wiki:experiences:igraltist:jail_postfix
=>  Releases

Current version
Git/Snapshot: 1.5.3
Release: 1.5.0

Latest Snapshots
Produced after each commit or rebase to new upstream version

GIT
RSBAC source code, can be unstable sometimes

=>  Events

No events planned

This is an old revision of the document!


--- postfix_org	2008-07-14 04:43:40.000000000 +0200
+++ postfix	2008-07-14 02:05:07.000000000 +0200
@@ -12,7 +12,8 @@
 
 start() {
 	ebegin "Starting postfix"
-	postfix /usr/sbin/postfix start >/dev/null 2>&1
+	run-jail postfix /usr/sbin/postfix start 
+        #>/dev/null 2>&1
 	eend $?
 }
 
@@ -24,6 +25,7 @@
 
 reload() {
 	ebegin "Reloading postfix"
-	postfix /usr/sbin/postfix reload >/dev/null 2>&1
+	run-jail postfix /usr/sbin/postfix reload 
+        #>/dev/null 2>&1
 	eend $?
 }
;
; 20061025 20111301
;
; Installed versions:  2.7.4(19:13:06 13.05.2011)(hardened pam sasl ssl -cdb -doc -dovecot-sasl -examples -ipv6 -ldap -mbox -mysql -nis -postgres -selinux -vda)
;
; Testers:
; Jens Kasten (igraltist)
; Peter Busser (peter)
;
; tested on gentoo(hardened)
;
 
""
""
(allow-dev-read
 allow-dev-write
 allow-netlink
 allow-ipc-syslog
 allow-external-ipc
 allow-inet-raw
 )
(net-bind-service
 setgid
 setuid
 dac-override
 chown
 kill)
()
(rlimit)

Deprecated:

;
; RSBAC JAIL definition for postfix
; 20061025
;
; Testers:
; Jens Kasten (igraltist)
; Peter Busser (peter)
;
 
""
"0.0.0.0"
(allow-external-ipc
 allow-dev-read
 allow-dev-write
 allow-ipc-syslog)
()
()
(rlimit)
This is execute now:
rsbac_jail  -i -d -D -y -M  rlimit /usr/sbin/postfix  start
postfix/postfix-script: starting the Postfix mail system 
//
wiki/experiences/igraltist/jail_postfix.1309409664.txt.gz · Last modified: 2011/06/30 06:54 by 127.0.0.1

wiki/experiences/igraltist/jail_postfix.1309409664.txt.gz · Last modified: 2011/06/30 06:54 by 127.0.0.1
This website is kindly hosted by m-privacy