/usr/sbin/postfix-nochroot is in selinux-basics 0.5.0.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 | #!/usr/bin/perl
# this script configures Postfix to not use chroot, restarts Postfix to apply
# the change, and removes the chroot files. See the man page or the
# following blog post for more details:
# http://etbe.coker.com.au/2008/08/02/postfix-and-chroot/
use strict;
my $file = "/etc/postfix/master.cf";
if(-e "$file.bak")
{
print "\"$file.bak\" already exists, aborting\n";
exit(1);
}
open(MAIN, "<$file") or die "Can't open \"$file\"";
open(NEW, ">$file.new") or die "Can't open \"$file.new\"";
while(<MAIN>)
{
if($_ =~ /^#/)
{
print NEW $_;
next;
}
chomp;
if($_ =~ /(^([^\s]+\s+){4})-(.*)$/)
{
print NEW "# modified to disable chroot\n";
print NEW "$1n$3\n";
}
else
{
print NEW "$_\n";
}
}
close(NEW);
close(MAIN);
rename("$file","$file.bak") or die "Can't rename \"$file\" to \"$file.bak\", aborting\n";
rename("$file.new", "$file") or die "Can't rename \"$file.new\" to \"$file\", inconsistent state\n";
my $script = "/etc/init.d/postfix";
open(STATUS,"$script status|") or die "Can't check postfix status\n";
my $status = <STATUS>;
if($status =~ /postfix is running/)
{
system("$script stop");
}
system("rm -rf /var/spool/postfix/etc /var/spool/postfix/lib /var/spool/postfix/usr");
if($status =~ /postfix is running/)
{
system("$script start");
}
|