Home / server / Questions / 1022391
Accepted
Marcus Ahlberg
Asked: 2020-06-22 11:40:13 +0800 CST

Why doesn't postfix start-fg populate /etc in chroot jail?

  • 772

I've created a docker container that runs postfix in the foreground using postfix start-fg. It starts fine but is having trouble resolving hostnames, which I think is due to that /var/spool/postfix/etc is missing. This is mentioned in a comment here but without any explanation or reference.

There is a workaround described here, with a vague explanation and no sources.

Is this described in the official documentation or is it just something that people discover after hours of debugging?

debian postfix docker

1 Answers

  1. Best Answer

    So it seems that postfix will not prepare the chroot jail but it is the responsibility of the user.

    Note that a chrooted daemon resolves all filenames relative to the Postfix queue directory (/var/spool/postfix). For successful use of a chroot jail, most UNIX systems require you to bring in some files or device nodes. The examples/chroot-setup directory in the source code distribution has a collection of scripts that help you set up Postfix chroot environments on different operating systems.

    Debian seems to prepare the chroot environment the first time the service is started rather than during setup. I guess the question should be: Why doesn't Debian prepare the default chroot jail during postfix setup?

    As suggested by Michael in a comment I switched to Alpine, which uses the postfix default configuration without chroot, and it works just fine.

    • 0