From 95119aa607c5eb2901c49e4c25fa085fd3af568d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bojan=20=C4=8Cekrli=C4=87?= Date: Tue, 23 Apr 2024 07:03:03 +0100 Subject: [PATCH] Fix #169: Explicitly state different UIDs/GIDs across distros This is a simple documentation update to notify users that UIDs/GIDs may (and in fact are) different across distros. The documentation now reflects the last known state od UIDs/GIDs. Startup now announces specific UIDs/GIDs used to make sure people are aware of any future changes. --- README.md | 18 +++++++++++++++++- scripts/common-run.sh | 7 +++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 95a99dc..47b7615 100644 --- a/README.md +++ b/README.md @@ -52,6 +52,7 @@ Feel free to pick your favourite distro. - [Extending the image](#extending-the-image) - [Using custom init scripts](#using-custom-init-scripts) - [Security](#security) + - [UIDs/GIDs numbers](#uidsgids-numbers) - [Quick how-tos](#quick-how-tos) - [Relaying messages through your Gmail account](#relaying-messages-through-your-gmail-account) - [Relaying messages through Google Apps account](#relaying-messages-through-google-apps-account) @@ -684,7 +685,22 @@ postconf -e "address_verify_negative_cache=yes" ## Security Postfix will run the master proces as `root`, because that's how it's designed. Subprocesses will run under the `postfix` -account which will use `UID:GID` of `100:101`. `opendkim` will run under account `102:103`. +and `opendkim` accounts. + +### UIDs/GIDs numbers + +While I cannot guarantee IDs (they are auto-generated by package manages), they tend to be fairly consistent across +**specific distribution**. Please be aware of this if you are switching images from Alpine to Debian to Ubuntu or +back. + +At the last check, images had the following UIDs/GIDs: + +| Service | Debian (`UID/GID`) | Ubuntu (`UID/GID`) | Alpine (`UID/GID`) | +|------------|--------------------|--------------------|--------------------| +| `postfix` | `100:102` | `101:102` | `100:101` | +| `opendkim` | `101:104` | `102:104` | `102:103` | + +Please check the notification information on startup. ## Quick how-tos diff --git a/scripts/common-run.sh b/scripts/common-run.sh index fdf843c..120ad98 100755 --- a/scripts/common-run.sh +++ b/scripts/common-run.sh @@ -1,6 +1,8 @@ #!/usr/bin/env bash announce_startup() ( + local postfix_account opendkim_account + DISTRO="unknown" [ -f /etc/lsb-release ] && . /etc/lsb-release [ -f /etc/os-release ] && . /etc/os-release @@ -10,6 +12,11 @@ announce_startup() ( DISTRO="${ID}" fi echo -e "${gray}${emphasis}★★★★★ ${reset}${lightblue}POSTFIX STARTING UP${reset} ${gray}(${reset}${emphasis}${DISTRO}${reset}${gray})${emphasis} ★★★★★${reset}" + + postfix_account="$(cat /etc/passwd | grep -E "^postfix" | cut -f3-4 -d:)" + opendkim_account="$(cat /etc/passwd | grep -E "^opendkim" | cut -f3-4 -d:)" + + notice "System accounts: ${emphasis}postfix${reset}=${orange_emphasis}${postfix_account}${reset}, ${emphasis}opendkim${reset}=${orange_emphasis}${opendkim_account}${reset}. Careful when switching distros." ) setup_timezone() {