|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Some weird ideas about chroot
From: alex (alex
quad.com.ar)Date: Tue Mar 28 2000 - 18:49:16 CST
- Next message: Jim Seymour: "RE: address rewriting?"
- Previous message: Christopher A. Adams: "stopping mail in queue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
hi there postfixers!
I've been trying to implement some virtual domain support at cyrus imap
server. So far I found a possible solution. which is almost perfect to me
but has one possible weak point.. it's integration with the MTA (postfix).
Here's the idea:
I'll set a single linux box with only 1 nic which will have ip aliasing
(several ip addresses binded to it) and also implement the solution
mentioned at the Virtual Services Howto which is basically a wrapper
(virtuald) called from inetd which reads the directory name associated to
the IP resolved by getsocketname and then chroots that directory for the
daemon to run (cyrus in this case).
This looks perfect to me. I can make one directory for each domain, and each
domain will use its own chrooted dir for imapd, there I have a nice solution
to my virtual domain problem without the cost of buying/using one pc for
each domain.
(I know there are patches for uw-imapd to support virtual hosting, but I
*must* use cyrus).
The weak point I mentioned is: how can I make postfix deliver messages to
cyrus when there are several copies of it on my hard drive? First I thought
to also put postfix under the virtuald and get it chrooted too, but that
looks pretty nasty to me. so then I thought why not to chroot the postfix
delivery tool at master.cf.
and there's where I get a bit clueless about it:
1. Is it possible at all to call the cyrus mailer component program from
master.cf in a chroot'ed enviroment ? (chrooted where I want it to and not
at its own spool dir)
2. can I use the domain name of the recipient as a variable while chroot'ing
it?
Example: if postfix has to deliver a message to johnfoo.org it will first
have to chroot a directory called "/virtual/foo.org" and then call the cyrus
deliver program under that chroot'ed enviroment.
3. Do you see any flaws on this cheap solution ?
Any suggestions are very welcome.
Thank you so much for reading my message (and for answering it if you are
going to :))
Regards,
Alex Verstraeten
Bs.As. Argentina
- Next message: Jim Seymour: "RE: address rewriting?"
- Previous message: Christopher A. Adams: "stopping mail in queue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]