On Tue, 22 Oct 2019 09:22:24 +0200 Thomas Lamprecht <t.lampre...@proxmox.com> wrote:
> On 10/21/19 10:11 PM, Stoiko Ivanov wrote: > > by: > > * running /usr/bin/newaliases (generating /etc/aliases.db) > > * setting the compatibility_level to 2 > > ** otherwise a warning was issued with broken aliases.db that the system > > is using the backward compatible setting of $mydestination for > > $relay_domain > > (see [0]). > > > > as said in the past, if you start making bulletin points chances are > high that it should be done in two different patches. Sorry - did consider splitting it - should've done so... > > One patch: "raise postifx main.cf compatibility_level to 2" > Another patch: "ensure /etc/aliases.db is generated" > > But for the latter one we had a fix which sounds like a possible cause of > this[0], it was fixed in the ISO build environment and in a postinst hook > for pve-common[1]. AFAICT, the postinst hook misses a newaliases > regeneration, but otherwise this should be already fixed? In my short tests postfix happily accepted: `www:root` (without space) as alias (and sent e-mail to the forward address once a aliases.db was present). In any case running newaliases (and a following service reload of postfix) in the postinst-hook of libpve-common-perl sounds like a good idea. > > Else, a possible better option would be to add this into the postinst, > one for the upgrade from broken to corrrect (with the current version), > and one for new installations - which could also ensure that PVE on Debian > installations get this right. I'll provide a v2 and test those cases (fresh install, install on top of Debian and upgrade from libpve-common-perl 6.0.5 without /etc/aliases.db) > > For PMG it's not too relevant, as the clamav postinst triggers a newaliases > anyway, if the "clamav: root" entry had to be added (which is always the case, > besides the situations where one had already a Debian with ClamAV setup > before installing PMG).. PMG runs newaliases upon every config-rewrite attempt [0] - so I think we should be safe there. But the reminder made me check that we do also have compatibility_level=2 in the PMG main.cf.in template. Thanks for the pointers! stoiko [0] https://git.proxmox.com/?p=pmg-api.git;a=blob;f=src/PMG/Config.pm;h=0c907a2e3f692c3eca7a25619a7817f567ee24a8;hb=HEAD#l1546 > > [0]: https://pve.proxmox.com/pipermail/pve-user/2019-September/170995.html > [1]: > https://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=c5c5812e2325d90c832207862f2340cb7303667b > > > Tested by installing from ISO and creating a cronjob which runs 'echo test' > > every minute. > > > > Thanks to Martin for reporting this! > > > > [0] http://www.postfix.org/COMPATIBILITY_README.html#relay_domains > > > > Signed-off-by: Stoiko Ivanov <s.iva...@proxmox.com> > > --- > > proxinstall | 4 ++++ > > 1 file changed, 4 insertions(+) > > > > diff --git a/proxinstall b/proxinstall > > index d9e2211..5d02b34 100755 > > --- a/proxinstall > > +++ b/proxinstall > > @@ -328,6 +328,8 @@ mynetworks = 127.0.0.0/8 > > inet_interfaces = loopback-only > > recipient_delimiter = + > > > > +compatibility_level = 2 > > + > > _EOD > > > > sub shellquote { > > @@ -1641,6 +1643,8 @@ _EOD > > syscmd("chroot $targetdir /usr/sbin/postfix check"); > > # cleanup mail queue > > syscmd("chroot $targetdir /usr/sbin/postsuper -d ALL"); > > + # create /etc/aliases.db (/etc/aliases is shipped in the base squashfs) > > + syscmd("chroot $targetdir /usr/bin/newaliases"); > > > > # enable NTP (timedatectl set-ntp true does not work without DBUS) > > syscmd("chroot $targetdir /bin/systemctl enable > > systemd-timesyncd.service"); > > _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel