Just learnt more about Debian's postfix-resolvconf.path by
reading /usr/share/doc/postfix/README.Debian.gz
This works fine:
# As we are using chroot and DHCP (see
/usr/share/doc/postfix/README.Debian.gz)
systemctl enable postfix-resolvconf.path
systemctl start postfix-resolvconf.path
I noticed this was under the "=== older, non-reviewed, contents of
README.Debian follows." section and it suggests:
2B. In the standard Debian networking configuration, postfix is not
notified
if /etc/resolv.conf is updated, so the copy in the postfix
chroot may
become stale. This can be addressed one of two ways:
a. For systemd users, a .path unit is shipped disabled (since
this is only
relevant for some network configurations) to watch for
resolv.conf
updates. It needs to be manually enabled and started (once):
# systemctl enable postfix-resolvconf.path
# systemctl enable postfix-resolvconf.service
# systemctl start postfix-resolvconf.path
b. For users of other init systems, installation of the
resolvconf package
should prevent this problem for networking configurations
where it is an
issue.
But I don't believe the "systemctl enable postfix-resolvconf.service"
line is valid or required as it is invoked by postfix-resolvconf.path
I have a working solution for me that still maintains chroot (I'll just
need to be careful when certs expire to remember a reload won't be good
enough) - for others it might be worth enabling the service for them
too.. if it's possible for the Debian package to detect DHCP and enable
it if it sees it that would probably be ideal.
Kind Regards,
Matthew
On 28/08/2025 11:21, Matthew wrote:
>If you upgraded from previous debian release
No, completely fresh and clean install of Debian 13, almost couldn't
be cleaner. No upgrading. No GUI (just SSH and Standard System
Utilities selected in Debian 13 Installer). The very few commands to
re-create are in the previously attached TXT file (the only one
relevant is probably apt-install postfix). This being a simple clean
scenario I thought made it a good example as a decent and fairly
common Debian 13 issue. Although I've since learnt it's hardly new or
even exclusive to Debian 13 (
https://www.google.com/search?q=postfix+resolv.conf+early )
root@SMTP:~# apt list --installed | grep -i dhcp
..
dhcpcd-base/stable,now 1:10.1.0-11 amd64 [installed]
root@SMTP:~# dhcpcd --version
dhcpcd 10.1.0
Copyright (c) 2006-2024 Roy Marples
Compiled in features: INET ARP ARPing IPv4LL INET6 DHCPv6 AUTH PRIVSEP
>For this, the best suggestion would be what Wietse said - to turn off
chroot.
Will do
>In debian postfix package, there's a separate command for it
Did not know this, thank you for the pointer.
>And I'll take another look at this thing
If I can help in any way please let me know, happy to help out however
I can.
>postfix-resolvconf.path
Hadn't heard of this and that seems exactly what's needed too.
>is not useful if no chroot is in use
The default configuration does chroot though doesn't it? So logically
if chroot is on by default I would expect the other service that
enables it to work to be on by default as well.. the configuration
file could list that it's on and can be turned off if chroot is being
turned off.. or the configuration script could warn it's on too (just
like it warns to update aliases)? I suppose the only time it isn't
useful to have postfix-resolvconf and chroot on is if the user has
assigned a static IP / DNS server to the machine.
Kind Regards,
Matthew
On 28/08/2025 10:47, Michael Tokarev via Postfix-users wrote:
On 27.08.2025 23:59, Matthew via Postfix-users wrote:
DHCP client is whatever is the default in Debian 13.
If you upgraded from previous debian release, dhcpd is left the
one which you had before. I assume it is isc-dhcp-client. Ok.
Or are you suggesting another dnsmasq on the VM and hardcoding
localhost for the system?
No. Since I didn't know your setup, I listed all possible options.
dnsmasq is one of possible DNS caches - good to have for high-volume
mail server (though for high volume it's better to use a real
nameserver).
E-mail volume is tiny, I’m the only human user and this is just to
run my personal email. NAS, UPS and website contact form
occasionally e-mail me.
For this, the best suggestion would be what Wietse said - to turn
off chroot.
In debian postfix package, there's a separate command for it,
postfix chroot off
postfix reload
(see man postfix for details).
And I'll take another look at this thing, - I guess isc dhcp
client is the most common one on debian, apparently the thing
still doesn't work despite all my attempts to address this
"stale chroot" issue. Maybe I should automatically enable
postfix-resolvconf.path service (it doesn't hurt, just is not
useful if no chroot is in use).
Thanks,
/mjt
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
