Ralf Hildebrandt: > In the absence of a user context, the local(8) daemon uses the owner > rights of the :include: file or alias database. When those files are > owned by the superuser, delivery is made with the rights specified > with the default_privs configuration parameter. > > That's probably what you're seeing. > Make a sep. alaias file, make it owned by nottheoilrig and it should > work.
You need to set the ownership (once) for the aliases source file AND for the .db output file. After that, postalias/newaliases will work as follows: if invoked by root, it drops privileges to the owner of the aliases source file. If invoked by any other user, it will run as that user. Wietse