2

I am trying to get postfix (installed from blastwave) working on a Solaris 10 server, but only root is allowed to send mail. The problem appears to be permission related with postdrop. 

postdrop: warning: mail_queue_enter: create file maildrop/905318.27416: Permission denied

I've checked that /var/opt/csw/spool/postfix/maildrop and /var/opt/csw/spool/postfix/public are both in the 'postdrop' group. main.cf contains setgid_group = postdrop.

ppriv on postdrop as non-root user reports:

postdrop[27336]: missing privilege "file_dac_write" (euid = 103, syscall = 5) needed at ufs_iaccess+0x110

I'm at a loss as to what to do next. I'm don't have much experience with Solaris; I use Linux daily. Any suggestions?

Zayne
  • 23
  • 2
  • Solaris uses [RBAC](http://www.c0t0d0s0.org/archives/4077-Less-known-Solaris-features-RBAC-and-Privileges.html) (Role Based Access Control) which is similar to SELinux and AppArmor on Linux. Although you have already solved this problem, [knowing this](http://blogs.oracle.com/jayd/entry/solaris_tip_of_the_week7) may help you in the future if you choose to stick with Solaris. – Ladadadada Nov 16 '11 at 15:07
  • Thanks, @Ladadadada. The links you provided were quite enlightening. – Zayne Nov 16 '11 at 20:53

2 Answers2

1

The user with the id 103 (see your /etc/passwd for correspondig user) has not the right to write to the Postfix queue directory. You get the queue directory path with the command postconf queue_directory.

mailq
  • 16,882
  • 2
  • 36
  • 66
  • I understand that, but it isn't obvious as to why. In this case, the queue_directory is /var/opt/csw/spool/postfix, which is owned by root but is in the group postdrop. Standard configuration according to all the postfix documentation I've seen. – Zayne Nov 10 '11 at 13:35
0

Have you tried postfix from OpenCSW? There's a newer version available (2.8.6 instead of 2.7.1), and this issue might have been addressed there.

automaciej
  • 426
  • 1
  • 6
  • 11