Dear Postfix folks,
In our infrastructure, we are building Postfix from source with an
unprivileged user, and also try to run most services as an unprivileged
user. Privileged ports are forwarded to unprivileged ports, used by the
service, by configuring Linux’ packet filter rules with *iptables*.
Currently, Postfix checks file ownership at startup according to
`postfix-files`, which lists several files to be owned by the user
*root* [1], for example:
$config_directory:d:root:-:755:u
Postfix warns about mismatches at startup.
The mail owner and setgid group are already configurable, for example:
$queue_directory/maildrop:d:$mail_owner:$setgid_group:730:uc
$queue_directory/public:d:$mail_owner:$setgid_group:710:uc
[…]
$command_directory/postdrop:f:root:$setgid_group:2755:u
$command_directory/postqueue:f:root:$setgid_group:2755:u
Could the same be done for the “postfix owner”? Or are there downsides?
Kind regards,
Paul
[1]:
https://github.com/vdukhovni/postfix/blob/2595917e491dfe704390b9bf1100bcdd35b21ae8/postfix/conf/postfix-files#L48
