 |
| Prev-20 | Home | Next-20 |
| Prev-20 | Home | Next-20 |
| Prev-Msg | Prev-Thread | Postfix-users | Jan-2008 | Next-Thread | Next-Msg |
| Subject: | Documentation enhancement: Adjusting DB file permissions after upgrade to 2.5 |
| Group: | Postfix-users |
| From: | Jan P. Kessler |
| Date: | 15 Jan 2008 |
yesterday I performed a postfix upgrade from 2.4.6 -> 2.5-20080109. We
use recipient verification on that system. After the upgrade I noticed
that the address_verify_map was not accessible anymore:
an 15 16:26:12 mail postfix/verify[3121]: fatal: open database
/var/spool/postfix-cache/db_address_verify.db: Bad file descriptor
Jan 15 16:26:13 mail postfix/master[658]: warning: process
/usr/local/postfix/libexec/verify pid 3121 exit status 1
Jan 15 16:26:13 mail postfix/master[658]: warning:
/usr/local/postfix/libexec/verify: bad command startup -- throttling
The upgrade was performed the "usual way" (make tidy; make makefiles
...; make; make upgrade). The format of the DB is btree.
After taking a closer look I found the file needs new permissions
(writable for postfix user). The old file had root:root and therefore
the new postfix version had no write access to it. Same thing for the
TLS cache DBs.
Later I found this within the release notes:
--------- snip ----------
The tlsmgr(8) and verify(8) servers no longer use root privileges when
opening the address_verify_map, *_tls_session_cache_database, and
tls_random_exchange_name cache files. This avoids a potential security
loophole where the ownership of a file (or directory) does not match the
trust level of the content of that file (or directory).
--------- snip ----------
What do you think - would it be worth to add a note that because of this
the permissions of address_verify_map and
smtp[*]_tls_session_cache_database have to be adjusted?
Brgds, Jan
| Prev-Msg | Prev-Thread | Postfix-users | Jan-2008 | Next-Thread | Next-Msg |