[Mimedefang] REVISED: postfix/mimedefang socket

Richard Laager rlaager at wiktel.com
Fri Sep 29 00:11:18 EDT 2017


I have attached fully split, native, Type=simple (not forking) unit
files, which I have tested on Ubuntu 16.04.

They honor the settings in /etc/default/mimedefang. This includes the
MX_USER setting (i.e. systemd does not directly control the service user).

They are configured such that if you do start/stop/reload/restart the
mimedefang service (as before), the actions propagate to
mimedefang-multiplexor appropriately.

Some questions (for Dianne?):

1) Is it necessary to rm $SOCKET and $MX_SOCKET *before starting*?

2) Is it necessary to rm $SOCKET and $MX_SOCKET *after stopping*?

3) The init script (at least on Ubuntu) says, '# Locale should be set to
"C" for generating valid date headers'. I see a strftime() in
mimedefang-multiplexor.c. Plus, the Perl code inherits from the
multiplexor, so I can understand this. Is setting LC_ALL=C necessary for
the mimedefang process too, or just mimedefang-multiplexor?

4) The mimedefang-multiplexor process exits with status 1 on SIGTERM. I
am absolutely sure (because I'm doing it by hand for testing) that I am
only sending a SIGTERM, and only to the main mimedefang-multiplexor
process (not the children). It logs 'Received SIGTERM: Stopping slaves
and terminating' and then reaps the slaves as expected; there are no
errors in the log. Is that exit status expected?

I have built the unit files assuming the following answers:
1) Yes.
2) Yes.
3) Not necessary for mimedefang, only mimedefang-multiplexor.
4) "Yes", as this happens (whether expected or not).

-- 
Richard
-------------- next part --------------
[Unit]
Description=MIMEDefang E-mail Filter
Documentation=man:mimedefang(8)
Before=multi-user.target
Before=postfix.service
Before=sendmail.service
After=remote-fs.target
After=systemd-journald-dev-log.socket
BindsTo=mimedefang-multiplexor.service
After=mimedefang-multiplexor.service
PropagatesReloadTo=mimedefang-multiplexor.service

[Service]
Type=simple
Restart=on-failure
TimeoutStopSec=30s
Environment=MX_SOCKET=/var/spool/MIMEDefang/mimedefang-multiplexor.sock MX_USER=defang SOCKET=/var/spool/MIMEDefang/mimedefang.sock
EnvironmentFile=-/etc/default/mimedefang
ExecStartPre=/bin/rm -f $SOCKET
ExecStart=/bin/sh -c 'exec /usr/bin/mimedefang -D \
    `[ -n "$LOOPBACK_RESERVED_CONNECTIONS" ] && echo "-R $LOOPBACK_RESERVED_CONNECTIONS"` \
    -m $MX_SOCKET \
    `[ -n "$SPOOLDIR" ] && echo "-z $SPOOLDIR"` \
    `[ -n "$MX_USER" ] && echo "-U $MX_USER"` \
    `[ -n "$SYSLOG_FACILITY" ] && echo "-S $SYSLOG_FACILITY"` \
    `[ "$MX_RELAY_CHECK" = "yes" ] && echo "-r"` \
    `[ "$MX_HELO_CHECK" = "yes" ] && echo "-H"` \
    `[ "$MX_SENDER_CHECK" = "yes" ] && echo "-s"` \
    `[ "$MX_RECIPIENT_CHECK" = "yes" ] && echo "-t"` \
    `[ "$KEEP_FAILED_DIRECTORIES" = "yes" ] && echo "-k"` \
    `[ "$MD_EXTRA" != "" ] && echo $MD_EXTRA` \
    `[ "$MD_SKIP_BAD_RCPTS" = "yes" ] && echo "-N"` \
    "`[ -n "$X_SCANNED_BY" ] && \
      ( [ "$X_SCANNED_BY" = "-" ] && \
        echo "-X" || echo "-x$X_SCANNED_BY" )`" \
    `[ "$MD_ALLOW_GROUP_ACCESS" = "yes" ] && echo "-G"` \
    `[ "$ALLOW_NEW_CONNECTIONS_TO_QUEUE" = "yes" ] && echo "-q"` \
    -p $SOCKET'
ExecStopPost=/bin/rm -f $SOCKET
# Make this service eligible for a reload, so we can propagate it to
# mimedefang-multiplexor.service.
ExecReload=/bin/true

[Install]
WantedBy=multi-user.target
-------------- next part --------------
[Unit]
Description=MIMEDefang E-mail Filter (Multiplexor)
Documentation=man:mimedefang-multiplexor(8)
After=remote-fs.target
After=systemd-journald-dev-log.socket
PartOf=mimedefang.service

[Service]
Type=simple
Restart=on-failure
TimeoutStopSec=30s
KillMode=mixed
# Locale should be set to "C" for generating valid date headers
Environment=LC_ALL=C MX_BUSY=600 MX_LOG=yes MX_MAXIMUM=10 MX_MINIMUM=2 MX_SOCKET=/var/spool/MIMEDefang/mimedefang-multiplexor.sock MX_USER=defang
EnvironmentFile=-/etc/default/mimedefang
SuccessExitStatus=1
ExecStart=/bin/sh -c 'HOME=${SPOOLDIR:=/var/spool/MIMEDefang} \
    exec /usr/bin/mimedefang-multiplexor -D \
    `[ "$MX_EMBED_PERL" = "yes" ] && echo "-E"` \
    `[ -n "$SPOOLDIR" ] && echo "-z $SPOOLDIR"` \
    `[ -n "$FILTER" ] && echo "-f $FILTER"` \
    `[ -n "$SYSLOG_FACILITY" ] && echo "-S $SYSLOG_FACILITY"` \
    `[ -n "$SUBFILTER" ] && echo "-F $SUBFILTER"` \
    `[ -n "$MX_MINIMUM" ] && echo "-m $MX_MINIMUM"` \
    `[ -n "$MX_MAXIMUM" ] && echo "-x $MX_MAXIMUM"` \
    `[ -n "$MX_MAP_SOCKET" ] && echo "-N $MX_MAP_SOCKET"` \
    `[ -n "$MX_LOG_SLAVE_STATUS_INTERVAL" ] && echo "-L $MX_LOG_SLAVE_STATUS_INTERVAL"` \
    `[ -n "$MX_USER" ] && echo "-U $MX_USER"` \
    `[ -n "$MX_IDLE" ] && echo "-i $MX_IDLE"` \
    `[ -n "$MX_BUSY" ] && echo "-b $MX_BUSY"` \
    `[ -n "$MX_REQUESTS" ] && echo "-r $MX_REQUESTS"` \
    `[ -n "$MX_SLAVE_DELAY" ] && echo "-w $MX_SLAVE_DELAY"` \
    `[ -n "$MX_MIN_SLAVE_DELAY" ] && echo "-W $MX_MIN_SLAVE_DELAY"` \
    `[ -n "$MX_MAX_RSS" ] && echo "-R $MX_MAX_RSS"` \
    `[ -n "$MX_MAX_AS" ] && echo "-M $MX_MAX_AS"` \
    `[ "$MX_LOG" = "yes" ] && echo "-l"` \
    `[ "$MX_STATS" = "yes" ] && echo "-t /var/log/mimedefang/stats"` \
    `[ "$MX_STATS" = "yes" -a "$MX_FLUSH_STATS" = "yes" ] && echo "-u"` \
    `[ "$MX_STATS_SYSLOG" = "yes" ] && echo "-T"` \
    `[ "$MD_ALLOW_GROUP_ACCESS" = "yes" ] && echo "-G"` \
    `[ "$MX_STATUS_UPDATES" = "yes" ] && echo "-Z"` \
    `[ -n "$MX_QUEUE_SIZE" ] && echo "-q $MX_QUEUE_SIZE"` \
    `[ -n "$MX_QUEUE_TIMEOUT" ] && echo "-Q $MX_QUEUE_TIMEOUT"` \
    `[ -n "$MX_NOTIFIER" ] && echo "-O $MX_NOTIFIER"` \
    `[ -n "$MX_RECIPOK_PERDOMAIN_LIMIT" ] && echo "-y $MX_RECIPOK_PERDOMAIN_LIMIT"` \
    -s $MX_SOCKET'
ExecStartPre=/bin/rm -f $MX_SOCKET
ExecStopPost=/bin/rm -f $MX_SOCKET
ExecReload=/bin/kill -INT $MAINPID


More information about the MIMEDefang mailing list