On 8/10/2017 2:46 PM, Michael Fox wrote: > I'm configuring master.cf to add amavisd-new. The amavisd-new documentation > (/usr/share/doc/amavisd-new/README.postfix.html) differs from the default > master.cf file regarding the chroot setting for the cleanup (and > pre-cleanup) service. I presume that the amavisd-new documentation is in > error and that I should go with the chroot setting that's in the default > master.cf. But I don't know enough about the implications of one vs. the > other to be sure. > > Specifically, I have three questions: > > 1) Section 4.2.1 of the above web page shows adding a pre-cleanup service > with chroot=n. But the default master.cf has the cleanup service configured > with chroot=y. Should I use the same chroot=y setting for the pre-cleanup > service? > > 2) Section 4.2.2 of the above web page shows modifying the existing cleanup > service to add some "-o" options. But it shows the cleanup service with > chroot=n. Should I leave chroot=y for the cleanup service? > > 3) The above web page also shows the new "amavisfeed" and "127.0.0.1:10025" > services with chroot=n. But similar services in master.cf have chroot=y. > Should these two new services also use chroot=y? > > Thanks in advance, > Michael > >
The default master.cf as distributed by postfix has all services as chroot "n", and that is the recommended setting. -- Noel Jones
