From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mav@elserv.msk.su>
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
 sa.local.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU autolearn=ham autolearn_force=no version=3.4.1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=elserv.msk.su;
 s=elserv; t=1573374555;
 bh=MXVItj+0xOmwDF8Dp3SpHoctAZ/2/q8FVTsY8ISnNeA=;
 h=Subject:To:References:From:Date:In-Reply-To:From;
 b=DAun2g7iDnMBaql+/LlHD3ASPtvoRUEezXBEaetUDEsE7uZb+IQYGDUsBOcGPf6GW
 07jXsUSsuErHs7eYC3VwiomhXHS9i+/kn/ATUEbl2fTKahmKGs3KoCbJDHD/XdyVLC
 CXs3DLvLW8UwWX9HCIcatm52utaq38BdOxT34yvY=
To: sysadmins@lists.altlinux.org
References: <e6f5197f-3685-12c4-95ff-cb523392346a@elserv.msk.su>
From: Alex Moskalenko <mav@elserv.msk.su>
Message-ID: <be1b5a62-5563-1808-947a-789b741f8133@elserv.msk.su>
Date: Sun, 10 Nov 2019 11:29:13 +0300
MIME-Version: 1.0
In-Reply-To: <e6f5197f-3685-12c4-95ff-cb523392346a@elserv.msk.su>
Content-Type: multipart/mixed; boundary="------------EDDB00B84226205D4F6BB9DC"
Content-Language: ru
Subject: Re: [Sysadmins] Postfix multi-instance
X-BeenThere: sysadmins@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux sysadmins' discussion <sysadmins@lists.altlinux.org>
List-Id: ALT Linux sysadmins' discussion <sysadmins.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/sysadmins>,
 <mailto:sysadmins-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sysadmins>
List-Post: <mailto:sysadmins@lists.altlinux.org>
List-Help: <mailto:sysadmins-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
 <mailto:sysadmins-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Nov 2019 08:29:18 -0000
Archived-At: <http://lore.altlinux.org/sysadmins/be1b5a62-5563-1808-947a-789b741f8133@elserv.msk.su/>
List-Archive: <http://lore.altlinux.org/sysadmins/>

This is a multi-part message in MIME format.
--------------EDDB00B84226205D4F6BB9DC
Content-Type: text/plain; charset=koi8-r; format=flowed
Content-Transfer-Encoding: 8bit

Быстрый хак на предмет поддержки Postfix Multi-instance в chroot.d-скриптах.

Хак со следующими условностями: дополнительные экземпляры должны иметь 
spool_directory там же, где и основной экземпляр, и их имена должны 
начинаться с postfix (так и происходит при создание дополнительных 
экземпляров с помощью postmulti с параметрами по умолчанию). Сделано для 
того, чтобы какой-нибудь экземпляр с queue_directory=/ не спровоцировал 
удаление системных /{etc,lib,lib64} при работе скриптов из chroot.d.

Есть смысл на эту тему баг заводить или это дикая экзотика?


09.11.2019 18:28, Alex Moskalenko пишет:
> Здравствуйте.
>
> Я правильно понимаю, что какая-либо поддержка Multi-instance в 
> chroot.d-скриптах postfix'а у нас отсутствует совсем?
>
> Понадобилось поднять несколько экземпляров Postfix'а на одной машине. 
> Создал их с помощью postmulti, настроил, и понял, что без ручного 
> копирования в их каталоги нужных файлов и библиотек ничего не работает.
>
> Нет ли каких-нибудь наработок в этой области?
>
> _______________________________________________
> Sysadmins mailing list
> Sysadmins@lists.altlinux.org
> https://lists.altlinux.org/mailman/listinfo/sysadmins

--------------EDDB00B84226205D4F6BB9DC
Content-Type: text/x-patch;
 name="postmulti.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="postmulti.patch"

diff -uNr old/postfix.conf new/postfix.conf
--- old/postfix.conf	2016-03-02 17:52:33.000000000 +0300
+++ new/postfix.conf	2019-11-09 23:32:07.173447039 +0300
@@ -5,33 +5,35 @@
 
 [ -n "$verbose" ] && err_null= || err_null='2>/dev/null'
 postconf='/usr/sbin/postconf -E'
-eval $postconf >/dev/null $err_null || exit
 
-cd /var/spool/postfix
-
-incompatible_maps="alias_database alias_maps"
-force_alias=
-force_alias_maps=
-force_map=
-if [ -n "$force" ]; then
+for pinst in /etc/postfix $($postconf -h multi_instance_directories); do
+    eval $postconf -c $pinst >/dev/null $err_null || continue
+    cd "$($postconf -c $pinst -h queue_directory)"
+    pwd | grep -q "^/var/spool/postfix.*" || continue
+
+    incompatible_maps="alias_database alias_maps"
+    force_alias=
+    force_alias_maps=
+    force_map=
+    if [ -n "$force" ]; then
 	force_alias=1
 	force_alias_maps=1
 	force_map=1
 	# Purge all configs from chroot
 	rm -f etc/*
-fi
+    fi
 
-copy_resolv_conf
+    copy_resolv_conf
 
-suffix_hash=db
-suffix_cdb=cdb
+    suffix_hash=db
+    suffix_cdb=cdb
 
-# alias_database
-if [ -z "$force_alias" ]; then
+    # alias_database
+    if [ -z "$force_alias" ]; then
 	for type in hash cdb; do
 		update_alias=
 		eval suffix=\$suffix_$type
-		for src in `$postconf -h alias_database |
+		for src in `$postconf -c $pinst -h alias_database |
 				tr -s ', 	' '\n' |
 				sort -u |
 				sed -n 's,^'$type':\(/.*\),\1,p'`; do
@@ -42,16 +44,16 @@
 			break 2
 		done
 	done
-fi
-if [ -n "$force_alias" -o -n "$update_alias" ]; then
-	/usr/bin/newaliases $verbose ||
-		Fatal "failed to update alias database"
-fi
+    fi
+    if [ -n "$force_alias" -o -n "$update_alias" ]; then
+	/usr/bin/newaliases -C $pinst $verbose ||
+		Info "failed to update alias database for $pinst"
+    fi
 
 # alias_maps
-for type in hash cdb; do
+    for type in hash cdb; do
 	eval suffix=\$suffix_$type
-	for src in `$postconf -h alias_maps |
+	for src in `$postconf -c $pinst -h alias_maps |
 			tr -s ', 	' '\n' |
 			sort -u |
 			sed -n 's,^'$type':\(/.*\),\1,p'`; do
@@ -63,22 +65,22 @@
 				update_alias_map=1
 		fi
 		if [ -n "$force_alias_map" -o -n "$update_alias_map" ]; then
-			postalias $verbose "$src" ||
-				Fatal "failed to update alias map $src database"
+			postalias -c $pinst $verbose "$src" ||
+				Info "failed to update alias map $src database for $pinst"
 		fi
 	done
-done
+    done
 
 # other maps
-for type in hash cdb; do
+    for type in hash cdb; do
 	eval suffix=\$suffix_$type
-	for src in `$postconf |
+	for src in `$postconf -c $pinst |
 			tr -s ', 	' '\n' |
 			sort -u |
 			sed -n 's,^'$type':\(/.*\),\1,p'`; do
 		# Filter out incompatible maps
 		for map in $incompatible_maps; do
-			test "`$postconf -h $map`" = "$type:$src" && src="" && break || :
+			test "`$postconf -c $pinst -h $map`" = "$type:$src" && src="" && break || :
 		done
 		[ -f "$src" ] || continue
 		update_map=
@@ -88,14 +90,15 @@
 				update_map=1
 		fi
 		if [ -n "$force_map" -o -n "$update_map" ]; then
-			postmap $verbose "$type:$src" ||
-				Fatal "failed to update $src database"
+			postmap -c $pinst $verbose "$type:$src" ||
+				Info "failed to update $src database for $pinst"
 		fi
 	done
-done
+    done
 
-nono='no
+    nono='no
 no'
-if [ "`$postconf -h smtp_use_tls smtpd_use_tls`" != "$nono" ]; then
+    if [ "`$postconf -c $pinst -h smtp_use_tls smtpd_use_tls`" != "$nono" ]; then
 	: # Consider updating files specified in smtp{,d}_tls_CA{file,path}
-fi
+    fi
+done
diff -uNr old/postfix.lib new/postfix.lib
--- old/postfix.lib	2016-03-02 17:52:33.000000000 +0300
+++ new/postfix.lib	2019-11-09 23:24:43.272914416 +0300
@@ -5,11 +5,16 @@
 # Source functions library
 . /etc/chroot.d/functions
 
-cd /var/spool/postfix
+postconf='/usr/sbin/postconf -E'
 
-if [ -n "$force" ]; then
+for pinst in /etc/postfix $($postconf -h multi_instance_directories); do
+    cd "$($postconf -c $pinst -h queue_directory)"
+    pwd | grep -q "^/var/spool/postfix.*" || continue
+
+    if [ -n "$force" ]; then
 	# Purge all libs from chroot
 	rm -f ${chrooted_slib}/*
-fi
+    fi
 
-copy_resolv_lib
+    copy_resolv_lib
+done

--------------EDDB00B84226205D4F6BB9DC--