Re: [Devil-Linux-discuss] Problems running Postfix in memory.

[Bruce S. <bw...@ar...>]

> > It appears that postfix modifies /etc/syslog-ng/syslog-ng.conf and adds:
> > 'unix-stream("/var/spool/postfix/dev/log");"' in the source.
> >
> > Then I save the new syslog-ng.conf with save-config and reboot.  Since
> > syslog-ng starts before postfix, that socket doesn't exist at that time,
> > and syslog-ng won't start.
> >
> > Opinions on the best way to "fix" this?
> 
> I was thinking about this issue to and the most elegant solution would be
> something like this:
> We have Syslog-NG running and only listening on /dev/log .
> Each chroot jail gets its own syslog daemon, which does nothing else then
> forwarding the chroot/dev/log to /dev/log.
> I don't know if there's a forwarding syslog daemon existing, of if there's
> one even suitable for this idea.
> 
> Unfortunately I didn't have any time in researching this a little, maybe
> you can see if you find a suitable syslog daemon.

I "fixed" it for my situation by not running postfix (or xntpd) in a
JAIL.  Not a big security concern for me since I'm only sending and not
receiving any mail, I'm not even listening on port 25.  That's why I
fixed the postfix init.d script to check for $JAIL_ENABLE.

I would even go as far to say that anyone running postfix to receive
mail is required to use a hard drive.  Otherwise it'd be too easy for
anyone to DoS the box by sending it enough mail to fill memory.

 - BS