Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Ronald F. Guilmette (rfgmonkeys.com)
Date: Sun Jun 10 2007 - 17:37:45 CDT
In message <20070610221437.0F79B1F3E95spike.porcupine.org>,
>> >> After a bit of digging I learned that what was really needed was
>> >> /etc/postfix/master.cf:
>> >> policy unix - n n - - spawn
>> >> user=nobody:postdrop argv=/usr/local/rfg/bin/smtpd-policy
>> >> i.e. specifying the user _and_ group (where group==postdrop) in order to
>> >> persuade spawn(8) to execute my policy server _and_ to allow it to have
>> >> access to the private UNIX domain socket that spawn created in order to
>> >> pass data to the policy server.
>> >This is wrong. Spawn(8) ALWAYS has access to Postfix sockets.
>> OK. I must ask then: What caused the logfile error message that I posted
>> (and which is included again above)? If spawn was having no problem with
>Jun 10 11:38:11 segfault postfix/spawn: fatal: request to use mail system owner group id 610
>You were attempting to leak Postfix's GID to an external command.
>Postfix will not allow that.
I'm sorry. I did not make myself clear.
On my system, GID # 610 is _not_ Postfix's group ID... it is rather my
own personal group ID. (Postfix has it own separate, distinct and different
group ID, i.e.:
(I feel reasonably sure that every tool that is a part of Postfix is either
using that group or else group "wheel" aka GID#0.)
Thus, it still makes no sense that the error message said, in effect, that
spawn would not allow me to use _my own_ group ID (610).
So I find that I need to ask again: How/why is spawn.c getting _my_ group
ID mixed up and confused with _Postfix's_ group ID?
(I'm sorry if there is something obvious that I'm just not seeing here,
but the content of the error message I quoted seems pretty clear - Postfix
is somehow getting the Wrong Idea - it is incorrectly thinking for some
reason that my personal group ID is in fact Postfix's "mail system owner