Hello community, here is the log from the commit of package postfix for openSUSE:Factory checked in at 2019-07-28 10:19:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/postfix (Old) and /work/SRC/openSUSE:Factory/.postfix.new.4126 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "postfix" Sun Jul 28 10:19:13 2019 rev:174 rq:718573 version:3.4.6 Changes: -------- --- /work/SRC/openSUSE:Factory/postfix/postfix.changes 2019-07-08 15:02:14.670645189 +0200 +++ /work/SRC/openSUSE:Factory/.postfix.new.4126/postfix.changes 2019-07-28 10:19:20.652601563 +0200 @@ -1,0 +2,19 @@ +Thu Jul 25 12:38:43 UTC 2019 - [email protected] + +- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by + firewalld, see [1]. + + [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html + +------------------------------------------------------------------- +Sun Jul 21 23:54:34 UTC 2019 - [email protected] + +- update example POSTFIX_BASIC_SPAM_PREVENTION: permit_mynetworks for + * POSTFIX_SMTPD_HELO_RESTRICTIONS + * POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS +- fix for: Can't connect to local MySQL server through socket + '/run/mysql/mysql.sock' + * update config.postfix + * update update_chroot.systemd + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ postfix.spec ++++++ --- /var/tmp/diff_new_pack.DAdJB9/_old 2019-07-28 10:19:23.608601568 +0200 +++ /var/tmp/diff_new_pack.DAdJB9/_new 2019-07-28 10:19:23.612601568 +0200 @@ -305,8 +305,6 @@ install -m 600 %{name}-SuSE/smtpd.conf %{buildroot}%{_sysconfdir}/sasl2/smtpd.conf install -m 644 %{name}-SuSE/openssl_%{name}.conf.in %{buildroot}%{_sysconfdir}/%{name}/openssl_%{name}.conf.in install -m 755 %{name}-SuSE/mk%{name}cert %{buildroot}%{_sbindir}/mk%{name}cert -mkdir -p %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/ -install -m 644 %{name}-SuSE/%{name}-fw %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/smtp { cat<<EOF # @@ -550,7 +548,6 @@ %config(noreplace) %{_sysconfdir}/%{name}/sender_canonical %config(noreplace) %{_sysconfdir}/%{name}/virtual -%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/smtp %dir %{_sysconfdir}/sasl2 %config(noreplace) %{_sysconfdir}/sasl2/smtpd.conf %config %{_sysconfdir}/%{name}/LICENSE ++++++ postfix-SuSE.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-SuSE/config.postfix new/postfix-SuSE/config.postfix --- old/postfix-SuSE/config.postfix 2019-05-08 11:32:45.463449226 +0200 +++ new/postfix-SuSE/config.postfix 2019-07-22 01:51:24.790968758 +0200 @@ -88,7 +88,12 @@ if [ "$(echo "$POSTFIX_MYSQL_CONN" | tr 'A-Z' 'a-z' )" == "socket" -a \ "$(echo "$POSTFIX_WITH_MYSQL" | tr 'A-Z' 'a-z' )" != "no" ]; then if [ -n "$(my_print_defaults mysqld)" ]; then - MYSQL_SOCKET=$(my_print_defaults mysqld | grep -e '--socket[[:blank:]=]' | awk -F"=" '{print $2}') + MYSQL_SOCKET=$(my_print_defaults mysqld | awk -F"=" '/--socket/ {print $2}') + # fix for: Can't connect to local MySQL server through socket '/run/mysql/mysql.sock' (2) + if [[ "${MYSQL_SOCKET}" =~ ^/var/run ]]; then + OLD_MYSQL_SOCKET='true' + MYSQL_SOCKET="${MYSQL_SOCKET#/var}" + fi if [[ -z "${MYSQL_SOCKET}" ]]; then warn_user "\tmysqld is not running with '--socket' option !!!\n\ \tPlease uncomment '# socket = /var/run/mysql/mysql.sock' in /etc/my.cnf and restart mysqld." @@ -130,7 +135,7 @@ fi fi - rm -rvf etc @lib@ usr var proc + rm -rvf etc @lib@ run usr var proc else echo "checking postfix chroot environment..." @@ -151,6 +156,10 @@ if [ ! -d $CHR_MYSQL_SOCKET_DIR ]; then mkdir -p $CHR_MYSQL_SOCKET_DIR fi + if [[ "${OLD_MYSQL_SOCKET}" == 'true' ]]; then + [[ ! -d var ]] && mkdir var + ln -s ../run var/run + fi if ! grep $CHR_MYSQL_SOCKET_DIR /proc/mounts &> /dev/null; then mount -o bind $MYSQL_SOCKET_DIR "$PF_CHROOT"/$CHR_MYSQL_SOCKET_DIR fi @@ -226,7 +235,7 @@ else cpifnewer /etc/localtime etc fi - + # do not chown -R root /var/spool/postfix/var # this will break ownership for mysql on suse < 1120 if [ "$(echo "$POSTFIX_WITH_MYSQL" | tr 'A-Z' 'a-z' )" != "no" ]; then @@ -234,7 +243,7 @@ else chown -R root "$PF_CHROOT"/{etc,@lib@,usr,var} fi - fi # "$POSTFIX_CHROOT" + fi # "$POSTFIX_CHROOT" } gen_main_cf(){ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-SuSE/postfix-fw new/postfix-SuSE/postfix-fw --- old/postfix-SuSE/postfix-fw 2012-04-09 18:10:50.000000000 +0200 +++ new/postfix-SuSE/postfix-fw 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ -## Name: SMTP with Postfix -## Description: Firewall Configuration file for postfix - -# space separated list of allowed TCP ports -TCP="25 465 587" - -# space separated list of allowed UDP ports -UDP="" - -# space separated list of allowed RPC services -RPC="" - -# space separated list of allowed IP protocols -IP="" - -# space separated list of allowed UDP broadcast ports -BROADCAST="" - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-SuSE/sysconfig.postfix new/postfix-SuSE/sysconfig.postfix --- old/postfix-SuSE/sysconfig.postfix 2018-11-24 17:50:05.508755214 +0100 +++ new/postfix-SuSE/sysconfig.postfix 2019-03-25 18:13:09.294122228 +0100 @@ -271,7 +271,7 @@ # hard : "permit_mynetworks, reject_invalid_helo_hostname" # # Example: -# POSTFIX_SMTPD_HELO_RESTRICTIONS=" +# POSTFIX_SMTPD_HELO_RESTRICTIONS="permit_mynetworks, # check_helo_access hash:/etc/postfix/helo_access, # reject_invalid_helo_hostname, # reject_non_fqdn_helo_hostname, @@ -313,7 +313,7 @@ # hard : "permit_mynetworks, reject_unauth_destination" # # Example: -# POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS=" +# POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS="permit_mynetworks, # check_recipient_access hash:/etc/postfix/access, # reject_non_fqdn_recipient, # reject_unauth_destination, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-SuSE/sysconfig.postfix.20170122 new/postfix-SuSE/sysconfig.postfix.20170122 --- old/postfix-SuSE/sysconfig.postfix.20170122 2017-01-22 00:07:25.345079441 +0100 +++ new/postfix-SuSE/sysconfig.postfix.20170122 1970-01-01 01:00:00.000000000 +0100 @@ -1,515 +0,0 @@ -## Path: Network/Mail/Postfix -## Description: Basic configuration of the postfix MTA -## Type: string -## Default: "" -## Config: postfix -# -# Should we use a mailrelay? -# NOTE: ALL mail that is not considered to be my destination -# (POSTFIX_LOCALDOMAINS), will be sent to this host. -# If this host is not your MX, then you have to use [square brackets] -# around the hostname, e.g. [relay.example.com] -# You may also specify an alternate port number, e.g. -# relay.example.com:26 or [relay.example.com]:26 to prevent MX lookups. -# -POSTFIX_RELAYHOST="" - -## Type: string -## Default: "" -## Config: postfix -# -# Comma separated list of IP's -# NOTE: If not set, LISTEN on all interfaces -# -POSTFIX_LISTEN="" - -## Type: string -## Default: "all" -## Config: postfix -# -# One Argument for proto to listen to -# Example: POSTFIX_INET_PROTO="ipv4" -# NOTE: If not set, LISTEN on all proto -# -POSTFIX_INET_PROTO="" - -## Type: string -## Default: "$(hostname -f)" -## Config: postfix -# -# define HOSTNAME you want postfix to show -# NOTE: If set, You should have a "MX Record" in DNS for that name -# and have a valid reverse entry ;) -# -POSTFIX_MYHOSTNAME="" - -## Type: string -## Default: "" -## Config: postfix -# -# Comma separated list of domains that must have their subdomain -# structure stripped off. -# NOTE: If set, FROM_HEADER will also be appended to this list -# -POSTFIX_MASQUERADE_DOMAIN="" - -## Type: string -## Default: "" -## Config: postfix -# -# Comma separated list of host-/domainnames for which postfix -# should accept mail for. -# localhost and the own hostname is the default if POSTFIX_LOCALDOMAINS -# is set empty. -# Examples: -# POSTFIX_LOCALDOMAINS="\$myhostname, \$mydomain, localhost.\$mydomain" -# if you want to use postfix internal variable substitutes or -# POSTFIX_LOCALDOMAINS="example.com, host.example.com, localhost.example.com" -# -POSTFIX_LOCALDOMAINS="" - -## Type: yesno -## Default: no -## Config: postfix -## ServiceRestart: postfix -# -# A null client is a machine that can only send mail. It receives no -# mail from the network, and it does not deliver any mail locally. -# A null client typically uses POP or NFS for mailbox access. -# NOTE: This overrides the following variable: POSTFIX_LOCALDOMAINS -# -POSTFIX_NULLCLIENT="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# if set to yes, mail that will be delivered via smtp will stay -# in the queue unless someone issues "sendmail -q" or equivalent. -# -POSTFIX_DIALUP="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Some people use Postfix to deliver mail across a LAN that is disconnected -# most of the time. Under such conditions, mail delivery can suffer from -# delays while the Postfix SMTP client performs sender and recipient -# domain DNS lookups in order to be standards-compliant. To prevent these -# delays, set this to yes. -# -POSTFIX_NODNS="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Start postfix services chrooted, that are able to run chrooted? -# Note: if you want /usr/sbin/config.postfix to maintain the chroot jail, you -# also have to set POSTFIX_UPDATE_CHROOT_JAIL to yes. -# Note: if you want postfix runs in CHROOT enviroment, then the whole -# /var directory must be on one partition. -# -POSTFIX_CHROOT="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Set this to yes, if /usr/sbin/config.postfix should setup the chroot jail itself -# -POSTFIX_UPDATE_CHROOT_JAIL="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Set this to yes, if /usr/sbin/config.postfix should activate ldap stuff in main.cf -# This extends virtual_alias_maps with "ldap:/etc/postfix/ldap_aliases.cf" -# -POSTFIX_WITH_LDAP="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Set this to yes, if /usr/sbin/config.postfix should activate mysql stuff in main.cf -# and having 'mysql.sock' inside chroot jail -# Note: When POSTFIX_CHROOT="yes" then 'mysql.sock' will be available -# in postfix CHROOT -# -POSTFIX_WITH_MYSQL="no" - -## Type: string(socket,tcp) -## Default: "socket" -## Config: postfix -# -# Set this to "tcp", if your MySQL is not on localhost -# Note: When POSTFIX_CHROOT="yes" then MYSQL_SOCKET will also be available -# in postfix chroot, but you can use "tcp" just as well with MySQL -# on localhost -# -POSTFIX_MYSQL_CONN="socket" - -## Type: yesno -## Default: no -## Config: postfix -# -# Some of the postfix services require a fifo to operate correctly at least -# when the system load is high. Recurring fifo access will prevent the -# disk to fall asleep, so you might want to use a unix domain socket -# instead, if you are using a laptop. -# -POSTFIX_LAPTOP="no" - -## Type: yesno -## Default: yes -## Config: postfix -# -# Should /usr/sbin/config.postfix update the different .db maps in /etc/postfix? -# -POSTFIX_UPDATE_MAPS="yes" - -## Type: string -## Default: "virtual transport access canonical sender_canonical relocated sasl_passwd:600 relay_ccerts" -## Config: postfix -# -# The list of maps, which should be maintained, if -# POSTFIX_UPDATE_MAPS=yes. POSTFIX_MAP_LIST must be a space seperated list of -# file names without an absolute path. They are all to be exptected -# within the directory /etc/postfix. Optionally a file mode can be appended -# using a colon as separator -# -POSTFIX_MAP_LIST="virtual transport access canonical sender_canonical relocated sasl_passwd:600 relay_ccerts helo_access relay" - -## Type: string -## Default: hash:/etc/postfix/transport -# -# The list of transport_maps postfix should look for -# -POSTFIX_TRANSPORT_MAPS="" - -## Type: string -## Default: "" -## Config: postfix -# -# A comma seperated list of hosts that blacklist client IP addresses -# Note: This only has effect, if POSTFIX_BASIC_SPAM_PREVENTION is set -# to either "medium" or "hard" or "custom". If left empty, no RBL checks will take place. -# -# Example: POSTFIX_RBL_HOSTS="bl.spamcop.net, cbl.abuseat.org, zen.spamhaus.org" -# -POSTFIX_RBL_HOSTS="" - -## Type: string(off,medium,hard) -## Default: off -## Config: postfix -# -# POSTFIX_BASIC_SPAM_PREVENTION possible values: -# off : postfix default configuration -# medium : medium UCE policy checks -# hard : hard UCE policy checks -# custom : you can define your own stuff - -# Note: when setting to "custom" and no settings in -# "POSTFIX_SMTPD_CLIENT_RESTRICTIONS" -# "POSTFIX_HELO_RESTRICTIONS" -# "POSTFIX_SENDER_RESTRICTIONS" -# "POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS" result is like setting to "medium" -# -# Setting this to medium or hard will activate some basic UCE controls -# supported by postfix. This may lead to mails which are undeliverable -# to your mailserver! USE THAT ON YOUR OWN RISC!!! -# See http://www.postfix.org/uce.html for more details ! -# -POSTFIX_BASIC_SPAM_PREVENTION="off" - -## Type: string -## Default: "reject_unauth_pipelining, reject_unknown_client, $POSTFIX_RBL_HOSTS" -## Config: postfix -# -# Fill "POSTFIX_SMTPD_CLIENT_RESTRICTIONS" for completion of this RESTRICTION -# -# A comma or space separated list of restrictions -# Note: "if set to "medium" default is "$POSTFIX_RBL_HOSTS" -# -# "POSTFIX_RBL_HOSTS" will be placed by /usr/sbin/config.postfix. You do not need to define it here. -# Fill "POSTFIX_RBL_HOSTS" instead -# -# Example: -# POSTFIX_SMTPD_CLIENT_RESTRICTIONS="reject_unauth_pipelining, -# check_client_access hash:/etc/postfix/pop-before-smtp, -# check_client_access hash:/etc/postfix/relay, -# check_client_access hash:/etc/postfix/access, -# reject_unknown_client" -# -POSTFIX_SMTPD_CLIENT_RESTRICTIONS="" - -## Type: string -## Default: "reject_unauth_pipelining, reject_unknown_client" -## Config: postfix -# -# Fill "POSTFIX_SMTPD_HELO_RESTRICTIONS" for completion of this RESTRICTION -# -# A comma or space separated list of restrictions -# Note: "if set to "medium" default is "" -# -# Example: -# POSTFIX_SMTPD_HELO_RESTRICTIONS="reject_unauth_pipelining, -# check_client_access hash:/etc/postfix/pop-before-smtp, -# check_client_access hash:/etc/postfix/relay, -# check_client_access hash:/etc/postfix/access, -# check_helo_access hash:/etc/postfix/helo_access, -# reject_unknown_client" -# -POSTFIX_SMTPD_HELO_RESTRICTIONS="" - -## Type: string -## Default: "hash:/etc/postfix/access, reject_unknown_sender_domain" -## Config: postfix -# -# Fill "POSTFIX_SMTPD_SENDER_RESTRICTIONS" for completion of this RESTRICTION -# -# A comma or space separated list of restrictions -# Note: "if set to "medium" default is "hash:/etc/postfix/access, reject_unknown_sender_domain" -# -# Example: -# POSTFIX_SMTPD_SENDER_RESTRICTIONS="reject_unauth_pipelining, -# check_client_access hash:/etc/postfix/pop-before-smtp, -# check_client_access hash:/etc/postfix/relay, -# check_client_access hash:/etc/postfix/access, -# reject_unknown_client" -# -POSTFIX_SMTPD_SENDER_RESTRICTIONS="" - -## Type: string -## Default: "permit_mynetworks, reject_unauth_destination" -## Config: postfix -# -# Fill "POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS" for completion of this RESTRICTION -# -# A comma or space separated list of restrictions -# Note: "if set to "medium" default is "permit_mynetworks, reject_unauth_destination" -# Note: "if set to "custom" just like medium -# -# Example: -# POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS="reject_unauth_pipelining, -# check_client_access hash:/etc/postfix/pop-before-smtp, -# check_client_access hash:/etc/postfix/relay, -# check_client_access hash:/etc/postfix/access, -# permit_mynetworks, -# warn_if_reject, -# reject_unknown_sender_domain, -# warn_if_reject, -# reject_unknown_recipient_domain, -# reject_unknown_hostname, -# reject_unknown_client, -# reject_non_fqdn_sender, -# reject_non_fqdn_recipient, -# reject_non_fqdn_hostname, -# reject_unauth_destination" -# -POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS="" - -## Type: list(procmail,cyrus,dovecot,local) -## Default: local -## Config: postfix -# -# POSTFIX_MDA possible values: -# procmail: use procmail to deliver mail locally -# cyrus : use lmtp to deliver to cyrus-imapd -# dovecot : use dovecot to deliver mail to dovecot -# local : use postfix local MDA -# -POSTFIX_MDA="local" - -## Type: yesno -## Default: no -## Config: postfix -# -# Configure postfix to enable users to auth against postfix -# to be able to relay mail independent of being within -# the local network/domain. -# You may want to edit /etc/sasl2/smtpd.conf to fit your needs. -# See /usr/share/doc/packages/postfix/README_FILES/SASL_README -# for more details. -# -POSTFIX_SMTP_AUTH_SERVER="no" - -## Type: string(cyrus,dovecot) -## Default: "cyrus" -## Config: postfix -# -# Configure postfix which SASL service to use -# cyrus : smtpd_sasl_type = cyrus, smtpd_sasl_path = smtpd -# dovecot : smtpd_sasl_type = dovecot, smtpd_sasl_path = private/auth -# -POSTFIX_SMTP_AUTH_SERVICE="cyrus" - -## Type: yesno -## Default: no -## Config: postfix -# -# Enable SMTP-AUTH for the postfix smtp client -# you have to edit /etc/postfix/sasl_passwd and call -# /usr/sbin/config.postfix afterwards -# -POSTFIX_SMTP_AUTH="no" - -## Type: string -## Default: "" -## Config: postfix -# -# POSTFIX_SMTP_AUTH_OPTIONS possible values: -# comma separated list of one or more of -# -# noplaintext: disallow methods that use plaintext passwords -# noactive: disallow methods subject to active (non-dictionary) attack -# nodictionary: disallow methods subject to passive (dictionary) attack -# noanonymous: disallow methods that allow anonymous authentication -# -POSTFIX_SMTP_AUTH_OPTIONS="" - -## Type: yesno -## Default: no -## Config: postfix -# -# Do you want to use STARTTLS -# -POSTFIX_SMTP_TLS_SERVER="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Do you want to use SMTP over SSL. -# assigns port 465 to smtps in /etc/services -# CAUTION: the IANA has assigned a different protocol to port 465 -# Usage of port 465 for smtps was not officially encouraged -# If you enable this you need to make sure that it does not collide -# with protocol urd -# -POSTFIX_SMTP_TLS_SERVER_LEGACY_SUPPORT="no" - -## Type: list(no,yes,must) -## Default: no -## Config: postfix -# -# Do you want to enable postfix smtp client to use TLS -# -POSTFIX_SMTP_TLS_CLIENT="no" - -## Type: string -## Default: "/etc/postfix/ssl" -## Config: postfix -# -# path to the directory where the certificates (default: certs/postfixcert.pem) -# and CA certificates (default: ./cacerts) can be found -# -# This folder will be synced via 'config.postfix' when running 'chrooted' -# -POSTFIX_SSL_PATH="/etc/postfix/ssl" - -## Type: string -## Default: "cacert.pem" -## Config: postfix -# -# name of the CAfile (below POSTFIX_SSL_PATH) -# -# when having more than one CA you want to trust, then -# leave it empty and CApath ( POSTFIX_SSL_PATH/cacerts ) -# is used instead. Do not forget to run c_rehash POSTFIX_SSL_PATH/cacerts -# after storing the certs. -# -POSTFIX_TLS_CAFILE="" - -## Type: string -## Default: "certs/postfixcert.pem" -## Config: postfix -# -# name of the file containing the certificate (below POSTFIX_SSL_PATH) -# -POSTFIX_TLS_CERTFILE="certs/postfixcert.pem" - -## Type: string -## Default: "certs/postfixkey.pem" -## Config: postfix -# -# name of the file containing the key (below POSTFIX_SSL_PATH) -# -POSTFIX_TLS_KEYFILE="certs/postfixkey.pem" - -# -# The following options are used by /usr/sbin/config.postfix and mkpostfixcert -# to create a CA and certificates -# POSTFIX_SSL_COUNTRY must be a two letter code defined by ISO 3166 -# -## Type: string -## Default: "XX" -POSTFIX_SSL_COUNTRY="" - -## Type: string -## Default: "Some state" -POSTFIX_SSL_STATE="" - -## Type: string -## Default: "Some locality" -POSTFIX_SSL_LOCALITY="" - -## Type: string -## Default: "Some Organization" -POSTFIX_SSL_ORGANIZATION="" - -## Type: string -## Default: "Some Organizational Unit" -POSTFIX_SSL_ORGANIZATIONAL_UNIT="" - -## Type: string -## Default: "A common name" -POSTFIX_SSL_COMMON_NAME="" - -## Type: string -## Default: "postmaster" -POSTFIX_SSL_EMAIL_ADDRESS="" - -# -# POSTFIX_ADD_* -# You may add any existing postfix parameter here. Just execute the -# postconf command to get a complete list. You then have to uppercase -# the parameter and prepend POSTFIX_ADD_. -# Example: -# Let's say you want to add the postfix parameter mailbox_size_limit. -# Then just add -# POSTFIX_ADD_MAILBOX_SIZE_LIMIT=0 -# POSTFIX_ADD_MESSAGE_SIZE_LIMIT=30000000 - -## Type: string -## Default: 0 -POSTFIX_ADD_MAILBOX_SIZE_LIMIT="0" - -## Type: string -## Default: 10240000 -POSTFIX_ADD_MESSAGE_SIZE_LIMIT="0" - -## Type: yesno -## Default: yes -## Config: postfix -# -# Automatically register to slpd, if running? -# -POSTFIX_REGISTER_SLP="yes" - -## Type: list(subnet,host,class) -## Default: subnet -## Config: postfix -# -# -# The postfix default for this setting is "subnet" -# for security reasons you should use host -# otherwise every user in the same subnet as you, can use -# your postfix server as a mail relay for spam. -# If you set POSTFIX_DIALUP to "yes" mynetworks_style -# will be set to "host" by /usr/sbin/config.postfix. -# -POSTFIX_ADD_MYNETWORKS_STYLE="subnet" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-SuSE/sysconfig.postfix.20170126 new/postfix-SuSE/sysconfig.postfix.20170126 --- old/postfix-SuSE/sysconfig.postfix.20170126 2017-01-26 18:31:57.871280147 +0100 +++ new/postfix-SuSE/sysconfig.postfix.20170126 1970-01-01 01:00:00.000000000 +0100 @@ -1,522 +0,0 @@ -## Path: Network/Mail/Postfix -## Description: Basic configuration of the postfix MTA -## Type: string -## Default: "" -## Config: postfix -# -# Should we use a mailrelay? -# NOTE: ALL mail that is not considered to be my destination -# (POSTFIX_LOCALDOMAINS), will be sent to this host. -# If this host is not your MX, then you have to use [square brackets] -# around the hostname, e.g. [relay.example.com] -# You may also specify an alternate port number, e.g. -# relay.example.com:26 or [relay.example.com]:26 to prevent MX lookups. -# -POSTFIX_RELAYHOST="" - -## Type: string -## Default: "" -## Config: postfix -# -# Comma separated list of IP's -# NOTE: If not set, LISTEN on all interfaces -# -POSTFIX_LISTEN="" - -## Type: string -## Default: "all" -## Config: postfix -# -# One Argument for proto to listen to -# Example: POSTFIX_INET_PROTO="ipv4" -# NOTE: If not set, LISTEN on all proto -# -POSTFIX_INET_PROTO="" - -## Type: string -## Default: "$(hostname -f)" -## Config: postfix -# -# define HOSTNAME you want postfix to show -# NOTE: If set, You should have a "MX Record" in DNS for that name -# and have a valid reverse entry ;) -# -POSTFIX_MYHOSTNAME="" - -## Type: string -## Default: "" -## Config: postfix -# -# Comma separated list of domains that must have their subdomain -# structure stripped off. -# NOTE: If set, FROM_HEADER will also be appended to this list -# -POSTFIX_MASQUERADE_DOMAIN="" - -## Type: string -## Default: "" -## Config: postfix -# -# Comma separated list of host-/domainnames for which postfix -# should accept mail for. -# localhost and the own hostname is the default if POSTFIX_LOCALDOMAINS -# is set empty. -# Examples: -# POSTFIX_LOCALDOMAINS="\$myhostname, \$mydomain, localhost.\$mydomain" -# if you want to use postfix internal variable substitutes or -# POSTFIX_LOCALDOMAINS="example.com, host.example.com, localhost.example.com" -# -POSTFIX_LOCALDOMAINS="" - -## Type: yesno -## Default: no -## Config: postfix -## ServiceRestart: postfix -# -# A null client is a machine that can only send mail. It receives no -# mail from the network, and it does not deliver any mail locally. -# A null client typically uses POP or NFS for mailbox access. -# NOTE: This overrides the following variable: POSTFIX_LOCALDOMAINS -# -POSTFIX_NULLCLIENT="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# if set to yes, mail that will be delivered via smtp will stay -# in the queue unless someone issues "sendmail -q" or equivalent. -# -POSTFIX_DIALUP="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Some people use Postfix to deliver mail across a LAN that is disconnected -# most of the time. Under such conditions, mail delivery can suffer from -# delays while the Postfix SMTP client performs sender and recipient -# domain DNS lookups in order to be standards-compliant. To prevent these -# delays, set this to yes. -# -POSTFIX_NODNS="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Start postfix services chrooted, that are able to run chrooted? -# Note: if you want /usr/sbin/config.postfix to maintain the chroot jail, you -# also have to set POSTFIX_UPDATE_CHROOT_JAIL to yes. -# Note: if you want postfix runs in CHROOT enviroment, then the whole -# /var directory must be on one partition. -# -POSTFIX_CHROOT="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Set this to yes, if /usr/sbin/config.postfix should setup the chroot jail itself -# -POSTFIX_UPDATE_CHROOT_JAIL="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Set this to yes, if /usr/sbin/config.postfix should activate ldap stuff in main.cf -# This extends virtual_alias_maps with "ldap:/etc/postfix/ldap_aliases.cf" -# -POSTFIX_WITH_LDAP="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Set this to yes, if /usr/sbin/config.postfix should activate mysql stuff in main.cf -# and having 'mysql.sock' inside chroot jail -# Note: When POSTFIX_CHROOT="yes" then 'mysql.sock' will be available -# in postfix CHROOT -# -POSTFIX_WITH_MYSQL="no" - -## Type: string(socket,tcp) -## Default: "socket" -## Config: postfix -# -# Set this to "tcp", if your MySQL is not on localhost -# Note: When POSTFIX_CHROOT="yes" then MYSQL_SOCKET will also be available -# in postfix chroot, but you can use "tcp" just as well with MySQL -# on localhost -# -POSTFIX_MYSQL_CONN="socket" - -## Type: yesno -## Default: no -## Config: postfix -# -# Some of the postfix services require a fifo to operate correctly at least -# when the system load is high. Recurring fifo access will prevent the -# disk to fall asleep, so you might want to use a unix domain socket -# instead, if you are using a laptop. -# -POSTFIX_LAPTOP="no" - -## Type: yesno -## Default: yes -## Config: postfix -# -# Should /usr/sbin/config.postfix update the different .db maps in /etc/postfix? -# -POSTFIX_UPDATE_MAPS="yes" - -## Type: string -## Default: "virtual transport access canonical sender_canonical relocated sasl_passwd:600 relay_ccerts" -## Config: postfix -# -# The list of maps, which should be maintained, if -# POSTFIX_UPDATE_MAPS=yes. POSTFIX_MAP_LIST must be a space seperated list of -# file names without an absolute path. They are all to be exptected -# within the directory /etc/postfix. Optionally a file mode can be appended -# using a colon as separator -# -POSTFIX_MAP_LIST="virtual transport access canonical sender_canonical relocated sasl_passwd:600 relay_ccerts helo_access relay" - -## Type: string -## Default: hash:/etc/postfix/transport -# -# The list of transport_maps postfix should look for -# -POSTFIX_TRANSPORT_MAPS="" - -## Type: string -## Default: "" -## Config: postfix -# -# A comma seperated list of hosts that blacklist client IP addresses -# Note: This only has effect, if POSTFIX_BASIC_SPAM_PREVENTION is set -# to either "medium" or "hard" or "custom". If left empty, no RBL checks will take place. -# -# Example: POSTFIX_RBL_HOSTS="bl.spamcop.net, cbl.abuseat.org, zen.spamhaus.org" -# -POSTFIX_RBL_HOSTS="" - -## Type: string(off,medium,hard) -## Default: off -## Config: postfix -# -# POSTFIX_BASIC_SPAM_PREVENTION possible values: -# off : postfix default configuration -# medium : medium UCE policy checks -# hard : hard UCE policy checks -# custom : you can define your own stuff - -# Note: when setting to "custom" and no settings in -# "POSTFIX_SMTPD_CLIENT_RESTRICTIONS" -# "POSTFIX_HELO_RESTRICTIONS" -# "POSTFIX_SENDER_RESTRICTIONS" -# "POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS" result is like setting to "medium" -# -# Setting this to medium or hard will activate some basic UCE controls -# supported by postfix. This may lead to mails which are undeliverable -# to your mailserver! USE THAT ON YOUR OWN RISC!!! -# See http://www.postfix.org/uce.html for more details ! -# -POSTFIX_BASIC_SPAM_PREVENTION="off" - -## Type: string -## Default: "" -## Config: postfix -# -# Fill "POSTFIX_SMTPD_CLIENT_RESTRICTIONS" for completion of this RESTRICTION -# -# A comma or space separated list of restrictions -# Note: if set to ... -# medium: "$POSTFIX_RBL_HOSTS" -# hard" : "permit_mynetworks, $POSTFIX_RBL_HOSTS, reject_unknown_client_hostname" -# -# "POSTFIX_RBL_HOSTS" will be placed by /usr/sbin/config.postfix. You do not need to define it here. -# Fill "POSTFIX_RBL_HOSTS" instead -# -# Example: -# POSTFIX_SMTPD_CLIENT_RESTRICTIONS="permit_mynetworks, -# check_client_access hash:/etc/postfix/pop-before-smtp, -# check_client_access hash:/etc/postfix/relay, -# check_client_access hash:/etc/postfix/access, -# reject_unknown_client_hostname" -# -POSTFIX_SMTPD_CLIENT_RESTRICTIONS="" - -## Type: string -## Default: "" -## Config: postfix -# -# Fill "POSTFIX_SMTPD_HELO_RESTRICTIONS" for completion of this RESTRICTION -# -# A comma or space separated list of restrictions -# Note: if set to ... -# medium: "" -# hard : "permit_mynetworks, reject_invalid_helo_hostname" -# -# Example: -# POSTFIX_SMTPD_HELO_RESTRICTIONS="permit_mynetworks, -# check_client_access hash:/etc/postfix/pop-before-smtp, -# check_client_access hash:/etc/postfix/relay, -# check_client_access hash:/etc/postfix/access, -# check_helo_access hash:/etc/postfix/helo_access, -# reject_invalid_helo_hostname" -# -POSTFIX_SMTPD_HELO_RESTRICTIONS="" - -## Type: string -## Default: "hash:/etc/postfix/access, reject_unknown_sender_domain" -## Config: postfix -# -# Fill "POSTFIX_SMTPD_SENDER_RESTRICTIONS" for completion of this RESTRICTION -# -# A comma or space separated list of restrictions -# Note: if set to ... -# medium: "hash:/etc/postfix/access, reject_unknown_sender_domain" -# hard : "hash:/etc/postfix/access, reject_unknown_sender_domain" -# -# Example: -# POSTFIX_SMTPD_SENDER_RESTRICTIONS=" -# check_client_access hash:/etc/postfix/pop-before-smtp, -# check_client_access hash:/etc/postfix/relay, -# check_client_access hash:/etc/postfix/access, -# reject_unknown_sender_domain, -# reject_unknown_client_hostname" -# -POSTFIX_SMTPD_SENDER_RESTRICTIONS="" - -## Type: string -## Default: "permit_mynetworks, reject_unauth_destination" -## Config: postfix -# -# Fill "POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS" for completion of this RESTRICTION -# -# A comma or space separated list of restrictions -# Note: if set to -# medium: "permit_mynetworks, reject_unauth_destination" -# hard : "permit_mynetworks, reject_unauth_destination" -# -# Example: -# POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS="permit_mynetworks, -# check_client_access hash:/etc/postfix/pop-before-smtp, -# check_client_access hash:/etc/postfix/relay, -# check_client_access hash:/etc/postfix/access, -# warn_if_reject, -# reject_unknown_sender_domain, -# warn_if_reject, -# reject_unknown_recipient_domain, -# reject_unknown_helo_hostname, -# reject_unknown_client_hostname, -# reject_non_fqdn_sender, -# reject_non_fqdn_recipient, -# reject_non_fqdn_hostname, -# reject_unauth_destination" -# -POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS="" - -## Type: list(procmail,cyrus,dovecot,local) -## Default: local -## Config: postfix -# -# POSTFIX_MDA possible values: -# procmail: use procmail to deliver mail locally -# cyrus : use lmtp to deliver to cyrus-imapd -# dovecot : use dovecot to deliver mail to dovecot -# local : use postfix local MDA -# -POSTFIX_MDA="local" - -## Type: yesno -## Default: no -## Config: postfix -# -# Configure postfix to enable users to auth against postfix -# to be able to relay mail independent of being within -# the local network/domain. -# You may want to edit /etc/sasl2/smtpd.conf to fit your needs. -# See /usr/share/doc/packages/postfix/README_FILES/SASL_README -# for more details. -# -POSTFIX_SMTP_AUTH_SERVER="no" - -## Type: string(cyrus,dovecot) -## Default: "cyrus" -## Config: postfix -# -# Configure postfix which SASL service to use -# cyrus : smtpd_sasl_type = cyrus, smtpd_sasl_path = smtpd -# dovecot : smtpd_sasl_type = dovecot, smtpd_sasl_path = private/auth -# -POSTFIX_SMTP_AUTH_SERVICE="cyrus" - -## Type: yesno -## Default: no -## Config: postfix -# -# Enable SMTP-AUTH for the postfix smtp client -# you have to edit /etc/postfix/sasl_passwd and call -# /usr/sbin/config.postfix afterwards -# -POSTFIX_SMTP_AUTH="no" - -## Type: string -## Default: "" -## Config: postfix -# -# POSTFIX_SMTP_AUTH_OPTIONS possible values: -# comma separated list of one or more of -# -# noplaintext: disallow methods that use plaintext passwords -# noactive: disallow methods subject to active (non-dictionary) attack -# nodictionary: disallow methods subject to passive (dictionary) attack -# noanonymous: disallow methods that allow anonymous authentication -# -POSTFIX_SMTP_AUTH_OPTIONS="" - -## Type: yesno -## Default: no -## Config: postfix -# -# Do you want to use STARTTLS -# -POSTFIX_SMTP_TLS_SERVER="no" - -## Type: yesno -## Default: no -## Config: postfix -# -# Do you want to use SMTP over SSL. -# assigns port 465 to smtps in /etc/services -# CAUTION: the IANA has assigned a different protocol to port 465 -# Usage of port 465 for smtps was not officially encouraged -# If you enable this you need to make sure that it does not collide -# with protocol urd -# -POSTFIX_SMTP_TLS_SERVER_LEGACY_SUPPORT="no" - -## Type: list(no,yes,must) -## Default: no -## Config: postfix -# -# Do you want to enable postfix smtp client to use TLS -# -POSTFIX_SMTP_TLS_CLIENT="no" - -## Type: string -## Default: "/etc/postfix/ssl" -## Config: postfix -# -# path to the directory where the certificates (default: certs/postfixcert.pem) -# and CA certificates (default: ./cacerts) can be found -# -# This folder will be synced via 'config.postfix' when running 'chrooted' -# -POSTFIX_SSL_PATH="/etc/postfix/ssl" - -## Type: string -## Default: "cacert.pem" -## Config: postfix -# -# name of the CAfile (below POSTFIX_SSL_PATH) -# -# when having more than one CA you want to trust, then -# leave it empty and CApath ( POSTFIX_SSL_PATH/cacerts ) -# is used instead. Do not forget to run c_rehash POSTFIX_SSL_PATH/cacerts -# after storing the certs. -# -POSTFIX_TLS_CAFILE="" - -## Type: string -## Default: "certs/postfixcert.pem" -## Config: postfix -# -# name of the file containing the certificate (below POSTFIX_SSL_PATH) -# -POSTFIX_TLS_CERTFILE="certs/postfixcert.pem" - -## Type: string -## Default: "certs/postfixkey.pem" -## Config: postfix -# -# name of the file containing the key (below POSTFIX_SSL_PATH) -# -POSTFIX_TLS_KEYFILE="certs/postfixkey.pem" - -# -# The following options are used by /usr/sbin/config.postfix and mkpostfixcert -# to create a CA and certificates -# POSTFIX_SSL_COUNTRY must be a two letter code defined by ISO 3166 -# -## Type: string -## Default: "XX" -POSTFIX_SSL_COUNTRY="" - -## Type: string -## Default: "Some state" -POSTFIX_SSL_STATE="" - -## Type: string -## Default: "Some locality" -POSTFIX_SSL_LOCALITY="" - -## Type: string -## Default: "Some Organization" -POSTFIX_SSL_ORGANIZATION="" - -## Type: string -## Default: "Some Organizational Unit" -POSTFIX_SSL_ORGANIZATIONAL_UNIT="" - -## Type: string -## Default: "A common name" -POSTFIX_SSL_COMMON_NAME="" - -## Type: string -## Default: "postmaster" -POSTFIX_SSL_EMAIL_ADDRESS="" - -# -# POSTFIX_ADD_* -# You may add any existing postfix parameter here. Just execute the -# postconf command to get a complete list. You then have to uppercase -# the parameter and prepend POSTFIX_ADD_. -# Example: -# Let's say you want to add the postfix parameter mailbox_size_limit. -# Then just add -# POSTFIX_ADD_MAILBOX_SIZE_LIMIT=0 -# POSTFIX_ADD_MESSAGE_SIZE_LIMIT=30000000 - -## Type: string -## Default: 0 -POSTFIX_ADD_MAILBOX_SIZE_LIMIT="0" - -## Type: string -## Default: 10240000 -POSTFIX_ADD_MESSAGE_SIZE_LIMIT="0" - -## Type: yesno -## Default: yes -## Config: postfix -# -# Automatically register to slpd, if running? -# -POSTFIX_REGISTER_SLP="yes" - -## Type: list(subnet,host,class) -## Default: subnet -## Config: postfix -# -# -# The postfix default for this setting is "subnet" -# for security reasons you should use host -# otherwise every user in the same subnet as you, can use -# your postfix server as a mail relay for spam. -# If you set POSTFIX_DIALUP to "yes" mynetworks_style -# will be set to "host" by /usr/sbin/config.postfix. -# -POSTFIX_ADD_MYNETWORKS_STYLE="subnet" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-SuSE/update_chroot.systemd new/postfix-SuSE/update_chroot.systemd --- old/postfix-SuSE/update_chroot.systemd 2014-06-27 21:19:39.000000000 +0200 +++ new/postfix-SuSE/update_chroot.systemd 2019-07-22 01:52:51.910716754 +0200 @@ -24,7 +24,9 @@ local MYSQLD="$($defaults mysqld)" if [ -n "$MYSQLD" ]; then - MYSQL_SOCKET=$(echo "$MYSQLD" | sed -rn '/--socket[[:blank:]=]/{ s@.*[[:blank:]=]([^[:blank:]=]*)@\1@p; }') + MYSQL_SOCKET=$(echo "$MYSQLD" | awk -F"=" '/--socket/ {print $2}') + # fix for: Can't connect to local MySQL server through socket '/run/mysql/mysql.sock' (2) + [[ "${MYSQL_SOCKET}" =~ ^/var/run ]] && MYSQL_SOCKET="${MYSQL_SOCKET#/var}" MYSQL_SOCKET_DIR=${MYSQL_SOCKET%/*} CHR_MYSQL_SOCKET=${PF_CHROOT}${MYSQL_SOCKET} CHR_MYSQL_SOCKET_DIR=${CHR_MYSQL_SOCKET%/*}
