Bug 62783

Summary: postfix should be member of group mail
Product: [Retired] Red Hat Public Beta Reporter: Simon Matter <simon.matter>
Component: postfixAssignee: wdovlrrw <brosenkr>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: skipjack-beta1CC: canfield
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-04-10 12:04:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 61901    

Description Simon Matter 2002-04-05 16:23:19 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [de] (X11; U; Linux 2.2.19-6.2.16 i686)

Description of problem:
Postfix should be member of the group mail. The problem is that delivery via
lmtp to for example cyrus imapd does not work. Most mail related packages are at
least members of group mail and have appropriately secured sockets.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Install postfix
2. use alternatives to activate postfix
3. change lmtp to nonroot in master.cf
	

Actual Results:  postfix can not deliver mail via lmtp because the socket is in
a directory with user cyrus, group mail and perm 0750.

Expected Results:  postfix should be able to deliver via lmtp.

Additional info:

In my own RPMs I have this in %pre:

/usr/sbin/useradd -c "Postfix MTA" -d %{queue_directory} -G mail \
  -M -s /bin/true -u %{postfix_uid} -r %{_postuser} 2> /dev/null || :
/usr/sbin/groupadd -g %{postdrop_gid} -r %{_postdrop} 2> /dev/null || :
Comment 1 Bill Nottingham 2002-04-09 20:16:23 UTC 
Hm, this could similarly solve some of the mailman issues... is it possible to
for postfix to use the already existing mail user ids (mailnull, mail, etc.?)
Comment 2 Simon Matter 2002-04-10 12:04:42 UTC 
I don't know mailman but I think many mail components and subsystems depend on
having a common group in their security scheme.

Concerning postfix I think it's good to not change the users/groups to which the
package belongs as a default. It may break some of the security features, that's
why I just add postfix as an additional member of the mail group.
Comment 3 Bernhard Rosenkraenzer 2002-04-15 11:14:50 UTC 
Done in 1.1.7-2