Hello community,
here is the log from the commit of package postfix for openSUSE:Factory checked
in at 2018-05-25 21:36:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/postfix (Old)
and /work/SRC/openSUSE:Factory/.postfix.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "postfix"
Fri May 25 21:36:59 2018 rev:158 rq:612243 version:3.3.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/postfix/postfix.changes 2018-05-13
15:55:39.650919563 +0200
+++ /work/SRC/openSUSE:Factory/.postfix.new/postfix.changes 2018-05-25
21:37:00.644628304 +0200
@@ -1,0 +2,28 @@
+Fri May 25 11:19:22 UTC 2018 - vark...@suse.com
+
+- bsc#1087471 Unreleased Postfix update breaks SUSE Manager
+ o Removing setting smtpd_sasl_path and smtpd_sasl_type to empty
+
+-------------------------------------------------------------------
+Mon May 21 16:31:57 UTC 2018 - mich...@stroeder.com
+
+- Update to 3.3.1
+ * Postfix did not support running as a PID=1 process, which
+ complicated Postfix deployment in containers. The "postfix
+ start-fg" command will now run the Postfix master daemon as a
+ PID=1 process if possible. Thanks for inputs from Andreas
+ Schulze, Eray Aslan, and Viktor Dukhovni.
+ * Segfault in the postconf(1) command after it could not open a
+ Postfix database configuration file due to a file permission
+ error (dereferencing a null pointer). Reported by Andreas
+ Hasenack, fixed by Viktor Dukhovni.
+ * The luser_relay feature became a black hole, when the luser_relay
+ parameter was set to a non-existent local address (i.e. mail
+ disappeared silently). Reported by J?rgen Thomsen.
+ * Missing error propagation in the tlsproxy(8) daemon could result
+ in a segfault after TLS handshake error (dereferencing a
+ 0xffff...ffff pointer). This daemon handles the TLS protocol
+ when a non-whitelisted client sends a STARTTLS command to
+ postscreen(8).
+
+-------------------------------------------------------------------
Old:
----
postfix-3.3.0.tar.gz
New:
----
postfix-3.3.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ postfix.spec ++++++
--- /var/tmp/diff_new_pack.Xyy128/_old 2018-05-25 21:37:01.616593121 +0200
+++ /var/tmp/diff_new_pack.Xyy128/_new 2018-05-25 21:37:01.620592976 +0200
@@ -55,7 +55,7 @@
%bcond_with libnsl
%endif
Name: postfix
-Version: 3.3.0
+Version: 3.3.1
Release: 0
Summary: A fast, secure, and flexible mailer
License: IPL-1.0 OR EPL-2.0
++++++ postfix-3.3.0.tar.gz -> postfix-3.3.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/HISTORY new/postfix-3.3.1/HISTORY
--- old/postfix-3.3.0/HISTORY 2018-02-19 17:29:00.000000000 +0100
+++ new/postfix-3.3.1/HISTORY 2018-05-19 22:13:44.000000000 +0200
@@ -23334,3 +23334,33 @@
built-in or service-defined parameters for ldap, *sql, etc.
database names. Problem reported by Christian Rößner. Files:
postconf/postconf_user.c.
+
+20180306
+
+ Bugfix (introduced: 19990302): when luser_relay specifies
+ a non-existent local address, the luser_relay feature becomes
+ a black hole. Reported by Jørgen Thomsen. File: local/unknown.c.
+
+20180422
+
+ Bugfix (introduced: Postfix 2.8): missing tls_server_start()
+ error propagation in tlsproxy(8) resulting in segfault after
+ TLS handshake error. Found during code maintenance. File:
+ tlsproxy/tlsproxy.c.
+
+20180509
+
+ Bugfix (introduced: 20170617): postconf(1) command segfault
+ if unable to open a Postfix database configuration file due
+ to a file permission error. Report by Andreas Hasenack, fix
+ by Viktor Dukhovni. File: postconf/postconf_dbms.c.
+
+20180519
+
+ Cleanup: Postfix did not support running as a PID=1 process,
+ which complicated Postfix management in containers. The
+ "postfix start-fg" command will now run the Postfix master
+ daemon as a PID=1 process if possible. Thanks to inputs
+ from Andreas Schulze, Eray Aslan, and Viktor Dukhovni.
+ Files: postfix/postfix.c, master/master.c, master/master.h,
+ master/master_sig.c, conf/postfix-script.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/conf/postfix-script
new/postfix-3.3.1/conf/postfix-script
--- old/postfix-3.3.0/conf/postfix-script 2017-12-27 23:30:27.000000000
+0100
+++ new/postfix-3.3.1/conf/postfix-script 2018-05-19 16:17:23.000000000
+0200
@@ -150,11 +150,16 @@
;;
start-fg)
# Foreground start-up is incompatible with multi-instance mode.
- # We can't use "exec $daemon_directory/master" here: that would
- # break process group management, and "postfix stop" would kill
- # too many processes.
+ # Use "exec $daemon_directory/master" only if PID == 1.
+ # Otherwise, doing so would break process group management,
+ # and "postfix stop" would kill too many processes.
case $instances in
- "") $daemon_directory/master
+ "") case $$ in
+ 1) exec $daemon_directory/master -i
+ $FATAL "cannot start-fg the master daemon"
+ exit 1;;
+ *) $daemon_directory/master;;
+ esac
;;
*) $FATAL "start-fg does not support multi_instance_directories"
exit 1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/html/master.8.html
new/postfix-3.3.1/html/master.8.html
--- old/postfix-3.3.0/html/master.8.html 2018-01-14 17:48:37.000000000
+0100
+++ new/postfix-3.3.1/html/master.8.html 2018-05-19 21:48:33.000000000
+0200
@@ -10,7 +10,7 @@
master - Postfix master process
<b>SYNOPSIS</b>
- <b>master</b> [<b>-Ddtvw</b>] [<b>-c</b>
<i>config</i><b>_</b><i>dir</i>] [<b>-e</b> <i>exit</i><b>_</b><i>time</i>]
+ <b>master</b> [<b>-Dditvw</b>] [<b>-c</b>
<i>config</i><b>_</b><i>dir</i>] [<b>-e</b> <i>exit</i><b>_</b><i>time</i>]
<b>DESCRIPTION</b>
The <a href="master.8.html"><b>master</b>(8)</a> daemon is the
resident process that runs Postfix daemons
@@ -47,6 +47,11 @@
Terminate the master process after
<i>exit</i><b>_</b><i>time</i> seconds. Child pro-
cesses terminate at their convenience.
+ <b>-i</b> Enable <b>init</b> mode: do not attempt to become a
session or process
+ group leader; and to force termination, set an explicit signal
+ handler instead of relying on the default signal action. This
+ mode is allowed only if the process ID equals 1.
+
<b>-t</b> Test mode. Return a zero exit status when the
<b>master.pid</b> lock
file does not exist or when that file is not locked. This is
evidence that the <a href="master.8.html"><b>master</b>(8)</a>
daemon is not running.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/html/postfix.1.html
new/postfix-3.3.1/html/postfix.1.html
--- old/postfix-3.3.0/html/postfix.1.html 2018-02-11 16:17:59.000000000
+0100
+++ new/postfix-3.3.1/html/postfix.1.html 2018-05-19 21:47:30.000000000
+0200
@@ -37,13 +37,14 @@
check described above.
<b>start-fg</b>
- Like <b>start</b>, but keep the master daemon running in the
fore-
- ground. This requires that multi-instance support is disabled
- (i.e. the <a
href="postconf.5.html#multi_instance_directories">multi_instance_directories</a>
parameter value must be
- empty). When running Postfix inside a container, mount the con-
- tainer host's /dev/log socket inside the container (example:
- "docker run -v /dev/log:/dev/log ...") and specify a distinct
- Postfix "<a href="postconf.5.html#syslog_name">syslog_name</a>"
prefix that identifies logging from the
+ Like <b>start</b>, but keep the <a
href="master.8.html"><b>master</b>(8)</a> daemon running in the fore-
+ ground, and enable <a href="master.8.html"><b>master</b>(8)</a>
"init" mode when running as PID 1.
+ This command requires that multi-instance support is disabled
+ (i.e. the <a
href="postconf.5.html#multi_instance_directories">multi_instance_directories</a>
parameter value must be
+ empty). When running Postfix inside a container, mount the con-
+ tainer host's /dev/log socket inside the container (example:
+ "docker run -v /dev/log:/dev/log ...") and specify a distinct
+ Postfix "<a href="postconf.5.html#syslog_name">syslog_name</a>"
prefix that identifies logging from the
Postfix instance.
<b>stop</b> Stop the Postfix mail system in an orderly fashion. If
possible,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/man/man1/postfix.1
new/postfix-3.3.1/man/man1/postfix.1
--- old/postfix-3.3.0/man/man1/postfix.1 2018-02-11 16:17:59.000000000
+0100
+++ new/postfix-3.3.1/man/man1/postfix.1 2018-05-19 21:45:33.000000000
+0200
@@ -38,8 +38,10 @@
Start the Postfix mail system. This also runs the configuration
check described above.
.IP \fBstart\-fg\fR
-Like \fBstart\fR, but keep the master daemon running in the
-foreground. This requires that multi\-instance support is
+Like \fBstart\fR, but keep the \fBmaster\fR(8) daemon running
+in the foreground, and enable \fBmaster\fR(8) "init" mode
+when running as PID 1.
+This command requires that multi\-instance support is
disabled (i.e. the multi_instance_directories parameter
value must be empty). When running Postfix inside a container,
mount the container host's /dev/log socket inside the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/man/man8/master.8
new/postfix-3.3.1/man/man8/master.8
--- old/postfix-3.3.0/man/man8/master.8 2018-01-14 17:48:35.000000000 +0100
+++ new/postfix-3.3.1/man/man8/master.8 2018-05-19 21:45:33.000000000 +0200
@@ -8,7 +8,7 @@
.SH "SYNOPSIS"
.na
.nf
-\fBmaster\fR [\fB\-Ddtvw\fR] [\fB\-c \fIconfig_dir\fR] [\fB\-e \fIexit_time\fR]
+\fBmaster\fR [\fB\-Dditvw\fR] [\fB\-c \fIconfig_dir\fR] [\fB\-e
\fIexit_time\fR]
.SH DESCRIPTION
.ad
.fi
@@ -43,6 +43,12 @@
.IP "\fB\-e \fIexit_time\fR"
Terminate the master process after \fIexit_time\fR seconds. Child
processes terminate at their convenience.
+.IP \fB\-i\fR
+Enable \fBinit\fR mode: do not attempt to become a session
+or process group leader; and to force termination, set an
+explicit signal handler instead of relying on the default
+signal action. This mode is allowed only if the process ID
+equals 1.
.IP \fB\-t\fR
Test mode. Return a zero exit status when the \fBmaster.pid\fR lock
file does not exist or when that file is not locked. This is evidence
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/src/global/mail_version.h
new/postfix-3.3.1/src/global/mail_version.h
--- old/postfix-3.3.0/src/global/mail_version.h 2018-02-22 01:17:21.000000000
+0100
+++ new/postfix-3.3.1/src/global/mail_version.h 2018-05-19 22:14:35.000000000
+0200
@@ -20,8 +20,8 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20180221"
-#define MAIL_VERSION_NUMBER "3.3.0"
+#define MAIL_RELEASE_DATE "20180519"
+#define MAIL_VERSION_NUMBER "3.3.1"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/src/local/unknown.c
new/postfix-3.3.1/src/local/unknown.c
--- old/postfix-3.3.0/src/local/unknown.c 2015-01-11 21:30:20.000000000
+0100
+++ new/postfix-3.3.1/src/local/unknown.c 2018-03-07 01:29:36.000000000
+0100
@@ -73,11 +73,14 @@
#include <sent.h>
#include <deliver_pass.h>
#include <defer.h>
+#include <canon_addr.h>
/* Application-specific. */
#include "local.h"
+#define STREQ(x,y) (strcasecmp((x),(y)) == 0)
+
/* deliver_unknown - delivery for unknown recipients */
int deliver_unknown(LOCAL_STATE state, USER_ATTR usr_attr)
@@ -85,6 +88,7 @@
const char *myname = "deliver_unknown";
int status;
VSTRING *expand_luser;
+ VSTRING *canon_luser;
static MAPS *transp_maps;
const char *map_transport;
@@ -139,8 +143,20 @@
if (*var_luser_relay) {
state.msg_attr.unmatched = 0;
expand_luser = vstring_alloc(100);
+ canon_luser = vstring_alloc(100);
local_expand(expand_luser, var_luser_relay, &state, &usr_attr, (void *)
0);
- status = deliver_resolve_addr(state, usr_attr, STR(expand_luser));
+ /* In case luser_relay specifies a domain-less address. */
+ canon_addr_external(canon_luser, vstring_str(expand_luser));
+ /* Assumes that the address resolver won't change the address. */
+ if (STREQ(vstring_str(canon_luser), state.msg_attr.rcpt.address)) {
+ dsb_simple(state.msg_attr.why, "5.1.1",
+ "unknown user: \"%s\"", state.msg_attr.user);
+ status = bounce_append(BOUNCE_FLAGS(state.request),
+ BOUNCE_ATTR(state.msg_attr));
+ } else {
+ status = deliver_resolve_addr(state, usr_attr, STR(expand_luser));
+ }
+ vstring_free(canon_luser);
vstring_free(expand_luser);
return (status);
}
@@ -149,8 +165,6 @@
* If no alias was found for a required reserved name, toss the message
* into the bit bucket, and issue a warning instead.
*/
-#define STREQ(x,y) (strcasecmp(x,y) == 0)
-
if (STREQ(state.msg_attr.user, MAIL_ADDR_MAIL_DAEMON)
|| STREQ(state.msg_attr.user, MAIL_ADDR_POSTMASTER)) {
msg_warn("required alias not found: %s", state.msg_attr.user);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/src/master/master.c
new/postfix-3.3.1/src/master/master.c
--- old/postfix-3.3.0/src/master/master.c 2018-01-14 17:48:25.000000000
+0100
+++ new/postfix-3.3.1/src/master/master.c 2018-05-19 21:16:11.000000000
+0200
@@ -4,7 +4,7 @@
/* SUMMARY
/* Postfix master process
/* SYNOPSIS
-/* \fBmaster\fR [\fB-Ddtvw\fR] [\fB-c \fIconfig_dir\fR] [\fB-e
\fIexit_time\fR]
+/* \fBmaster\fR [\fB-Dditvw\fR] [\fB-c \fIconfig_dir\fR] [\fB-e
\fIexit_time\fR]
/* DESCRIPTION
/* The \fBmaster\fR(8) daemon is the resident process that runs Postfix
/* daemons on demand: daemons to send or receive messages via the
@@ -37,6 +37,12 @@
/* .IP "\fB-e \fIexit_time\fR"
/* Terminate the master process after \fIexit_time\fR seconds. Child
/* processes terminate at their convenience.
+/* .IP \fB-i\fR
+/* Enable \fBinit\fR mode: do not attempt to become a session
+/* or process group leader; and to force termination, set an
+/* explicit signal handler instead of relying on the default
+/* signal action. This mode is allowed only if the process ID
+/* equals 1.
/* .IP \fB-t\fR
/* Test mode. Return a zero exit status when the \fBmaster.pid\fR lock
/* file does not exist or when that file is not locked. This is evidence
@@ -229,6 +235,7 @@
#include "master.h"
int master_detach = 1;
+int init_mode = 0;
/* master_exit_event - exit for memory leak testing purposes */
@@ -334,7 +341,7 @@
/*
* Process JCL.
*/
- while ((ch = GETOPT(argc, argv, "c:Dde:tvw")) > 0) {
+ while ((ch = GETOPT(argc, argv, "c:Dde:itvw")) > 0) {
switch (ch) {
case 'c':
if (setenv(CONF_ENV_PATH, optarg, 1) < 0)
@@ -346,6 +353,11 @@
case 'e':
event_request_timer(master_exit_event, (void *) 0, atoi(optarg));
break;
+ case 'i':
+ if (getpid() != 1)
+ msg_fatal("-i is allowed only for PID 1 process");
+ init_mode = 1;
+ break;
case 'D':
debug_me = 1;
break;
@@ -375,6 +387,8 @@
*/
if (test_lock && wait_flag)
msg_fatal("the -t and -w options cannot be used together");
+ if (init_mode && (debug_me || !master_detach || wait_flag))
+ msg_fatal("the -i option cannot be used with -D, -d, or -w");
/*
* Run a foreground monitor process that returns an exit status of 0 when
@@ -403,7 +417,8 @@
* all MTA processes cleanly. Give up if we can't separate from our
* parent process. We're not supposed to blow away the parent.
*/
- if (debug_me == 0 && master_detach != 0 && setsid() == -1 && getsid(0) !=
getpid())
+ if (init_mode == 0 && debug_me == 0 && master_detach != 0
+ && setsid() == -1 && getsid(0) != getpid())
msg_fatal("unable to set session and process group ID: %m");
/*
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/src/master/master.h
new/postfix-3.3.1/src/master/master.h
--- old/postfix-3.3.0/src/master/master.h 2012-03-06 23:06:35.000000000
+0100
+++ new/postfix-3.3.1/src/master/master.h 2018-04-05 00:59:07.000000000
+0200
@@ -109,6 +109,7 @@
* master.c
*/
extern int master_detach;
+extern int init_mode;
/*
* master_ent.c
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/src/master/master_sig.c
new/postfix-3.3.1/src/master/master_sig.c
--- old/postfix-3.3.0/src/master/master_sig.c 2014-12-07 02:35:33.000000000
+0100
+++ new/postfix-3.3.1/src/master/master_sig.c 2018-05-19 16:47:08.000000000
+0200
@@ -200,6 +200,15 @@
msg_info("terminating on signal %d", sig);
/*
+ * Undocumented: when a process runs with PID 1, Linux won't deliver a
+ * signal unless the process specifies a handler (i.e. SIG_DFL is treated
+ * as SIG_IGN).
+ */
+ if (init_mode)
+ /* Don't call exit() from a signal handler. */
+ _exit(0);
+
+ /*
* Deliver the signal to ourselves and clean up. XXX We're running as a
* signal handler and really should not be doing complicated things...
*/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/src/postconf/postconf_dbms.c
new/postfix-3.3.1/src/postconf/postconf_dbms.c
--- old/postfix-3.3.0/src/postconf/postconf_dbms.c 2018-02-19
02:48:47.000000000 +0100
+++ new/postfix-3.3.1/src/postconf/postconf_dbms.c 2018-05-09
07:17:49.000000000 +0200
@@ -174,10 +174,10 @@
*/
dict = dict_ht_open(dict_spec, O_CREAT | O_RDWR, 0);
dict_register(dict_spec, dict);
- if ((fp = vstream_fopen(cf_file, O_RDONLY, 0)) == 0
- && errno != EACCES) {
- msg_warn("open \"%s\" configuration \"%s\": %m",
- dp->db_type, cf_file);
+ if ((fp = vstream_fopen(cf_file, O_RDONLY, 0)) == 0) {
+ if (errno != EACCES)
+ msg_warn("open \"%s\" configuration \"%s\": %m",
+ dp->db_type, cf_file);
myfree(dict_spec);
return;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/src/postfix/postfix.c
new/postfix-3.3.1/src/postfix/postfix.c
--- old/postfix-3.3.0/src/postfix/postfix.c 2018-02-11 16:17:58.000000000
+0100
+++ new/postfix-3.3.1/src/postfix/postfix.c 2018-05-19 17:13:16.000000000
+0200
@@ -32,8 +32,10 @@
/* Start the Postfix mail system. This also runs the configuration
/* check described above.
/* .IP \fBstart-fg\fR
-/* Like \fBstart\fR, but keep the master daemon running in the
-/* foreground. This requires that multi-instance support is
+/* Like \fBstart\fR, but keep the \fBmaster\fR(8) daemon running
+/* in the foreground, and enable \fBmaster\fR(8) "init" mode
+/* when running as PID 1.
+/* This command requires that multi-instance support is
/* disabled (i.e. the multi_instance_directories parameter
/* value must be empty). When running Postfix inside a container,
/* mount the container host's /dev/log socket inside the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/src/tlsproxy/tlsproxy.c
new/postfix-3.3.1/src/tlsproxy/tlsproxy.c
--- old/postfix-3.3.0/src/tlsproxy/tlsproxy.c 2018-01-14 17:48:25.000000000
+0100
+++ new/postfix-3.3.1/src/tlsproxy/tlsproxy.c 2018-05-19 14:02:00.000000000
+0200
@@ -663,7 +663,7 @@
/* tlsp_start_tls - turn on TLS or force disconnect */
-static void tlsp_start_tls(TLSP_STATE *state)
+static int tlsp_start_tls(TLSP_STATE *state)
{
TLS_SERVER_START_PROPS props;
static char *cipher_grade;
@@ -716,7 +716,7 @@
if (state->tls_context == 0) {
tlsp_state_free(state);
- return;
+ return (-1);
}
/*
@@ -729,6 +729,7 @@
* XXX Do we care about certificate verification results? Not as long as
* postscreen(8) doesn't actually receive email.
*/
+ return (0);
}
/* tlsp_get_fd_event - receive final postscreen(8) hand-off information */
@@ -776,7 +777,8 @@
* Perform the TLS layer before-handshake initialization. We perform the
* remainder after the TLS handshake completes.
*/
- tlsp_start_tls(state);
+ if (tlsp_start_tls(state) < 0)
+ return;
/*
* Trigger the initial proxy server I/Os.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.3.0/src/util/killme_after.c
new/postfix-3.3.1/src/util/killme_after.c
--- old/postfix-3.3.0/src/util/killme_after.c 2006-12-05 15:35:35.000000000
+0100
+++ new/postfix-3.3.1/src/util/killme_after.c 2018-05-19 20:59:59.000000000
+0200
@@ -46,11 +46,17 @@
* Schedule an ALARM signal, and make sure the signal will be delivered
* even if we are being called from a signal handler and SIGALRM delivery
* is blocked.
+ *
+ * Undocumented: when a process runs with PID 1, Linux won't deliver a
+ * signal unless the process specifies a handler (i.e. SIG_DFL is treated
+ * as SIG_IGN). Conveniently, _exit() can be used directly as a signal
+ * handler. This changes the wait status that a parent would see, but in
+ * the case of "init" mode on Linux, no-one would care.
*/
alarm(0);
sigemptyset(&sig_action.sa_mask);
sig_action.sa_flags = 0;
- sig_action.sa_handler = SIG_DFL;
+ sig_action.sa_handler = (getpid() == 1 ? _exit : SIG_DFL);
sigaction(SIGALRM, &sig_action, (struct sigaction *) 0);
alarm(seconds);
sigaddset(&sig_action.sa_mask, SIGALRM);
++++++ postfix-main.cf.patch ++++++
--- /var/tmp/diff_new_pack.Xyy128/_old 2018-05-25 21:37:03.832512911 +0200
+++ /var/tmp/diff_new_pack.Xyy128/_new 2018-05-25 21:37:03.836512766 +0200
@@ -10,7 +10,7 @@
# PARALLEL DELIVERY TO THE SAME DESTINATION
#
-@@ -673,4 +674,136 @@ sample_directory =
+@@ -673,4 +674,132 @@ sample_directory =
# readme_directory: The location of the Postfix README files.
#
readme_directory =
@@ -77,10 +77,6 @@
+smtp_sasl_security_options =
+smtp_sasl_password_maps =
+smtpd_sasl_auth_enable = no
-+# cyrus : smtpd_sasl_type = cyrus, smtpd_sasl_path = smtpd
-+# dovecot : smtpd_sasl_type = dovecot, smtpd_sasl_path = private/auth
-+smtpd_sasl_path =
-+smtpd_sasl_type =
+############################################################
+# TLS stuff
+############################################################
