root@kite:~>sh -x /usr/lib/postfix/configure-instance.sh + INSTANCE= + SYNC_CHROOT=y + test -r /etc/default/postfix + [ X = X ] + POSTCONF=postconf -o inet_interfaces= + + tr A-Z a-z postconf -o inet_interfaces= -hx myorigin + MYORIGIN=kitenet.net + [ Xkitenet.net != Xkitenet.net ] + [ Xkitenet.net = Xubuntu.com ] + [ Xkitenet.net = Xdebian.org ] + postconf -o inet_interfaces= -hx config_directory + config_dir=/etc/postfix + postconf -o inet_interfaces=+ cut -d. -f1 -hx mail_version + MAJOR_VER=3 + [ 3 -ge 3 ] + CHROOT_TEST=[yY] + awk /^[0-9a-z]/ && ($5 ~ "[yY]") { print "y"; exit} /etc/postfix/master.cf + NEED_CHROOT= + [ -n ]
This happens despite master.cf containing: smtp unix - - - - - smtp relay unix - - - - - smtp It seems that it only treats 'y' as being a chroot, but appears to not match how postfix is parsing my file, which treats '-' as being a chroot too. I'm basing this on changing that to a 'n' having fixed my problem. So why is postfix parsing my master.cf that way? My file starts like this: # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master" or # on-line: http://www.postfix.org/master.5.html). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd #smtp inet n - - - 1 postscreen #smtpd pass - - - - - smtpd #dnsblog unix - - - - 0 dnsblog #tlsproxy unix - - - - 0 tlsproxy Could it be that something about this is making postfix parse it with its old parser, that defaulted to enabling chroot for '-'? Sep 26 16:32:41 kite postfix/master[24015]: /etc/postfix/master.cf: line 50: using backwards-compatible default setting chroot=y Aha. My main.cf does not have a value for compatibility_level, so it defaults to level 0, which behaves that way. My postfix configs are quite old, addmittedly, but it seems that if you're going to parse master.cf, it needs to be done fully compatibly with how postfix parses it.. (I also noticed BTW, that /etc/init.d/postfix's running() check always thinks postfix is running, even when it's not. Somehow /usr/lib/postfix/sbin/master -t exits nonzero even when no daemon is running. This would prevent updating the chroot ever if that init script were actually used, but with systemd it is not.) -- see shy jo
signature.asc
Description: PGP signature