Thanks Wietse - I don't have a 'solution' yet but I now know where the problem lies ...
Daniel Sutcliffe wrote: >> I have now tried stopping postfix, downgrading my openssl package back >> to this previous version, deleting the TLS session caches, and >> starting postfix again and the same problem is occurring - which would >> infer to me that it isn't an OpenSSL package version which caused the >> problem - and maybe the upgrade of this package in the same time-frame >> as when the problem started occurring may be a bit of a red herring :( >> >> The only other change in system which would seem to be even slightly >> related was that the kernel was updated and a reboot occurred just >> before the errors started to occur. I am contemplating going back to Wietse Venema <[email protected]> wrote: > I suggest looking at > > % ldd /usr/libexec/postfix/smtp > > and examining all the libraries referenced. I did this exactly, and from their followed the threads of evidence through my logfiles. > Perhaps the update has introduced a new library-to-library dependency, > such as a new LDAP library dependency on a different SASL library > than Postfix wants. Dependencies may also be introduced via > nsswitch.conf; those don't show up in ldd output. > > Kernel APIs don't change randomly. This was my thought too - I was definitely clutching at straws there - I did try with the older kernel, glibc, openssl and everything else that could have possibly changed since the setup was last known to work... luckily I had a snapshot of the server I was able to bring up as a virtual instance to test all the combinations out. I have now tracked this down to the fact that I began using the Percona version of the mysql-libs package that contains libmysqlclient.so.16 - obviously some incompatibility there as the original worked but the Percona version cause postfix smtp to segfault over TLS... As far as I am aware I don't use any postfix mysql features so I don't even need to be linked against that library - will this be fixed at compile time or can I somehow disbale config to stop this library even being loaded by smtp? Any other ideas? I really need to use the Percona MySQL server so am stuck with their versions of the client libraries ... I think !? All ideas welcome as to how I can workaround this - preferably without rebuilding RPMs Cheers /dan -- Daniel Sutcliffe <[email protected]>
