invalid ssl-certificates in /etc/postfix/main.cf after security upgrade
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dovecot (Ubuntu) |
Fix Released
|
High
|
Chuck Short | ||
Lucid |
Fix Released
|
High
|
Chuck Short | ||
Maverick |
Fix Released
|
High
|
Chuck Short |
Bug Description
Binary package hint: dovecot-postfix
After dovecot-postfix was automatically upgraded this morning (http://
Changes made by automatic upgrade:
diff --git a/postfix/main.cf b/postfix/main.cf
index ee075a3..b6c0119 100644
--- a/postfix/main.cf
+++ b/postfix/main.cf
@@ -57,10 +57,15 @@ smtpd_tls_
smtpd_
smtpd_tls_loglevel = 1
smtpd_
-smtpd_
-smtpd_tls_key_file = /etc/ssl/
+smtpd_
+smtpd_tls_key_file = /etc/ssl/
smtpd_
smtp_tls_
smtp_tls_
smtp_tls_CAfile = /etc/ssl/
smtp_tls_
+home_mailbox = Maildir/
+smtpd_
+smtpd_
+smtpd_use_tls = yes
+smtp_use_tls = yes
Errors in /var/log/mail.log:
Feb 8 09:25:27 lock postfix/
Feb 8 09:25:27 lock postfix/
Feb 8 09:25:27 lock postfix/
Feb 8 09:25:27 lock postfix/
Feb 8 09:25:27 lock postfix/
Feb 8 09:25:27 lock postfix/
tags: | added: patch |
tags: | added: verification-done-lucid |
tags: |
added: verification-done removed: verification-done-lucid verification-needed |
Thanks for reporting this.
This is caused by the mail-stack-delivery package's postinst script.
In theory, this should only happen when a main.cf backup file located at /var/backups/ mail-stack- delivery/ main.cf- backup could not be found, which would mean that i had not been installed before.
Unfortunately, this doesn't seem to be the case. This part of the postinst script is wrong:
if [ -f "/etc/postfix/ main.cf" ]; then
mv $POSTFIX_BCKFILE ${POSTFIX_ BCKFILE} -$(date +%Y%m%d%H%M)
if [ -e "$POSTFIX_BCKFILE" ]; then
fi
if [ -z "$2" -o ! -e "$POSTFIX_BCKFILE" ]; then
If the backup file exists, it renames it...but then checks to see if it exists again (which it doesn't, since it just got renamed)...