Dear Wietse,
Am 27.04.21 um 14:49 schrieb Wietse Venema:
Paul Menzel:
In our infrastructure, we are building Postfix from source with an
unprivileged user, and also try to run most services as an unprivileged
user. Privileged ports are forwarded to unprivileged ports, used by the
service, by configuring Linux? packet filter rules with *iptables*.
Unprivileged Postfix comes up about once a year in this mailing
list. Rather than hashing out the arguments here again, please use
a search engine, or visit mailing list archives.
Thank you for your prompt reply. Searching for *unprivileged* in the
mailing list archives, I actually only found discussion of containers,
and Victor’s reply in the thread *Should I be root or postfix user to
execute postfix commands?* [1]:
Because the Postfix system (master and some delivery agents) can
run commands under multiple user identities, Postfix management
requires root privileges, and most of the content of /etc/postfix
needs to be owned by root and not writable by any other user.
The "postfix" user is an unprivileged service account (think of it
as a Postfix-specific "nobody" account) used to run internal services
at low-privilege (optionally chrooted with root permissions revoked).
While it is possible to perform some tasks as "postfix", you're not
expected to use that account directly, it is used internally by
the Postfix system as appropriate.
I am still wondering, why for example the files in `/etc/postfix` have
to be owned by root.
If you have a search term, I should use, I happily search through the
list archive.
Kind regards,
Paul
[1]: https://marc.info/?l=postfix-devel&r=1&b=202104&w=2
