docs: Fix note about the required Postfix rights
diff mbox series

Message ID 20191021150616.16033-1-alialnu@mellanox.com
State New
Headers show
Series
  • docs: Fix note about the required Postfix rights
Related show

Commit Message

Ali Alnubani Oct. 21, 2019, 3:06 p.m. UTC
The permissions for the user running the postfix process are
not the ones used for external file or command delivery by default.
The ones defined by default_privs are (in case the aliases(5) file
that is owned by root was being used). A privileged user or the
postfix owner should not be used in this case.

See http://www.postfix.org/postconf.5.html#default_privs and
local(8).

Signed-off-by: Ali Alnubani <alialnu@mellanox.com>
---
 docs/deployment/installation.rst | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

Comments

Daniel Axtens Oct. 29, 2019, 6:06 a.m. UTC | #1
Hi Ali,

> The permissions for the user running the postfix process are
> not the ones used for external file or command delivery by default.
> The ones defined by default_privs are (in case the aliases(5) file
> that is owned by root was being used). A privileged user or the
> postfix owner should not be used in this case.
>
> See http://www.postfix.org/postconf.5.html#default_privs and
> local(8).
>
> Signed-off-by: Ali Alnubani <alialnu@mellanox.com>
> ---
>  docs/deployment/installation.rst | 10 +++++-----
>  1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/docs/deployment/installation.rst b/docs/deployment/installation.rst
> index c086d9a..cd5e102 100644
> --- a/docs/deployment/installation.rst
> +++ b/docs/deployment/installation.rst
> @@ -617,11 +617,11 @@ they can be loaded as seen below:
>  
>  .. note::
>  
> -   This assumes your Postfix process is running as the ``nobody`` user.  If
> -   this is not correct (use of ``postfix`` user is also common), you should
> -   change both the username in the ``createuser`` command above and substitute
> -   the username in the ``grant-all-postgres.sql`` script with the appropriate
> -   alternative.
> +   This assumes that you are using the aliases(5) file that is owned by root,
> +   and that Postfix's ``default_privs`` configuration is set as ``nobody``. If
> +   this is not the case, you should change both the username in the ``createuser``
> +   command above and substitute the username in the ``grant-all-postgres.sql``
> +   script with the appropriate alternative.
>  

I think this is now the third time I've tried to review this, and I
think it's finally starting to make sense.

Is there any way local(8) could be invoked with a user other than the
one specified in default_privs?

btw, it should be grant-all.postgres.sql (a . not a - between all and
postgres) but if this doesn't need a respin I can fix that when I apply
it.

Regards,
Daniel
>  __ http://www.postfix.org/
>  
> -- 
> 2.11.0
>
> _______________________________________________
> Patchwork mailing list
> Patchwork@lists.ozlabs.org
> https://lists.ozlabs.org/listinfo/patchwork
Ali Alnubani Oct. 29, 2019, 8:08 a.m. UTC | #2
Hi Daniel,

> -----Original Message-----
> From: Daniel Axtens <dja@axtens.net>
> Sent: Tuesday, October 29, 2019 8:06 AM
> To: Ali Alnubani <alialnu@mellanox.com>; patchwork@lists.ozlabs.org
> Cc: Thomas Monjalon <thomas@monjalon.net>
> Subject: Re: [PATCH] docs: Fix note about the required Postfix rights
> 
> Hi Ali,
> 
> > The permissions for the user running the postfix process are not the
> > ones used for external file or command delivery by default.
> > The ones defined by default_privs are (in case the aliases(5) file
> > that is owned by root was being used). A privileged user or the
> > postfix owner should not be used in this case.
> >
> > See http://www.postfix.org/postconf.5.html#default_privs and local(8).
> >
> > Signed-off-by: Ali Alnubani <alialnu@mellanox.com>
> > ---
> >  docs/deployment/installation.rst | 10 +++++-----
> >  1 file changed, 5 insertions(+), 5 deletions(-)
> >
> > diff --git a/docs/deployment/installation.rst
> > b/docs/deployment/installation.rst
> > index c086d9a..cd5e102 100644
> > --- a/docs/deployment/installation.rst
> > +++ b/docs/deployment/installation.rst
> > @@ -617,11 +617,11 @@ they can be loaded as seen below:
> >
> >  .. note::
> >
> > -   This assumes your Postfix process is running as the ``nobody`` user.  If
> > -   this is not correct (use of ``postfix`` user is also common), you should
> > -   change both the username in the ``createuser`` command above and
> substitute
> > -   the username in the ``grant-all-postgres.sql`` script with the appropriate
> > -   alternative.
> > +   This assumes that you are using the aliases(5) file that is owned by root,
> > +   and that Postfix's ``default_privs`` configuration is set as ``nobody``. If
> > +   this is not the case, you should change both the username in the
> ``createuser``
> > +   command above and substitute the username in the ``grant-all-
> postgres.sql``
> > +   script with the appropriate alternative.
> >
> 
> I think this is now the third time I've tried to review this, and I think it's finally
> starting to make sense.
> 
> Is there any way local(8) could be invoked with a user other than the one
> specified in default_privs?

Yes. It's possible with user-level aliasing. You can create an aliases file that is owned by that user and added to alias_maps, or use the default forward_path (usually $home/.forward)
http://www.postfix.org/local.8.html
http://www.postfix.org/postconf.5.html#forward_path 

> 
> btw, it should be grant-all.postgres.sql (a . not a - between all and
> postgres) but if this doesn't need a respin I can fix that when I apply it.
Thanks.

Regards,
Ali

Patch
diff mbox series

diff --git a/docs/deployment/installation.rst b/docs/deployment/installation.rst
index c086d9a..cd5e102 100644
--- a/docs/deployment/installation.rst
+++ b/docs/deployment/installation.rst
@@ -617,11 +617,11 @@  they can be loaded as seen below:
 
 .. note::
 
-   This assumes your Postfix process is running as the ``nobody`` user.  If
-   this is not correct (use of ``postfix`` user is also common), you should
-   change both the username in the ``createuser`` command above and substitute
-   the username in the ``grant-all-postgres.sql`` script with the appropriate
-   alternative.
+   This assumes that you are using the aliases(5) file that is owned by root,
+   and that Postfix's ``default_privs`` configuration is set as ``nobody``. If
+   this is not the case, you should change both the username in the ``createuser``
+   command above and substitute the username in the ``grant-all-postgres.sql``
+   script with the appropriate alternative.
 
 __ http://www.postfix.org/