Leonardo Vilela Pinheiro schrieb:
As I can seen, there is the bind-chroot glue package, but is there a
postfix-chroot.rpm glue ? I have looked for it, but I think there is not.
You are right, there is none. You may do an RFE in upstream's bugzilla.
Though there is the /etc/postfix/postfix-chroot script shipping with the
Postfix rpm.
If there is not, what is your opinion about creating one ?
Other than with bind I take the security advantage of a chrooted Postfix
little. Especially because other than bind Postfix typically calls other
applications as for instance content filters (amavisd-new comes to mind)
and, very prominently, uses Cyrus-SASL for client and server SMTP AUTH.
So to be able to do SMTP AUTH with a chrooted Postfix you will have to
do relocate the SASL libs - just copying into the chroot is not enough
(Debian i.e. has its own patches for this).
Do you have a working solution for CentOS / RHEL in your pocket?
Cheers
Alexander
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
