Ubuntu: Postfix, maps permissions?
The postfix master process manager runs as root.
This process can therefore access anything it pleases, and hence is not the issue.
However, any service in master.cf that has the 2nd column of its service definition ("Unprivileged") set to "y", runs under the user account set with mail_owner in main.cf.
This user, or its primary group, must have read access to all map files:
chmod 0640 /etc/postfix/maps/* && chgrp <postfixgroup> /etc/postfix/maps/*
Related videos on Youtube
DavisTasar
Updated on September 18, 2022Comments
-
DavisTasar almost 2 years
I just loaded up Postfix on Ubuntu 12.04 (following several guides), and most said to change the file permissions in the /etc/postfix/maps (user.cf, alias.cf, domain.cf) to 700 and owned by the postfix user.
Yet, when I do this, those files can't be read. I had to chmod 777 the whole folder for postfix to work. Any ideas on how I can troubleshoot this so I don't have to use 777 for the whole directory?
I know it's a permission issue, and postfix should be running under the postfix account, I just thought I might ask you guys for your recommendations.
Asked for information:
ps aux | grep postfix
root 1839 0.0 0.1 158844 864 ? Ss Dec28 0:00 /usr/sbin/saslauthd -a pam -r -c -m /var/spool/postfix/var/run/saslauthd -n 5 root 1840 0.0 0.2 158844 1040 ? S Dec28 0:00 /usr/sbin/saslauthd -a pam -r -c -m /var/spool/postfix/var/run/saslauthd -n 5 root 1841 0.0 0.1 158844 912 ? S Dec28 0:00 /usr/sbin/saslauthd -a pam -r -c -m /var/spool/postfix/var/run/saslauthd -n 5 root 1842 0.0 0.1 158844 844 ? S Dec28 0:00 /usr/sbin/saslauthd -a pam -r -c -m /var/spool/postfix/var/run/saslauthd -n 5 root 1844 0.0 0.1 158844 924 ? S Dec28 0:00 /usr/sbin/saslauthd -a pam -r -c -m /var/spool/postfix/var/run/saslauthd -n 5 root 2633 0.0 0.0 25108 356 ? Ss Dec28 0:00 /usr/lib/postfix/master postfix 2637 0.0 0.0 27336 368 ? S Dec28 0:00 qmgr -l -t fifo -u postfix 2697 0.0 0.1 38244 980 ? S Dec28 0:00 tlsmgr -l -t unix -u -c root 18742 0.0 0.1 9388 884 pts/1 S+ 00:11 0:00 grep --color=auto postfix
ls -al /etc/postfix
drwxr-xr-x 4 root root 4096 Dec 28 16:29 . drwxr-xr-x 117 root root 4096 Dec 28 17:24 .. -rw-r--r-- 1 root root 329 Dec 24 21:33 dynamicmaps.cf -rw-r--r-- 1 root root 2216 Dec 28 16:29 main.cf -rw-r--r-- 1 root root 1370 Dec 24 21:44 main.cf.old drwxrwxrwx 2 root postfix 4096 Dec 28 17:10 maps -rw-r--r-- 1 root root 4797 Dec 24 21:46 master.cf -rw-r--r-- 1 root root 19707 Oct 23 10:10 postfix-files -rwxr-xr-x 1 root root 8729 Oct 23 10:10 postfix-script -rwxr-xr-x 1 root root 26498 Oct 23 10:10 post-install drwxr-xr-x 2 root root 4096 Dec 24 21:55 sasl
When I would receive error messages, they would be:
Dec 28 17:04:43 prodserv1 postfix/virtual[7194]: error: open /etc/postfix/maps/user.cf: Permission denied Dec 28 17:04:43 prodserv1 postfix/virtual[7194]: warning: mysql:/etc/postfix/maps/user.cf is unavailable. open /etc/postfix/maps/user.cf: Permission denied Dec 28 17:04:43 prodserv1 postfix/virtual[7194]: warning: table virtual_mailbox_maps: lookup [email protected]: Permission denied
-
Ladadadada over 11 yearsCould you add
ps aux | grep postfix
andls -la /etc/postfix/
to your question? Also, are you getting an error message? If so, add it too. -
DavisTasar over 11 yearsDone! I'm not receiving error messages at the moment, however when I was they would appear as above.
-