deoren: > Alternate title: > > Postfix + SQLite lookup tables shared with external applications in > Write-Ahead Logging (WAL) mode > > Hi, > > Ultimately, the fix appears to be to set the owner of the containing > directory and the SQLite database files to "postfix". What I don't > understand is _why_ this is the fix. I expect it is likely something > very basic that I am overlooking. > > Thanks in advance for your help. > > In short, I took a working Postfix configuration that uses MySQL for its > lookup tables and updated it so that it uses SQLite instead. All lookups > work without issue except for SQLite lookups via the local daemon for > the "alias_maps" setting, unless I set the "postfix" user account as > owner of the directory/files.
Postfix local(8) opens the sqlite map while it still runs as root, and that file handle should work after the process changes privileges. I suspect that something is interfering with UNIX permissions model, maybe selinux or apparmor. Wietse