fix postfix warning symlink leaves directory

Discussion in 'Server Operation' started by conny2540, Jul 3, 2019.

  1. conny2540

    conny2540 Member

    On ISPCONFIG3 Mail Warn-Log dashboard I see some of these links repeated daily once:
    Code:
     
    warning: symlink leaves directory: /etc/postfix/./smtpd.cert
    warning: symlink leaves directory: /etc/postfix/./smtpd.key 
    What is the meaning of this warning ?
    I used "locate" to find them on my debian server and it seems both are correct placed at folder /etc/postfix. How to fix this warning ?
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    It meas there are symbolic links in directory /etc/postfix that point to files outside of that directory. This may be a security issue if you have not created the symlinks yourself. In this case there is no security issue.
    Code:
    How to fix this warning ?
    Don't try to fix it.
     
  3. conny2540

    conny2540 Member

    ??? Tell a blind one how the colour red is. I don't know. I followed the tutorial "The perfect server debian 9, apache, pure-ftpd, bind, dovecot and ispconfig3". I've never touched this by myself if not instructed on that tutorial. The only thing I did was to deinstall an reinstall postfix after debian and ispconfig3 was installed and set first time.
    So better ignore and don't touch, right ?
     
  4. Neptun

    Neptun Member

    i have also this warning messages @ mail warn log
    used tutorial -> https://www.howtoforge.com/tutorial/perfect-server-debian-9-nginx-bind-dovecot-ispconfig-3.1/
    nothing changed - 100% followed the tutorial & no errors during setup
    latest IspConfig release from yesterday in use too

    Code:
    postfix/postfix-script[5934]: warning: symlink leaves directory: /etc/postfix/./smtpd.key
    postfix/postfix-script[5937]: warning: symlink leaves directory: /etc/postfix/./smtpd.cert
    postfix/postfix-script[5940]: warning: symlink leaves directory: /etc/postfix/./makedefs.out
     
  5. conny2540

    conny2540 Member

    Strange... Perhaps this could be a bug, or a false error message ?
     
  6. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    It is not an error message. Like the message says: "warning".
    ISPConfig is set up using symlinks in that directory and they point to files outside that directory. So the warning is accurate but it is to be ignored since things are as they should be.
     
  7. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    ispconfig does not create symlinks in /etc/postfix
     
    Neptun likes this.
  8. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Neptun likes this.
  9. Neptun

    Neptun Member

    OK - 100% correct, completely forgotten about it - but there had been added two links
    Code:
    ln -s /usr/local/ispconfig/interface/ssl/ispserver.crt smtpd.cert
    ln -s /usr/local/ispconfig/interface/ssl/ispserver.key smtpd.key
    The error gives an additional one, what i cannot remember anywhere
     
  10. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    You might be in the wrong directory when you did the symlinks following that tutorial as I don't remember any /./ directory for them.
     
  11. Neptun

    Neptun Member

    no the links are set correctly 1:1 by the tutorial - i think it is only shorten by the system at the error message log or the system cannot show it in another way
     
  12. Neptun

    Neptun Member

    both give the same and this would be the interessting part:
    Code:
    lrwxrwxrwx   1 root root       48 Jul  7 13:44 smtpd.key -> /usr/local/ispconfig/interface/ssl/ispserver.key
    lrwxrwxrwx   1 root root       48 Jul  7 13:44 smtpd.cert -> /usr/local/ispconfig/interface/ssl/ispserver.crt
    lrwxrwxrwx   1 root root       31 Jul  7 12:35 makedefs.out -> /usr/share/postfix/makedefs.out
    this would be the lines as mentioned in the tutorial
     
  13. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Ok. That seems correct. As mentioned by @Taleman above, it is simply a warning but it should be safe to ignore it.
     
    Neptun likes this.
  14. Danrancan

    Danrancan New Member

    Did anyone ever come to any solid conclusions about this? I am getting this when trying to configure an email server with dovecot and postfix on my raspberry pi. Please let me know as I can not find anything else on the internet about this except for this thread.
     
  15. Steini86

    Steini86 Active Member

    It is just a warning, that the selected certificate is a symlink to a file which is not in postfix folder. This could be a security problem (if done wrong) so it gives a warning. If you have done the link and know what you are doing, you can ignore it.
     
    ahrasis likes this.
  16. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    As an alternative, one would copy the certs to that directory instead but the problem with copying is that you might forget about their renewal.

    Symlink them on the other hand would ensure the update of the orginal certs will also update their symlinks. The warnings supposedly can be safely ignored.
     
    Th0m likes this.
  17. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    I have the same warnings and can confirm that it can be ignored.
     
    Milly likes this.
  18. Danrancan

    Danrancan New Member

    However, I personally never created a symlink with the ls -s command or any other command that i'm aware of. I just followed a tutorial. Where did this link come from if i didn't symlink it myself? That is the question that sort of scares me. I am the only one with access to my server.
     
  19. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Which tutorial did you follow?
    What is the output of
    Code:
    ls -l /etc/postfix/
    The command to create a symlink is ln -s by the way.

    I don't think someone else accessed your server and created a symlink.
     
  20. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

Share This Page