Upgrading from 10.04 to 12.04: Post upgrade experiences…

“Where is the love…”

So you finally did it: You upgraded from Ubuntu Server 10.04.x LTS to 12.04.x LTS and things went well, but after the reboot you’re having a few problems – you’re not alone!

There’s probably an infinite array of server configurations out there, so the notes presented here will hopefully provide some troubleshooting paths for you, rather than a definitive guide to fixing all your woes and are geared to the specific configuration of my server: One that runs Postfix and is used primarily as a mail server.

Stiffen your resolve.

Once of the big changes from 10 to 12 is the addition of resolvconf: a framework for managing multiple DNS configurations. The addition of this server means that /etc/resolv.conf is now automatically generated, and any changes you make will get overridden. It seemed strange to me that the upgrade didn’t simply pull across the existing configuration, and once fixed it was clear the was the root cause of a number of problems.

Check your /etc/resolv.conf…

sudo less /etc/resolv.conf

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
may also include a nameserver entry that doesn't match your previous settings...

The config files for resolvconf reside in /etc/resolvconf/resolv.conf.d, and you can review your pre-upgrade settings in the file ‘original’.

But in order to have resolvconf automatically pickup the changes each time it starts we need to edit the following file:

sudo vi /etc/network/interfaces

and make sure that we include/alter the following line to include our relevant DNS server addresses and local domain (note the space between name server entries)…

 dns-nameservers 192.168.1.7 192.168.1.8
 dns-search your.domain

When you’re all done…

sudo /etc/init.d/networking restart

and check to make sure the changes have taken.

sudo vi /etc/resolv.conf

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.1.7
nameserver 192.168.1.8
search your.domain

A host by any other name…

Post upgrade I had a problem with all incoming messages being rejected with the following errors in the /var/log/mail.log

postfix/smtpd[2784]: warning: connect to 127.0.0.1:10023: Connection refused
postfix/smtpd[2784]: warning: problem talking to server 127.0.0.1:10023: Connection refused
venus postfix/smtpd[2784]: warning: connect to 127.0.0.1:10023: Connection refused
venus postfix/smtpd[2784]: warning: problem talking to server 127.0.0.1:10023: Connection refused

On my server port 10023 is used by Postgrey and after googling the error it looks like there is a conflict in the hosts file that Postgrey is sensitive to now that it natively supports IPv6.

sudo vi /etc/hosts

I changed

::1     localhost ip6-localhost ip6-loopback

to

::1     localhost6 ip6-localhost ip6-loopback

After a reboot I checked everything was ok…

$ host localhost
localhost has address 127.0.0.1
localhost has IPv6 address ::1

 Sending messages and SASL

What a headache it was trying to trace this problem! I refer to this change in an update to a previous post here, but I thought it a good idea to include it below for completeness.

Once I’d fixed the other problems above I noticed I couldn’t send any emails. All attempts resulted in errors about being unauthorised to send messages.

I checked the /var/log/auth.log and discovered that there seemed to be missing information (like the hostname) in the entries – so I checked my /etc/postfix/sasl/smtpd.conf and checked online and discovered that the format of the file had changed between versions.

For example, auxprop_plugin was defined as ‘mysql‘and had worked perfectly fine under 10.04, but under 12.04 was more sensitive to it’s proper definition: ‘sql’. Some of the labels had also changed which meant that some of the settings weren’t being read properly.

To check the configuration, a handy command is:

sudo saslfinger -s

I changed the /etc/postfix/sasl/smtpd.conf and made the following changes/additions in red

sudo vi /etc/postfix/sasl/smtpd.conf

pwcheck_method: saslauthd
mech_list: plain login cram-md5 digest-md5
log_level: 7
allow_plaintext: true
auxprop_plugin: sql
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: mail
sql_passwd: mailPASSWORD
sql_database: maildb
sql_select: select crypt from users where id='%u@%r' and enabled = 1

After a reboot I was able to send messages without a problem.

Housekeeping (not related to the upgrade)

For those who don’t know (like me…) the DNSBL servers where shutdown in 2013. Now seems like a good time as any to update main.cf…

vi /etc/postfix/main.cf

and remove ‘reject_rbl_client dnsbl.njabl.org‘…

smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client dnsbl.njabl.org

Save and restart…

sudo /etc/init.d/postfix restart



Categories: Technical Resource
Tags: , , , , , , , , , , , , , , , , , , , ,