After a minimal debian stretch installation using (debian-9.8.0-amd64-netinst.iso), where hostname is left at the default debian
and domain was left empty, installing postfix fails because the detected fully qualified hostname contains a trailing .
character.
I think it is dhclient
that saves the resolv.conf
file on a minimal install without Network Manager. It has trailing .
characters in its search clause even though the DHCP server doesn't send any (see below).
If hostname --fqdn
is empty, postfix looks in resolv.conf
with sed
and finds and tries to use the FQDN with the trailing .
which causes postfix installation to fail (see below).
Where is the bug? In postfix.postinst
, in dhclient
, with my understanding or somewhere else?
In reality this fails when installing postfix from a Dockerfile, but the same behavior is seen with a minimal debian installation, so it isn't really Docker related, apart from the fact that you can't control the FQDN of the "host"/container during docker build
so we run into this problem. The workaround is of course to patch resolv.conf
before installing postfix, but that is very much a hack. (Unless you have a better idea?)
Details:
/etc/hosts:
127.0.0.1 localhost
127.0.1.1 debian
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
/etc/resolv.conf
domain capmon.lan
search capmon.lan. capmon.
nameserver 10.10.10.251
Now running apt-get install postfix
:
<snip>
setting myhostname: debian.capmon.lan.
setting alias maps
setting alias database
mailname is not a fully qualified domain name. Not changing /etc/mailname.
setting destinations: $myhostname, debian, localhost.localdomain, , localhost
setting relayhost:
setting mynetworks: 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
setting mailbox_size_limit: 0
setting recipient_delimiter: +
setting inet_interfaces: all
setting inet_protocols: all
Postfix (main.cf) is now set up with a default configuration. If you need to
make changes, edit /etc/postfix/main.cf (and others) as needed. To view
Postfix configuration values, see postconf(1).
After modifying main.cf, be sure to run 'service postfix reload'.
Running newaliases
newaliases: warning: valid_hostname: misplaced delimiter: debian.capmon.lan.
newaliases: fatal: file /etc/postfix/main.cf: parameter myhostname: bad parameter value: debian.capmon.lan.
dpkg: error processing package postfix (--configure):
subprocess installed post-installation script returned error exit status 75
Processing triggers for systemd (232-25+deb9u12) ...
Processing triggers for rsyslog (8.24.0-1) ...
Errors were encountered while processing:
postfix
E: Sub-process /usr/bin/dpkg returned an error code (1)
And that is because postfix's myhostname
has a trailing .
:
# grep ^myhostname /etc/postfix/main.cf
myhostname = debian.capmon.lan.
And that is because /var/lib/dpkg/info/postfix.postinst
has:
# The resolver uses the last one found, and ignores the rest
mydom=$(sed -n 's/^search[[:space:]]*\([^[:space:]]*\).*/\1/p;s/^domain[[:space:]]*\([^[:space:]]*\).*/\1/p' /etc/resolv.conf | tail -1)
myhostname="$myhostname${mydom:+.$mydom}"
and sure enough:
# sed -n 's/^search[[:space:]]*\([^[:space:]]*\).*/\1/p' /etc/resolv.conf
capmon.lan.
I've checked (also in the transmitted bytes), and the DHCP server does not send trailing .
characters:
The problem is in
/var/lib/dpkg/info/postfix.postinst
.Consider the Debian versions with their respective postfix versions, and all fails with the same error 75 in post-installation script:
And all of them share the following in the function
myfqdn
:On the other hand
And differs in
myfqdn
:And avoid the
.
in the group matched by the regex.Therefore, there are possible solutions:
Use Debian bookworm (but in Jan 2022 it's for testing).
Download postfix from source code.
After the
apt-get install postfix
(even with the error code 75) run:Where
<yourhostname>
can be$(hostname -f)
.Minimal reproducible example (with docker):
For Debian bookworm