[PATCH] docs: Fix note about the required Postfix rights
dja at axtens.net
Wed Dec 4 17:22:32 AEDT 2019
Stephen Finucane <stephen at that.guru> writes:
> On Tue, 2019-10-29 at 08:08 +0000, Ali Alnubani wrote:
>> Hi Daniel,
>> > -----Original Message-----
>> > From: Daniel Axtens <dja at axtens.net>
>> > Sent: Tuesday, October 29, 2019 8:06 AM
>> > To: Ali Alnubani <alialnu at mellanox.com>; patchwork at lists.ozlabs.org
>> > Cc: Thomas Monjalon <thomas at monjalon.net>
>> > Subject: Re: [PATCH] docs: Fix note about the required Postfix rights
>> > Hi Ali,
>> > > The permissions for the user running the postfix process are not the
>> > > ones used for external file or command delivery by default.
>> > > The ones defined by default_privs are (in case the aliases(5) file
>> > > that is owned by root was being used). A privileged user or the
>> > > postfix owner should not be used in this case.
>> > >
>> > > See http://www.postfix.org/postconf.5.html#default_privs and local(8).
>> > >
>> > > Signed-off-by: Ali Alnubani <alialnu at mellanox.com>
>> > > ---
>> > > docs/deployment/installation.rst | 10 +++++-----
>> > > 1 file changed, 5 insertions(+), 5 deletions(-)
>> > >
>> > > diff --git a/docs/deployment/installation.rst
>> > > b/docs/deployment/installation.rst
>> > > index c086d9a..cd5e102 100644
>> > > --- a/docs/deployment/installation.rst
>> > > +++ b/docs/deployment/installation.rst
>> > > @@ -617,11 +617,11 @@ they can be loaded as seen below:
>> > >
>> > > .. note::
>> > >
>> > > - This assumes your Postfix process is running as the ``nobody`` user. If
>> > > - this is not correct (use of ``postfix`` user is also common), you should
>> > > - change both the username in the ``createuser`` command above and
>> > substitute
>> > > - the username in the ``grant-all-postgres.sql`` script with the appropriate
>> > > - alternative.
>> > > + This assumes that you are using the aliases(5) file that is owned by root,
>> > > + and that Postfix's ``default_privs`` configuration is set as ``nobody``. If
>> > > + this is not the case, you should change both the username in the
>> > ``createuser``
>> > > + command above and substitute the username in the ``grant-all-
>> > postgres.sql``
>> > > + script with the appropriate alternative.
>> > >
>> > I think this is now the third time I've tried to review this, and I think it's finally
>> > starting to make sense.
>> > Is there any way local(8) could be invoked with a user other than the one
>> > specified in default_privs?
>> Yes. It's possible with user-level aliasing. You can create an aliases file that is owned by that user and added to alias_maps, or use the default forward_path (usually $home/.forward)
>> > btw, it should be grant-all.postgres.sql (a . not a - between all and
>> > postgres) but if this doesn't need a respin I can fix that when I apply it.
> ngl, this doesn't make a whole lot of sense to me, but I trust that
> you've done your homework on this and that it's based on hard earned
> experience :)
Yeah, I was contemplating a slightly wider-ranging rewrite but could
never quite put pen to paper on how to do it. I agree that just apply it
is the way to go.
> Reviewed-by: Stephen Finucane <stephen at that.guru>
> and applied (with the change noted by Daniel).
More information about the Patchwork