On 9/24/2020 12:43 PM, Wietse Venema wrote:
deoren:
Alternate title:
Postfix + SQLite lookup tables shared with external applications in
Write-Ahead Logging (WAL) mode
Hi,
Ultimately, the fix appears to be to set the owner of the containing
directory and the SQLite database files to "postfix". What I don't
understand is _why_ this is the fix. I expect it is likely something
very basic that I am overlooking.
Thanks in advance for your help.
In short, I took a working Postfix configuration that uses MySQL for its
lookup tables and updated it so that it uses SQLite instead. All lookups
work without issue except for SQLite lookups via the local daemon for
the "alias_maps" setting, unless I set the "postfix" user account as
owner of the directory/files.
Postfix local(8) opens the sqlite map while it still runs as root,
and that file handle should work after the process changes privileges.
I suspect that something is interfering with UNIX permissions model,
maybe selinux or apparmor.
Wietse
Thanks for the feedback, I appreciate your time!.
I'll dig more in that direction. It's quite likely that I overlooked
something in the apparmor setup when I checked earlier.
