postfix
postfix copied to clipboard
sous-chefs
sasl passwd problems with 5.3.0
Cookbook version
5.3.0
Chef-client version
12.20.3
Platform Details
Red Hat Enterprise Linux Server release 7.5 (Maipo) on AWS
Scenario:
smtp relay host via SES with sasl uesrname & password
Steps to Reproduce:
I had been using this for awhile in my attributes:
default["postfix"]["main"]["relayhost"] = "email-smtp.us-east-1.amazonaws.com:587"
default["postfix"]["main"]["smtp_sasl_auth_enable"] = "yes"
default["postfix"]["main"]["smtpd_use_tls"] = "no"
default["postfix"]["sasl"]["smtp_sasl_user_name"] = "<snip>"
default["postfix"]["sasl"]["smtp_sasl_passwd"] = "<snip>"
Expected Result:
Previously, this seemed to result in:
default["postfix"]["main"]["relayhost"] = "email-smtp.us-east-1.amazonaws.com:587"
default["postfix"]["main"]["smtp_sasl_auth_enable"] = "yes"
default["postfix"]["main"]["smtpd_use_tls"] = "no"
default["postfix"]["sasl"]["smtp_sasl_user_name"] = "<snip>"
default["postfix"]["sasl"]["smtp_sasl_passwd"] = "<snip>"
$ cat /etc/postfix/sasl_passwd
# Auto-generated by Chef.
# Local modifications will be overwritten.
#
email-smtp.us-east-1.amazonaws.com:587 <snip>:<snip>
Actual Result:
Now with 5.3.0 I ended up with:
$ cat /etc/postfix/sasl_passwd
# Auto-generated by Chef.
# Local modifications will be overwritten.
smtp_sasl_passwd :
smtp_sasl_user_name :
I was able to resolve it by changing the attributes:
default["postfix"]["sasl"] = {
"email-smtp.us-east-1.amazonaws.com:587" => {
"username" => "<snip>",
"password" => "<snip>"
}
}
It seems like it was a breaking change with a minor version bump though
we ran into same issue. it broke our deployment. note that the way @fletchowns resolved it works for us too but it still leaves funny looking empty' values in the file like this:
email-smtp.us-east-1.amazonaws.com:587 <snip>:<snip>
smtp_sasl_passwd :
smtp_sasl_user_name :
I was about to post this issue, but found it is already posted. The issue is deeper - the recipe code changed, corresponded attributes - does not. To match what I see in ERB file the lines:
node.default_unless['postfix']['sasl']['smtp_sasl_user_name'] = ''
node.default_unless['postfix']['sasl']['smtp_sasl_passwd'] = ''
in /var/chef/cache/cookbooks/postfix/recipes/_attributes.rb file has to be replaced with:
node.default_unless['postfix']['sasl'] = {}
This will eliminate the lines:
smtp_sasl_passwd :
smtp_sasl_user_name :
The actual configuration, as @fletchowns indicated should be:
default["postfix"]["sasl"] = {
"email-smtp.us-east-1.amazonaws.com:587" => {
"username" => "<snip>",
"password" => "<snip>"
}
}
This needs to be updated in documentation as well.
Instead of node['postfix']['sasl'] attributes, simply move them to your namespace say my-cookbook:
default['my-cookbook']['sasl']['[smtp.sendgrid.net]:587'] = {
'username' => 'SendGridUsername',
'password' => 'SendGridPassword',
}
Then anywhere in your wrapper cookbook, edit the template resource:
edit_resource!(:template, node['postfix']['sasl_password_file']) do
variables(settings: node['my-cookbook']['sasl'])
end
You'll end up with the right file:
root@default-ubuntu-1804:/etc/postfix# cat /etc/postfix/sasl_passwd
# Auto-generated by Chef.
# Local modifications will be overwritten.
[smtp.sendgrid.net]:587 SendGridUsername:SendGridPassword
Hopefully it helps! 👨🍳
Marking stale due to inactivity. Remove stale label or comment or this will be closed in 7 days. Alternatively drop by the #sous-chefs channel on the Chef Community Slack and we'll be happy to help! Thanks, Sous-Chefs.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@scalp42 Indeed it's still an issue. Following @voroniys solution feels wrong because we have to edit _attributes.rb file.
Any updates on this?
