chrooting postfix and smtp-auth

To: debian-user@lists.debian.org
Subject: chrooting postfix and smtp-auth
From: Mark Devin <mdevin@ozemail.com.au>
Date: 03 Feb 2003 00:09:01 +1000
Message-id: <[🔎] 1044194941.6018.27.camel@flathead.mitdevin.com>

I have postfix smtp-auth working using pwckeck_method: pam in
/etc/postfix/sasl/smtpd.conf.  However, I had to make postfix smtp not
run chrooted in /etc/postfix/master.cf.

If I try leaving smtp chrooted then it fails trying to open the
/etc/pam.d/smtp file.  In order to get smtp to run chrooted I will need
to copy this file plus some pam library files.  Then even if I copy all
this, I will be in trouble if these are later updated on my system but
not copied again to the chroot.

Is it worth trying to make postfix run chrooted when I need to enable
smtp-authentication via pam?  If I track down all the files needed in
the chroot, then what simple ways are there to keep them consistent with
the rest of the system as I upgrade in the future?  Will I always have
to check manually?

I love apt-get and use it along with security.debian.org to keep my
system up to date.  For me, it is probably a bigger security threat to
make system upgrades more difficult than to run postfix smtp
un-chrooted.  So basically, is it possible to get postfix to run
chrooted and provide smtp-auth via pam and keep system maintenance easy?

Regards.
Mark.

Reply to:

Prev by Date: Swap capslock-control in console?
Next by Date: kernel 2.4.8k-6 consoles inaccessible
Previous by thread: Re: Swap capslock-control in console?
Next by thread: kernel 2.4.8k-6 consoles inaccessible
Index(es):
- Date
- Thread