mirror of
https://github.com/bokysan/docker-postfix.git
synced 2024-09-20 06:46:10 +08:00
Fix #169: Explicitly state different UIDs/GIDs across distros
This is a simple documentation update to notify users that UIDs/GIDs may (and in fact are) different across distros. The documentation now reflects the last known state od UIDs/GIDs. Startup now announces specific UIDs/GIDs used to make sure people are aware of any future changes.
This commit is contained in:
parent
bd8c14c3bf
commit
95119aa607
18
README.md
18
README.md
|
@ -52,6 +52,7 @@ Feel free to pick your favourite distro.
|
||||||
- [Extending the image](#extending-the-image)
|
- [Extending the image](#extending-the-image)
|
||||||
- [Using custom init scripts](#using-custom-init-scripts)
|
- [Using custom init scripts](#using-custom-init-scripts)
|
||||||
- [Security](#security)
|
- [Security](#security)
|
||||||
|
- [UIDs/GIDs numbers](#uidsgids-numbers)
|
||||||
- [Quick how-tos](#quick-how-tos)
|
- [Quick how-tos](#quick-how-tos)
|
||||||
- [Relaying messages through your Gmail account](#relaying-messages-through-your-gmail-account)
|
- [Relaying messages through your Gmail account](#relaying-messages-through-your-gmail-account)
|
||||||
- [Relaying messages through Google Apps account](#relaying-messages-through-google-apps-account)
|
- [Relaying messages through Google Apps account](#relaying-messages-through-google-apps-account)
|
||||||
|
@ -684,7 +685,22 @@ postconf -e "address_verify_negative_cache=yes"
|
||||||
## Security
|
## Security
|
||||||
|
|
||||||
Postfix will run the master proces as `root`, because that's how it's designed. Subprocesses will run under the `postfix`
|
Postfix will run the master proces as `root`, because that's how it's designed. Subprocesses will run under the `postfix`
|
||||||
account which will use `UID:GID` of `100:101`. `opendkim` will run under account `102:103`.
|
and `opendkim` accounts.
|
||||||
|
|
||||||
|
### UIDs/GIDs numbers
|
||||||
|
|
||||||
|
While I cannot guarantee IDs (they are auto-generated by package manages), they tend to be fairly consistent across
|
||||||
|
**specific distribution**. Please be aware of this if you are switching images from Alpine to Debian to Ubuntu or
|
||||||
|
back.
|
||||||
|
|
||||||
|
At the last check, images had the following UIDs/GIDs:
|
||||||
|
|
||||||
|
| Service | Debian (`UID/GID`) | Ubuntu (`UID/GID`) | Alpine (`UID/GID`) |
|
||||||
|
|------------|--------------------|--------------------|--------------------|
|
||||||
|
| `postfix` | `100:102` | `101:102` | `100:101` |
|
||||||
|
| `opendkim` | `101:104` | `102:104` | `102:103` |
|
||||||
|
|
||||||
|
Please check the notification information on startup.
|
||||||
|
|
||||||
## Quick how-tos
|
## Quick how-tos
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
announce_startup() (
|
announce_startup() (
|
||||||
|
local postfix_account opendkim_account
|
||||||
|
|
||||||
DISTRO="unknown"
|
DISTRO="unknown"
|
||||||
[ -f /etc/lsb-release ] && . /etc/lsb-release
|
[ -f /etc/lsb-release ] && . /etc/lsb-release
|
||||||
[ -f /etc/os-release ] && . /etc/os-release
|
[ -f /etc/os-release ] && . /etc/os-release
|
||||||
|
@ -10,6 +12,11 @@ announce_startup() (
|
||||||
DISTRO="${ID}"
|
DISTRO="${ID}"
|
||||||
fi
|
fi
|
||||||
echo -e "${gray}${emphasis}★★★★★ ${reset}${lightblue}POSTFIX STARTING UP${reset} ${gray}(${reset}${emphasis}${DISTRO}${reset}${gray})${emphasis} ★★★★★${reset}"
|
echo -e "${gray}${emphasis}★★★★★ ${reset}${lightblue}POSTFIX STARTING UP${reset} ${gray}(${reset}${emphasis}${DISTRO}${reset}${gray})${emphasis} ★★★★★${reset}"
|
||||||
|
|
||||||
|
postfix_account="$(cat /etc/passwd | grep -E "^postfix" | cut -f3-4 -d:)"
|
||||||
|
opendkim_account="$(cat /etc/passwd | grep -E "^opendkim" | cut -f3-4 -d:)"
|
||||||
|
|
||||||
|
notice "System accounts: ${emphasis}postfix${reset}=${orange_emphasis}${postfix_account}${reset}, ${emphasis}opendkim${reset}=${orange_emphasis}${opendkim_account}${reset}. Careful when switching distros."
|
||||||
)
|
)
|
||||||
|
|
||||||
setup_timezone() {
|
setup_timezone() {
|
||||||
|
|
Loading…
Reference in a new issue