Bug#1100100: postfix: configure-instance's cp call fails on overlayfs over nfs4

Fri, 02 May 2025 07:03:15 -0700

Sorry, for some reason it seems our mail server filtered out the reply to this issue. 

On Sun, 16 Mar 2025 07:44:42 +0300 Michael Tokarev <[email protected]> wrote:

> > I'm facing an issue on a ephemeral machine booted into a read-only nfs4
> > root with an overlayfs to make / writable. postfix doesn't start, since
> > the copy command in configure-instance:91 fails. It copies the data, but > > overlayfs has an long-standing issue with nfs4_acls [1], which cp -p will 
> > try to copy but fail.
>
> Why it fails? From the cp(1) manpage:
>
> -p same as --preserve=mode,ownership,timestamps
>
> This list looked innocent enough to keep everything. Which ACLs it tries
> to copy here? It shouldn't?
>
> --preserve[=ATTR_LIST]
> preserve the specified attributes (default: mode,ownership,time‐
> stamps), if possible additional attributes: context, links,
> xattr, all
>
> Even with --preserve (with no argument, which is different from -p), it
> *tries* to preserve additional attributes only "if possible".
>
> I'm confused. Mode, ownership and timestamp has always been copied by
> this code (it used cpio in the past). Maybe cp(1) does more than what's
> described, - in which case it definitely should be fixed one way (by
> removing extra actions it does) or another (fixing the docs to match

> reality).
The manpage (compare https://manpages.debian.org/testing/coreutils/cp.1.en.html) actually mentions
> ATTR_LIST is a comma-separated list of attributes. Attributes are 'mode' for permissions (including any ACL and xattr permissions),
So it is expected that ACLs, including NFSv4 ACLs are copied when using --preserve=mode.
The command also works, it does everything it can copy, but exits with error code 1 and then the shell script exits right there (since -e is set in the shebang) and thus the service startup also fails.
Before, the command just used plain cp without any extra arguments, see https://salsa.debian.org/postfix-team/postfix-dev/-/blame/8fc13ff2a05c5fc3cad87809efe87611804845b0/debian/configure-instance.sh?page=1#L125 

This behaviour was changed in ca823921 as mentioned above.
My current "workaround" is to copy all these files manually first with the same options, but ignore failures before the service starts. cp will then not attempt to copy the ACLs (for some reason).

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

Reply via email to