Hi Wietse,
On 19/11/2021 16:53, Wietse Venema wrote:
With hash and btree there is no guaranteed way to read a table after
it is updated, even when using locks. LMDB tables are better in
this respect, as long as you use the right locking procedure (man 5
lmdb_table) but you'd need to make the table group readable so that
your tool can lock and read it.
I didn't realise that btree wasn't good for sharing so I've switched to
LMDB format. Hopefully I can find a suitable Debian PERL module (not
CPAN) or get PHP to read the format. I have some reading and
experimenting to do. Thanks for the tips.
That leaves two problems.
The table format is an internal interface. I do make incompatible
changes internally, and that is OK because no-one is supported when
they rely on an internal interface. The format is described with a
comment in the verify.c source code.
Changes to the internal data format would only be a problem (for me)
once every 4 years as I only upgrade Postfix with Debian every other Deb
release (excluding security fixes). I build a new VPS each time as
'dist-upgrade' adds too many unwanted packages for my small VPS. I'm
about due a rebuild, meaning Debian 8 to 10 (Postfix v3.1.15 to v3.4).
While that's still 2 versions behind (soon to be 3) I'm looking forward
to trying out SNI. Ah the format is in the comments! I've just had a
look. So the first colon separated value of data is status. Thanks.
Instead of hacking file permissions you could try to set up a
proxymap service over TCP on 127.0.0.1. But again the protocol is
an internal interface and breaking changes happen. I just noticed
that this protocol still needs to be changed into "server speaks
first" like the rest of Postfix. I have added that on the TODO list
for Postfix 3.7.
Yes I think you are right that the best way to query the database would
be by a local TCP service. As me for using stable protocol, well sorry I
wouldn't know where to start. I was more thinking about keeping it
simple. Having it reply with the status byte or -1 for no match? I
think that is about my limit sadly.
Thanks for your encouraging reply.
Best wishes,
Mick.
Reading the verify map (and other tables) would need a proxymap
like service with a stable protool. It should probably output JSON
format, like postqueue -j does.
Wietse
