Re: What user should be specified for the opendikm -u UID option?

Sun, 03 Sep 2017 08:46:39 -0700 

fyi, if you prefer a dedicated user approach, just need to make sure you're
consistent,

groupdel opendkim
groupadd opendkim
useradd  opendkim -g opendkim -G "" -s /bin/false -d /var/run/opendkim -M
usermod -a -G opendkim postfix

id opendkim
    uid=5117(opendkim) gid=5117(opendkim) groups=5117(opendkim)
id postfix
    uid=5001(postfix) gid=5001(postfix)
groups=5001(postfix),12(mail),5002(postdrop),...,5117(opendkim),...


cat /etc/systemd/system/opendkim.service
    ...
    [Service]
    User=opendkim
    Group=opendkim
    Type=forking
    PIDFile=/var/run/opendkim/opendkim.pid
    ExecStart=/opt/opendkim/sbin/opendkim -l -x
/usr/local/etc/opendkim/opendkim.conf -u opendkim
    ...

cat /usr/local/etc/opendkim/opendkim.conf
    ...
    UserID    opendkim:opendkim
    Socket    local:/var/run/opendkim/opendkim.sock
    PidFile   /var/run/opendkim/opendkim.pid
    ...

cat /usr/local/etc/opendkim/key_table
    dkim-56..._domainkey.example1.com    example1.com:
dkim-56...:/usr/local/etc/sec/dkim/dkim-146...example1.com.key.pem
    dkim-0e..._domainkey.example2.com    example2.com:
dkim-0e...:/usr/local/etc/sec/dkim/dkim-146...example2.com.key.pem
    ...

ls -alr /var/run/opendkim
    total 4.0K
    srwxrwxr-x  1 opendkim opendkim    0 Sep  2 09:33 opendkim.sock=
    -rw-r--r--  1 opendkim opendkim    5 Sep  2 09:33 opendkim.pid
    drwxr-xr-x 42 root     root     1.2K Sep  3 08:06 ../
    drwxr-xr-x  2 opendkim opendkim   80 Sep  2 09:33 ./

ls -alr /usr/local/etc/opendkim
    total 40K
    -rw-rw-r--+  1 opendkim opendkim   93 May 30  2016 trusted_hosts
    -rw-r-----+  1 opendkim opendkim 2.1K May 30  2016 signing_table
    -rw-r-----+  1 opendkim opendkim 7.6K May 30 08:26 opendkim.conf
    -rw-r-----+  1 opendkim opendkim 4.1K May 30  2016 key_table
    drwxrwxr-x+ 32 root     root     4.0K Aug 28 07:30 ../
    drwxr-xr-x+  2 opendkim opendkim 4.0K May 30  2016 ./

ls -al /usr/local/etc/sec/dkim
    total 384K
    drwxr-xr-x  2 opendkim opendkim  12K May 30  2016 ./
    drwxr-xr-x 10 root     root     4.0K Aug 28 07:32 ../
    -rw-------  1 opendkim opendkim 1.7K May 30  2016
dkim-14...example1.com.key.pem
    -rw-------  1 opendkim opendkim  451 May 30  2016
dkim-14...example1.com.pubkey.pem
    -rw-------  1 opendkim opendkim 1.7K May 30  2016
dkim-14...example2.com.key.pem
    -rw-------  1 opendkim opendkim  451 May 30  2016
dkim-14...example2.com.pubkey.pem
    ...

cat /usr/local/etc/postfix/master.cf
    ...
    [127.0.0.1]:10005 inet n - n - - smtpd
      -o smtpd_milters=...,unix:/var/run/opendkim/opendkim.sock,...
    ...
    [int.mx.MYDOMAIN.COM]:587 inet n - n - - smtpd
      -o smtpd_milters=...,unix:/var/run/opendkim/opendkim.sock,...
    ...

cat /usr/local/etc/postfix/main.cf
    ...
    authorized_submit_users = ..., opendkim, ...
    ...


works well here.

hth.

Reply via email to