Hi, I'm working on a front-end to modify our main.cf and other config files, such as the transport and relay_recips file and want to be sure I'm doing it securely.
Postfix complains if the files are not owned by root, but I don't want the script to have to run as root. What is the most secure way to do this? Perhaps passwordless sudo with the explicit ability to act on these files and reload/restart postfix? Is it okay to create a backup directory in /etc/postfix that's owned by this script user?
