See http://man7.org/linux/man-pages/man8/e4crypt.8.html
Access to content is session based, with keys in the session keyring.
This access control model may not be compatible with Postfix running
multiple services under various user ids. If you want to use such
filesystems, you have to figure out how to make it work.
> On Aug 20, 2018, at 1:21 PM, Christian Rößner
> <c...@roessner-network-solutions.com> wrote:
>
> It is ext4 encrypted directory with e4crypt. Anyways:
>
> If I have copied over all files and directories from .../old/postfix* as
> explained step by step, then why does that work and if Postfix wants to
> create a file, it fails?
>
> It is not chroot.
>
>> Maybe there is a problem with the startup order, where Postfix
>> starts before eCryptfs? Easy enough to check by stopping and staring
>> Postfix by hand after the system is up.
>
> My plan is to not put Postfix (and Dovecot) into the runlevels. So system
> boots and I enter the passphrase. After that I want to start the services.
>
> Could it be some ext4 feature that Postfix misses? I had to add encrypt with
> tune2fs to the partition:
>
> tune2fs -O encrypt /dev/vg01/lv_var
>
> I have tested the encryption stuff with a test-folder under /var/spool/test.
> The same way, as described for the Postfix-spool directories. I can create
> files under this test folder and edit them. So in principal all is working.
> Only Postfix seems to have trouble. So the reason for asking here on the
> list. I also could not find anything related with Google.
>
> Is there nobody, who could reproduce this?
--
Viktor.
