On Wed, Jul 03, 2024 at 09:48:06PM -0400, John Levine via Postfix-users wrote:
* Both postfix and the daemon need to be able to open and read and
write the socket. The sasl package adds a sasl group but not a sasl
user, so I added postfix to the users for the sasl group, and run the
daemon as postfix:sasl. The user/group for the daemon is set in
/etc/systemd/system/saslauthd.service.d/user.conf
bundled documentation /usr/share/doc/sasl2-bin/README.Debian.gz contains
all required information to make that working.
I have posted that info here in the past - I have extracted it from that
file.
On 04.07.24 16:37, Viktor Dukhovni via Postfix-users wrote:
I don't recommend running "saslauthd" as the "postfix" user, better to
create a suitable dedicated user instead.
saslauthd runs as root user by default, the access for both daemons is
assured by adding postfix to the sasl group and allowing group access for
sasl group to the proper directory.
The file I mentioned above contains information on running saslauthd as
saslaush user/group under systemd, haven't tried that.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -- Benjamin Franklin, 1759
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
