On Tue, Oct 02, 2007 at 09:29:27AM +0200, Benjamin Sonntag wrote: > Postfix smtp / smtpd daemons are launched in a chrooted environment. > Therefore, > when we use SSL/TLS and configure them properly to authenticate client / > server > certificates, we need to access /etc/ssl/certs/ to check CA Certificates > signatures. So, in case smtpd_use_tls or smtp_use_tls is YES in postconf, we > should copy /etc/ssl/certs/ca-certificate.crt in the chrooted environment. > > The included patch change /etc/init.d/postfix to copy this file when needed.
Actually, it would be even better if Postfix just read the certs before chrooting. Copying more stuff into the chroot is not always the answer. lamont -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
