "smtp_tls_session_cache_database = $DEF_DB_TYPE:/var/lib/postfix/smtp_tls_session_cache" - fi + fi else - $PCONF -e "smtp_tls_CAfile =" - $PCONF -e "smtp_tls_CApath =" - $PCONF -e "smtp_tls_cert_file =" - $PCONF -e "smtp_tls_key_file =" - $PCONF -e "smtp_tls_session_cache_database =" + $PCONF -e "smtp_tls_CAfile =" + $PCONF -e "smtp_tls_CApath =" + $PCONF -e "smtp_tls_cert_file =" + $PCONF -e "smtp_tls_key_file =" + $PCONF -e "smtp_tls_session_cache_database =" fi ALLMAPS="$DEF_DB_TYPE:/etc/aliases" @@ -935,13 +943,13 @@ } } elsif ( /^(relay_recipient_maps\s=\s).*/ ) { if ($is_backupmx ne "yes") { - $line = $1."hash:/etc/postfix/relay_recipients"; + $line = $1."$def_db_type:/etc/postfix/relay_recipients"; } elsif ($with_mysql ne "yes") { - $line = $1."hash:/etc/postfix/relay_recipients"; + $line = $1."$def_db_type:/etc/postfix/relay_recipients"; } elsif ($with_mysql eq "yes") { - $line = $1."hash:/etc/postfix/relay_recipients mysql:/etc/postfix/mysql_relay_recipient_maps.cf $pf_relay_recipients"; + $line = $1."$def_db_type:/etc/postfix/relay_recipients mysql:/etc/postfix/mysql_relay_recipient_maps.cf $pf_relay_recipients"; } else { - $line = $1."hash:/etc/postfix/relay_recipients $pf_relay_recipients"; + $line = $1."$def_db_type:/etc/postfix/relay_recipients $pf_relay_recipients"; } } else { $line = $_; ++++++ postfix-avoid-infinit-loop-if-no-permission.patch ++++++ --- /var/tmp/diff_new_pack.70PcE6/_old 2022-05-12 22:57:51.740595568 +0200 +++ /var/tmp/diff_new_pack.70PcE6/_new 2022-05-12 22:57:51.740595568 +0200 @@ -1,6 +1,8 @@ ---- src/global/mail_queue.c-orig 2019-04-01 14:37:54.136169772 +0200 -+++ src/global/mail_queue.c 2019-04-01 14:42:35.191382999 +0200 -@@ -363,6 +363,14 @@ +Index: src/global/mail_queue.c +=================================================================== +--- src/global/mail_queue.c.orig ++++ src/global/mail_queue.c +@@ -363,6 +363,14 @@ VSTREAM *mail_queue_enter(const char *qu break; if (errno == EEXIST || errno == EISDIR) continue; ++++++ postfix-main.cf.patch ++++++ --- /var/tmp/diff_new_pack.70PcE6/_old 2022-05-12 22:57:51.760595595 +0200 +++ /var/tmp/diff_new_pack.70PcE6/_new 2022-05-12 22:57:51.764595600 +0200 @@ -50,7 +50,7 @@ # PARALLEL DELIVERY TO THE SAME DESTINATION # -@@ -673,4 +674,148 @@ sample_directory = +@@ -673,4 +674,151 @@ sample_directory = # readme_directory: The location of the Postfix README files. # readme_directory = @@ -133,6 +133,7 @@ +smtp_use_tls = no +#smtp_tls_loglevel = 0 +smtp_enforce_tls = no ++smtp_tls_security_level = +smtp_tls_CAfile = +smtp_tls_CApath = +smtp_tls_cert_file = @@ -143,6 +144,8 @@ + +smtpd_use_tls = no +#smtpd_tls_loglevel = 0 ++smtpd_enforce_tls = no ++smtpd_tls_security_level = +smtpd_tls_CAfile = +smtpd_tls_CApath = +smtpd_tls_cert_file = ++++++ postfix-master.cf.patch ++++++ --- /var/tmp/diff_new_pack.70PcE6/_old 2022-05-12 22:57:51.776595616 +0200 +++ /var/tmp/diff_new_pack.70PcE6/_new 2022-05-12 22:57:51.780595622 +0200 @@ -1,5 +1,7 @@ ---- conf/master.cf.orig 2021-08-26 16:04:04.762230066 +0200 -+++ conf/master.cf 2021-08-26 16:04:50.529792941 +0200 +Index: conf/master.cf +=================================================================== +--- conf/master.cf.orig ++++ conf/master.cf @@ -10,6 +10,11 @@ # (yes) (yes) (no) (never) (100) # ========================================================================== @@ -12,7 +14,7 @@ #smtp inet n - n - 1 postscreen #smtpd pass - - n - - smtpd #dnsblog unix - - n - 0 dnsblog -@@ -17,30 +22,32 @@ +@@ -17,30 +22,32 @@ smtp inet n - n # Choose one: enable submission for loopback clients only, or for any client. #127.0.0.1:submission inet n - n - - smtpd #submission inet n - n - - smtpd @@ -67,7 +69,7 @@ #628 inet n - n - - qmqpd pickup unix n - n 60 1 pickup cleanup unix n - n - 0 cleanup -@@ -69,6 +76,26 @@ +@@ -69,6 +76,26 @@ lmtp unix - - n anvil unix - - n - 1 anvil scache unix - - n - 1 scache postlog unix-dgram n - n - 1 postlogd @@ -94,7 +96,7 @@ # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual -@@ -102,7 +129,7 @@ +@@ -102,7 +129,7 @@ postlog unix-dgram n - n # Also specify in main.cf: cyrus_destination_recipient_limit=1 # #cyrus unix - n n - - pipe @@ -103,7 +105,7 @@ # # ==================================================================== # -@@ -135,3 +162,10 @@ +@@ -135,3 +162,10 @@ postlog unix-dgram n - n #mailman unix - n n - - pipe # flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py # ${nexthop} ${user} ++++++ postfix-vda-v14-3.0.3.patch ++++++ --- /var/tmp/diff_new_pack.70PcE6/_old 2022-05-12 22:57:51.816595670 +0200 +++ /var/tmp/diff_new_pack.70PcE6/_new 2022-05-12 22:57:51.820595675 +0200 @@ -19,7 +19,7 @@ =================================================================== --- src/global/mail_params.h.orig +++ src/global/mail_params.h -@@ -2620,6 +2620,54 @@ extern char *var_virt_uid_maps; +@@ -2650,6 +2650,54 @@ extern char *var_virt_uid_maps; #define DEF_VIRT_GID_MAPS "" extern char *var_virt_gid_maps; ++++++ set-default-db-type.patch ++++++ --- /var/tmp/diff_new_pack.70PcE6/_old 2022-05-12 22:57:51.856595724 +0200 +++ /var/tmp/diff_new_pack.70PcE6/_new 2022-05-12 22:57:51.860595729 +0200 @@ -38,7 +38,7 @@ #define ALIAS_DB_MAP DEF_DB_TYPE ":/etc/aliases" #ifndef NO_NIS #define HAS_NIS -@@ -841,7 +841,7 @@ extern int initgroups(const char *, int) +@@ -844,7 +844,7 @@ extern int initgroups(const char *, int) #define DEF_MAILBOX_LOCK "dotlock" /* verified RedHat 3.03 */ #define HAS_FSYNC #define HAS_DB @@ -47,7 +47,7 @@ #define ALIAS_DB_MAP DEF_DB_TYPE ":/etc/aliases" #ifndef NO_NIS #define HAS_NIS -@@ -874,7 +874,7 @@ extern int initgroups(const char *, int) +@@ -877,7 +877,7 @@ extern int initgroups(const char *, int) #define DEF_MAILBOX_LOCK "fcntl, dotlock" /* RedHat >= 4.x */ #define HAS_FSYNC #define HAS_DB @@ -56,7 +56,7 @@ #define ALIAS_DB_MAP DEF_DB_TYPE ":/etc/aliases" #ifndef NO_NIS #define HAS_NIS -@@ -1199,7 +1199,7 @@ extern int opterr; /* XXX use <getopt. +@@ -1202,7 +1202,7 @@ extern int opterr; /* XXX use <getopt. #define INTERNAL_LOCK MYFLOCK_STYLE_FCNTL #define DEF_MAILBOX_LOCK "fcntl, dotlock" #define HAS_FSYNC @@ -69,7 +69,7 @@ =================================================================== --- src/global/mail_params.h.orig +++ src/global/mail_params.h -@@ -2923,7 +2923,7 @@ extern int var_vrfy_pend_limit; +@@ -2953,7 +2953,7 @@ extern int var_vrfy_pend_limit; extern char *var_verify_service; #define VAR_VERIFY_MAP "address_verify_map" @@ -78,7 +78,7 @@ extern char *var_verify_map; #define VAR_VERIFY_POS_EXP "address_verify_positive_expire_time" -@@ -3691,7 +3691,7 @@ extern char *var_multi_cntrl_cmds; +@@ -3721,7 +3721,7 @@ extern char *var_multi_cntrl_cmds; * postscreen(8) */ #define VAR_PSC_CACHE_MAP "postscreen_cache_map"
