[Discuss] Postfix ailiaes question

Kent Borg kentborg at borg.org
Sun Jan 12 13:38:51 EST 2025 

On 1/11/25 4:47 PM, John Hall wrote:
> I'm presuming you don't have se-linux or apparmor on?

No, I don't have selinux installed, and it seems apparmor is installed 
with this Debian, but I haven't configured it to do anything.

As I said, it is now working, and it was a Postfix configuration I 
needed to add to make it work. Which makes sense.


Part of my frustration about the Raspberry Pi is at least the Pi 4 can't 
reliably boot from a powered USB hub (and almost *never* come back from 
a watchdog reset), at least not until I ran the obscure 
"rpi-eeprom-config" and added the mysterious line:

   USB_MSD_PWR_OFF_TIME=10000

Why "10000"? Because that is the number I landed on. Originally I had 
"5000", and for all I know that would work great, too. (Googling it up 
now it looks like 5000 is the max…but it is working so I'm keeping it. I 
have other things to do.) Needing to "power down" a powered hub seems 
weird, but I guess it works as a reset. Anyway, annoying that I need to 
dig into such things. I guess having all those GPIO pins means they 
don't need to get such things right.


About the watchdog: Once I got the watchdog to not only bring down the 
machine, but to reboot it, too, that brought up the question of what the 
watchdog should check. There are various choices, for example it can 
ping other hosts, as a way to check networking is working. But I used to 
have a Zyxel DSL modem where the favorite failure mode was to reject 
incoming connections while outgoing connects still worked fine. Ping 
wouldn't catch that. (In that case I wrote a program watched break-in 
attempts, when they stopped I knew I was offline, so my program would 
telnet into the modem and tell it to reboot.)

For my two e-mail servers I finally decided to test whether they are 
working by testing for working e-mail. That's where the e-mail-to-file 
comes in. The idea is to have each machine regularly send an e-mail to 
the other, an e-mail that will land in a file. If that e-mail quits 
showing up, reboot, just in case it is our fault. If one machine goes 
away this will make for extra reboots by the blameless backup machine, 
but if I don't do it too often it won't be a big problem and it might 
fix a remote machine that I otherwise can't even log into. Also key that 
the watchdog software will try a clean reboot first, and presumably the 
hardware watchdog timer will detect the software watchdog dying.

I haven't finished setting up everything, yet.


-kb, the Kent who is looking forward to again mostly ignoring his e-mail 
server(s).

More information about the Discuss mailing list