Aufgabe #1634
offenAufgabe #1619: Aktualisierung vom Dienst Mail (Anwendung postfix), samt dem Dienst Mail-Verteiler (Anwendung GNU Mailman) vom Stand FreeBSD 11
Durchführung Installation und Migration vom Dienst Mail (von FreeBSD 11) auf FreeBSD 13
100%
Beschreibung
pkg update
pkg ins -y postfix
===> Creating groups. Using existing group 'mail'. Creating group 'maildrop' with gid '126'. Creating group 'postfix' with gid '125'. ===> Creating users Creating user 'postfix' with uid '125'. ===> Creating homedir(s) Adding user 'postfix' to group 'mail'. [mail-2023-05] [3/3] Extracting postfix-3.7.4,1: 100% =============================================================== Postfix was *not* activated in /usr/local/etc/mail/mailer.conf! To finish installation run the following commands: mkdir -p /usr/local/etc/mail install -m 0644 /usr/local/share/postfix/mailer.conf.postfix /usr/local/etc/mail/mailer.conf =============================================================== ===== Message from postfix-3.7.4,1: -- To use postfix instead of sendmail: - clear sendmail queue and stop the sendmail daemons Run the following commands to enable postfix during startup: - sysrc postfix_enable="YES" - sysrc sendmail_enable="NONE" If postfix is *not* already activated in /usr/local/etc/mail/mailer.conf - mv /usr/local/etc/mail/mailer.conf /usr/local/etc/mail/mailer.conf.old - install -d /usr/local/etc/mail - install -m 0644 /usr/local/share/postfix/mailer.conf.postfix /usr/local/etc/mail/mailer.conf Disable sendmail(8) specific tasks, add the following lines to /etc/periodic.conf(.local): daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" daily_status_include_submit_mailq="NO" daily_submit_queuerun="NO" If you are using SASL, you need to make sure that postfix has access to read the sasldb file. This is accomplished by adding postfix to group mail and making the /usr/local/etc/sasldb* file(s) readable by group mail (this should be the default for new installs).
install -d /usr/local/etc/mail
install -m 0644 /usr/local/share/postfix/mailer.conf.postfix /usr/local/etc/mail/mailer.conf
touch /etc/periodic.conf
$EDITOR /etc/periodic.conf
daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" daily_status_include_submit_mailq="NO" daily_submit_queuerun="NO"
Überführung der Konfiguration
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/root/usr/local/etc/postfix/master.cf > /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/etc/postfix/master.cf
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/root/usr/local/etc/postfix/main.cf > /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/etc/postfix/main.cf
root@truenas[~]#
touch /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/etc/postfix/rbl_override
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/root/usr/local/etc/postfix/rbl_override > /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/etc/postfix/rbl_override
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/root/usr/local/etc/postfix/header_checks > /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/etc/postfix/header_checks
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/root/usr/local/etc/postfix/relay_recipients > /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/etc/postfix/relay_recipients
grep relay_recipients /usr/local/etc/postfix/main.cf
#relay_recipient_maps = hash:$config_directory/relay_recipients #relay_recipient_maps = hash:/usr/local/etc/postfix/relay_recipients
cp /etc/aliases /etc/aliases.default
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/root/etc/aliases > /mnt/zpool/iocage/jails/mail_2023-05/root/etc/aliases
cp /etc/aliases /etc/aliases.stura
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/root/etc/aliases.stura > /mnt/zpool/iocage/jails/mail_2023-05/root/etc/aliases.stura
ls -l /etc/aliases*
lrwxr-xr-x 1 root wheel 12 May 18 04:01 aliases -> mail/aliases -rw-r--r-- 1 root wheel 1624 May 27 04:54 aliases.default -rw-r--r-- 1 root wheel 107915 May 27 04:56 aliases.stura
mv /etc/aliases.stura /etc/aliases.stura_2023-05-27_in-aliases-ueberfuehrt
pkg ins -y mailman-postfix
===> Creating groups.
Creating group 'mailman' with gid '91'.
===> Creating users
Creating user 'mailman' with uid '91'.
===> Creating homedir(s)
[mail-2023-05] [8/8] Extracting mailman-postfix-2.1.39_1: 100%
---> Starting post-install script
---> Running update
Upgrading from version 0x0 to 0x20127f0
getting rid of old source files
no lists == nothing to do, exiting
---> Checking crontab(5) file for user "mailman"
crontab: no crontab for mailman
---> Installing crontab(5) file for user "mailman"
---> Checking (and fixing) file and directory permissions
Warning: Private archive directory is other-executable (o+x).
This could allow other users on your system to read private archives.
If you're on a shared multiuser system, you should consult the
installation manual on how to fix this.
No problems found
---> adding default host configuration to /usr/local/mailman/Mailman/mm_cfg.py.
---> Running assorted other checks
Your Postfix hostname is non-default.
You must add "SMTPHOST = 'mail.stura.htw-dresden.de'" to the bottom of mm_cfg.py (without quotes).
=====
Message from python27-2.7.18_2:
--
Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:
bsddb databases/py-bsddb
gdbm databases/py-gdbm
sqlite3 databases/py-sqlite3
tkinter x11-toolkits/py-tkinter
--
===> NOTICE:
This port is deprecated; you may wish to reconsider installing it:
EOLed upstream.
It is scheduled to be removed on or after 2020-12-31.
=====
Message from py27-setuptools44-44.1.1:
--
===> NOTICE:
This port is deprecated; you may wish to reconsider installing it:
Uses Python 2.7 which is EOLed upstream.
=====
Message from py27-dnspython1-1.16.0:
--
===> NOTICE:
This port is deprecated; you may wish to reconsider installing it:
Uses Python 2.7 which is EOLed upstream.
======
Message from mailman-postfix-2.1.39_1:
--
Mailman has been installed, but requires further configuration before use!
You also must configure both your MTA (mail server) and web server to
integrate with Mailman. If the port's documentation has been installed,
extensive post-installation instructions may be found in:
/usr/local/share/doc/mailman/FreeBSD-post-install-notes
/usr/local/share/doc/mailman/mailman-install.txt (start at section 4)
Note (1):
- ESPECIALLY RELEVANT FOR USERS OF THE BINARY PACKAGE -
The FreeBSD binary package is built for use with Sendmail, and it will
not work properly with alternative MTAs such as Exim or Postfix.
In order for Mailman to work with an alternative mailer, please use
mailman-exim4 or mailman-postfix instead, or
mailman-exim4-with-htdig or mailman-postfix-with-htdig.
For use with other mailers (Courier, OpenSMTPd), the port must be installed
from source, with proper options configured, or from a package built in
poudriere (which is a separate port in ports-mgmt) with adapted options.
(poudriere options -cn mail/mailman)
- FOR USERS OF A PORT BUILT FROM SOURCE -
If you use an alternate MTA (meaning "not Sendmail"), you MUST
be sure that the correct value of MAIL_GID was used when this port or
package was built. You can choose your MTA with the correct MAIL_GID by
running "make config" in the Mailman port's directory.
Note (2): The entire Mailman installation resides under /usr/local/mailman.
The command-line scripts necessary to administer Mailman have been
installed in /usr/local/mailman/bin.
In order to make private archives searchable with namazu2, you need
to copy or link /usr/local/libexec/namazu.cgi to
/usr/local/mailman/archives/private/<ML_name>/ and configure .namazurc.
Refer to /usr/local/etc/namazu/namazurc.sample.
--
If you did just install mailman with pkg -I, --no-script or
--no-install-scripts, you MUST(!) run the post-install script now, as root:
env "PKG_PREFIX=/usr/local" sh \
/usr/local/mailman/bin/FreeBSD-post-install x POST-INSTALL
This will set up most defaults (cron jobs, default configuration etc.).
--
===> NOTICE:
This port is deprecated; you may wish to reconsider installing it:
Uses Python 2.7 which is EOLed upstream.
diff /usr/local/mailman/Mailman/mm_cfg.py.dist /usr/local/mailman/Mailman/mm_cfg.py
53a54,59 > > # This and the next three lines added by FreeBSD's post-install script > DEFAULT_EMAIL_HOST="mail-2023-05" > DEFAULT_URL_HOST="mail-2023-05" > add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST) >
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/root/usr/local/mailman/Mailman/mm_cfg.py > /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/mailman/Mailman/mm_cfg.py
diff /mnt/zpool/data/mailman/data/last_mailman_version /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/mailman/data/last_mailman_version
mv /usr/local/mailman/data /usr/local/mailman/data.dist
mv /usr/local/mailman/archives /usr/local/mailman/archives.dist
mv /usr/local/mailman/lists /usr/local/mailman/lists.dist
pkg ins -y apache24
===> Creating groups. Using existing group 'www'. ===> Creating users Using existing user 'www'. [mail-2023-05] [15/15] Extracting apache24-2.4.56: 100% ===== Message from db5-5.3.28_9: -- ===> NOTICE: The db5 port currently does not have a maintainer. As a result, it is more likely to have unresolved issues, not be up-to-date, or even be removed in the future. To volunteer to maintain this port, please create an issue at: https://bugs.freebsd.org/bugzilla More information about port maintainership is available at: https://docs.freebsd.org/en/articles/contributing/#ports-contributing -- ===> NOTICE: This port is deprecated; you may wish to reconsider installing it: EOLd, potential security issues, maybe use db18 instead. It is scheduled to be removed on or after 2022-06-30. ===== Message from ca_root_nss-3.89: -- FreeBSD does not, and can not warrant that the certification authorities whose certificates are included in this package have in any way been audited for trustworthiness or RFC 3647 compliance. Assessment and verification of trust is the complete responsibility of the system administrator. This package installs symlinks to support root certificates discovery by default for software that uses OpenSSL. This enables SSL Certificate Verification by client software without manual intervention. If you prefer to do this manually, replace the following symlinks with either an empty file or your site-local certificate bundle. * /etc/ssl/cert.pem * /usr/local/etc/ssl/cert.pem * /usr/local/openssl/cert.pem ===== Message from apr-1.7.0.1.6.1_2: -- The Apache Portable Runtime project removed support for FreeTDS with version 1.6. Users requiring MS-SQL connectivity must migrate configurations to use the added ODBC driver and FreeTDS' ODBC features. ===== Message from apache24-2.4.56: -- To run apache www server from startup, add apache24_enable="yes" in your /etc/rc.conf. Extra options can be found in startup script. Your hostname must be resolvable using at least 1 mechanism in /etc/nsswitch.conf typically DNS or /etc/hosts or apache might have issues starting depending on the modules you are using. - apache24 default build changed from static MPM to modular MPM - more modules are now enabled per default in the port - icons and error pages moved from WWWDIR to DATADIR If build with modular MPM and no MPM is activated in httpd.conf, then mpm_prefork will be activated as default MPM in etc/apache24/modules.d to keep compatibility with existing php/perl/python modules! Please compare the existing httpd.conf with httpd.conf.sample and merge missing modules/instructions into httpd.conf!
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/root/usr/local/etc/apache24/httpd.conf > /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/etc/apache24/httpd.conf
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/root/usr/local/etc/apache24/extra/httpd-vhosts.conf > /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/etc/apache24/extra/httpd-vhosts.conf
root@truenas[~]#
iocoge stop mail_2023-05
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail_2023-05/fstab
root@truenas[~]#
mkdir /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/mailman/archives
root@truenas[~]#
mkdir /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/mailman/data
root@truenas[~]#
mkdir /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/mailman/lists
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/fstab
/mnt/zpool/data/mailman/archives /mnt/zpool/iocage/jails/mail/root/usr/local/mailman/archives nullfs rw 0 0 /mnt/zpool/data/mailman/data /mnt/zpool/iocage/jails/mail/root/usr/local/mailman/data nullfs rw 0 0 /mnt/zpool/data/mailman/lists /mnt/zpool/iocage/jails/mail/root/usr/local/mailman/lists nullfs rw 0 0
root@truenas[~]#
ee /mnt/zpool/iocage/jails/mail_2023-05/fstab
/mnt/zpool/data/mailman/archives /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/mailman/archives nullfs rw 0 0 /mnt/zpool/data/mailman/data /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/mailman/data nullfs rw 0 0 /mnt/zpool/data/mailman/lists /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/mailman/lists nullfs rw 0 0
root@truenas[~]#
cat /mnt/zpool/iocage/jails/mail/fstab > /mnt/zpool/iocage/jails/mail_2023-05/fstab
root@truenas[~]#
iocage get --all mail_2023-05 | grep 141
defaultrouter:141.56.51.254 ip4_addr:141.56.51.14/24
root@truenas[~]#
iocage get ip4_addr mail_2023-05
141.56.51.24/24
root@truenas[~]#
iocage set ip4_addr=141.56.51.14/24 mail_2023-05
ip4_addr: 141.56.51.24/24 -> 141.56.51.14/24
root@truenas[~]#
zfs snap -r zpool/data/mailman@before-running-freebsd-13
zfs list -t snap | grep freebsd-13
zpool/data/mailman@before-running-freebsd-13 0B - 88K - zpool/data/mailman/archives@before-running-freebsd-13 0B - 321G - zpool/data/mailman/data@before-running-freebsd-13 0B - 50.0M - zpool/data/mailman/lists@before-running-freebsd-13 0B - 6.35G -
root@truenas[~]#
iocage start mail_2023-05
No default gateway found for ipv6. * Starting mail_2023-05 + Started OK + Using devfs_ruleset: 1004 (iocage generated default) + Configuring VNET OK + Using IP options: vnet + Starting services OK + Executing poststart OK
iocage start mail_2023-05
root@mail-2023-05:~ #
service postfix onestart
postfix: Postfix is using backwards-compatible default settings postfix: See http://www.postfix.org/COMPATIBILITY_README.html for details postfix: To disable backwards compatibility use "postconf compatibility_level=3.6" and "postfix reload" postfix/postfix-script: starting the Postfix mail system
root@mail-2023-05:~ #
service postfix onestatus
postfix is running as pid 43952.
root@mail-2023-05:~ #
service mailman onestart
Fixing mailman permissions: directory permissions must be 02775: /usr/local/mailman/archives.dist (fixing) directory permissions must be 02775: /usr/local/mailman/archives.dist/private (fixing) Problems found: 2 Re-run as mailman (or root) with -f flag to fix Starting mailman.
root@mail-2023-05:~ #
@
service mailman onestatus
mailman is running as pid 44060.
root@mail-2023-05:~ # service apache24 onestatus apache24 is not running. root@mail-2023-05:~ # service apache24 onestart Performing sanity check on apache24 configuration: [Sat May 27 05:38:35.939009 2023] [core:error] [pid 44106] (EAI 8)Name does not resolve: AH00547: Could not resolve host name lists.htw.stura-dresden.de -- ignoring! AH00557: httpd: apr_sockaddr_info_get() failed for mail-2023-05 AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message Syntax OK Starting apache24. [Sat May 27 05:38:35.972720 2023] [core:error] [pid 44107] (EAI 8)Name does not resolve: AH00547: Could not resolve host name lists.htw.stura-dresden.de -- ignoring! AH00557: httpd: apr_sockaddr_info_get() failed for mail-2023-05 AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message root@mail-2023-05:~ # service apache24 onestatus apache24 is running as pid 44108.
root@mail-2023-05:~ #
ls /etc/ | grep aliases
aliases aliases.default aliases.stura
root@mail-2023-05:~ #
newaliases
root@mail-2023-05:~ #
ls /etc/ | grep aliases
aliases aliases.db aliases.default aliases.stura
root@mail-2023-05:~ #
cp /etc/aliases /etc/aliases_2023-05-27
root@mail-2023-05:~ #
cat /etc/aliases.stura > /etc/aliases
root@mail-2023-05:~ #
du -h /etc/aliases.db
4.5K /etc/aliases.db
root@mail-2023-05:~ #
newaliases
root@mail-2023-05:~ #
du -h /etc/aliases.db
@
29K /etc/aliases.db
cat /mnt/zpool/iocage/jails/mail/root/usr/local/etc/postfix/rbl_override.db > /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/etc/postfix/rbl_override.db
Aktivieren der Anwendung Postfix
sysrc postfix_enable="YES"
Aktivieren der Anwendung GNU Mailman
sysrc mailman_enable="YES"
Aktivieren der Anwendung Apache
sysrc apache24_enable="YES"
noch zu erledigen¶
Dateien für aliases¶
master.cf von postfix prüfen¶
diff /mnt/zpool/iocage/jails/mail/root/usr/local/etc/postfix/master.cf /mnt/zpool/iocage/jails/mail_2023-05/root/usr/local/etc/postfix/master.cf
insbesondere wegen
mailman unix - n n - - pipe
flags=FR user=mailman:mailman argv=/usr/local/mailman/postfix-to-mailman.py ${nexthop} ${user}
Untergeordnete Tickets 1 (0 offen — 1 geschlossen)
Von PaulRiegel vor 11 Monaten aktualisiert
https://lists.stura.htw-dresden.de/pipermail/alle.stg.htw-dresden.de/
Forbidden You don't have permission to access this resource.
Das soll
ls -ld /usr/local/mailman/archives/private/
drwxrws--- 879 root mailman 879 May 27 07:00 /usr/local/mailman/archives/private/
chmod o=rx /usr/local/mailman/archives/private/ls -ld /usr/local/mailman/archives/private/drwxrwsr-x 879 root mailman 879 May 27 07:00 /usr/local/mailman/archives/private/
Works!