On 16.09.2025 23:20, Farblos wrote:
..
Are you saying you see this logging every time you (re)start postfix?
I haven't yet tried restarting postfix,
Restarting system does restart postfix too.
Does the same updating happen when you restart
just postfix, not whole system?
... but I can see this logging
for all *certificate files* at every reboot, as can be seen in the
following example. Non-certificate files are indeed only mentioned
once in the journal.
[~]$ journalctl -o short --since 2025-09-15 | grep updating | egrep
'\.conf|6a9bdba3'
Sep 15 10:50:51 host01 postfix[27587]: updating /etc/host.conf =>
/var/spool/postfix//etc/host.conf
Sep 15 10:50:51 host01 postfix[27587]: updating /etc/nsswitch.conf =>
/var/spool/postfix//etc/nsswitch.conf
Sep 15 10:50:51 host01 postfix[27745]: updating /etc/ssl/certs/6a9bdba3.0 =>
/var/spool/postfix//etc/ssl/certs/6a9bdba3.0
This definitely should not happen - this is why this script does what
it does.
Do you have a tmpfs mounted somewhere in /var/spool/postfix/* maybe,
or some symlinks in there pointing to a tmpfs?
Try disabling postfix startup temporarily (systemctl disable postfix),
and rebooting, - does /var/spool/postfix/etc have files before the
postfix startup procedure copies them?
I tried stat(1)'ing the files below /etc/ssl/certs and
/var/spool/postfix/etc/ssl/certs, they have both identical size and
mtime when the system is running. If you don't have any other idea,
I could try instrumenting the syncfiles.pl script and see why it
copies the certificates during every reboot ...
The above should be enough already, I guess. It looks like something
changes (removes?) these files during boot.
The whole procedure is written to show when files actually needs to be
updated, and this should only happen when the source files changes,
which definitely does not happen often.
Thanks,
/mjt
