Package: postfix Version: 2.5.5-1.1 Severity: important I'm not sure if this is a feature, bug, or inconvenience.
However I've had to create the following files and folders to get GSSAPI working. I'm concerned about the security implications of altering a chroot. /var/spool/postfix/etc/krb5.conf /var/spool/postfix/etc/krb5.keytab /var/spool/postfix/var/tmp The conf file is needed for the default Realm name, I don't know why this can't be set using DNS or something. The tmp folder is used by the library and must exist and be writable. I used the following for these folders: drwx--x--x 3 root root 4096 Dec 5 13:39 /var/spool/postfix/var d-wx------ 2 postfix root 4096 Dec 5 13:41 /var/spool/postfix/var/tmp I'd certainly appreciate a better solution, like sasl/krb5 proxy. After all this my setup is still untestable, has anyone got this to work? I'm concerned about issues with my client, but the error I'm getting currently is: Wrong principal in request It's not correct, I'm certainly using the correct principal... AFAICT. I'm going to look at /var/spool/postfix/etc/hostname for example. -- System Information: Debian Release: 5.0.6 APT prefers stable APT policy: (900, 'stable'), (800, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.35.4-rscloud (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages postfix depends on: ii adduser 3.110 add and remove users and groups ii debconf [debconf- 1.5.24 Debian configuration management sy ii dpkg 1.14.29+b1 Debian package management system ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib ii libdb4.6 4.6.21-11 Berkeley v4.6 Database Libraries [ ii libsasl2-2 2.1.22.dfsg1-23+lenny1 Cyrus SASL - authentication abstra ii libssl0.9.8 0.9.8g-15+lenny9 SSL shared libraries ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip ii netbase 4.34 Basic TCP/IP networking system ii ssl-cert 1.0.23 simple debconf wrapper for OpenSSL postfix recommends no packages. Versions of packages postfix suggests: ii bsd-mailx [mail-r 8.1.2-0.20071201cvs-3 A simple mail user agent ii jed [mail-reader] 1:0.99.18+dfsg.1-11 editor for programmers (textmode v ii libsasl2-modules 2.1.22.dfsg1-23+lenny1 Cyrus SASL - pluggable authenticat ii mutt [mail-reader 1.5.18-6 text-based mailreader supporting M pn postfix-cdb <none> (no description available) pn postfix-ldap <none> (no description available) pn postfix-mysql <none> (no description available) pn postfix-pcre <none> (no description available) pn postfix-pgsql <none> (no description available) ii procmail 3.22-16 Versatile e-mail processor pn resolvconf <none> (no description available) ii sasl2-bin 2.1.22.dfsg1-23+lenny1 Cyrus SASL - administration progra pn ufw <none> (no description available) -- debconf information: postfix/root_address: postfix/rfc1035_violation: false postfix/mydomain_warning: postfix/mynetworks: 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 * postfix/mailname: hades.mikemestnik.net postfix/tlsmgr_upgrade_warning: postfix/recipient_delim: + * postfix/main_mailer_type: Internet Site postfix/destinations: hades.mikemestnik.net, localhost.mikemestnik.net, , localhost postfix/retry_upgrade_warning: postfix/kernel_version_warning: postfix/not_configured: postfix/mailbox_limit: 0 postfix/relayhost: postfix/procmail: true postfix/bad_recipient_delimiter: postfix/protocols: all postfix/chattr: false -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
