Hi! It's been a very long story with debian installing postfix chrooted by default. For about 25 years there were multiple, endless bug reports here on postfix- users, in debian bug tracker, in ubuntu bug tracker and elsewhere, all kinds of issues and workarounds has been faced. #151692 is one of the oldest debian bug reports still open: https://bugs.debian.org/151692 .
I think this stream of negative experience should be stopped. But with all this history behind us, I'm not yet sure how to do this. Postfix in debian has always been chrooted without an easy way to un-chroot it (yes, undoing a debian change to master.cf toggling most values in "chroot" column isn't exactly difficult, but for many users it feels just wrong to go against the more experienced people who packaged postfix for you). So I'm trying to find a less aggressive solution to this situation, with not-so-harsh change in behavior. I don't think it would be a good idea to offer an easy GUI-way (debconf in debian - a tool used to (re)configure packages which can ask questions to the user or can be pre-seeded) to toggle the chrooting of an already installed postfix. Because the user might already have customized their master.cf, and toggling "chroot" column for select list of services might not be wrong. There should be a way to undo the "unchroot" action too, to revert back to the debian traditional setup, - and this is where things becomes interesting. I don't know how to do it in a reliable way. At the very least, I think I'll just turn off chroot-by-default for the new installs, for now anyway. Without an easy way to turn it on (without such a knob/button as described above). But with all the existing infrastructure to handle chroot setup as has been there before (with all the bugs, omissions and stacked band-aids in there). I'd love to hear other opinions and comments about this matter. Thanks, /mjt _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
