Mark Alan:
> A quick google search shows that, for years, Wietse have been answering
> questions related with users trying to use chrooted parts of Postfix.
>
> But, I wonder, in his machines does he use chroot or not?
Wietse:
> > Indeed I do, helped by an OS that requires few files in the postfix
> > jail (etc/localtime, etc/services, etc/resolv.conf, var/run/log).
> >
> > The chroot feature makes sense in the hands of an expert. Most
> > people aren't, and therefore the default master.cf turns it off.
Daniel Bromberg:
> For the sake of curiosity and education, why is running chroot'd
> Postfix complicated?
That depends primarily on the user-land SYSTEM library implementation,
which is not part of Postfix, and which differs with (each version
of) each operating system.
While the system library *API* is usually documented, the library
*implementation* has external dependencies that you won't find in
the system library API. Finding those dependencies typically requires
detective work with strace/truss etc. Not just once, but whenever
the OS is updated.
For example, the getpwnam() function emulates access to a traditional
UNIX password file, but when it is implemented on top of nsswitch.conf,
it may end up invoking an LDAP client, which introduces a dependency
on TLS/SASL/Kerberos and their support infrastructure.
getpwnam() is not a good example because Postfix uses proxymap from
inside the jail, but you get the idea.
Wietse
