Author: Todd Lyons Date: To: Axel Rau CC: Phil Pennock, Exim Dev Subject: Re: [exim-dev] RESOLVED: pgsql lookup TLS access broken in 4.82 RC2
?
On Tue, Oct 8, 2013 at 12:38 PM, Axel Rau <Axel.Rau@???> wrote: >
> Am 07.10.2013 um 22:40 schrieb Phil Pennock <pdp@???>:
>> Are you sure that nothing got updated in the Exim area? I note that the
>> dates on those files are only a month ago: did someone deploy the change
>> live and "fix" the certificate store live but not check the change into
>> the SCM, so that spinning up an Exim box with an RC on it did not get
>> the fix?
> After upgrading another (nearly identical outgoing relay), which did not show the error, I started comparing bit by bit.
> And (as usual, your pointers turned to prove right) I found a 2nd .postgresql directory on the bad box' root account, which contained old certs and had no CA cert at all.
> It seems that this config took precedence over the one of exim user (mailnull) and caused the error.
>
> Sorry to waste your time and thanks to all, who helped,
Sitting on the sidelines and watching this process unfold, I hardly
consider this a waste of time. It very clearly highlights that the
pgsql config search path is variable, depending upon the UID at the
time of db connection invocation. This should IMHO be formalized and
added to the documentation.
...Todd
--
The total budget at all receivers for solving senders' problems is $0.
If you want them to accept your mail and manage it the way you want,
send it the way the spec says to. --John Levine
