Sounds good, thanks for the fast response! Best, Raymond Li
On Mon., Aug. 1, 2022, 2:38 p.m. Wietse Venema, <wie...@porcupine.org> wrote: > Raymond Li: > > Hello, > > > > Currently Postfix doesn't document that the nobody user runs piped > > commands by default. The following patch amends that. > > That is the case when the aliases file is owned by root; Postfix > supports aliases and :include: files that are owned by other users > and chooses delivery rights accordingly. There is a more precise > description in the local(8) manpage: > > DELIVERY RIGHTS > Deliveries to external files and external commands are made with > the > rights of the receiving user on whose behalf the delivery is > made. In > the absence of a user context, the local(8) daemon uses the > owner > rights of the :include: file or alias database. When those files > are > owned by the superuser, delivery is made with the rights specified > with > the default_privs configuration parameter. > > This is why the aliases file defers to the local(8) manpage: > > /file/name > Mail is appended to /file/name. See local(8) for details of > de- > livery to file. > > |command > Mail is piped into command. Commands that contain special > char- > acters, such as whitespace, should be enclosed between > double > quotes. See local(8) for details of delivery to command. > > I'll replace these rather unspecific pointers with more specific > pointers to "EXTERNAL FILE DELIVERY", "EXTERNAL COMMAND DELIVERY", > and "DELIVERY RIGHTS" in the local(8) documentation. There is a lot > of relevant information that should not be duplicated. > > Wietse > > --- > > postfix/man/man5/aliases.5 | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/postfix/man/man5/aliases.5 b/postfix/man/man5/aliases.5 > > index 628b5d75..c041be11 100644 > > --- a/postfix/man/man5/aliases.5 > > +++ b/postfix/man/man5/aliases.5 > > @@ -85,6 +85,8 @@ mailed back to the sender. The file > \fB/usr/include/sysexits.h\fR > > defines the expected exit status codes. For example, use > > \fB"|exit 67"\fR to simulate a "user unknown" error, and > > \fB"|exit 0"\fR to implement an expensive black hole. > > +.sp > > +Note that the command is run as the user \fBnobody\fR by default. > > .IP \fB:include:\fI/file/name\fR > > Mail is sent to the destinations listed in the named file. > > Lines in \fB:include:\fR files have the same syntax > > -- > > 2.37.1 > > > > --- > > Best, > > Raymond Li > > > >