Postfix smtp_tls_CApath on Ubuntu lucid-backports (2.8.1-1~lucid1)
Posted Aug 17 2011, 14:46 by William Shallum [updated Oct 2 2014, 08:19]
I installed postfix from lucid-backports (2.8.1-1~lucid1) and it had a problem in its init script that caused SMTP TLS verification to fail.
If the smtp_tls_CApath is outside the chroot, the files inside
smtp_tls_CApath will end up
in "/var/spool/postfix/${ca_path#/}/${ca_path#/}" instead
of "/var/spool/postfix/${ca_path#/}". This is caused by the init script copying using cpio in passthrough mode while feeding it absolute pathnames using find “$ca_path”. See
https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/828047 for
details.
A workaround would be to use an smtp_tls_CApath that points inside the chroot (/var/spool/postfix).
Replacing the cpio line with this one works for me:
(cd "$ca_path" && find . -print0 | cpio -0pdL "$dest_dir")Use at your own risk.