Openvpn + rkhunter + postfix = openvpn client not able to start

I posted the below to the openvpn-users list:

---

Hi all,

I need some help....

After using openvpn with some measure of success, it suddenly went south.

The symptom is that it would connect on ever even numbered attempt.
That is if i try to connect the first time it would give me and error, if i try to connect the second time it would connect successfully. If i tried a third, error, if I tried a fourth, success and so on.

The error in question was this....

***
script failed: external program exited with error status: 1
***

via gopenvpn a gui for openvpn on linux.

It then occur to me that I always had success at seeing what was really going on when ever I ran it straight from the command line.

The command line spit out this ever odd numbered attempt to connect to the server...

It would start to connect then give this error...

***
/usr/sbin/postconf: fatal: open /etc/postfix/main.cf: No such file or directory
cp: `/etc/resolv.conf' and `/etc/resolv.conf' are the same file
run-parts: /etc/resolvconf/update-libc.d/postfix exited with return code 1
run-parts: /etc/resolvconf/update.d/libc exited with return code 1
Wed Sep 2 23:07:19 2009 script failed: external program exited with error status: 1
***

and there we have it ... it's postfix!!!

I recalled that I had installed rkhunter .. a rootkit checker for ubuntu linux. It had for some ungodly reason insisted that it need postfix and by extension mailx and bsd-mailx to be able to operate. This I believe are only recent dependancies in Jaunty. And it was about the time of the installed that openvpn began to misbehave. So I uninstalled postfix, mailx and bsd-mailx (I hope they are not of importance to have on the systerm) and was back in business. The errors were gone.

I somehow suspect thought that openvpn and postfix should be able to co-exist on the same machine. I remember when installing it I chose a no configuration option since i did not know why it was being forced on me and did not want to waste time configuring something i did not need.

So... does anyone know if these two things can coexist peacefully and what would need to be done for that to happen given the above error?

Thanks.

... and I got this response ....

---
> It would start to connect then give this error...
>
> ***
> /usr/sbin/postconf: fatal: open /etc/postfix/main.cf: No such file or
> directory cp: `/etc/resolv.conf' and `/etc/resolv.conf' are the same file
> run-parts: /etc/resolvconf/update-libc.d/postfix exited with return code 1
> run-parts: /etc/resolvconf/update.d/libc exited with return code 1
> Wed Sep 2 23:07:19 2009 script failed: external program exited with error
> status: 1 ***
>
> and there we have it ... it's postfix!!!

No, it's not. It's someone's misguided attempt at shell scripting.
Postfix is an innocent victim.

> I recalled that I had installed rkhunter .. a rootkit checker for
> ubuntu linux.

There's what you have: a Ubuntu bug.

> It had for some ungodly reason insisted that it need postfix and
> by extension mailx and bsd-mailx to be able to operate. This I
> believe are only recent dependancies in Jaunty. And it was about
> the time of the installed that openvpn began to misbehave. So I
> uninstalled postfix, mailx and bsd-mailx (I hope they are not of
> importance to have on the systerm) and was back in business. The
> errors were gone.

I would guess that the rkhunter wants to be able to send mail to the
admin. I'm not sure why it would require mailx to do this.

> I somehow suspect thought that openvpn and postfix should be able
> to co-exist on the same machine.

If you see this email, they do. I'm running Postfix on both ends of
this openvpn tunnel, relaying the outbound mail through the peer. If
you *don't* see this email, they still work fine together, because
this is the way I send and receive email, and I know it works.

> I remember when installing it I chose a no configuration option
> since i did not know why it was being forced on me and did not
> want to waste time configuring something i did not need.
>
> So... does anyone know if these two things can coexist peacefully
> and what would need to be done for that to happen given the above
> error?

I would have no idea. Your proper means of proceeding, again, would
be to file a Ubuntu bug report. I would suspect that the shell
scripting was done in the rkhunter package, but to be sure, you
should list all involved packages and let the maintainers figure out
whose bug it is.

On second thought ... what is this update-libc.d and update.d?
Whatever package installed those is the probable culprit.

How can I fist this.

Thanks.

Thank you for taking the time to report this bug and helping to make Ubuntu better. Please answer these questions:
1. Is this reproducible?
2. If so, what specific steps should we take to recreate this bug? Be as detailed as possible.
This will help us to find and resolve the problem.

This bug looks like it could be the same as bug #437783

After install postfix says: "Postfix was not set up. Start with cp /usr/share/postfix/main.cf.debian /etc/postfix/main.cf"

Doing this cp fixed the errors for me. Before that I would always get the following on ifup/ifdown:

/usr/sbin/postconf: fatal: open /etc/postfix/main.cf: No such file or directory
cp: `/etc/resolv.conf' and `/etc/resolv.conf' are the same file
run-parts: /etc/resolvconf/update-libc.d/postfix exited with return code 1
run-parts: /etc/resolvconf/update.d/libc exited with return code 1

Fix: The file /etc/postfix/main.cf should be installed by default as part of the postfix package, or all scripts that expect it to exist should be updated to handle the case where it doesn't. In my case, I never actually installed postfix, it was apparently a dependency of bsd-mailx, which is a bit of a mystery as nothing I have installed seems to depend on.

This bug is not the same as bug 437783 since that one is about a separate issue and the posfix error (that indeed is the same) only appears in a workaround for that bug.

Thank you for taking the time to report this bug. In an effort to keep
an up-to-date and valid list of bugs to work on, I have reviewed this
report verifying it still requires effort and occurs on a supported
version of Ubuntu.

I am marking this bug incomplete due to the lack of responses or
updated information stating this still affects currently supported
releases. If we received information making this bug actionable again
I believe we could add it back to the queue for the server team to
review.

It is unfortunate that we were unable to resolve this defect, however,
there appears to be no further action possible at this time. I am
therefore moving the bug to 'Incomplete'. If you disagree or have
new information, we would be grateful if you could please add a comment
stating why and then change the status of the bug to 'New'.

[Expired for openvpn (Ubuntu) because there has been no activity for 60 days.]