From 2cfc3431dcc1036951b3a6121300ff5ccbd25d61 Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Sat, 19 Nov 2011 00:00:00 -0500 Subject: [PATCH] postfix-2.9-20111119 --- postfix/HISTORY | 6 +++ postfix/README_FILES/SASL_README | 14 ++++-- postfix/html/SASL_README.html | 16 ++++--- postfix/html/master.5.html | 77 ++++++++++++++++--------------- postfix/html/postconf.1.html | 10 ++-- postfix/man/man1/postconf.1 | 6 +-- postfix/man/man5/master.5 | 3 ++ postfix/postfix-install | 4 +- postfix/proto/SASL_README.html | 16 ++++--- postfix/proto/master | 3 ++ postfix/src/global/mail_version.h | 2 +- postfix/src/postconf/postconf.c | 6 +-- 12 files changed, 95 insertions(+), 68 deletions(-) diff --git a/postfix/HISTORY b/postfix/HISTORY index 083a15081..5dcb4d224 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -17103,3 +17103,9 @@ Apologies for any names omitted. "postconf -M inet" shows only services that listen on the network, and "postconf -M smtp.unix" shows the SMTP delivery agent. File: postconf.c. + +20111119 + + Cleanup: "postconf" commands in postfix-install needed to + be updated before master.cf was installed. Reported by + Sahil Tandon. File: postfix-install. diff --git a/postfix/README_FILES/SASL_README b/postfix/README_FILES/SASL_README index 77dd9f2e2..dd636007d 100644 --- a/postfix/README_FILES/SASL_README +++ b/postfix/README_FILES/SASL_README @@ -107,9 +107,9 @@ configure and operate the Dovecot authentication server. PPoossttffiixx ttoo DDoovveeccoott SSAASSLL ccoommmmuunniiccaattiioonn -Communication between the Postfix SMTP server and Dovecot SASL happens via a -UNIX-domain socket. Additionally, when using Dovecot version 2.0 and later, -communication can take place over a TCP socket. +Communication between the Postfix SMTP server and Dovecot SASL happens over a +UNIX-domain socket or over a TCP socket. Dovecot 1 supports UNIX-domain socket +communication only. UUNNIIXX--ddoommaaiinn ssoocckkeett ccoommmmuunniiccaattiioonn @@ -694,12 +694,16 @@ the section "Postfix to Dovecot SASL communication". that it will work whether or not the Postfix SMTP server runs chrooted. * If you configured Dovecot for TCP socket communication, configure Postfix - as follows (if Dovecot runs on a different machine, replace 127.0.0.1 by - that machine's IP address): + as follows. If Dovecot runs on a different machine, replace 127.0.0.1 by + that machine's IP address. /etc/postfix/main.cf: smtpd_sasl_path = inet:127.0.0.1:12345 + NNoottee + If you specify a remote IP address, information will be sent as plaintext + over the network. + EEnnaabblliinngg SSAASSLL aauutthheennttiiccaattiioonn iinn tthhee PPoossttffiixx SSMMTTPP sseerrvveerr Regardless of the SASL implementation type, enabling SMTP authentication in the diff --git a/postfix/html/SASL_README.html b/postfix/html/SASL_README.html index eac644919..049a4a148 100644 --- a/postfix/html/SASL_README.html +++ b/postfix/html/SASL_README.html @@ -184,10 +184,9 @@ to configure and operate the Dovecot authentication server.

Postfix to Dovecot SASL communication

-

Communication between the Postfix SMTP server -and Dovecot SASL happens via a UNIX-domain socket. Additionally, -when using Dovecot version 2.0 and later, communication can take -place over a TCP socket. +

Communication between the Postfix SMTP server and Dovecot SASL +happens over a UNIX-domain socket or over a TCP socket. Dovecot 1 +supports UNIX-domain socket communication only.

UNIX-domain socket communication
@@ -1166,14 +1165,19 @@ directory, so that it will work whether or not the Postfix SMTP server runs chrooted.

  • If you configured Dovecot for TCP socket communication, -configure Postfix as follows (if Dovecot runs on a different -machine, replace 127.0.0.1 by that machine's IP address):

    +configure Postfix as follows. If Dovecot runs on a different machine, +replace 127.0.0.1 by that machine's IP address. 

     /etc/postfix/main.cf:
     smtpd_sasl_path = inet:127.0.0.1:12345
    +Note + +

    If you specify a remote IP address, information +will be sent as plaintext over the network.

    +

    Enabling SASL authentication diff --git a/postfix/html/master.5.html b/postfix/html/master.5.html index adfd46b6f..923a479a7 100644 --- a/postfix/html/master.5.html +++ b/postfix/html/master.5.html @@ -119,47 +119,50 @@ MASTER(5) MASTER(5) trolled with the queue_directory configura- tion parameter in main.cf). + On Solaris systems the pass type is imple- + mented with streams sockets. + This feature is available as of Postfix ver- sion 2.5. Private (default: y) - Whether or not access is restricted to the mail - system. Internet (type inet) services can't be + Whether or not access is restricted to the mail + system. Internet (type inet) services can't be private. Unprivileged (default: y) Whether the service runs with root privileges or as - the owner of the Postfix system (the owner name is + the owner of the Postfix system (the owner name is controlled by the mail_owner configuration variable in the main.cf file). - The local(8), pipe(8), spawn(8), and virtual(8) + The local(8), pipe(8), spawn(8), and virtual(8) daemons require privileges. Chroot (default: y) - Whether or not the service runs chrooted to the + Whether or not the service runs chrooted to the mail queue directory (pathname is controlled by the - queue_directory configuration variable in the + queue_directory configuration variable in the main.cf file). Chroot should not be used with the local(8), - pipe(8), spawn(8), and virtual(8) daemons. - Although the proxymap(8) server can run chrooted, + pipe(8), spawn(8), and virtual(8) daemons. + Although the proxymap(8) server can run chrooted, doing so defeats most of the purpose of having that service in the first place. The files in the examples/chroot-setup subdirectory of the Postfix source archive show set up a Postfix - chroot environment on a variety of systems. See - also BASIC_CONFIGURATION_README for issues related + chroot environment on a variety of systems. See + also BASIC_CONFIGURATION_README for issues related to running daemons chrooted. Wake up time (default: 0) - Automatically wake up the named service after the - specified number of seconds. The wake up is imple- - mented by connecting to the service and sending a - wake up request. A ? at the end of the wake-up - time field requests that no wake up events be sent + Automatically wake up the named service after the + specified number of seconds. The wake up is imple- + mented by connecting to the service and sending a + wake up request. A ? at the end of the wake-up + time field requests that no wake up events be sent before the first time a service is used. Specify 0 for no automatic wake up. @@ -167,59 +170,59 @@ MASTER(5) MASTER(5) a wake up timer. Process limit (default: $default_process_limit) - The maximum number of processes that may execute + The maximum number of processes that may execute this service simultaneously. Specify 0 for no process count limit. NOTE: Some Postfix services must be configured as a - single-process service (for example, qmgr(8)) and - some services must be configured with no process + single-process service (for example, qmgr(8)) and + some services must be configured with no process limit (for example, cleanup(8)). These limits must not be changed. Command name + arguments - The command to be executed. Characters that are - special to the shell such as ">" or "|" have no - special meaning here, and quotes cannot be used to + The command to be executed. Characters that are + special to the shell such as ">" or "|" have no + special meaning here, and quotes cannot be used to protect arguments containing whitespace. - The command name is relative to the Postfix daemon + The command name is relative to the Postfix daemon directory (pathname is controlled by the dae- mon_directory configuration variable). - The command argument syntax for specific commands - is specified in the respective daemon manual page. + The command argument syntax for specific commands + is specified in the respective daemon manual page. - The following command-line options have the same + The following command-line options have the same effect for all daemon programs: - -D Run the daemon under control by the command + -D Run the daemon under control by the command specified with the debugger_command variable in the main.cf configuration file. See DEBUG_README for hints and tips. -o name=value Override the named main.cf configuration - parameter. The parameter value can refer to + parameter. The parameter value can refer to other parameters as $name etc., just like in main.cf. See postconf(5) for syntax. NOTE 1: do not specify whitespace around the - "=". In parameter values, either avoid + "=". In parameter values, either avoid whitespace altogether, use commas instead of - spaces, or consider overrides like "-o - name=$override_parameter" with $over- + spaces, or consider overrides like "-o + name=$override_parameter" with $over- ride_parameter set in main.cf. - NOTE 2: Over-zealous use of parameter over- - rides makes the Postfix configuration hard - to understand and maintain. At a certain - point, it might be easier to configure mul- - tiple instances of Postfix, instead of con- + NOTE 2: Over-zealous use of parameter over- + rides makes the Postfix configuration hard + to understand and maintain. At a certain + point, it might be easier to configure mul- + tiple instances of Postfix, instead of con- figuring multiple personalities via mas- ter.cf. - -v Increase the verbose logging level. Specify + -v Increase the verbose logging level. Specify multiple -v options to make a Postfix daemon process increasingly verbose. @@ -232,7 +235,7 @@ MASTER(5) MASTER(5) DEBUG_README, Postfix debugging LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/html/postconf.1.html b/postfix/html/postconf.1.html index 652a7becc..0c4ed0a04 100644 --- a/postfix/html/postconf.1.html +++ b/postfix/html/postconf.1.html @@ -133,14 +133,14 @@ POSTCONF(1) POSTCONF(1) human readability. If service ... is specified, only the matching ser- - vices will be output. For example, a service of + vices will be output. For example, a service of inet will match all services that listen on the network. - Specify zero or more argument, each with a service- - type name (inet, unix, fifo, or pass) or with a - service-name.service-type pair, where service-name - is the first field of a master.cf entry. + Specify zero or more arguments, each with a ser- + vice-type name (inet, unix, fifo, or pass) or with + a service-name.service-type pair, where service- + name is the first field of a master.cf entry. This feature is available with Postfix 2.9 and later. diff --git a/postfix/man/man1/postconf.1 b/postfix/man/man1/postconf.1 index d9917185c..e572dd5a8 100644 --- a/postfix/man/man1/postconf.1 +++ b/postfix/man/man1/postconf.1 @@ -124,10 +124,10 @@ file contents. Use \fB-Mf\fR to fold long lines for human readability. If \fIservice ...\fR is specified, only the matching services -will be output. For example, a service of \fBinet\fR will -match all services that listen on the network. +will be output. For example, a \fIservice\fB of \fBinet\fR +will match all services that listen on the network. -Specify zero or more argument, each with a \fIservice-type\fR +Specify zero or more arguments, each with a \fIservice-type\fR name (\fBinet\fR, \fBunix\fR, \fBfifo\fR, or \fBpass\fR) or with a \fIservice-name.service-type\fR pair, where \fIservice-name\fR is the first field of a master.cf entry. diff --git a/postfix/man/man5/master.5 b/postfix/man/man5/master.5 index 3df5cf9d1..977b013cd 100644 --- a/postfix/man/man5/master.5 +++ b/postfix/man/man5/master.5 @@ -109,6 +109,9 @@ descriptor passing) per connection request. The service name is a pathname relative to the Postfix queue directory (pathname controlled with the \fBqueue_directory\fR configuration parameter in main.cf). +.sp +On Solaris systems the \fBpass\fR type is implemented with +streams sockets. This feature is available as of Postfix version 2.5. .RE diff --git a/postfix/postfix-install b/postfix/postfix-install index 775b0acfe..49225ac88 100644 --- a/postfix/postfix-install +++ b/postfix/postfix-install @@ -363,7 +363,7 @@ HTML files. Specify \"no\" if you do not want to install these files." : ${install_root=/} : ${tempdir=`pwd`} -: ${config_directory=`bin/postconf -h -d config_directory`} +: ${config_directory=`bin/postconf -c conf -h -d config_directory`} # Find out the location of installed configuration files. @@ -446,7 +446,7 @@ do case "$junk" in "") eval unset $name;; esac - eval : \${$name=\`bin/postconf -d -h $name\`} || exit 1 + eval : \${$name=\`bin/postconf -c conf -d -h $name\`} || exit 1 done # Override settings manually. diff --git a/postfix/proto/SASL_README.html b/postfix/proto/SASL_README.html index 75af77747..b39b54c47 100644 --- a/postfix/proto/SASL_README.html +++ b/postfix/proto/SASL_README.html @@ -184,10 +184,9 @@ to configure and operate the Dovecot authentication server.

    Postfix to Dovecot SASL communication

    -

    Communication between the Postfix SMTP server -and Dovecot SASL happens via a UNIX-domain socket. Additionally, -when using Dovecot version 2.0 and later, communication can take -place over a TCP socket. +

    Communication between the Postfix SMTP server and Dovecot SASL +happens over a UNIX-domain socket or over a TCP socket. Dovecot 1 +supports UNIX-domain socket communication only.

    UNIX-domain socket communication
    @@ -1166,14 +1165,19 @@ directory, so that it will work whether or not the Postfix SMTP server runs chrooted.

  • If you configured Dovecot for TCP socket communication, -configure Postfix as follows (if Dovecot runs on a different -machine, replace 127.0.0.1 by that machine's IP address):

    +configure Postfix as follows. If Dovecot runs on a different machine, +replace 127.0.0.1 by that machine's IP address. 

     /etc/postfix/main.cf:
     smtpd_sasl_path = inet:127.0.0.1:12345
    +Note + +

    If you specify a remote IP address, information +will be sent as plaintext over the network.

    +

    Enabling SASL authentication diff --git a/postfix/proto/master b/postfix/proto/master index 3d3f07bc9..82b183bcf 100644 --- a/postfix/proto/master +++ b/postfix/proto/master @@ -103,6 +103,9 @@ # The service name is a pathname relative to the Postfix # queue directory (pathname controlled with the \fBqueue_directory\fR # configuration parameter in main.cf). +# .sp +# On Solaris systems the \fBpass\fR type is implemented with +# streams sockets. # # This feature is available as of Postfix version 2.5. # .RE diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 524fbc480..f92a34a82 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20111118" +#define MAIL_RELEASE_DATE "20111119" #define MAIL_VERSION_NUMBER "2.9" #ifdef SNAPSHOT diff --git a/postfix/src/postconf/postconf.c b/postfix/src/postconf/postconf.c index b6ca2da63..ac96720ca 100644 --- a/postfix/src/postconf/postconf.c +++ b/postfix/src/postconf/postconf.c @@ -118,10 +118,10 @@ /* readability. /* /* If \fIservice ...\fR is specified, only the matching services -/* will be output. For example, a service of \fBinet\fR will -/* match all services that listen on the network. +/* will be output. For example, a \fIservice\fB of \fBinet\fR +/* will match all services that listen on the network. /* -/* Specify zero or more argument, each with a \fIservice-type\fR +/* Specify zero or more arguments, each with a \fIservice-type\fR /* name (\fBinet\fR, \fBunix\fR, \fBfifo\fR, or \fBpass\fR) /* or with a \fIservice-name.service-type\fR pair, where /* \fIservice-name\fR is the first field of a master.cf entry.