OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: p dont think (pdontthink_at_angrynerds.com)
Date: Tue Aug 06 2002 - 12:10:51 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Here's why not:

    # postfix start
    postfix/postfix-script: warning: not owned by root: /etc/postfix/gids.cf
    postfix/postfix-script: warning: not owned by root: /etc/postfix/main.cf
    postfix/postfix-script: warning: not owned by root:
    /etc/postfix/mysql_virt.cf
    postfix/postfix-script: warning: not owned by root:
    /etc/postfix/transport.cf
    postfix/postfix-script: warning: not owned by root: /etc/postfix/uids.cf
    postfix/postfix-script: warning: not owned by root:
    /etc/postfix/virtual.cf
    postfix/postfix-script: starting the Postfix mail system

    Hmmm. I suppose the next best thing is this:
    rw-rw---- root postfix

    ????? Can anyone else tell me what they have done????

    > Follow up on my own post, I set ownership of all .cf files except
    > master.cf to postfix:postfix and chmod'ed them to 600, reloaded and it
    > seems to work fine:
    >
    > -rw------- 1 postfix postfix 109 Aug 4 16:59 gids.cf
    > -rw------- 1 postfix postfix 24546 Aug 5 21:26 main.cf
    > -rw------- 1 root root 5038 Aug 3 15:29 master.cf
    > -rw------- 1 postfix postfix 113 Aug 4 17:00 mysql_virt.cf
    >
    > Yikes. I think this is good, but anyone have any reason why I
    shouldn't
    > do this? Is master ownership best left under root?
    >
    >
    > > Hopefully an easy question:
    > >
    > > Since I am using mysql, and thus storing the mysql password in some
    of
    > > my .cf files, I want to scale back the permissions on my .cf files,
    > > which are currently:
    > >
    > > -rw-r--r-- 1 root root 109 Aug 4 16:59 /etc/postfix/gids.cf
    > > -rw-r--r-- 1 root root 24546 Aug 5 21:26 /etc/postfix/main.cf
    > > -rw-r--r-- 1 root root 118 Aug 3 15:29
    /etc/postfix/transport.cf
    > >
    > > ... and etc. If I remove read permissions for "other", virtual has
    > > problems:
    > >
    > > postfix/virtual[1703]: fatal: open /etc/postfix/mysql_virt.cf:
    > > Permission denied
    > >
    > > Would changing the ownership on these files to postfix help? Any
    tips
    > > would be kindly appreciated!
    > >
    > > Cheers

    -
    To unsubscribe, send mail to majordomopostfix.org with content
    (not subject): unsubscribe postfix-users