From 2c6474385e739a71d0a74a980ac34b4b583bb5a1 Mon Sep 17 00:00:00 2001
From: downtownallday <downtownallday@gmail.com>
Date: Fri, 25 Feb 2022 19:45:46 -0500
Subject: [PATCH] Address issues with postgrey, nsd, and rsyslogd introduced
 with jammy 1. `systemctl reload postgrey` is broken, so use restart in that
 case 2. `systemctl restart nsd` succeeds once /var/log is writable by
 systemd. However, nsd still fails to write to /var/log/nsd.log if the file
 already exists 3. the default configuration for rsyslogd is to no longer
 create a /var/run/rsyslogd.pid file, so use /usr/bin/pidof in that case

---
 setup/dns.sh                    | 13 +++++++++++++
 tests/suites/_mail-functions.sh | 23 +++++++++++++++++------
 tests/suites/mail-access.sh     |  8 ++++++--
 3 files changed, 36 insertions(+), 8 deletions(-)

diff --git a/setup/dns.sh b/setup/dns.sh
index 1119aff6..da16c75a 100755
--- a/setup/dns.sh
+++ b/setup/dns.sh
@@ -92,6 +92,19 @@ EOF
 echo "Installing nsd (DNS server)..."
 apt_install nsd ldnsutils openssh-client
 
+# ensure nsd can write to its log file
+
+rwpaths=$(awk -F= '/^ReadWritePaths=/ { print $2 }' /lib/systemd/system/nsd.service)
+mkdir -p /etc/systemd/system/nsd.service.d
+cat >/etc/systemd/system/nsd.service.d/miab.conf <<EOF
+# Do not edit. Overwritten by Mail-in-a-Box setup.
+[Service]
+ReadWritePaths=
+ReadWritePaths=${rwpaths} /var/log
+EOF
+systemctl daemon-reload
+systemctl restart nsd
+
 # Create DNSSEC signing keys.
 
 mkdir -p "$STORAGE_ROOT/dns/dnssec";
diff --git a/tests/suites/_mail-functions.sh b/tests/suites/_mail-functions.sh
index 77652a8e..c0c79427 100644
--- a/tests/suites/_mail-functions.sh
+++ b/tests/suites/_mail-functions.sh
@@ -116,18 +116,20 @@ detect_syslog_error() {
 			awk '
 /status=(bounced|deferred|undeliverable)/  { exit 1 }
 /warning:/ && /spamhaus\.org: RBL lookup error:/ { exit 2 }
-!/postfix\/qmgr/ && /warning:/	{ exit 1 }
+!/postfix\/qmgr/ && !/nsd\[[0-9]+\]/ && /warning:/	{ exit 1 }
+/nsd\[[0-9]+\]: error: Cannot open .*nsd\.log/ { exit 2 }
 /named\[[0-9]+\]:.* receive error: .*: connection reset/ { exit 2 }
 /(fatal|reject|error):/	 { exit 1 }
 /Error in /			{ exit 1 }
 /Exception on /     { exit 1 }
-/named\[\d+\]:.* verify failed/ { exit 1 }
+/named\[[0-9]+\]:.* verify failed/ { exit 1 }
 ' \
 				>>$TEST_OF 2>&1 <<< "$line"
-			if [ $? -eq 1 ]; then
+			r=$?
+			if [ $r -eq 1 ]; then
 				let ec+=1
 				record "$F_DANGER[ERROR] $line$F_RESET"
-			elif [ $? -eq 2 ]; then
+			elif [ $r -eq 2 ]; then
 				let wc+=1
 				record "$F_WARN[ WARN] $line$F_RESET"
 			else
@@ -256,8 +258,17 @@ check_logs() {
 	[ ${#types[@]} -eq 0 ] && types=(syslog slapd mail)
 	
 	# flush records
-	kill -HUP $(cat /var/run/rsyslogd.pid)
-	sleep 2
+	local pid
+	if [ -e /var/run/rsyslogd.pid ]; then
+		# the pid file won't exist if rsyslogd was started with -iNONE
+		pid=$(cat /var/run/rsyslogd.pid)
+	else
+		pid=$(/usr/bin/pidof rsyslogd)
+	fi
+	if [ ! -z "$pid" ]; then
+		kill -HUP $pid
+		sleep 2
+	fi
 
 	if array_contains syslog ${types[@]}; then
 		detect_syslog_error && $assert &&
diff --git a/tests/suites/mail-access.sh b/tests/suites/mail-access.sh
index 01b83454..702ddf1e 100644
--- a/tests/suites/mail-access.sh
+++ b/tests/suites/mail-access.sh
@@ -39,14 +39,18 @@ postgrey_whitelist_recipents() {
 		echo "$recipient" >> "$wl" || \
 			die "Could not add postgrey whitelist recipient to $wl"
 	done
-	systemctl reload postgrey
+	if ! systemctl reload postgrey >/dev/null 2>&1; then
+		systemctl restart postgrey >>$TEST_OF 2>&1
+	fi
 }
 
 
 postgrey_reset_whitelists() {
 	local wl="/etc/postgrey/whitelist_recipients.local"
 	rm -f "$wl"
-	systemctl reload postgrey
+	if ! systemctl reload postgrey >/dev/null 2>&1; then
+		systemctl restart postgrey >>$TEST_OF 2>&1
+	fi
 }