[email protected]:
> On postfix startup this message is logged:
> [postfix-out/postfix-script] warning: group or other writable:
> /etc/postfix-out/./gen-dh-params.sh
>
> Is this expected behavior? This is a multi-instance setup with a common script
> in the main config directory.
>
> # postconf mail_version
> mail_version = 3.0.3
>
> # ls -ld /etc/postfix /etc/postfix-out/
> drwxr-xr-x 3 root root 4096 Mar 1 13:23 /etc/postfix
> drwxr-xr-x 2 root root 4096 Mar 1 14:07 /etc/postfix-out/
>
> # ls -l /etc/postfix-out/./gen-dh-params.sh
> lrwxrwxrwx 1 root root 27 Mar 1 13:16 /etc/postfix-out/./gen-dh-params.sh ->
> ../postfix/gen-dh-params.sh
This means that not a lot of people have symlinks in Postfix
configuration directories. The code responsible for the warning
is:
find $todo \( -perm -020 -o -perm -002 \) \
-exec $WARN group or other writable: {} \;
Although it's kind of lame for find(1) to report a symlink as
writable (it is not writable), perhaps it is better to tell find(1)
to follow symlinks. For that we need to know what systems would
break (i.e. systems that don't have "find -L").
Wietse
