PostfixAdmin和MySQL后端表查找/权限被拒绝的Postfix错误_Mysql_Email_Postfix Mta

PostfixAdmin和MySQL后端表查找/权限被拒绝的Postfix错误

mysql email

PostfixAdmin和MySQL后端表查找/权限被拒绝的Postfix错误,mysql,email,postfix-mta,Mysql,Email,Postfix Mta,我已将MySQL、Postfix和PostfixAdmin设置为单独的虚拟机： sql.example.net - 192.168.99.10 smtp.example.net - 192.168.99.15 admin.example.net - 192.168.99.2 我按照PostfixAdmin的安装说明，创建了数据库和用户，运行了PA安装程序，它正确地配置了数据库。我可以在中查看表并添加域和邮箱。但是，当我尝试向smtp.example.net发送电子邮件时，postfix无法发

我已将MySQL、Postfix和PostfixAdmin设置为单独的虚拟机：

sql.example.net - 192.168.99.10
smtp.example.net - 192.168.99.15
admin.example.net - 192.168.99.2

我按照PostfixAdmin的安装说明，创建了数据库和用户，运行了PA安装程序，它正确地配置了数据库。我可以在中查看表并添加域和邮箱。但是，当我尝试向smtp.example.net发送电子邮件时，postfix无法发送电子邮件，并引发查找错误，原因如下：

Nov 15 00:23:03 smtp postfix/virtual[1522]: error: open /etc/postfix/sql/mysql_virtual_mailbox_maps.cf: Permission denied
Nov 15 00:23:03 smtp postfix/virtual[1522]: error: open /etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf: Permission denied
Nov 15 00:23:03 smtp postfix/virtual[1522]: warning: mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf is unavailable. open /etc/postfix/sql/mysql_virtual_mailbox_maps.cf: Permission denied

文件/etc/postfix/sql/mysql\u virtual\u mailbox\u maps.cf如下：

user = postfix
password = SMTP_POSTFIX_PASS
hosts = sql.example.net
dbname = postfix
query           = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'
#expansion_limit = 100

我可以使用smtp.example.net中的mysql命令行客户端连接到sql.example.net，用户名：postfix，密码：smtp\u postfix\u PASS 并在表上运行select命令

mysql -upostfix -p -h sql.example.net postfix
MariaDB [postfix]> SELECT maildir FROM mailbox WHERE username='test1@example.net' AND active = '1';
+-------------------+
| maildir           |
+-------------------+
| example.net/test1/ |
+-------------------+
1 row in set (0.000 sec)

/etc/postfix/main.cf：

smtpd_banner = ESMTP
relayhost = 
inet_interfaces = all
mynetworks_style = host
inet_protocols = ipv4
local_recipient_maps = 
mydestination = 
delay_warning_time = 4h
unknown_local_recipient_reject_code = 450
maximal_queue_lifetime = 7d
minimal_backoff_time = 1000s
maximal_backoff_time = 8000s
smtp_helo_timeout = 60s
smtpd_recipient_limit = 16
smtpd_soft_error_limit = 3
smtpd_hard_error_limit = 12
smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit
smtpd_sender_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl
smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_delay_reject = yes
disable_vrfy_command = yes
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases
virtual_mailbox_base = /vmail
virtual_mailbox_maps = mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_alias_maps = mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_uid_maps = static:150
virtual_gid_maps = static:8
compatibility_level = 2

如果我对sql文件夹或其中的.cf文件授予较少限制的权限，我就看不到文件权限有任何问题，postfix会在启动时对此进行投诉我已经确认我可以从运行postfix的机器上访问数据库和表，并在google上搜索了数小时：

有人能告诉我我做错了什么吗？

多亏了IRC postfix上的一些人，我发现了这个问题，所以对于未来的我和任何遇到这个问题的人：

不起作用

# namei /etc/postfix/sql/mysql_virtual_domains_maps.cf  -lv
f: /etc/postfix/sql/mysql_virtual_domains_maps.cf
drwxr-xr-x root root /
drwxr-xr-x root root etc
drwxr-x--- root root postfix
drwxr-xr-x root root sql
-rw-r--r-- root root mysql_virtual_domains_maps.cf

命令namei只列出了指向最终文件的所有文件夹，-lv显示权限

我的问题是postfix文件夹具有权限drwxr-x-，因此所有者和组可以访问该文件夹，但所有其他人都没有访问权限，没有阻止postfix读取自己的配置文件，而是阻止它读取其他配置文件

工作权限

# namei /etc/postfix/sql/mysql_virtual_domains_maps.cf  -lv
f: /etc/postfix/sql/mysql_virtual_domains_maps.cf
drwxr-xr-x root root /
drwxr-xr-x root root etc
drwxr-xr-x root root postfix
drwxr-xr-x root root sql
-rw-r--r-- root root mysql_virtual_domains_maps.cf

请注意，postfix文件夹现在对所有用户都具有读取/执行权限，而不仅仅是所有者和组。更新后，postfix立即开始读取.cf文件，效果非常好

# namei /etc/postfix/sql/mysql_virtual_domains_maps.cf  -lv
f: /etc/postfix/sql/mysql_virtual_domains_maps.cf
drwxr-xr-x root root /
drwxr-xr-x root root etc
drwxr-x--- root root postfix
drwxr-xr-x root root sql
-rw-r--r-- root root mysql_virtual_domains_maps.cf

# namei /etc/postfix/sql/mysql_virtual_domains_maps.cf  -lv
f: /etc/postfix/sql/mysql_virtual_domains_maps.cf
drwxr-xr-x root root /
drwxr-xr-x root root etc
drwxr-xr-x root root postfix
drwxr-xr-x root root sql
-rw-r--r-- root root mysql_virtual_domains_maps.cf