On Sun, Feb 28, 2021 at 01:35:40AM -0500, JF Mezei wrote:
> Situation: OS-X Snow Leopard server, with Postfix that came built by Apple.
> According to postconf -d , Mail version: Postfix 2.5.14
Is that still your target platform, or are you now building for a newer
Apple machine?
> do postconf -a and -m yield all options I need to be concerned about, or
> are there many other portions I need to check to ensure that what I
> build from source (3.5.9) has the same functionality as what Apple had
> provided last decade?
You should compare the outputs of "postconf -d" between the two
versions. FWIW, I compared "postconf -d" between MacOS Catalina and the
latest Postfix 3.6 snapshot (which is what I am running), and saw no
substantive ommisions (just some new things that you weren't using).
> postconf -a
> cyrus
> dovecot
>
> velo:perl-5.32.1 $ postconf -m
> btree
> cidr
> environ
> hash
> pcre
> proxy
> regexp
> static
> unix
Indeed the lists of supported SASL mechanisms and map types are also
well worth checking.
> My SASL goes though Dovecot. From what I read, this is all done through
> pipes, so I assume both are independantr of each other when one is
> upgraded ?
Postfix uses a stable protocol to communicate with Dovecot, you should
be fine.
> Secondly, what is the recommended/best practice to document the build?
Postfix saves the build parameters in the install "makedefs.out" file,
but by all means put your build command into a shell script. I do
the same:
#! /bin/sh
make -f Makefile.init dynamicmaps=yes shared=yes pie=yes \
'CCARGS=-DDEF_MAIL_OWNER=\"postfix\" -DDEF_SGID_GROUP=\"maildrop\"
-DHAS_EAI -DUSE_SASL_AUTH -I/usr/local/include -DHAS_PCRE -DUSE_CYRUS_SASL
-I/usr/local/include/sasl -DUSE_TLS -I/usr/local/include/db5 -DHAS_CDB
-DHAS_LMDB' \
'AUXLIBS=-L/usr/local/lib -lsasl2 -lpam -lcrypt
-Wl,-rpath,/usr/local/lib -fstack-protector-strong -lssl -lcrypto
-L/usr/local/lib/db5 -ldb-5.3' \
'AUXLIBS_CDB=-L/usr/local/lib -Wl,-R,/usr/local/lib -lcdb' \
'AUXLIBS_PCRE=-L/usr/local/lib -Wl,-R/usr/local/lib -lpcre' \
'AUXLIBS_LMDB=-L/usr/local/lib -Wl,-R/usr/local/lib -llmdb' \
command_directory=/usr/local/sbin \
config_directory=/usr/local/etc/postfix \
daemon_directory=/usr/local/libexec/postfix \
data_directory=/var/db/postfix \
mailq_path=/usr/local/bin/mailq \
newaliases_path=/usr/local/bin/newaliases \
queue_directory=/var/spool/postfix \
sendmail_path=/usr/local/sbin/sendmail \
shlib_directory=/usr/local/lib/postfix \
html_directory=/usr/local/share/doc/postfix \
manpage_directory=/usr/local/man \
readme_directory=/usr/local/share/doc/postfix \
makefiles
> Create a shell file into which the make makefile arg1=x arg2=y etc are
> written? is there a recommended name? (since that would become the
> de-facto record of options used to build that version, useful when
> building next).
You can always recover the settings from "makedefs.out", unless that's
also lost.
> just upgraded openssl to 1.1.1j and it sits in /usr/local hiearchy
> (leaving the original elderly Apple version in /usr).
You can generally use homebrew if you don't want to build it yourself.
> While the $PATH is set to put /usr/local/bin ahead of /usr/bin, I am not
> aware of what mechanism exists to tell "make" where to find the new
> libraries against which to link Postfix. ( looks in the install page and
> didn't find such reference). Any pointer ?
See AUXLIBS above. This is document in the INSTALL tutorial.
http://www.postfix.org/INSTALL.html
http://www.postfix.org/INSTALL.html#build_other
> Third question: Install location.
>
> I know of the shlib_directory option. However, if I do a "make upgrade"
> does this imply that it will replace the original Apple-supplied
> executables in directories that are now SIP protected (Snow Leopard
> doesn't have SIP, but would still want to know).
Well, it can't replace these, so the installation would fail if you
tried. However, if you correctly configure config_directory,
command_directory, daemon_directory, ... to all be under
/usr/local/{etc,sbin,libexec,...}, you won't have that problem.
See above.
> Is there an easy mechanism to get the "make upgrade" to send
> everything to /usr/local equivaent of the original?
See above.
--
Viktor.
