[Bug 1026261] [NEW] [regression] mail stalls; postfix chroot setup nests /etc/ssl/certs to deep

Wed, 18 Jul 2012 10:56:08 -0700 

Public bug reported:

Since the (overdue) update from maverick to natty, my Postfix no longer
recognizes the certificates.

Apparently the reason is that the smtp_tls_CApath, which is set to 
/etc/ssl/certs, is improperly copied into the chroot area, namely
to /var/spool/postfix/etc/ssl/certs/etc/ssl/certs,
rather than /var/spool/postfix/etc/ssl/certs where it belongs.

In /etc/postfix/main.cf, I have
smtp_tls_CApath = /etc/ssl/certs

and smtp runs chrooted (from looking at /etc/postfix/master.cf).

The certificate bundle appears to be setup properly, only the .pem/.0
files from the directory seem to be affected.

Workaround: 
sudo postconf -e smtp_tls_CAfile=/etc/ssl/certs/ca-certificates.crt
sudo service postfix restart

>From looking at what I get when running sh -x postfix, it would seem
that

+ find /etc/ssl/certs -print0
+ cpio -0pdL /var/spool/postfix/etc/ssl/certs.NEW

causes the duplication of paths - the cpio input file list is fully
concatenated to the cpio destination path.

ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: postfix 2.8.5-2~build0.11.04
ProcVersionSignature: Ubuntu 2.6.38-15.61-generic-pae 2.6.38.8
Uname: Linux 2.6.38-15-generic-pae i686
NonfreeKernelModules: nvidia
Architecture: i386
Date: Wed Jul 18 19:30:51 2012
EcryptfsInUse: Yes
ProcEnviron:
 LANGUAGE=de_DE:de:en_GB:en
 PATH=(custom, no user)
 LANG=de_DE.utf8
 SHELL=/bin/bash
SourcePackage: postfix
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: postfix (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: apport-bug i386 natty regression-release

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/1026261

Title:
  [regression] mail stalls; postfix chroot setup nests /etc/ssl/certs to
  deep

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1026261/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

Reply via email to