On 11/7/2011 11:13 PM, Marek Królikowski wrote: > -----Oryginalna wiadomość----- From: Wietse Venema > Sent: Tuesday, November 08, 2011 2:27 AM > To: Postfix users > Subject: Re: Symlink problem = file is a symbolic link or Mailbox > vulnerable - directory /var/spool/mail must have 1777 protection >>> Marek Krolikowski: >>> Hello Guys >>> Yesterday i buy new EMC storage and i want move few ppl from old SATA >>> HDD to new FC EMC HDD but i got problem and don`t know how resolve >>> this problem mayby You help me: >>> 1. I mount new storage to /mnt/EMC >>> 2. I create a /mnt/EMC/var/spool/mail/ >>> 3. i move user file (test) from /var/spool/mail/test to >>> /mnt/EMC/var/spool/mail/test >>> 4. i do symlink to that file: ln -sn /mnt/EMC/var/spool/mail/test >>> /var/spool/mail/test >>> > >> Unfortunately, symlinks to mailbox files are unsafe when the mail >> directory is writable by users other than root, regardless of who >> owns the symlink. You can thank the Linux, Solaris and IRIX people >> for that. This security check will not be removed from Postfix. > > Thanks for answer so the best way is chmod 755 /var/spool/mail and > ignore log spam about directory /var/spool/mail must have 1777 > protection ??? > Sounds little stupid and crazy ;)
Simply mount the EMC device to a temporary mount point, which you have done. Stop all mail related daemons so nothing is accessing /var/spool/mail. Use 'cp -a' to copy all the mail files to the EMC filesystem. Verify the copy process. Delete all the mail files and any subdirectories from /var/spool/mail/ so the directory is empty and can be used as a mount point. Unmount the EMC filesystem and remount it at /var/spool/mail/. Verify directory permissions are correct. Restart mail daemons. Done. -- Stan
