`apt-get install inn2` fails on Docker

[cclauss]

The apt-get install inn2 script very helpfully creates a default inn.conf file but that file causes hostname errors at Docker built-time. Could that script be modified to succeed when the hostname command returns buildkitsandbox?

Related to:

• https://github.com/InterNetNews/inn/pull/310#issuecomment-2356451515
• https://salsa.debian.org/md/inn2

Using the Dockerfile

# FROM debian:bookworm
FROM ubuntu:24.04
# `hostname` at Docker built-time returns 'buildkitsandbox' on both Debian and Ubuntu
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update -qq && apt-get install --yes inn2
CMD ["systemctl", "status", "inn2"]

% docker build --no-cache --progress plain .

Setting up inn2 (2.7.2~20240212-1build3) ...
innconfval: hostname does not resolve or domain not set in inn.conf
innconfval: the FQDN of the server contains invalid characters not suitable for Message-IDs
dpkg: error processing package inn2 (--configure):
installed inn2 package post-installation script subprocess returned error exit status 1

Following the example from #310, I have tried to add the following modifications without success:

ENV INN_HOSTNAME=localhost.localdomain
# ENV INN_HOSTNAME=localhost.example.com
RUN echo "#!/bin/bash\n echo ${INN_HOSTNAME}" > /usr/bin/hostname && \
    echo "${INN_HOSTNAME}" > /etc/hostname && \
    hostname && \
    cat /etc/hostname && \
    apt-get update -qq && apt-get install --yes inn2

@ewxrjk @rfc1036

[Julien-Elie]

We do not have such an apt-get install inn2 script. The request should be asked to the Debian packager. A way to initialize the domain parameter could be given (via preseeding for instance).

Form previous discussions about Docker, relaxing the check of a valid hostname in INN is not wanted because it can lead to unexpected and weird issues in Message-IDs or Path header fields.

[Julien-Elie]

Incidentally, Docker could provide a way for the end user to customize the hostname. It is insane to force other applications to adapt to their hard-coded hostname... and what if they also decide to change the hostame to another one in a future release? ...

[cclauss]

Oh... It breaks even if I attempt to bring my own inn.conf file by adding to the Dockerfile:

COPY inn.conf /etc/news/inn.conf

Dispite DEBIAN_FRONTEND=noninteractive, the apt-get install inn2 process then asks

Setting up inn2-inews (2.7.2~20240212-1build3) ...

Configuration file '/etc/news/inn.conf'
 ==> File on system created by you or by a script.
 ==> File also in package provided by package maintainer.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** inn.conf (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing package inn2-inews (--configure):
 end of file on stdin at conffile prompt
Errors were encountered while processing:
 inn2-inews
E: Sub-process /usr/bin/dpkg returned an error code (1)

[rfc1036]

Look at what I did to make the Debian autopkgtest work, which also runs in an environment without a proper hostname.

[cclauss]

Thanks @rfc1036, but unfortunately, I do not know Purl. Please point me to which lines to focus on.

• https://salsa.debian.org/md/inn2/-/blob/master/debian/tests/daemon

[Julien-Elie]

I suggest the following changes:

• recognize an INN_HOSTNAME environment variable that, when set and fully qualified, is taken by INN as the hostname. When unset or not fully qualified, the current behaviour remains.

• make non-fatal the check for a fully qualified hostname. This way, the warning appears in the logs, and the news admin will see it and can take appropriate actions. The installation of INN will no longer fail when using the Debian package (and probably also from other distributions) on Docker.

• mention in the documentation that the hostname should be unique, so values like localhost.localdomain for INN_HOSTNAME or localdomain for the domain parameter in inn.conf should be avoided. Ideally, a domain affiliated with the administrators of the news server and guaranteed to be unique should be used.

The second point is normally enough to solve the issue of this ticket. The environment variable permits silencing the warning.

I can implement the suggested changes if that sounds good for you, notably for the creation of a Docker image.

[cclauss]

@greenbender has made impressive progress at https://github.com/greenbender/inn-docker which can be used either as a standard local Docker container or as a GitHub Action service. It deals with both use_ssl True and False and now all pynntp tests run on this GHA service. https://hub.docker.com/r/greenbender/inn/tags

However, that effort is not based on apt-get install inn2 which I need. I therefore have built a friendly fork that does that but have not yet gotten pynntp's use_ssl=True tests to pass.

• cclauss/apt-get-inn2-docker#6

[Julien-Elie]

For the generation of the TLS certificate, isn't it because of the touch etc/key.pem you run during the installation? The key is not generated if the file exists.

I can add a link to your two repositories in README and INSTALL for people looking for a how to generate a Docker image.