On Mon, Dec 16, 2024 at 12:03:52PM +0300, Michael Tokarev via Postfix-users
wrote:
> The good news though is that all libnss_*.so which comes with glibc
> are not needed in chroot at all, they're built-in to the libc.so
> proper, and separate .so files are provided for compatibility only.
But sufficiently clever users could provision custom nsswitch modules,
it is an extensible framework. Likely in with enterprise systems like
"FreeIPA" to add "directory services".
Chroot is not worth the trouble, stop the madness. Only expert
individual users willing to suffer the pain, might go there.
For the rest, turn it off.
This sort of problem is handled with virtualisation these days.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
