Wietse Venema via Postfix-users wrote in <4xkqfs5trnzj...@spike.porcupine.org>: |Vincent Lefevre via Postfix-users: |>> That eliminates most of the threats that Postfix chroot aims to |>> address, and there is no need to run Postfix daemons chrooted. |> |> OK. I suppose that this should be the most common situation for the |> average user. So this is what Debian should do, according to its own |> rules. |> |>> The details of what files, and when, to sync into the chroot jail |>> are highly dependent on the OS type and OS version. It is therefore |>> up to the OS distro maintainers to deal with it. |> |> I understand. I was just suggesting a warning that there are such |> issues, not how to solve them. | |For good reasons, Postfix 3.x does not enable chroot by default |since 10+ years. If a distro maintainer keeps it on, then they own |the responsibility to inform users of how to solve chroot related |problems. Please complain to yur maintainer.
(Very easy on Linux by --bind mounting /etc inside the chroot. This even works in fstab like /var/git /var/anongit/git bind bind,ro,nofail 0 0.) --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
