chrooting postfix and smtp-auth
I have postfix smtp-auth working using pwckeck_method: pam in
/etc/postfix/sasl/smtpd.conf. However, I had to make postfix smtp not
run chrooted in /etc/postfix/master.cf.
If I try leaving smtp chrooted then it fails trying to open the
/etc/pam.d/smtp file. In order to get smtp to run chrooted I will need
to copy this file plus some pam library files. Then even if I copy all
this, I will be in trouble if these are later updated on my system but
not copied again to the chroot.
Is it worth trying to make postfix run chrooted when I need to enable
smtp-authentication via pam? If I track down all the files needed in
the chroot, then what simple ways are there to keep them consistent with
the rest of the system as I upgrade in the future? Will I always have
to check manually?
I love apt-get and use it along with security.debian.org to keep my
system up to date. For me, it is probably a bigger security threat to
make system upgrades more difficult than to run postfix smtp
un-chrooted. So basically, is it possible to get postfix to run
chrooted and provide smtp-auth via pam and keep system maintenance easy?
Regards.
Mark.
Reply to: