NetBSD Problem Report #30087

From www@netbsd.org  Fri Apr 29 05:12:21 2005
Return-Path: <www@netbsd.org>
Received: by narn.netbsd.org (Postfix, from userid 31301)
	id CC73563B116; Fri, 29 Apr 2005 05:12:21 +0000 (UTC)
Message-Id: <20050429051221.CC73563B116@narn.netbsd.org>
Date: Fri, 29 Apr 2005 05:12:21 +0000 (UTC)
From: cheeselottery@gmail.com
Reply-To: cheeselottery@gmail.com
To: gnats-bugs@netbsd.org
Subject: rc.d/postfix should support KEYWORD: chrootdir
X-Send-Pr-Version: www-1.0

>Number:         30087
>Category:       bin
>Synopsis:       rc.d/postfix should support KEYWORD: chrootdir
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Fri Apr 29 05:13:00 +0000 2005
>Originator:     Cheese Lottery
>Release:        NetBSD 2.0.2
>Organization:
>Environment:
NetBSD xii.mine.nu 2.0.2_STABLE NetBSD 2.0.2_STABLE (Winchester) #0: Mon Apr 25 21:40:28 PDT 2005 krank@xii.mine.nu:/usr/build/i386.obj/sys/arch/i386/compile/winchester i386
>Description:
The current rc.d/postfix script helpfully copies files from /etc to postfix's queue directory.  This helps when you want to run some of postfix's daemons chrooted.  However, as the postfix documentation states, this is not quite enough.  Syslogd needs to create a log socket inside the chroot directory, or some of the daemons will eventually stop logging correctly.

rc.d/syslogd already has some magic so that it will create a log socket for any script with KEYWORD: chrootdir and *_chrootdir set.  It would be nice if rc.d/postfix could take advantage of this.
>How-To-Repeat:
n/a
>Fix:
I cooked up this patch, borrowing some text from rc.d/ntpd. It seems to work for me.

However, there is one thing: Besides setting postfix_chrootdir, postfix's master.cf needs to be edited to specify which daemons run chrooted.  This is still left with the user and I've tried to mention it here.

--- src/etc/rc.d/postfix	2005-04-28 21:33:23.000000000 -0700
+++ postfix	2005-04-28 22:10:57.000000000 -0700
@@ -5,6 +5,14 @@

 # PROVIDE: mail
 # REQUIRE: LOGIN
+# KEYWORD: chrootdir
+#
+#	postfix_chrootdir should be set to postfix's queue directory,
+#	which is normally /var/spool/postfix
+#
+#	/etc/postfix/master.cf must also be edited to specify which
+#	daemons are to run chrooted.
+#	
 #	we make mail start late, so that things like .forward's are not
 #	processed until the system is fully operational

@@ -18,23 +26,33 @@
 stop_cmd=$start_cmd
 reload_cmd=$start_cmd
 extra_commands="reload"
-spooletcdir="/var/spool/${name}/etc"
-required_dirs=$spooletcdir
+required_dirs="$postfix_chrootdir"        # if it is set, it must exist

 postfix_precmd()
 {
+	if [ -z "$postfix_chrootdir" ]; then
+        	return 0;
+ 	fi
+
+	# If running in a chroot cage, ensure that the appropriate files
+	# exist inside the cage.
+	#
 	# As this is called after the is_running and required_dir checks
-	# are made in run_rc_command(), we can safely assume ${spooletcdir}
-	# exists and postfix isn't running at this point (unless forcestart
-	# is used).
+	# are made in run_rc_command(), we can safely assume 
+	# ${postfix_chrootdir} exists and postfix isn't running at this
+	# point (unless forcestart is used).
 	#
-
 	for f in localtime resolv.conf services; do
 		if [ -f /etc/$f ]; then
-			cmp -s /etc/$f ${spooletcdir}/$f || \
-			    cp -p /etc/$f ${spooletcdir}/$f
+			cmp -s /etc/$f ${postfix_chrootdir}/etc/$f || \
+			    cp -p /etc/$f ${postfix_chrootdir}/etc/$f
 		fi
 	done
+
+	if [ ! -d ${postfix_chrootdir}/var/run ]; then
+		rm -f ${postfix_chrootdir}/var/run
+		mkdir -p ${postfix_chrootdir}/var/run
+	fi
 }

 load_rc_config $name

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.