Postfix does not restart properly when using SSL

The attachment "Patch for the postfix init script to fix the included issue." of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-reviewers team please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

What is the value for smtp_tls_CApath in your configuration?

It is /etc/ssl/certs/

Thanks,
-B

On Sat, Mar 2, 2013 at 11:42 AM, LaMont Jones <email address hidden>wrote:

> What is the value for smtp_tls_CApath in your configuration?
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1139159
>
> Title:
> Postfix does not restart properly when using SSL
>
> Status in “postfix” package in Ubuntu:
> New
>
> Bug description:
> I was running into a problem where postfix would not start up
> correctly after being restarted (either manually, via automated
> process, or from reboot). Postfix would always start without its SSL
> certs in place (which caused a problem in my configuration); a
> subsequent restart would fix it, resulting in a situation where every-
> other-start was successful.
>
> I tracked the problem down to an issue in the init script that copies
> the certs from the SSL location to the postfix location. In a
> nutshell, it was creating a new directory for holding the copies files
> as subdirectory of the target, then deleting the target (including the
> "new" subdirectory), and subsequently failing to copy the new
> directory into the appropriate location.
>
> Patch that fixed the problem is attached.
>
> Using ubuntu server 12.10
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1139159/+subscriptions
>

Finally saw what was meant there. Confirmed, doing the mkdir "${dest_dir}.NEW" will be unconditional (inside that box) as of 2.10.0-1

Just to note, there was also a single character change (from # to %) in the
first line of the patch to change the ".NEW" from being created as a
subdirectory of the target (and thus removed if new=1 ) to being on the
same level with ".NEW" appended (so the next mv succeeds)

On Sat, Mar 2, 2013 at 11:57 AM, LaMont Jones <email address hidden>wrote:

> Finally saw what was meant there. Confirmed, doing the mkdir
> "${dest_dir}.NEW" will be unconditional (inside that box) as of 2.10.0-1
>
> ** Changed in: postfix (Ubuntu)
> Status: New => Confirmed
>
> ** Changed in: postfix (Ubuntu)
> Assignee: (unassigned) => LaMont Jones (lamont)
>
> ** Changed in: postfix (Ubuntu)
> Status: Confirmed => Fix Committed
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1139159
>
> Title:
> Postfix does not restart properly when using SSL
>
> Status in “postfix” package in Ubuntu:
> Fix Committed
>
> Bug description:
> I was running into a problem where postfix would not start up
> correctly after being restarted (either manually, via automated
> process, or from reboot). Postfix would always start without its SSL
> certs in place (which caused a problem in my configuration); a
> subsequent restart would fix it, resulting in a situation where every-
> other-start was successful.
>
> I tracked the problem down to an issue in the init script that copies
> the certs from the SSL location to the postfix location. In a
> nutshell, it was creating a new directory for holding the copies files
> as subdirectory of the target, then deleting the target (including the
> "new" subdirectory), and subsequently failing to copy the new
> directory into the appropriate location.
>
> Patch that fixed the problem is attached.
>
> Using ubuntu server 12.10
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1139159/+subscriptions
>

This bug was fixed in the package postfix - 2.10.0-2

---------------
postfix (2.10.0-2) unstable; urgency=low

  * Correctly set smtpd_relay_restrictions on upgrade to 2.10.0.
    Closes: #702374

 -- LaMont Jones <email address hidden> Thu, 14 Mar 2013 08:15:51 -0600

postfix (2.10.0-1) unstable; urgency=low

  [Wietse Venema]

  * New upstream version

  [LaMont Jones]

  * Fix fumbled merge to actually have the right maintainer address.
    Closes: #699877
  * Fix how we copy $smtp_tls_CApath into the chroot. LP: #1139159

 -- LaMont Jones <email address hidden> Mon, 04 Mar 2013 09:03:31 -0700