postfix-us...@vintagesfinewine.com: > > I've run into a problem with one of the postfix tls scripts. > > Attempting to deploy server certificates with > # postfix tls deploy-server-cert certificate.crt keyfile.key > > Expected to deploy new certificates > > What happened - command fails with > /usr/lib/postfix/sbin/postfix-tls-script: 780: shift: can't shift > that many > > > > Reproducing this doesn't need a lot of pre-setup: > # apt install postfix ssl-cert > # postfix tls deploy-server-cert /etc/ssl/certs/ssl-cert-snakeoil.pem > /etc/ssl/private/ssl-cert-snakeoil.key > /usr/lib/postfix/sbin/postfix-tls-script: 780: shift: can't shift that > many
Below is a patch. I find that the handling of this differ a lot among shell implementations, from terminating to ignoring. Wietse diff -ur /var/tmp/postfix-3.6-20200523/conf/postfix-tls-script conf/postfix-tls-script --- /var/tmp/postfix-3.6-20200523/conf/postfix-tls-script 2017-02-18 20:58:20.000000000 -0500 +++ conf/postfix-tls-script 2020-05-30 10:37:04.000000000 -0400 @@ -777,7 +777,7 @@ deploy_server_cert() { certfile=$1; shift keyfile=$1; shift - deploy=$1; shift + case $# in 0) deploy=;; *) deploy=$1; shift;; esac # Sets key_algo, key_param and cert_param check_key "$keyfile" || return 1