Home / server / Questions / 481282
Accepted
w00t
Asked: 2013-02-22 13:35:47 +0800 CST

Postfix chroot jail doesn't work

  • 772

Trying to setup Postfix to run chrooted. Only bit of info on this comes from the man page which simply says to follow the instructions in master.cf. master.cf is self explanatory, just set 'y' in the chroot column. BUT NO, it still doesn't work.

# pgrep master
12661
# ls -lh /proc/12661/root
lrwxrwxrwx 1 root root 0 Feb 23 22:03 /proc/12661/root -> /

Still points to my root! This means it still reads user related info (local_recipient_maps for example) from /etc/passwd, which I do not want to. I want to use a separate passwd file in the chroot. I tried setting:

local_recipient_maps = $maps
maps=/var/spool/postfix/etc/passwd

but still nothing. It still reads from /etc/passwd.
Chroot env is set in /var/spool/postfix and all needed files and libs are there.

master.cf:

smtp      inet  n       -       y       -       -       smtpd
smtpd     pass  -       -       y       -       -       smtpd
pickup    unix  n       -       y       60      1       pickup
cleanup   unix  n       -       y       -       0       cleanup
qmgr      unix  n       -       y       300     1       qmgr
tlsmgr    unix  -       -       y       1000?   1       tlsmgr
rewrite   unix  -       -       y       -       -       trivial-rewrite
bounce    unix  -       -       y       -       0       bounce
defer     unix  -       -       y       -       0       bounce
trace     unix  -       -       y       -       0       bounce
verify    unix  -       -       y       -       1       verify
flush     unix  n       -       y       1000?   0       flush
proxymap  unix  -       -       y       -       -       proxymap
proxywrite unix -       -       y       -       1       proxymap
smtp      unix  -       -       y       -       -       smtp
relay     unix  -       -       y       -       -       smtp
showq     unix  n       -       y       -       -       showq
error     unix  -       -       y       -       -       error
retry     unix  -       -       y       -       -       error
discard   unix  -       -       y       -       -       discard
local     unix  -       n       y       -       -       local
virtual   unix  -       n       y       -       -       virtual
lmtp      unix  -       -       y       -       -       lmtp
anvil     unix  -       -       y       -       1       anvil
scache    unix  -       -       y       -       1       scache

postconf -n:

command_directory = /var/spool/postfix/usr/sbin
config_directory = /var/spool/postfix/etc/postfix
daemon_directory = /var/spool/postfix/usr/libexec/postfix
data_directory = /var/spool/postfix/var/lib/postfix
debug_peer_level = 2
default_privs = nobody
header_checks = regexp:/var/spool/postfix/etc/postfix/header_checks
html_directory = no
inet_interfaces = loopback-only
inet_protocols = ipv4
local_recipient_maps = $maps
mail_owner = postfix
mailq_path = /var/spool/postfix/usr/bin/mailq
manpage_directory = /usr/local/man
maps = /var/spool/postfix/etc/passwd
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 127.0.0.0/8
newaliases_path = /var/spool/postfix/usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /var/spool/postfix/etc/postfix
sendmail_path = /var/spool/postfix/usr/sbin/sendmail
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP $mail_name
unknown_local_recipient_reject_code = 550
postfix

1 Answers

  1. Best Answer

    The master process will not run chrooted, since it spawns all the other services that actually do the work. Check the roots of the various spawned services (like qmgr).

    The purpose of chroot (in the master.cf) is to limit the damage that might be caused by exploit, not to present postfix with a different set of information. If you want to present postfix with a different set of users, maybe look at http://www.postfix.org/VIRTUAL_README.html or perhaps prepare a full chroot to start the initial postfix process in manually.

    • 5