Question on embedded variables in postconf command

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Question on embedded variables in postconf command

Robert Moskowitz
Is there a way to get the following:

postconf -e 'smtpd_tls_key_file = /etc/pki/tls/private/$myhostname.key'

To work and substitute the value for $myhostname?

I am building a new server and writing up my scripts and I am trying to
adhere to the lessons I learned here some 2+ years ago.  And trying to
be better than I was then...


Thank you.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question on embedded variables in postconf command

Robert Moskowitz
After a bit of reflection, I may have asked the wrong question. Perhaps
a better question is does the substitution take place on processing the
option?

thanks

On 03/07/2017 01:59 PM, Robert Moskowitz wrote:

> Is there a way to get the following:
>
> postconf -e 'smtpd_tls_key_file = /etc/pki/tls/private/$myhostname.key'
>
> To work and substitute the value for $myhostname?
>
> I am building a new server and writing up my scripts and I am trying
> to adhere to the lessons I learned here some 2+ years ago. And trying
> to be better than I was then...
>
>
> Thank you.
>
>

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question on embedded variables in postconf command

Christian Kivalo


Am 7. März 2017 20:00:55 MEZ schrieb Robert Moskowitz <[hidden email]>:
>After a bit of reflection, I may have asked the wrong question. Perhaps
>
>a better question is does the substitution take place on processing the
>
>option?
What about testing the assumption? Build the configuration and try to make a tls secured connection, it either works or you will see the error in your  logs.

Just changed my configuration to use $myhostname variable for the cert name filename and that works very well. Thanks for the idea.

>thanks
>
>On 03/07/2017 01:59 PM, Robert Moskowitz wrote:
>> Is there a way to get the following:
>>
>> postconf -e 'smtpd_tls_key_file =
>/etc/pki/tls/private/$myhostname.key'
>>
>> To work and substitute the value for $myhostname?
>>
>> I am building a new server and writing up my scripts and I am trying
>> to adhere to the lessons I learned here some 2+ years ago. And trying
>
>> to be better than I was then...
>>
>>
>> Thank you.
>>
>>
--
Christian
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question on embedded variables in postconf command

Robert Moskowitz


On 03/07/2017 02:19 PM, Christian Kivalo wrote:
>
> Am 7. März 2017 20:00:55 MEZ schrieb Robert Moskowitz <[hidden email]>:
>> After a bit of reflection, I may have asked the wrong question. Perhaps
>>
>> a better question is does the substitution take place on processing the
>>
>> option?
> What about testing the assumption? Build the configuration and try to make a tls secured connection, it either works or you will see the error in your  logs.

I am days away for a working server.  Well, maybe I can test on
another...  hmmm.

I plod along testing each build step out, going back to checkpoints and
moving forward again.  Now it is the Postfix configs.

> Just changed my configuration to use $myhostname variable for the cert name filename and that works very well. Thanks for the idea.

Thanks for trying it out!  I am working on minimizing the places where I
have to customize my howto, so that I can better remember what I did
years ago.  Plus share it with others.

And this would apply also to smtpd_tls_cert_file.

>> thanks
>>
>> On 03/07/2017 01:59 PM, Robert Moskowitz wrote:
>>> Is there a way to get the following:
>>>
>>> postconf -e 'smtpd_tls_key_file =
>> /etc/pki/tls/private/$myhostname.key'
>>> To work and substitute the value for $myhostname?
>>>
>>> I am building a new server and writing up my scripts and I am trying
>>> to adhere to the lessons I learned here some 2+ years ago. And trying
>>> to be better than I was then...
>>>
>>>
>>> Thank you.
>>>
>>>

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question on embedded variables in postconf command

Peter Ajamian
In reply to this post by Robert Moskowitz
On 08/03/17 08:00, Robert Moskowitz wrote:
> After a bit of reflection, I may have asked the wrong question. Perhaps
> a better question is does the substitution take place on processing the
> option?

It would take place at runtime (I believe).  If you want it to hard-code
the substitution into main.cf you could do something like this:

postconf "smtpd_tls_key_file = /etc/pki/private/$(postconf -h
myhostname).key"


Peter
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question on embedded variables in postconf command

Robert Moskowitz


On 03/07/2017 02:43 PM, Peter wrote:
> On 08/03/17 08:00, Robert Moskowitz wrote:
>> After a bit of reflection, I may have asked the wrong question. Perhaps
>> a better question is does the substitution take place on processing the
>> option?
> It would take place at runtime (I believe).  If you want it to hard-code
> the substitution into main.cf you could do something like this:
>
> postconf "smtpd_tls_key_file = /etc/pki/private/$(postconf -h
> myhostname).key"

Oh, that is very interesting!  Took me a bit looking at it to get what
you did, but very nice.

In this case I will keep it 'soft' so if I were to change my host name
and my cert file, I would only have to make the change in one place.

thanks

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question on embedded variables in postconf command

Robert Moskowitz
In reply to this post by Peter Ajamian


On 03/07/2017 02:43 PM, Peter wrote:
> On 08/03/17 08:00, Robert Moskowitz wrote:
>> After a bit of reflection, I may have asked the wrong question. Perhaps
>> a better question is does the substitution take place on processing the
>> option?
> It would take place at runtime (I believe).  If you want it to hard-code
> the substitution into main.cf you could do something like this:
>
> postconf "smtpd_tls_key_file = /etc/pki/private/$(postconf -h
> myhostname).key"

This did not quite work, at least in using interactive variables.  I
have modified my guide by setting interactive variables in the beginning
and then using them throughout, so that it is not necessary (or much
less) to modify stuff.  I came up with:

eval $(echo "postconf -e 'mydomain = "$your_domain_tld"'")
eval $(echo "postconf -e 'myhostname = "$your_host_tld"'")

The variables your_domain_tld and your_host_tld are used a lot in this
guide to customize conf files and such.

Might be a slicker way, but this works...


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question on embedded variables in postconf command

Viktor Dukhovni

> On Mar 9, 2017, at 9:54 AM, Robert Moskowitz <[hidden email]> wrote:
>
> I have modified my guide by setting interactive variables in the beginning and then using them throughout, so that it is not necessary (or much less) to modify stuff.  I came up with:
>
> eval $(echo "postconf -e 'mydomain = "$your_domain_tld"'")
> eval $(echo "postconf -e 'myhostname = "$your_host_tld"'")
>
> The variables your_domain_tld and your_host_tld are used a lot in this guide to customize conf files and such.
>
> Might be a slicker way, but this works...

That's rather convoluted, what's wrong with:

 postconf -e "mydomain = $your_domain_tld"
 postconf -e "myhostname = $your_host_tld"

Or when doing both:

 postconf -e \
        "mydomain = $your_domain_tld" \
  "myhostname = $your_host_tld"

which takes considerably less time, because Postfix likes to
avoid reading "hot" configuration files that have been modified
less than two seconds ago and may be in an intermediate state.

So the configuration reader sleeps for 300ms and retries, waiting
for the file to "cool down".  Therefore, modifying paramaters one
at a time takes around 1.5 seconds per parameter.

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question on embedded variables in postconf command

Robert Moskowitz
Sorry, Viktor,

I was not clear in my intent.

This is for a guide that uses a number of interactive environment
variables to build lots of conf files that are needed, it seems, for a
mail server.

So the variables are long gone when the server is up and running. Thus
for main.cf, I want to hard code the value of those variables into
mydomain and myhostname.  The eval with echo command is run through the
guide to execute these postconf commands to have the desired main.cf.  
Rather than what I have seen in many other guides, where they supply a
main.cf to replace the shipped main.cf.  I learned here 4 years ago why
that is a 'bad thing'.

But thanks for the insight.

On 03/09/2017 10:13 AM, Viktor Dukhovni wrote:

>> On Mar 9, 2017, at 9:54 AM, Robert Moskowitz <[hidden email]> wrote:
>>
>> I have modified my guide by setting interactive variables in the beginning and then using them throughout, so that it is not necessary (or much less) to modify stuff.  I came up with:
>>
>> eval $(echo "postconf -e 'mydomain = "$your_domain_tld"'")
>> eval $(echo "postconf -e 'myhostname = "$your_host_tld"'")
>>
>> The variables your_domain_tld and your_host_tld are used a lot in this guide to customize conf files and such.
>>
>> Might be a slicker way, but this works...
> That's rather convoluted, what's wrong with:
>
>   postconf -e "mydomain = $your_domain_tld"
>   postconf -e "myhostname = $your_host_tld"
>
> Or when doing both:
>
>   postconf -e \
> "mydomain = $your_domain_tld" \
>   "myhostname = $your_host_tld"
>
> which takes considerably less time, because Postfix likes to
> avoid reading "hot" configuration files that have been modified
> less than two seconds ago and may be in an intermediate state.
>
> So the configuration reader sleeps for 300ms and retries, waiting
> for the file to "cool down".  Therefore, modifying paramaters one
> at a time takes around 1.5 seconds per parameter.
>

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question on embedded variables in postconf command

Peter Ajamian
On 10/03/17 04:20, Robert Moskowitz wrote:
> I was not clear in my intent.

No, you were not, and yet...

> This is for a guide that uses a number of interactive environment
> variables to build lots of conf files that are needed, it seems, for a
> mail server.
>
> So the variables are long gone when the server is up and running. Thus
> for main.cf, I want to hard code the value of those variables into
> mydomain and myhostname.

and the command that Viktor gave you does just that, it substitutes the
environment variable in the postconf command and the results are written
to main.cf.  The environment variables are evaluated at command time,
not runtime.

> The eval with echo command is run through the
> guide to execute these postconf commands to have the desired main.cf.

The eval and echo are both completely unnecessary, ugly, slow, and even
carry some security risks.

> But thanks for the insight.

Obviously not enough insight as you completely missed what Viktor was
telling you.


Peter
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question on embedded variables in postconf command

Robert Moskowitz
In reply to this post by Viktor Dukhovni
Ah,

On 03/09/2017 10:13 AM, Viktor Dukhovni wrote:

>> On Mar 9, 2017, at 9:54 AM, Robert Moskowitz <[hidden email]> wrote:
>>
>> I have modified my guide by setting interactive variables in the beginning and then using them throughout, so that it is not necessary (or much less) to modify stuff.  I came up with:
>>
>> eval $(echo "postconf -e 'mydomain = "$your_domain_tld"'")
>> eval $(echo "postconf -e 'myhostname = "$your_host_tld"'")
>>
>> The variables your_domain_tld and your_host_tld are used a lot in this guide to customize conf files and such.
>>
>> Might be a slicker way, but this works...
> That's rather convoluted, what's wrong with:
>
>   postconf -e "mydomain = $your_domain_tld"

There appears to be a difference between what you show above and what I
tested:

postconf -e 'mydomain = $your_domain_tld'

The single quote results in:

mydomain = $your_domain_tld

So I did a little googling and learned the difference:

http://stackoverflow.com/questions/6697753/difference-between-single-and-double-quotes-in-bash

This time around I am really trying to do things smarter and am
expanding my rather limited skill set.

>   postconf -e "myhostname = $your_host_tld"
>
> Or when doing both:
>
>   postconf -e \
> "mydomain = $your_domain_tld" \
>   "myhostname = $your_host_tld"
>
> which takes considerably less time, because Postfix likes to
> avoid reading "hot" configuration files that have been modified
> less than two seconds ago and may be in an intermediate state.
>
> So the configuration reader sleeps for 300ms and retries, waiting
> for the file to "cool down".  Therefore, modifying paramaters one
> at a time takes around 1.5 seconds per parameter.
>

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Question on embedded variables in postconf command

Peter Ajamian
On 10/03/17 12:59, Robert Moskowitz wrote:
> There appears to be a difference between what you show above and what I
> tested:
>
> So I did a little googling and learned the difference:
>
> http://stackoverflow.com/questions/6697753/difference-between-single-and-double-quotes-in-bash

Yep, you nailed it there.  Small difference but it completely changes
how the command works.


Peter
Loading...