From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id sgAJAon/MV/hCgAA0tVLHw (envelope-from ) for ; Tue, 11 Aug 2020 02:16:41 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id GEdTOYj/MV/qXQAAB5/wlQ (envelope-from ) for ; Tue, 11 Aug 2020 02:16:40 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 9C1FC9403EE for ; Tue, 11 Aug 2020 02:16:40 +0000 (UTC) Received: from localhost ([::1]:40598 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1k5JqB-0004pq-F1 for larch@yhetil.org; Mon, 10 Aug 2020 22:16:39 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:33652) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1k5Jq1-0004oG-S0 for guix-devel@gnu.org; Mon, 10 Aug 2020 22:16:29 -0400 Received: from mail-ej1-x62a.google.com ([2a00:1450:4864:20::62a]:40399) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1k5Jpz-0005xy-Gi; Mon, 10 Aug 2020 22:16:29 -0400 Received: by mail-ej1-x62a.google.com with SMTP id o18so11419157eje.7; Mon, 10 Aug 2020 19:16:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=GnzxnuRBkhwEsskuISnjoe20AN2fLIeCPYKcNYetC6E=; b=eICwJlpBfsNqOTm8m2nLbRjxwcMDsamKyN4dMtABI+tmVpfFM5fSCz8MC464qdc8zT H4tovzelSbGfw44UZ0QfCp8MRJh/28psmNwVJvG4UKCWBq9Mij6+57czXScK2SGD2bNt 1ERa6RM2Cvw1xe8C9vsgrvpswgTdyXtZloADbIqnFEouLcqu0WhWnLpjUe0RLaQI3QuD 1bPaajuc6cScEytQ9PdQjstKJUgQCYT5bU2X+c4p+fj3xFm64khjIoNlcN58j3LSmMQc wF35VzMcSZPR/leEdJemNBKkt6OfbXDKGjK/xR9XbR1oJ82JcYbHJ8jUvf9MVhGMcxVj 5KtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=GnzxnuRBkhwEsskuISnjoe20AN2fLIeCPYKcNYetC6E=; b=ct7laKfFJJf8v4xIcn4peN81sNvxtg+71KJ7I0G6UPm0/r4c887ggTuhz/+9n19RY+ Cb2HKaMiWMwmfSr8uff56qU7YF7uYQRxFsJJZd61y3lT5UDx2KR/wyv+ju7pAcrf87re 3lqgHM6dYmdG8PkDoZs/Ri99Xw7PniA5JCrGJM0VPU/Vlz2fkmHc6QZjrOwB7fCfE5yj hTj3oQm2tNa5KnIdhSza1qgNHFAbfBnOEguHyreAMOOACURAkHiFbXpUOCCAjXYoVpTd dmQjBD/BAsoNtLBPrGHhqIS/9vmR9S2yikLuzob/AS0iXEE8EpUVE+mgKoMFh7HykXQm tSSg== X-Gm-Message-State: AOAM531mPXZucQOuTWD3amQr3V6oNquFbSfEYK5kw8qLT5nv0xApXuW1 G0Zba46yZzcSUZaamUQr+p8Qla4s5H8H/1eLQO5+ X-Google-Smtp-Source: ABdhPJyn/GSgk+KadNJRsZcrMlcWg2ZvELZ2YAnqsINsLA97YyAx4YkJv8+KWTS2in6HY52z4X3P0GulbiWDEtPV3hM= X-Received: by 2002:a17:906:a18e:: with SMTP id s14mr23842025ejy.168.1597112184421; Mon, 10 Aug 2020 19:16:24 -0700 (PDT) MIME-Version: 1.0 References: <87o8svh0jf.fsf@gnu.org> <878sen0zcd.fsf@gnu.org> In-Reply-To: <878sen0zcd.fsf@gnu.org> From: =?UTF-8?Q?G=C3=A1bor_Boskovits?= Date: Tue, 11 Aug 2020 04:16:12 +0200 Message-ID: Subject: Re: wip-postfix To: Jan Nieuwenhuizen Content-Type: multipart/alternative; boundary="0000000000006b41de05ac90a831" Received-SPF: pass client-ip=2a00:1450:4864:20::62a; envelope-from=boskovits@gmail.com; helo=mail-ej1-x62a.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Guix-devel , 35619@debbugs.gnu.org Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20161025 header.b=eICwJlpB; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Spam-Score: -0.71 X-TUID: n6JfLFgtX8B8 --0000000000006b41de05ac90a831 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello Jan, Jan Nieuwenhuizen ezt =C3=ADrta (id=C5=91pont: 2020. aug.= 10., H=C3=A9t 8:50): > G=C3=A1bor Boskovits writes: > > Hello! > > >> Jan Nieuwenhuizen ezt =C3=ADrta (id=C5=91pont: 2020.= m=C3=A1rc. > 17., Ke 9:02): > > > > G=C3=A1bor Boskovits writes: > > I took the liberty of rebasing wip-postfix on latest master and > found it does not compile > > --8<---------------cut here---------------start------------->8--- > gcc -fPIC -I. -I../../include -DNO_EAI -DDEF_SMTPUTF8_ENABLE=3D\"no\" > -DHAS_DEV_URANDOM > -DDEF_SHLIB_DIR=3D\"/gnu/store/hbdrbb84krvjvw58vmr1pvzb6l3gbmyv-postfix-m= inimal-3.4.8\" > -DUSE_DYNAMIC_LIBS -DUSE_DYNAMIC_MAPS -Wmissing-prototypes -Wformat > -Wno-comment -fPIC -g -O -I. -I../../include -DLINUX5 -c dns_str_resflags= .c > dns_str_resflags.c:55:13: warning: RES_AAONLY is deprecated > "RES_AAONLY", RES_AAONLY, > ^~~~~~~~~~~~~~~~~ > dns_str_resflags.c:57:13: warning: RES_PRIMARY is deprecated > "RES_PRIMARY", RES_PRIMARY, > ^~~~~~~~~~~~~~~~~~~ > dns_str_resflags.c:63:22: error: =E2=80=98RES_INSECURE1=E2=80=99 undeclar= ed here (not in a > function); did you mean =E2=80=98RES_RECURSE=E2=80=99? > "RES_INSECURE1", RES_INSECURE1, > ^~~~~~~~~~~~~ > RES_RECURSE > --8<---------------cut here---------------end--------------->8--- > > Luckily, that was easily fixed by updating postfix to 3.5.0. > Thanks for having a look. > > >> When I hack around and create /etc/ailases.db, it works. > > I would like to add a service config for this. > > I found we already have mail-aliases-service-type, so I used that, > together with running postalias. Now, queuing mail works ootb...but > delivery seems not to work: it remains queued. > > I rebased wip-postfix and added a couple of patches for this. Please > feel free to revert them if you don't like it :-) > > When starting postfix like so > > --8<---------------cut here---------------start------------->8--- > ./pre-inst-env guix system vm gnu/system/examples/postfix.tmpl`\ > --nographic -m 1G\ > --nic > user,model=3Dvirtio-net-pci,hostfwd=3Dtcp::12025-:25,hostfwd=3Dtcp:127.0.= 0.1:12022 > -:2222 > --8<---------------cut here---------------end--------------->8--- > > I'm seeing > > --8<---------------cut here---------------start------------->8--- > 07:39:18 janneke@dundal:~/src/guix/wip-postfix [env] > $ telnet localhost 12025 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 komputilo.localdomain ESMTP Postfix > mail from: root > mail from: root > 250 2.1.0 Ok > rcpt to: alice > rcpt to: alice > 250 2.1.5 Ok > data > data > 354 End data with . > hello Alice! > hello Alice! > . > . > 250 2.0.0 Ok: queued as E26BA3116 > quit > quit > 221 2.0.0 Bye > Connection closed by foreign host. > 08:03:53 janneke@dundal:~/src/guix/wip-postfix [env] > $ ssh -p 12022 root@localhost > /gnu/store/mydn0wr0bs7mz3rx9fwihpma26r0dpqq-postfix-minimal-3.5.0/mailq -= C > /gnu/store/nj5pa9l9zy6vx5484pbdsqnilva8bivc-postfix-config-dir > -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- > E26BA3116* 175 Mon Aug 10 08:00:50 root@komputilo.localdomain > alice@komputilo.localdomain > > -- 0 Kbytes in 1 Request. > --8<---------------cut here---------------end--------------->8--- > > Ideas? > I will have a look early next week. Most probably the setuid stuff is missing, and access is denied to something. > > >> It looks like most everything is installed in a single, flat director= y > >> > >> /gnu/store/pyv0rpd6zs0m2i482cb8qxd6mhf5b47z-postfix-minimal-3.4.8 > >> > >> executables, copies of readmes, (unused?) config files (main.cf, > >> aliases)? > > > > Yes, but can be easily separated. The config files are installer > > generated, and not used. > > Ok =3D> TODO :-) > > >> Anyhow, this is a great start; next Mailman? > > > > One thing that blocks me from finishing this is that the setuid > > programs in the os declatation should be extended, so that we can use > > the privilege separation of postfix. I would like to propose a patch > > later this week. > > Any insight here, something blocking maybe? > Nothing in particular. I had little time recently. I just finished a bigger project, and I was on holiday. I will try to propose an interface for this next week. > Greetings, > Janneke > Regards, g_bor > > Jan (janneke) Nieuwenhuizen (5): > gnu: postfix-minimal: Updato to 3.5.0. > system: examples: Add postfix.tmpl. > gnu: postfix-minimal: Fix startup warnings. > service: postfix: Use mail-aliases-service-type. > system: postfix.tmpl: Add mail-aliases-service. > > gnu/packages/mail.scm | 32 ++++++++++++------- > gnu/services/mail.scm | 12 ++++++- > gnu/system/examples/postfix.tmpl | 54 ++++++++++++++++++++++++++++++++ > 3 files changed, 86 insertions(+), 12 deletions(-) > create mode 100644 gnu/system/examples/postfix.tmpl > > -- > Jan Nieuwenhuizen | GNU LilyPond http://lilypond.org > Freelance IT http://JoyofSource.com | Avatar=C2=AE http://AvatarAcademy.c= om > --0000000000006b41de05ac90a831 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello Jan,

Jan Nieuwenhuizen <janneke@gnu.org> ezt =C3=ADrta (id=C5=91pont: 2020. aug= . 10., H=C3=A9t 8:50):
G=C3=A1bor B= oskovits writes:

Hello!

>> Jan Nieuwenhuizen <janneke@gnu.org> ezt =C3=ADrta (id=C5=91= pont: 2020. m=C3=A1rc. 17., Ke 9:02):
>
>=C2=A0 G=C3=A1bor Boskovits writes:

I took the liberty of rebasing wip-postfix on latest master and
found it does not compile

--8<---------------cut here---------------start------------->8---
gcc -fPIC -I. -I../../include -DNO_EAI -DDEF_SMTPUTF8_ENABLE=3D\"no\&q= uot; -DHAS_DEV_URANDOM -DDEF_SHLIB_DIR=3D\"/gnu/store/hbdrbb84krvjvw58= vmr1pvzb6l3gbmyv-postfix-minimal-3.4.8\" -DUSE_DYNAMIC_LIBS -DUSE_DYNA= MIC_MAPS -Wmissing-prototypes -Wformat -Wno-comment -fPIC -g -O -I. -I../..= /include -DLINUX5 -c dns_str_resflags.c
dns_str_resflags.c:55:13: warning: RES_AAONLY is deprecated
=C2=A0 =C2=A0 =C2=A0"RES_AAONLY", RES_AAONLY,
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0^~~~~~~~~~~~~~~~~=C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0
dns_str_resflags.c:57:13: warning: RES_PRIMARY is deprecated
=C2=A0 =C2=A0 =C2=A0"RES_PRIMARY", RES_PRIMARY,
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0^~~~~~~~~~~~~~~~~~~=C2=A0 = =C2=A0 =C2=A0 =C2=A0
dns_str_resflags.c:63:22: error: =E2=80=98RES_INSECURE1=E2=80=99 undeclared= here (not in a function); did you mean =E2=80=98RES_RECURSE=E2=80=99?
=C2=A0 =C2=A0 =C2=A0"RES_INSECURE1", RES_INSECURE1,
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 ^~~~~~~~~~~~~
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 RES_RECURSE
--8<---------------cut here---------------end--------------->8---

Luckily, that was easily fixed by updating postfix to 3.5.0.

Thanks for havi= ng a look.

>>=C2=A0 When I hack around and create /etc/ailases.db, it works.
> I would like to add a service config for this.

I found we already have mail-aliases-service-type, so I used that,
together with running postalias.=C2=A0 Now, queuing mail works ootb...but delivery seems not to work: it remains queued.

I rebased wip-postfix and added a couple of patches for this.=C2=A0 Please<= br> feel free to revert them if you don't like it :-)

When starting postfix like so

--8<---------------cut here---------------start------------->8---
./pre-inst-env guix system vm gnu/system/examples/postfix.tmpl`\
=C2=A0 =C2=A0--nographic -m 1G\
=C2=A0 =C2=A0--nic user,model=3Dvirtio-net-pci,hostfwd=3Dtcp::12025-:25,hos= tfwd=3Dtcp:127.0.0.1:12022-:2222
--8<---------------cut here---------------end--------------->8---

I'm seeing

--8<---------------cut here---------------start------------->8---
07:39:18 janneke@dundal:~/src/guix/wip-postfix [env]
$ telnet localhost 12025
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 komputilo.localdomain ESMTP Postfix
mail from: root
mail from: root
250 2.1.0 Ok
rcpt to: alice
rcpt to: alice
250 2.1.5 Ok
data
data
354 End data with <CR><LF>.<CR><LF>
hello Alice!
hello Alice!
.
.
250 2.0.0 Ok: queued as E26BA3116
quit
quit
221 2.0.0 Bye
Connection closed by foreign host.
08:03:53 janneke@dundal:~/src/guix/wip-postfix [env]
$ ssh -p 12022 root@localhost /gnu/store/mydn0wr0bs7mz3rx9fwihpma26r0dpqq-p= ostfix-minimal-3.5.0/mailq -C /gnu/store/nj5pa9l9zy6vx5484pbdsqnilva8bivc-p= ostfix-config-dir
-Queue ID-=C2=A0 --Size-- ----Arrival Time---- -Sender/Recipient-------
E26BA3116*=C2=A0 =C2=A0 =C2=A0 175 Mon Aug 10 08:00:50=C2=A0 root@komputilo= .localdomain
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0al= ice@komputilo.localdomain

-- 0 Kbytes in 1 Request.
--8<---------------cut here---------------end--------------->8---

Ideas?

I will have a look early next week. Most probably the setuid stuff is= missing, and access is denied to something.

>>=C2=A0 It looks like most everything is installed in a single, flat= directory
>>
>>=C2=A0 =C2=A0 =C2=A0 /gnu/store/pyv0rpd6zs0m2i482cb8qxd6mhf5b47z-po= stfix-minimal-3.4.8
>>
>>=C2=A0 executables, copies of readmes, (unused?) config files (main= .cf,
>>=C2=A0 aliases)?
>
> Yes, but can be easily separated. The config files are installer
> generated, and not used.

Ok =3D> TODO :-)

>> Anyhow, this is a great start; next Mailman?
>
> One thing that blocks me from finishing this is that the setuid
> programs in the os declatation should be extended, so that we can use<= br> > the privilege separation of postfix. I would like to propose a patch > later this week.

Any insight here, something blocking maybe?

Nothing in particular. I had lit= tle time recently. I just finished a bigger project, and I was on holiday. = I will try to propose an interface for this next week.


Greetings,
Janneke

Regards,
g_bor

Jan (janneke) Nieuwenhuizen (5):
=C2=A0 gnu: postfix-minimal: Updato to 3.5.0.
=C2=A0 system: examples: Add postfix.tmpl.
=C2=A0 gnu: postfix-minimal: Fix startup warnings.
=C2=A0 service: postfix: Use mail-aliases-service-type.
=C2=A0 system: postfix.tmpl: Add mail-aliases-service.

=C2=A0gnu/packages/mail.scm=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 | 32 += +++++++++++-------
=C2=A0gnu/services/mail.scm=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 | 12 += +++++-
=C2=A0gnu/system/examples/postfix.tmpl | 54 +++++++++++++++++++++++++++++++= +
=C2=A03 files changed, 86 insertions(+), 12 deletions(-)
=C2=A0create mode 100644 gnu/system/examples/postfix.tmpl

--
Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilyp= ond.org
Freelance IT http://JoyofSource.com | Avatar=C2=AE ht= tp://AvatarAcademy.com
--0000000000006b41de05ac90a831--