Re: wip-postfix

[Christine Lemmer-Webber]

Gábor Boskovits writes:

> Hello Jan,
>
>> I took the liberty of rebasing wip-postfix on latest master and
>> found it does not compile
>>
>> --8<---cut here---start->8---
>> gcc -fPIC -I. -I../../include -DNO_EAI -DDEF_SMTPUTF8_ENABLE=\"no\"
>> -DHAS_DEV_URANDOM
>> -DDEF_SHLIB_DIR=\"/gnu/store/hbdrbb84krvjvw58vmr1pvzb6l3gbmyv-postfix-minimal-3.4.8\"
>> -DUSE_DYNAMIC_LIBS -DUSE_DYNAMIC_MAPS -Wmissing-prototypes -Wformat
>> -Wno-comment -fPIC -g -O -I. -I../../include -DLINUX5 -c dns_str_resflags.c
>> dns_str_resflags.c:55:13: warning: RES_AAONLY is deprecated
>>  "RES_AAONLY", RES_AAONLY,
>>  ^
>> dns_str_resflags.c:57:13: warning: RES_PRIMARY is deprecated
>>  "RES_PRIMARY", RES_PRIMARY,
>>  ^~~
>> dns_str_resflags.c:63:22: error: ‘RES_INSECURE1’ undeclared here (not in a
>> function); did you mean ‘RES_RECURSE’?
>>  "RES_INSECURE1", RES_INSECURE1,
>>   ^
>>   RES_RECURSE
>> --8<---cut here---end--->8---
>>
>> Luckily, that was easily fixed by updating postfix to 3.5.0.
>>
>
> Thanks for having a look.
>
>>
>> >>  When I hack around and create /etc/ailases.db, it works.
>> > I would like to add a service config for this.
>>
>> I found we already have mail-aliases-service-type, so I used that,
>> together with running postalias.  Now, queuing mail works ootb...but
>> delivery seems not to work: it remains queued.
>>
>> I rebased wip-postfix and added a couple of patches for this.  Please
>> feel free to revert them if you don't like it :-)
>>
>> When starting postfix like so
>>
>> --8<---cut here---start->8---
>> ./pre-inst-env guix system vm gnu/system/examples/postfix.tmpl`\
>>--nographic -m 1G\
>>--nic
>> user,model=virtio-net-pci,hostfwd=tcp::12025-:25,hostfwd=tcp:127.0.0.1:12022
>> -:
>> --8<---cut here---end--->8---
>>
>> I'm seeing
>>
>> --8<---cut here---start->8---
>> 07:39:18 janneke@dundal:~/src/guix/wip-postfix [env]
>> $ telnet localhost 12025
>> Trying 127.0.0.1...
>> Connected to localhost.
>> Escape character is '^]'.
>> 220 komputilo.localdomain ESMTP Postfix
>> mail from: root
>> mail from: root
>> 250 2.1.0 Ok
>> rcpt to: alice
>> rcpt to: alice
>> 250 2.1.5 Ok
>> data
>> data
>> 354 End data with .
>> hello Alice!
>> hello Alice!
>> .
>> .
>> 250 2.0.0 Ok: queued as E26BA3116
>> quit
>> quit
>> 221 2.0.0 Bye
>> Connection closed by foreign host.
>> 08:03:53 janneke@dundal:~/src/guix/wip-postfix [env]
>> $ ssh -p 12022 root@localhost
>> /gnu/store/mydn0wr0bs7mz3rx9fwihpma26r0dpqq-postfix-minimal-3.5.0/mailq -C
>> /gnu/store/nj5pa9l9zy6vx5484pbdsqnilva8bivc-postfix-config-dir
>> -Queue ID-  --Size-- Arrival Time -Sender/Recipient---
>> E26BA3116*  175 Mon Aug 10 08:00:50  root@komputilo.localdomain
>>  alice@komputilo.localdomain
>>
>> -- 0 Kbytes in 1 Request.
>> --8<---cut here---end--->8---
>>
>> Ideas?
>>
>
> I will have a look early next week. Most probably the setuid stuff is
> missing, and access is denied to something.

Good news, the new setuid stuff is in now in git master.

This probably means wip-postfix could be rebased on top of it again and
could take advantage of it?

Re: wip-postfix

[Gábor Boskovits]

Hello Jan,

Jan Nieuwenhuizen  ezt írta (időpont: 2020. aug. 10., Hét
8:50):

> Gábor Boskovits writes:
>
> Hello!
>
> >> Jan Nieuwenhuizen  ezt írta (időpont: 2020. márc.
> 17., Ke 9:02):
> >
> >  Gábor Boskovits writes:
>
> I took the liberty of rebasing wip-postfix on latest master and
> found it does not compile
>
> --8<---cut here---start->8---
> gcc -fPIC -I. -I../../include -DNO_EAI -DDEF_SMTPUTF8_ENABLE=\"no\"
> -DHAS_DEV_URANDOM
> -DDEF_SHLIB_DIR=\"/gnu/store/hbdrbb84krvjvw58vmr1pvzb6l3gbmyv-postfix-minimal-3.4.8\"
> -DUSE_DYNAMIC_LIBS -DUSE_DYNAMIC_MAPS -Wmissing-prototypes -Wformat
> -Wno-comment -fPIC -g -O -I. -I../../include -DLINUX5 -c dns_str_resflags.c
> dns_str_resflags.c:55:13: warning: RES_AAONLY is deprecated
>  "RES_AAONLY", RES_AAONLY,
>  ^
> dns_str_resflags.c:57:13: warning: RES_PRIMARY is deprecated
>  "RES_PRIMARY", RES_PRIMARY,
>  ^~~
> dns_str_resflags.c:63:22: error: ‘RES_INSECURE1’ undeclared here (not in a
> function); did you mean ‘RES_RECURSE’?
>  "RES_INSECURE1", RES_INSECURE1,
>   ^
>   RES_RECURSE
> --8<---cut here---end--->8---
>
> Luckily, that was easily fixed by updating postfix to 3.5.0.
>

Thanks for having a look.

>
> >>  When I hack around and create /etc/ailases.db, it works.
> > I would like to add a service config for this.
>
> I found we already have mail-aliases-service-type, so I used that,
> together with running postalias.  Now, queuing mail works ootb...but
> delivery seems not to work: it remains queued.
>
> I rebased wip-postfix and added a couple of patches for this.  Please
> feel free to revert them if you don't like it :-)
>
> When starting postfix like so
>
> --8<---cut here---start->8---
> ./pre-inst-env guix system vm gnu/system/examples/postfix.tmpl`\
>--nographic -m 1G\
>--nic
> user,model=virtio-net-pci,hostfwd=tcp::12025-:25,hostfwd=tcp:127.0.0.1:12022
> -:
> --8<---cut here---end--->8---
>
> I'm seeing
>
> --8<---cut here---start->8---
> 07:39:18 janneke@dundal:~/src/guix/wip-postfix [env]
> $ telnet localhost 12025
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> 220 komputilo.localdomain ESMTP Postfix
> mail from: root
> mail from: root
> 250 2.1.0 Ok
> rcpt to: alice
> rcpt to: alice
> 250 2.1.5 Ok
> data
> data
> 354 End data with .
> hello Alice!
> hello Alice!
> .
> .
> 250 2.0.0 Ok: queued as E26BA3116
> quit
> quit
> 221 2.0.0 Bye
> Connection closed by foreign host.
> 08:03:53 janneke@dundal:~/src/guix/wip-postfix [env]
> $ ssh -p 12022 root@localhost
> /gnu/store/mydn0wr0bs7mz3rx9fwihpma26r0dpqq-postfix-minimal-3.5.0/mailq -C
> /gnu/store/nj5pa9l9zy6vx5484pbdsqnilva8bivc-postfix-config-dir
> -Queue ID-  --Size-- Arrival Time -Sender/Recipient---
> E26BA3116*  175 Mon Aug 10 08:00:50  root@komputilo.localdomain
>  alice@komputilo.localdomain
>
> -- 0 Kbytes in 1 Request.
> --8<---cut here---end--->8---
>
> Ideas?
>

I will have a look early next week. Most probably the setuid stuff is
missing, and access is denied to something.

>
> >>  It looks like most everything is installed in a single, flat directory
> >>
> >>  /gnu/store/pyv0rpd6zs0m2i482cb8qxd6mhf5b47z-postfix-minimal-3.4.8
> >>
> >>  executables, copies of readmes, (unused?) config files (main.cf,
> >>  aliases)?
> >
> > Yes, but can be easily separated. The config files are installer
> > generated, and not used.
>
> Ok => TODO :-)
>
> >> Anyhow, this is a great start; next Mailman?
> >
> > One thing that blocks me from finishing this is that the setuid
> > programs in the os declatation should be extended, so that we can use
> > the privilege separation of postfix. I would like to propose a patch
> > later this week.
>
> Any insight here, something blocking maybe?
>

Nothing in particular. I had little time recently. I just finished a bigger
project, and I was on holiday. I will try to propose an interface for this
next week.


> Greetings,
> Janneke
>

Regards,
g_bor

>
> Jan (janneke) Nieuwenhuizen (5):
>   gnu: postfix-minimal: Updato to 3.5.0.
>   system: examples: Add postfix.tmpl.
>   gnu: postfi

Re: wip-postfix

[Jan Nieuwenhuizen]

Gábor Boskovits writes:

Hello!

>> Jan Nieuwenhuizen  ezt írta (időpont: 2020. márc. 17., Ke 
>> 9:02):
>
>  Gábor Boskovits writes:

I took the liberty of rebasing wip-postfix on latest master and
found it does not compile

--8<---cut here---start->8---
gcc -fPIC -I. -I../../include -DNO_EAI -DDEF_SMTPUTF8_ENABLE=\"no\" 
-DHAS_DEV_URANDOM 
-DDEF_SHLIB_DIR=\"/gnu/store/hbdrbb84krvjvw58vmr1pvzb6l3gbmyv-postfix-minimal-3.4.8\"
 -DUSE_DYNAMIC_LIBS -DUSE_DYNAMIC_MAPS -Wmissing-prototypes -Wformat 
-Wno-comment -fPIC -g -O -I. -I../../include -DLINUX5 -c dns_str_resflags.c
dns_str_resflags.c:55:13: warning: RES_AAONLY is deprecated
 "RES_AAONLY", RES_AAONLY,
 ^ 
dns_str_resflags.c:57:13: warning: RES_PRIMARY is deprecated
 "RES_PRIMARY", RES_PRIMARY,
 ^~~
dns_str_resflags.c:63:22: error: ‘RES_INSECURE1’ undeclared here (not in a 
function); did you mean ‘RES_RECURSE’?
 "RES_INSECURE1", RES_INSECURE1,
  ^
  RES_RECURSE
--8<---cut here---end--->8---

Luckily, that was easily fixed by updating postfix to 3.5.0.

>>  When I hack around and create /etc/ailases.db, it works.
> I would like to add a service config for this.

I found we already have mail-aliases-service-type, so I used that,
together with running postalias.  Now, queuing mail works ootb...but
delivery seems not to work: it remains queued.

I rebased wip-postfix and added a couple of patches for this.  Please
feel free to revert them if you don't like it :-)

When starting postfix like so

--8<---cut here---start->8---
./pre-inst-env guix system vm gnu/system/examples/postfix.tmpl`\
   --nographic -m 1G\
   --nic 
user,model=virtio-net-pci,hostfwd=tcp::12025-:25,hostfwd=tcp:127.0.0.1:12022-:
--8<---cut here---end--->8---

I'm seeing

--8<---cut here---start->8---
07:39:18 janneke@dundal:~/src/guix/wip-postfix [env]
$ telnet localhost 12025
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 komputilo.localdomain ESMTP Postfix
mail from: root
mail from: root
250 2.1.0 Ok
rcpt to: alice
rcpt to: alice
250 2.1.5 Ok
data
data
354 End data with .
hello Alice!
hello Alice!
.
.
250 2.0.0 Ok: queued as E26BA3116
quit
quit
221 2.0.0 Bye
Connection closed by foreign host.
08:03:53 janneke@dundal:~/src/guix/wip-postfix [env]
$ ssh -p 12022 root@localhost 
/gnu/store/mydn0wr0bs7mz3rx9fwihpma26r0dpqq-postfix-minimal-3.5.0/mailq -C 
/gnu/store/nj5pa9l9zy6vx5484pbdsqnilva8bivc-postfix-config-dir
-Queue ID-  --Size-- Arrival Time -Sender/Recipient---
E26BA3116*  175 Mon Aug 10 08:00:50  root@komputilo.localdomain
 alice@komputilo.localdomain

-- 0 Kbytes in 1 Request.
--8<---cut here---end--->8---

Ideas?

>>  It looks like most everything is installed in a single, flat directory
>>
>>  /gnu/store/pyv0rpd6zs0m2i482cb8qxd6mhf5b47z-postfix-minimal-3.4.8
>>
>>  executables, copies of readmes, (unused?) config files (main.cf,
>>  aliases)?
>
> Yes, but can be easily separated. The config files are installer
> generated, and not used.

Ok => TODO :-)

>> Anyhow, this is a great start; next Mailman?
>
> One thing that blocks me from finishing this is that the setuid
> programs in the os declatation should be extended, so that we can use
> the privilege separation of postfix. I would like to propose a patch
> later this week.

Any insight here, something blocking maybe?

Greetings,
Janneke

Jan (janneke) Nieuwenhuizen (5):
  gnu: postfix-minimal: Updato to 3.5.0.
  system: examples: Add postfix.tmpl.
  gnu: postfix-minimal: Fix startup warnings.
  service: postfix: Use mail-aliases-service-type.
  system: postfix.tmpl: Add mail-aliases-service.

 gnu/packages/mail.scm| 32 ---
 gnu/services/mail.scm| 12 ++-
 gnu/system/examples/postfix.tmpl | 54 
 3 files changed, 86 insertions(+), 12 deletions(-)
 create mode 100644 gnu/system/examples/postfix.tmpl

-- 
Jan Nieuwenhuizen  | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com

Re: wip-postfix

[Gábor Boskovits]

Hello,

Jan Nieuwenhuizen  ezt írta (időpont: 2020. márc. 17., Ke
9:02):

> Gábor Boskovits writes:
>
> Hello Gábor,
>
> > I've just pushed my work on postfix as a new wip-postfix branch.
>
> That's great!  Yesterday I finally found some time to look at it.
>
Thanks for the feedback.

>
> > Current status:
> > Service starts fine. Some warnings are sent on startup, telling that
> > some coreutils stuff is not found. No testing was done as of now.
>
> I fixed that, see attched patch.
>
> > Feedback welcome.
>
> I found mail delivery not to work, out of the box (using attached
> config).
>
> When I start a vm like so:
>
> sed -e 's,-append ",-append "console=ttyS0 ,' $(./pre-inst-env guix
> system vm gnu/system/examples/postfix.tmpl) > rvm.shn
> sh rvm.sh -nographic -m 2G -net nic -net
> user,hostfwd=tcp::10022-:,hostfwd=tcp::10025-:25
>
> it does not work for me; I get
>
> --8<---cut here---start->8---
> $ telnet localhost 10025
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> 220 komputilo.localdomain ESMTP Postfix
> mail from: root
> mail from: root
> 250 2.1.0 Ok
> rcpt to: alice
> rcpt to: alice
> 451 4.3.0 : Temporary lookup failure
> data
> data
> 554 5.5.1 Error: no valid recipients
> --8<---cut here---end--->8---
>
> When I hack around and create /etc/ailases.db, it works.
>
I would like to add a service config for this.

>
> It looks like most everything is installed in a single, flat directory
>
> /gnu/store/pyv0rpd6zs0m2i482cb8qxd6mhf5b47z-postfix-minimal-3.4.8
>
> executables, copies of readmes, (unused?) config files (main.cf,
> aliases)?
>
Yes, but can be easily separated. The config files are installer generated,
and not used.

>
> Anyhow, this is a great start; next Mailman?
>

One thing that blocks me from finishing this is that the setuid programs in
the os declatation should be extended, so that we can use the privilege
separation of postfix. I would like to propose a patch later this week.

>
> Greetings,
> janneke
>
Best regards,
g_bor

>
>
>
> --
> Jan Nieuwenhuizen  | GNU LilyPond http://lilypond.org
> Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com
>

Re: wip-postfix

[Jan Nieuwenhuizen]

Gábor Boskovits writes:

Hello Gábor,

> I've just pushed my work on postfix as a new wip-postfix branch.

That's great!  Yesterday I finally found some time to look at it.

> Current status:
> Service starts fine. Some warnings are sent on startup, telling that
> some coreutils stuff is not found. No testing was done as of now.

I fixed that, see attched patch.

> Feedback welcome.

I found mail delivery not to work, out of the box (using attached
config).

When I start a vm like so:

sed -e 's,-append ",-append "console=ttyS0 ,' $(./pre-inst-env guix system 
vm gnu/system/examples/postfix.tmpl) > rvm.shn
sh rvm.sh -nographic -m 2G -net nic -net 
user,hostfwd=tcp::10022-:,hostfwd=tcp::10025-:25

it does not work for me; I get

--8<---cut here---start->8---
$ telnet localhost 10025
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 komputilo.localdomain ESMTP Postfix
mail from: root
mail from: root
250 2.1.0 Ok
rcpt to: alice
rcpt to: alice
451 4.3.0 : Temporary lookup failure
data
data
554 5.5.1 Error: no valid recipients
--8<---cut here---end--->8---

When I hack around and create /etc/ailases.db, it works.

It looks like most everything is installed in a single, flat directory

/gnu/store/pyv0rpd6zs0m2i482cb8qxd6mhf5b47z-postfix-minimal-3.4.8

executables, copies of readmes, (unused?) config files (main.cf,
aliases)?

Anyhow, this is a great start; next Mailman?

Greetings,
janneke


>From 062afde1f7aa335f3be5e1074187a6dd0d33614b Mon Sep 17 00:00:00 2001
From: Jan Nieuwenhuizen 
Date: Tue, 17 Mar 2020 08:37:32 +0100
Subject: [PATCH] gnu: postfix-minimal: Fix startup warnings.

This avoids kind of funny replacements like these of `rm'

find -prune -perm -020
=>
find -prune -pe/gnu/store/zibwkb5xavnv6z3gzknfqjsxb9b0izh0-coreutils-8.31/bin/rm -020

* gnu/packages/mail.scm (postfix-minimal)[phases]: Set PATH rather than
substituting individual commands.
---
 gnu/packages/mail.scm | 28 +++-
 1 file changed, 19 insertions(+), 9 deletions(-)

diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm
index 2cf1640200..287da82d55 100644
--- a/gnu/packages/mail.scm
+++ b/gnu/packages/mail.scm
@@ -30,6 +30,7 @@
 ;;; Copyright © 2018, 2019, 2020 Ricardo Wurmus 
 ;;; Copyright © 2019 Tanguy Le Carrour 
 ;;; Copyright © 2020 Brant Gardner 
+;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen 
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -3145,7 +3146,10 @@ Atom feeds or HTML archives.")
 "0hw9kbr05qdzvfqhxi4dp4n3s9xvdh0gr0la08a4bip06ybl4pcd"
 (build-system gnu-build-system)
 (arguments
- '(#:phases
+ '(#:modules ((srfi srfi-26)
+  (guix build utils)
+  (guix build gnu-build-system))
+   #:phases
(modify-phases %standard-phases
  (add-before 'build 'patch-/bin/sh
(lambda _
@@ -3177,14 +3181,20 @@ Atom feeds or HTML archives.")
(lambda _
  (invoke "make" "makefiles" "pie=yes" "dynamicmaps=yes")))
  (add-before 'install 'fix-postfix-scripts-path
-   (lambda _
- (for-each
-  (lambda (command)
-(substitute* '("postfix-install" "conf/post-install" "conf/postfix-script")
-  (((string-append command " ")) (string-append (which command) " "
-  '("awk" "chmod" "chown" "chgrp" "cp" "find" "ln" "mkdir" "mv" "rm" "sed"
-"sleep" "sort" "touch" "uname"))
- #t))
+   (lambda* (#:key inputs #:allow-other-keys)
+ (let ((path (string-join
+  (map (compose (cute string-append <> "/bin")
+(cute assoc-ref inputs <>))
+   '("bash" "coreutils" "findutils" "gawk" "grep"
+ "sed"))
+  ":")))
+   (substitute* '("postfix-install"
+  "conf/post-install"
+  "conf/postfix-script")
+ (("^SHELL=/bin/sh")
+  (string-append "PATH=" path "\n"
+ "SHELL=" (assoc-ref inputs "bash") "/bin/sh")))
+   #t)))
  (add-before 'install 'configure-install
(lambda* (#:key outputs #:allow-other-keys)
  (let ((out (assoc-ref outputs "out")))
-- 
2.24.0



postfix.tmpl
Description: Binary data

-- 
Jan Nieuwenhuizen  | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com

wip-postfix

[Gábor Boskovits]

Hello Guix,

I've just pushed my work on postfix as a new wip-postfix branch.
There are currently two commits, one for the package and one for the service.

I adjust them in tandem.

Current status:
Service starts fine. Some warnings are sent on startup, telling that
some coreutils stuff is not found. No testing was done as of now.
Feedback welcome.

Best regards,
g_bor
-- 
OpenPGP Key Fingerprint: 7988:3B9F:7D6A:4DBF:3719:0367:2506:A96C:CF63:0B21