[GF-Users] GF10 is now released!
Michael Webb
michael.webb at integrilog.com
Sat Aug 23 18:49:15 MST 2025
Peter. Thank you.
Postfix-tlspol 1.8.13
-------------------------------------
is working on EL9 and EL10. Awesome
tlsrpt-reporter
-------------------
If possible please could you change the following in the tlsrpt-reporter
The following files need "%config(noreplace)" (marked as rpmnew because config files like postfix will be site specific)
/usr/lib/systemd/system/tlsrpt-collectd.service
/usr/lib/systemd/system/tlsrpt-reportd.service
/etc/tlsrpt/*.*
If the system finds postfix installed, may need an echo/printf at the end of the install or readme to
Indicate that selinux policy like "semanage permissive -a postfix_smtp_t" will be needed.
Personally I install tlsrpt-reporter on the on an external server instead of directly on my postfix servers and use socat to map each postfix server to the tlsrpt-collectd.socket on the external server.. This consolidates TLS reports from multiple postfix servers in a single database. I found that some companies like Microsoft only allow one TLS report per day from each sender domain. On my postfix servers I still need "semanage permissive -a postfix_smtp_t" to connect to the socat socket, but it is always on the postfix machine rather than on the tlsrpt-reporter machine.
Mike
-----Original Message-----
From: users-bounces at lists.ghettoforge.net <users-bounces at lists.ghettoforge.net> On Behalf Of Peter
Sent: Friday, August 22, 2025 3:31 AM
To: users at lists.ghettoforge.net
Subject: Re: [GF-Users] GF10 is now released!
Should all be done now.
Peter
On 22/08/25 19:20, Peter wrote:
> On 21/08/25 02:53, Michael Webb wrote:
>> Thanks Peter
>>
>> Am in the process of migrating to EL10 and have noticed some other minor issues. Know you have been really busy so please address when convenient.
>>
>> tlsrpt-reporter
>> ---------------------
>> when installing tlsrpt-reporter package output from the install:
>> /usr/lib/sysusers.d/tlsrpt.conf:1: Unknown modifier 'u!'.
>> /usr/lib/tmpfiles.d/tlsrpt.conf:1: Failed to resolve user 'tlsrpt':
>> No such process
>>
>> 1. the "u!" needs to be replaced with "u" in
>> /usr/lib/sysusers.d/tlsrpt.conf 2. tlsrpt group seems to be there
>> already so only need to add "useradd -g tlsrpt tlsrpt" as part of the
>> spec sequence
>
> These should already be fixed in the release I uploaded for EL10,
> although I haven't pushed the fixes to EL8 and 9 yet, thanks for
> reminding me.
>
>> Postfix-tlspol
>> ------------------
>> Git Package was recently updated from 1.8.12 to 1.8.13. Can either
>> use my tar.gz from
>> https://www.integrilog.com/adhj5jkuuk2sfsf0/postfix-tlspol or use
>> wget wget
>> https://github.com/Zuplu/postfix-tlspol/archive/refs/tags/v1.8.13.tar
>> .gz -O /root/rpmbuild/SOURCES/postfix-tlspol-1.8.13.tar.gz
>> I made an attempt to update your latest spec file (version, release and changelog only) and successfully built for EL10. I noticed in changelogs that you removed version from the spec filename but the previous links you provided for the spec examples hide the real filename so could not see how you do that.
>
> This is next on my list.
>
>
> Peter
>
> _______________________________________________
> users mailing list
> users at lists.ghettoforge.net
> http://lists.ghettoforge.net/mailman/listinfo/users
_______________________________________________
users mailing list
users at lists.ghettoforge.net
http://lists.ghettoforge.net/mailman/listinfo/users
More information about the users
mailing list