fix(Postfix): special bits for maildrop and public directory (#3149)

* fixed special bits for maildrop and public dir After changing the group, special bits are lost, but they should be set for the directories `/var/spool/postfix/{maildrop,public}`, otherwise you see the following error: ``` postfix/postdrop[17400]: warning: mail_queue_enter: create file maildrop/729504.17400: Permission denied ``` * fix: Match octal permissions originally provided Officially Postfix source seems to imply: - `730` for `maildrop/` (_but has mentioned a sticky bit in the past, set-gid bit only for the postdrop binary involved_) - `710` for `public/` Both folders are assigned the same group that `postdrop` belongs to which has the SGID permission for it's executable. SGID special bit on`public/` doesn't seem necessary, but left as-is to match the default from Debian. --------- Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2024-01-19 02:48:50 +00:00 · 2023-03-05 08:57:40 +01:00 · 2023-03-05 08:57:40 +01:00 · 4e9ffbf224
parent 2234a53b60
commit 4e9ffbf224
1 changed files with 4 additions and 0 deletions
--- a/target/scripts/startup/setup.d/mail_state.sh
+++ b/target/scripts/startup/setup.d/mail_state.sh
@ -83,6 +83,10 @@ function _setup_save_states
    chown root:root /var/mail-state/spool-postfix
    # These two require the postdrop(103) group:
    chgrp -R postdrop /var/mail-state/spool-postfix/{maildrop,public}
+    # After changing the group, special bits (set-gid, sticky) may be stripped, restore them:
+    # Ref: https://github.com/docker-mailserver/docker-mailserver/pull/3149#issuecomment-1454981309
+    chmod 1730 /var/mail-state/spool-postfix/maildrop
+    chmod 2710 /var/mail-state/spool-postfix/public
  elif [[ ${ONE_DIR} -eq 1 ]]
  then
    _log 'warn' "'ONE_DIR=1' but no volume was mounted to '${STATEDIR}'"