Hi Ali, > The permissions for the user running the postfix process are > not the ones used for external file or command delivery by default. > The ones defined by default_privs are (in case the aliases(5) file > that is owned by root was being used). A privileged user or the > postfix owner should not be used in this case. > > See http://www.postfix.org/postconf.5.html#default_privs and > local(8). > > Signed-off-by: Ali Alnubani <alia...@mellanox.com> > --- > docs/deployment/installation.rst | 10 +++++----- > 1 file changed, 5 insertions(+), 5 deletions(-) > > diff --git a/docs/deployment/installation.rst > b/docs/deployment/installation.rst > index c086d9a..cd5e102 100644 > --- a/docs/deployment/installation.rst > +++ b/docs/deployment/installation.rst > @@ -617,11 +617,11 @@ they can be loaded as seen below: > > .. note:: > > - This assumes your Postfix process is running as the ``nobody`` user. If > - this is not correct (use of ``postfix`` user is also common), you should > - change both the username in the ``createuser`` command above and > substitute > - the username in the ``grant-all-postgres.sql`` script with the appropriate > - alternative. > + This assumes that you are using the aliases(5) file that is owned by root, > + and that Postfix's ``default_privs`` configuration is set as ``nobody``. > If > + this is not the case, you should change both the username in the > ``createuser`` > + command above and substitute the username in the > ``grant-all-postgres.sql`` > + script with the appropriate alternative. >
I think this is now the third time I've tried to review this, and I think it's finally starting to make sense. Is there any way local(8) could be invoked with a user other than the one specified in default_privs? btw, it should be grant-all.postgres.sql (a . not a - between all and postgres) but if this doesn't need a respin I can fix that when I apply it. Regards, Daniel > __ http://www.postfix.org/ > > -- > 2.11.0 > > _______________________________________________ > Patchwork mailing list > Patchwork@lists.ozlabs.org > https://lists.ozlabs.org/listinfo/patchwork _______________________________________________ Patchwork mailing list Patchwork@lists.ozlabs.org https://lists.ozlabs.org/listinfo/patchwork
