Re: Question on embedded variables in postconf command

2017-03-09 Thread Peter 
On 10/03/17 12:59, Robert Moskowitz wrote:
> There appears to be a difference between what you show above and what I
> tested:
> 
> So I did a little googling and learned the difference:
> 
> http://stackoverflow.com/questions/6697753/difference-between-single-and-double-quotes-in-bash

Yep, you nailed it there.  Small difference but it completely changes
how the command works.


Peter

Re: Question on embedded variables in postconf command

2017-03-09 Thread Robert Moskowitz 

Ah,

On 03/09/2017 10:13 AM, Viktor Dukhovni wrote:

On Mar 9, 2017, at 9:54 AM, Robert Moskowitz  wrote:

I have modified my guide by setting interactive variables in the beginning and 
then using them throughout, so that it is not necessary (or much less) to 
modify stuff.  I came up with:

eval $(echo "postconf -e 'mydomain = "$your_domain_tld"'")
eval $(echo "postconf -e 'myhostname = "$your_host_tld"'")

The variables your_domain_tld and your_host_tld are used a lot in this guide to 
customize conf files and such.

Might be a slicker way, but this works...

That's rather convoluted, what's wrong with:

  postconf -e "mydomain = $your_domain_tld"


There appears to be a difference between what you show above and what I 
tested:


postconf -e 'mydomain = $your_domain_tld'

The single quote results in:

mydomain = $your_domain_tld

So I did a little googling and learned the difference:

http://stackoverflow.com/questions/6697753/difference-between-single-and-double-quotes-in-bash

This time around I am really trying to do things smarter and am 
expanding my rather limited skill set.



  postconf -e "myhostname = $your_host_tld"

Or when doing both:

  postconf -e \
"mydomain = $your_domain_tld" \
"myhostname = $your_host_tld"

which takes considerably less time, because Postfix likes to
avoid reading "hot" configuration files that have been modified
less than two seconds ago and may be in an intermediate state.

So the configuration reader sleeps for 300ms and retries, waiting
for the file to "cool down".  Therefore, modifying paramaters one
at a time takes around 1.5 seconds per parameter.

Re: Question on embedded variables in postconf command

2017-03-09 Thread Peter 
On 10/03/17 04:20, Robert Moskowitz wrote:
> I was not clear in my intent.

No, you were not, and yet...

> This is for a guide that uses a number of interactive environment
> variables to build lots of conf files that are needed, it seems, for a
> mail server.
> 
> So the variables are long gone when the server is up and running. Thus
> for main.cf, I want to hard code the value of those variables into
> mydomain and myhostname.

and the command that Viktor gave you does just that, it substitutes the
environment variable in the postconf command and the results are written
to main.cf.  The environment variables are evaluated at command time,
not runtime.

> The eval with echo command is run through the
> guide to execute these postconf commands to have the desired main.cf. 

The eval and echo are both completely unnecessary, ugly, slow, and even
carry some security risks.

> But thanks for the insight.

Obviously not enough insight as you completely missed what Viktor was
telling you.


Peter

Re: Question on embedded variables in postconf command

2017-03-09 Thread Robert Moskowitz 

Sorry, Viktor,

I was not clear in my intent.

This is for a guide that uses a number of interactive environment 
variables to build lots of conf files that are needed, it seems, for a 
mail server.


So the variables are long gone when the server is up and running. Thus 
for main.cf, I want to hard code the value of those variables into 
mydomain and myhostname.  The eval with echo command is run through the 
guide to execute these postconf commands to have the desired main.cf.  
Rather than what I have seen in many other guides, where they supply a 
main.cf to replace the shipped main.cf.  I learned here 4 years ago why 
that is a 'bad thing'.


But thanks for the insight.

On 03/09/2017 10:13 AM, Viktor Dukhovni wrote:

On Mar 9, 2017, at 9:54 AM, Robert Moskowitz  wrote:

I have modified my guide by setting interactive variables in the beginning and 
then using them throughout, so that it is not necessary (or much less) to 
modify stuff.  I came up with:

eval $(echo "postconf -e 'mydomain = "$your_domain_tld"'")
eval $(echo "postconf -e 'myhostname = "$your_host_tld"'")

The variables your_domain_tld and your_host_tld are used a lot in this guide to 
customize conf files and such.

Might be a slicker way, but this works...

That's rather convoluted, what's wrong with:

  postconf -e "mydomain = $your_domain_tld"
  postconf -e "myhostname = $your_host_tld"

Or when doing both:

  postconf -e \
"mydomain = $your_domain_tld" \
"myhostname = $your_host_tld"

which takes considerably less time, because Postfix likes to
avoid reading "hot" configuration files that have been modified
less than two seconds ago and may be in an intermediate state.

So the configuration reader sleeps for 300ms and retries, waiting
for the file to "cool down".  Therefore, modifying paramaters one
at a time takes around 1.5 seconds per parameter.

Re: Question on embedded variables in postconf command

2017-03-09 Thread Viktor Dukhovni 

> On Mar 9, 2017, at 9:54 AM, Robert Moskowitz  wrote:
> 
> I have modified my guide by setting interactive variables in the beginning 
> and then using them throughout, so that it is not necessary (or much less) to 
> modify stuff.  I came up with:
> 
> eval $(echo "postconf -e 'mydomain = "$your_domain_tld"'")
> eval $(echo "postconf -e 'myhostname = "$your_host_tld"'")
> 
> The variables your_domain_tld and your_host_tld are used a lot in this guide 
> to customize conf files and such.
> 
> Might be a slicker way, but this works...

That's rather convoluted, what's wrong with:

 postconf -e "mydomain = $your_domain_tld"
 postconf -e "myhostname = $your_host_tld"

Or when doing both:

 postconf -e \
"mydomain = $your_domain_tld" \
"myhostname = $your_host_tld"

which takes considerably less time, because Postfix likes to
avoid reading "hot" configuration files that have been modified
less than two seconds ago and may be in an intermediate state.

So the configuration reader sleeps for 300ms and retries, waiting
for the file to "cool down".  Therefore, modifying paramaters one
at a time takes around 1.5 seconds per parameter.

-- 
Viktor.

Re: Question on embedded variables in postconf command

2017-03-09 Thread Robert Moskowitz 



On 03/07/2017 02:43 PM, Peter wrote:

On 08/03/17 08:00, Robert Moskowitz wrote:

After a bit of reflection, I may have asked the wrong question. Perhaps
a better question is does the substitution take place on processing the
option?

It would take place at runtime (I believe).  If you want it to hard-code
the substitution into main.cf you could do something like this:

postconf "smtpd_tls_key_file = /etc/pki/private/$(postconf -h
myhostname).key"


This did not quite work, at least in using interactive variables.  I 
have modified my guide by setting interactive variables in the beginning 
and then using them throughout, so that it is not necessary (or much 
less) to modify stuff.  I came up with:


eval $(echo "postconf -e 'mydomain = "$your_domain_tld"'")
eval $(echo "postconf -e 'myhostname = "$your_host_tld"'")

The variables your_domain_tld and your_host_tld are used a lot in this 
guide to customize conf files and such.


Might be a slicker way, but this works...

Re: Question on embedded variables in postconf command

2017-03-07 Thread Robert Moskowitz 



On 03/07/2017 02:43 PM, Peter wrote:

On 08/03/17 08:00, Robert Moskowitz wrote:

After a bit of reflection, I may have asked the wrong question. Perhaps
a better question is does the substitution take place on processing the
option?

It would take place at runtime (I believe).  If you want it to hard-code
the substitution into main.cf you could do something like this:

postconf "smtpd_tls_key_file = /etc/pki/private/$(postconf -h
myhostname).key"


Oh, that is very interesting!  Took me a bit looking at it to get what 
you did, but very nice.


In this case I will keep it 'soft' so if I were to change my host name 
and my cert file, I would only have to make the change in one place.


thanks

Re: Question on embedded variables in postconf command

2017-03-07 Thread Peter 
On 08/03/17 08:00, Robert Moskowitz wrote:
> After a bit of reflection, I may have asked the wrong question. Perhaps
> a better question is does the substitution take place on processing the
> option?

It would take place at runtime (I believe).  If you want it to hard-code
the substitution into main.cf you could do something like this:

postconf "smtpd_tls_key_file = /etc/pki/private/$(postconf -h
myhostname).key"


Peter

Re: Question on embedded variables in postconf command

2017-03-07 Thread Robert Moskowitz 



On 03/07/2017 02:19 PM, Christian Kivalo wrote:


Am 7. März 2017 20:00:55 MEZ schrieb Robert Moskowitz :

After a bit of reflection, I may have asked the wrong question. Perhaps

a better question is does the substitution take place on processing the

option?

What about testing the assumption? Build the configuration and try to make a 
tls secured connection, it either works or you will see the error in your  logs.


I am days away for a working server.  Well, maybe I can test on 
another...  hmmm.


I plod along testing each build step out, going back to checkpoints and 
moving forward again.  Now it is the Postfix configs.



Just changed my configuration to use $myhostname variable for the cert name 
filename and that works very well. Thanks for the idea.


Thanks for trying it out!  I am working on minimizing the places where I 
have to customize my howto, so that I can better remember what I did 
years ago.  Plus share it with others.


And this would apply also to smtpd_tls_cert_file.


thanks

On 03/07/2017 01:59 PM, Robert Moskowitz wrote:

Is there a way to get the following:

postconf -e 'smtpd_tls_key_file =

/etc/pki/tls/private/$myhostname.key'

To work and substitute the value for $myhostname?

I am building a new server and writing up my scripts and I am trying
to adhere to the lessons I learned here some 2+ years ago. And trying
to be better than I was then...


Thank you.

Re: Question on embedded variables in postconf command

2017-03-07 Thread Christian Kivalo 


Am 7. März 2017 20:00:55 MEZ schrieb Robert Moskowitz :
>After a bit of reflection, I may have asked the wrong question. Perhaps
>
>a better question is does the substitution take place on processing the
>
>option?
What about testing the assumption? Build the configuration and try to make a 
tls secured connection, it either works or you will see the error in your  logs.

Just changed my configuration to use $myhostname variable for the cert name 
filename and that works very well. Thanks for the idea.
>thanks
>
>On 03/07/2017 01:59 PM, Robert Moskowitz wrote:
>> Is there a way to get the following:
>>
>> postconf -e 'smtpd_tls_key_file =
>/etc/pki/tls/private/$myhostname.key'
>>
>> To work and substitute the value for $myhostname?
>>
>> I am building a new server and writing up my scripts and I am trying 
>> to adhere to the lessons I learned here some 2+ years ago. And trying
>
>> to be better than I was then...
>>
>>
>> Thank you.
>>
>>
-- 
Christian

Re: Question on embedded variables in postconf command

2017-03-07 Thread Robert Moskowitz 
After a bit of reflection, I may have asked the wrong question. Perhaps 
a better question is does the substitution take place on processing the 
option?


thanks

On 03/07/2017 01:59 PM, Robert Moskowitz wrote:

Is there a way to get the following:

postconf -e 'smtpd_tls_key_file = /etc/pki/tls/private/$myhostname.key'

To work and substitute the value for $myhostname?

I am building a new server and writing up my scripts and I am trying 
to adhere to the lessons I learned here some 2+ years ago. And trying 
to be better than I was then...



Thank you.