On 30.11.2016 19:30, Bartosz Rudnicki wrote:
On 2016-11-30 01:18, LaMont Jones wrote:
On Sat, Nov 26, 2016 at 01:06:26PM -0500, Scott Kitterman wrote:
On Saturday, November 26, 2016 06:42:13 PM Bartosz Rudnicki wrote:
Yes, there is a tab character after pcre.
I set "chroot" option to "n" for all services in the master.cf and
restarted postfix.
Now, during sending a message, the following messages filling up
the log
file:
Nov 26 18:11:45 Sirius postfix/cleanup[1723]: error: open
/etc/postfix/pcre/auth_policies: Permission denied
What are the permissions on /etc/postfix/pcre? That almost looks like
the postfix user is unable to access the directory.
Nov 26 18:11:45 Sirius postfix/cleanup[1723]: warning:
pcre:/etc/postfix/pcre/auth_policies is unavailable. open
/etc/postfix/pcre/auth_policies: Permission denied
Nov 26 18:11:45 Sirius postfix/cleanup[1723]: warning: 42B227212B6:
milter_header_checks map lookup problem -- message not accepted, try
again later
Although I set recursively 777 permissions for /etc/postfix/pcre/
directory, postfix can not reach my pcre map file.
Try 755 -- postfix is picky about world writable directories, iirc.
Did you use postmap [1] to update the map?
pcre maps do not need postmap compilation (nor does postmap accept such
requests.)
The next thing to do would be to add some -v options (3 or 4 of them) to
the cleanup line in master.cf and see what it has to spew into the logs.
FWIW, pcre maps seem to work just fine for me in 3.1.3-4.
lamont
First of all - I noticed that pcre complications appears only when
using "milter_header_checks"; After removing this option and replacing
it with "header_checks" and "mime_header_checks" - everything seems to
work properly.
So in order to reproduce the situation in another environment, the
milter application is needed, which has to append additional header to
the message.
I set the /etc/postfix/pcre directory permissions to 755 and repeated
attempts both for default master.cf file (default chroot settings) and
for modified master.cf file, where all commands have "chroot" option
set to NO.
Results are the same as before:
1) for default master.cf:
http://pastebin.com/raw/ukfF5Zui
2) for modified master.cf (no-chroot):
http://pastebin.com/raw/5CJZU8Ki
I've just figured out that postfix directory had not a execute
permission for others (711), so cleanup could not read the pcre map
file. Sorry for my oversight. Now, everything seems to work fine but
obviously only for the non-chrooted cleanup instance.
Interestingly the "header_checks" and "mime_header_checks" do not need
"x" permission on /etc/postfix/ directory when cleanup works without chroot.
