Re: Random Source Parameter Error

Tue, 29 Dec 2009 14:07:56 -0800 

On Tue, Dec 29, 2009 at 11:35:09AM -0500, Victor Duchovni wrote:

> I'll look into this when I get a chance to test Postfix on a 10.6
> system. It is possible that /dev/urandom does not support poll(2)
> with Snow Leopard. Unlike /dev/random, it is a non-blocking device,
> so arguably no polling is required, the poll() should always succeed
> immediately of course, failing is anti-social.

Got the 10.6.2 system up and running mostly. The stock Postfix that
comes from Apple has:

    # postconf -d mail_version tls_random_source
    mail_version = 2.5.5
    tls_random_source = 

When I build Postfix from Macports, I get a 2.6.2 build, which also
defaults to:

        tls_random_source =

however, setting:

    tls_random_source = dev:/dev/urandom

works just fine, no noise in the mail log. Looking at tlsmgr(8) with
"dtruss" shows, Postfix 2.6.2 using select() for timed read.

open("/dev/urandom\0", 0x0, 0x0)                 = 7 0
geteuid(0x100305D1D, 0x100303144, 0x0)           = 0 0
getegid(0x100305D1D, 0x100303144, 0x0)           = 0 0
geteuid(0x1B, 0x1B, 0x0)                 = 0 0
setegid(0x1B, 0x1B, 0x0)                 = 0 0
setgroups(0x1, 0x7FFF5FBFFB5C, 0x0)              = 0 0
seteuid(0x1B, 0x7FFF5FBFFB5C, 0x0)               = 0 0
stat64("/var/lib/postfix-test\0", 0x7FFF5FBFFA90, 0x74)          = 0 0
open("/var/lib/postfix-test/prng_exch\0", 0x202, 0x180)          = 8 0
geteuid(0x0, 0x0, 0xFC080)               = 27 0
seteuid(0x0, 0x0, 0x0)           = 0 0
setegid(0x0, 0x0, 0x0)           = 0 0
setgroups(0x1, 0x7FFF5FBFFB5C, 0x0)              = 0 0
setgid(0x1B, 0x10030587C, 0x100305890)           = 0 0
initgroups(0x6, 0x7FFF5FBFFB30, 0x1B)            = 0 0
setuid(0x1B, 0x6, 0x0)           = 0 0
select(0x8, 0x7FFF5FBFF940, 0x0, 0x7FFF5FBFF8C0, 0x7FFF5FBFF9C0)                
 = 2 0
read(0x7, 
"\341\26103[E\201\221\215\353\260j\207\017\244\031\v\002\n\354\364\374\206+\201\363\2636\031J\205\355\0",
 0x20)                = 32 0

The OP's problem is most likely specific to Apple's build of 2.5.5, where
timed_read() uses poll() but /dev/urandom does not cooperate...

-- 
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

Reply via email to