Hi, I just finished setting up Postfix to use sasl/external with auxprop plugin ldapdb. So far, anything works like a charm. But I had to disable chroot.
Currently with not chrooting, I have: /etc/postfix/sasl/smtpd.conf (yes, it is Ubuntu): /etc/postfix/.ldaprc /ca/cacert_org.crt /ca/mx0.roessner-net.de/new(cert|key).pem smtpd.conf looks like this: pwcheck_method: auxprop auxprop_plugin: ldapdb mech_list: PLAIN LOGIN NTLM CRAM-MD5 DIGEST-MD5 ldapdb_uri: ldap://db.roessner-net.de ldapdb_mech: EXTERNAL ldapdb_starttls: demand ldapdb_rc: /etc/postfix/.ldaprc #log_level: 7 And the .ldaprc like this: TLS_CERT /ca/mx0.roessner-net.de//newcert.pem TLS_KEY /ca/mx0.roessner-net.de/newkey.pem TLS_CACERT /ca/cacert_org.crt TLS_REQCERT demand Could someone tell me, which files and folders now need to be put into the chroot environment? CHROOT := /var/spool/postfix I already copied /usr/lib/sasl2 to CHROOT/usr/lib/sasl2 And I tried to put the certs under CHROOT/etc/ssl/certs and modifying the paths in the ldap.conf file. I also copied the latter one to CHROOT/etc/ldap.conf and modified the ldapdb_rc to point to /etc/ldap.conf (instead of /etc/postfix/.ldaprc) But this seems not to be enough. I have no idea, what libs, etc. are also required to be copied to chroot. Thanks for helping me in advance Christian -- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gießen F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com
signature.asc
Description: This is a digitally signed message part
