[Bug 1023550] Re: Postfix missing libresolv in chroot jail
This bug was fixed in the package postfix - 2.9.3-2~12.04.2 --- postfix (2.9.3-2~12.04.2) precise-proposed; urgency=low * Add libresolv to libs copied to chroot so postfix can resolve hostnames in remote maps (LP: #1023550) -- Scott Kitterman sc...@kitterman.com Sun, 29 Jul 2012 00:04:01 -0400 ** Changed in: postfix (Ubuntu Precise) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
Just verified the fix. Everything works fine with the new package. ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
Hello Hauke, or anyone else affected, Accepted postfix into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/postfix/2.9.3-2~12.04.2 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: postfix (Ubuntu Precise) Status: In Progress = Fix Committed ** Tags added: verification-needed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
** Branch linked: lp:ubuntu/precise-proposed/postfix -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
Thank you for being this quick with the fix. I will test the package tomorrow. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
And then I got impatient, retested in myself and uploaded to precise- proposed. Waiting for the SRU team to review/accept the package now. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
This bug was fixed in the package postfix - 2.9.3-2ubuntu1 --- postfix (2.9.3-2ubuntu1) quantal; urgency=low * Add libresolv to libs copied to chroot so postfix can resolve hostnames in remote maps (LP: #1023550) -- Scott Kitterman sc...@kitterman.com Fri, 27 Jul 2012 09:56:33 -0400 ** Changed in: postfix (Ubuntu) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
** Changed in: postfix (Ubuntu) Assignee: (unassigned) = Scott Kitterman (kitterman) ** Also affects: postfix (Ubuntu Precise) Importance: Undecided Status: New ** Changed in: postfix (Ubuntu Precise) Status: New = Triaged ** Changed in: postfix (Ubuntu Precise) Importance: Undecided = High ** Changed in: postfix (Ubuntu Precise) Assignee: (unassigned) = Scott Kitterman (kitterman) ** Changed in: postfix (Ubuntu Precise) Milestone: None = ubuntu-12.04.1 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
I don't use mysql maps, but from a packaging perspective this looks reasonably easy to fix. The tricky part (for me) will be testing it. If you would send me a copy of your /etc/postfix/mysql- virtual_aliases.cf (in private if you prefer and with the database password changed - I don't need DB access, I just need to be able to reach it to test), then I should be able to get this done in time for 12.04.1. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
I cannot send you the one we use on the server. However, this one should work: hosts = www.ubuntu.com user = testuser password = testpassword dbname = testdb query = SELECT toAddress FROM mailgw_aliases WHERE fromAddress='%s' If you get the following error then the problem still persists: www.ubuntu.com: Unknown MySQL server host 'www.ubuntu.com' If you get a connection refused error (or similar) then you know that the DNS name was resolved correctly and the error happens when the connection is made (which likely fails because www.ubuntu.com probably does not host a public mysql DB). So that means that the fix works. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1023550] Re: Postfix missing libresolv in chroot jail
Perfect. I'll try that. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
That worked. It turns out to be a one liner to fix it in the init thanks to the way Lamont set it up. I've uploaded a test package to my PPA - https://launchpad.net/~kitterman/+archive/ppa for precise. I just now uploaded, so it'll be a bit before the packages are built. If you can verify this works for you, I'll upload to quantal and precise- proposed. ** Changed in: postfix (Ubuntu) Status: Triaged = In Progress ** Changed in: postfix (Ubuntu Precise) Status: Triaged = In Progress -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
** Description changed: + [IMPACT] + + By hostname map lookups in the chroot fail. This requires users to + either unchroot their postfix, which is a less secure configuration, + manually create symlinks, or refer to remote map locations by IP address + (which is not a very maintainable solution. Absent doing the + workaround, mail deliver fails. + + [TESTCASE] + + Set up a postfix to use a remote mysql map using the /etc/postfix/mysql- + virtual.cf file shown in comment #3 (don't forget to restart postfix + afterwards). You will also need to have syslog running in your test + environment. + + Send mail to postfix. This could be as simple as: + + telnet localhost 25 + ehlo example.com + mail from: postmas...@example.com + rcpt to: postmas...@example.net. + + At this point you'll get a response that the message was deferred (450). + Check /var/log/mail.log and you should see an error like: + + postfix/trivial-rewrite[20176]: warning: connect to mysql server + www.ubuntu.com: Unknown MySQL server host 'www.ubuntu.com' + + This indicated a DNS lookup failure (the problem). + + Install the updated package, restart postfix and connect again. The + message will still be deferred (450) due to lack of a working mysql + database at www.ubuntu.com, but the DNS lookup will succeed. + + [Regression Potential] + + None. Worst case is I spelled the name of the new lib wrong and the bug + just doesn't get fixed. + + [Other Info] + + Although not the most common of use cases, I think it's an important one + to support for servers, so we should push to get this into 12.04.1. + + [Original bug] + This is with Postfix 2.9.1-5 on Ubuntu 12.04 LTS --- Setup to reproduce - Configure postfix to use mysql for virtual alias maps - Specify a DNS hostname instead of an IP address or localhost for hosts: --- Symptoms: All postfix mail routing actions fail. The log contains: postfix/trivial-rewrite[20176]: warning: connect to mysql server my.example.com: Unknown MySQL server host 'my.example.com' (2) warning: mysql:/etc/postfix/mysql-virtual_aliases.cf: table lookup problem warning: virtual_alias_domains lookup failure The same configuration works fine if you specify an IP address instead of a DNS hostname. --- Cause: libresolv is missing from the postfix chroot jail. That causes the mysql client library used by postfix to not be able to resolve any DNS names. --- Workaround: sudo cp -p /lib/x86_64-linux-gnu/libresolv* /var/spool/postfix/lib/x86_64-linux-gnu/ sudo postfix restart --- Expected fix: Fix the postfix installation routines to include libresolv in the chroot jail. I do not know enough about this to provide a ready-made patch, unfortunately. ** Description changed: [IMPACT] By hostname map lookups in the chroot fail. This requires users to either unchroot their postfix, which is a less secure configuration, manually create symlinks, or refer to remote map locations by IP address (which is not a very maintainable solution. Absent doing the workaround, mail deliver fails. [TESTCASE] Set up a postfix to use a remote mysql map using the /etc/postfix/mysql- virtual.cf file shown in comment #3 (don't forget to restart postfix afterwards). You will also need to have syslog running in your test environment. Send mail to postfix. This could be as simple as: telnet localhost 25 ehlo example.com mail from: postmas...@example.com rcpt to: postmas...@example.net. At this point you'll get a response that the message was deferred (450). Check /var/log/mail.log and you should see an error like: postfix/trivial-rewrite[20176]: warning: connect to mysql server www.ubuntu.com: Unknown MySQL server host 'www.ubuntu.com' This indicated a DNS lookup failure (the problem). Install the updated package, restart postfix and connect again. The message will still be deferred (450) due to lack of a working mysql database at www.ubuntu.com, but the DNS lookup will succeed. + + warning: connect to mysql server www.ubuntu.com: Can't connect to MySQL + server on 'www.ubuntu.com' [Regression Potential] None. Worst case is I spelled the name of the new lib wrong and the bug just doesn't get fixed. [Other Info] Although not the most common of use cases, I think it's an important one to support for servers, so we should push to get this into 12.04.1. [Original bug] This is with Postfix 2.9.1-5 on Ubuntu 12.04 LTS --- Setup to reproduce - Configure postfix to use mysql for virtual alias maps - Specify a DNS hostname instead of an IP address or localhost for hosts: --- Symptoms: All postfix mail routing actions fail. The log contains: postfix/trivial-rewrite[20176]: warning: connect to mysql server my.example.com: Unknown MySQL server host 'my.example.com' (2) warning: mysql:/etc/postfix/mysql-virtual_aliases.cf: table
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
Package is built now. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023550] Re: Postfix missing libresolv in chroot jail
Seems reasonable since it's installed by default. ** Changed in: postfix (Ubuntu) Importance: Undecided = Medium ** Changed in: postfix (Ubuntu) Status: New = Triaged ** Changed in: postfix (Ubuntu) Milestone: None = ubuntu-12.10-beta-1 ** Changed in: postfix (Ubuntu) Importance: Medium = High -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in Ubuntu. https://bugs.launchpad.net/bugs/1023550 Title: Postfix missing libresolv in chroot jail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1023550/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
