[pfx] Re: Feature request: let us configure /proc/net/if_inet6 path from config (or use alternative altogether)

Tue, 14 Apr 2026 13:14:18 -0700 

Umair via Postfix-users:
> I am experimenting with postfix on an Android phone and however it works on
> ipv4 but for ipv6 it fails and the reason is that under a restricted
> environment, access to the aforementioned file is not available.
> Apparently, mobile networks have better support for ipv6 than ipv4.
> 
> $ postfix start
> postfix: warning: can't open /proc/net/if_inet6 (Permission denied) -
> skipping IPv6 configuration               postsuper: warning: can't open

    if ((fp = fopen(_PATH_PROCNET_IFINET6, "r")) != 0) {
        /* do stuff */
    } else {
        msg_warn("can't open %s (%m) - skipping IPv6 configuration",
                 _PATH_PROCNET_IFINET6);
    }

An MTA like Postfix must know its own IP addresses, to prevent
mailer loops including forwarding to a less-preferred MX host.

Maybe you can solve the root cause: fix the broken permission.

Otherwise, consider running Postfix with an LD_PRELOAD as shown below. 

/etc/ld.so.preload:
    /etc/postfix/preload.so

Where preload.so intercepts fopen(), inspects the argument, and
then calls the real fopen(). 

Below is untested preload code. You may also have to redirect
fopen64.

The code was used in a system to police all libc calls that have a
pathname argument.

https://www.ndss-symposium.org/ndss2010/where-do-you-want-go-today-escalating-privileges-pathname-manipulation/

        Wietse

/* preload.c  - build with: cc -fpic -shared -o preload.so preload.c */

#include <sys/types.h>
#include <dlfcn.h>
#include <stdio.h>
#include <fcntl.h>
#include <stdarg.h>
#include <stdlib.h>

static FILE *(*_real_fopen) (const char *, const char *);

/* fopen - redirect /proc/net/if_inet6" to "/etc/postfix/proc_inet_if_inet6" */

FILE   *fopen(const char *path, const char *mode)
{
    if (path == "/proc/net/if_inet6")
        path = "/etc/postfix/proc_inet_if_inet6";
    if (_real_fopen == 0)
        _real_fopen = (FILE *(*) (const char *, const char *))
            dlsym(RTLD_NEXT, "fopen");
    if (_real_fopen == 0) {
        perror("dlsym(\"fopen\")");
        return (0);
    }
    return _real_fopen(path, mode);
}
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to