summaryrefslogtreecommitdiffstats
path: root/examples/chroot-setup
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--examples/chroot-setup/AIX4212
-rw-r--r--examples/chroot-setup/BSDI24
-rw-r--r--examples/chroot-setup/BSDI34
-rw-r--r--examples/chroot-setup/FREEBSD34
-rw-r--r--examples/chroot-setup/FreeBSD24
-rw-r--r--examples/chroot-setup/HPUX1023
-rw-r--r--examples/chroot-setup/HPUX921
-rw-r--r--examples/chroot-setup/IRIX539
-rw-r--r--examples/chroot-setup/IRIX639
-rw-r--r--examples/chroot-setup/LINUX291
-rw-r--r--examples/chroot-setup/NETBSD14
-rw-r--r--examples/chroot-setup/NEXTSTEP331
-rw-r--r--examples/chroot-setup/OPENSTEP431
-rw-r--r--examples/chroot-setup/OSF121
-rw-r--r--examples/chroot-setup/Solaris10112
-rw-r--r--examples/chroot-setup/Solaris275
-rw-r--r--examples/chroot-setup/Solaris8106
17 files changed, 621 insertions, 0 deletions
diff --git a/examples/chroot-setup/AIX42 b/examples/chroot-setup/AIX42
new file mode 100644
index 0000000..41f15b5
--- /dev/null
+++ b/examples/chroot-setup/AIX42
@@ -0,0 +1,12 @@
+umask 022
+mkdir /var/spool/postfix/etc
+chmod 755 /var/spool/postfix/etc
+for i in /etc/environment /etc/netsvc.conf /etc/localtime
+do
+ test -e $i && cp $i /var/spool/postfix/etc
+done
+cp /etc/services /etc/resolv.conf /var/spool/postfix/etc
+mkdir /var/spool/postfix/dev
+chmod 755 /var/spool/postfix/dev
+mknod /var/spool/postfix/dev/null c 2 2
+chmod 666 /var/spool/postfix/dev/null
diff --git a/examples/chroot-setup/BSDI2 b/examples/chroot-setup/BSDI2
new file mode 100644
index 0000000..9d7f020
--- /dev/null
+++ b/examples/chroot-setup/BSDI2
@@ -0,0 +1,4 @@
+umask 022
+mkdir /var/spool/postfix/etc
+chmod 755 /var/spool/postfix/etc
+cp /etc/localtime /etc/services /etc/resolv.conf /var/spool/postfix/etc
diff --git a/examples/chroot-setup/BSDI3 b/examples/chroot-setup/BSDI3
new file mode 100644
index 0000000..9d7f020
--- /dev/null
+++ b/examples/chroot-setup/BSDI3
@@ -0,0 +1,4 @@
+umask 022
+mkdir /var/spool/postfix/etc
+chmod 755 /var/spool/postfix/etc
+cp /etc/localtime /etc/services /etc/resolv.conf /var/spool/postfix/etc
diff --git a/examples/chroot-setup/FREEBSD3 b/examples/chroot-setup/FREEBSD3
new file mode 100644
index 0000000..4afb0eb
--- /dev/null
+++ b/examples/chroot-setup/FREEBSD3
@@ -0,0 +1,4 @@
+umask 022
+mkdir /var/spool/postfix/etc
+chmod 755 /var/spool/postfix/etc
+cd /etc ; cp host.conf localtime services resolv.conf /var/spool/postfix/etc
diff --git a/examples/chroot-setup/FreeBSD2 b/examples/chroot-setup/FreeBSD2
new file mode 100644
index 0000000..4afb0eb
--- /dev/null
+++ b/examples/chroot-setup/FreeBSD2
@@ -0,0 +1,4 @@
+umask 022
+mkdir /var/spool/postfix/etc
+chmod 755 /var/spool/postfix/etc
+cd /etc ; cp host.conf localtime services resolv.conf /var/spool/postfix/etc
diff --git a/examples/chroot-setup/HPUX10 b/examples/chroot-setup/HPUX10
new file mode 100644
index 0000000..c886944
--- /dev/null
+++ b/examples/chroot-setup/HPUX10
@@ -0,0 +1,23 @@
+# Setup chroot jail for HP-UX (9 or 10). -- tiggr (Pieter Schoenmakers)
+
+if test -z "${POSTFIX_DIR}"; then
+ if test -d /usr/spool/postfix; then
+ POSTFIX_DIR=/usr/spool/postfix
+ elif test -d /var/spool/postfix; then
+ POSTFIX_DIR=/var/spool/postfix
+ else
+ echo Please indicate POSTFIX_DIR in the environment >&2
+ exit 2;
+ fi
+fi
+
+set -e
+
+umask 022
+
+cd ${POSTFIX_DIR}
+
+mkdir etc
+cp /etc/services etc
+mkdir -p usr/lib
+cp /usr/lib/tztab usr/lib
diff --git a/examples/chroot-setup/HPUX9 b/examples/chroot-setup/HPUX9
new file mode 100644
index 0000000..ca54c65
--- /dev/null
+++ b/examples/chroot-setup/HPUX9
@@ -0,0 +1,21 @@
+# Setup chroot jail for HP-UX (9 or 10). -- tiggr (Pieter Schoenmakers)
+
+if test -z "${POSTFIX_DIR}"; then
+ if test -d /usr/spool/postfix; then
+ POSTFIX_DIR=/usr/spool/postfix
+ elif test -d /var/spool/postfix; then
+ POSTFIX_DIR=/var/spool/postfix
+ else
+ echo Please indicate POSTFIX_DIR in the environment >&2
+ exit 2;
+ fi
+fi
+
+set -e
+
+umask 022
+
+cd ${POSTFIX_DIR}
+
+mkdir etc
+cp /etc/services etc
diff --git a/examples/chroot-setup/IRIX5 b/examples/chroot-setup/IRIX5
new file mode 100644
index 0000000..a8e3a40
--- /dev/null
+++ b/examples/chroot-setup/IRIX5
@@ -0,0 +1,39 @@
+From owner-postfix-testers@porcupine.org Wed Oct 7 17:19:31 1998
+Delivered-To: wietse@porcupine.org
+Delivered-To: postfix-testers@porcupine.org
+Received: from star.win.or.jp (star.win.or.jp [202.26.20.3])
+ by spike.porcupine.org (Postfix) with ESMTP
+ id 3123445D04; Wed, 7 Oct 1998 17:19:24 -0400 (EDT)
+Received: (from ayamura@localhost)
+ by star.win.or.jp (8.9.1+CL.3.10/8.9.1) id GAA26589;
+ Thu, 8 Oct 1998 06:19:23 +0900 (JST)
+ (envelope-from ayamura)
+From: Ayamura Kikuchi <ayamura@ayamura.org>
+To: postfix-testers@porcupine.org
+Subject: chroot-setup on IRIX
+X-PGP-Fingerprint: 9F 4F FD B6 47 0D 87 65 7B 67 7C A9 70 F3 8C 52
+MIME-Version: 1.0 (generated by SEMI 1.9.0 - "Isurugi")
+Content-Type: text/plain; charset=US-ASCII
+Date: 08 Oct 1998 06:19:22 +0900
+Message-ID: <86u31g3w9x.fsf@star.ayamura.org>
+Lines: 14
+User-Agent: Semi-gnus/6.8.19 SEMI/1.9.0 (Isurugi) FLIM/1.10.1 (Miyamaki) Emacs/20.3.90 (mips-sgi-irix6.2) MULE/4.0 (HANANOEN)
+Sender: owner-postfix-testers@porcupine.org
+Status: RO
+
+# Setup chroot jail for IRIX-5.x or 6.x -- Ayamura Kikuchi <ayamura@ayamura.org>
+
+set -e
+umask 022
+
+#Default POSTFIX_DIR = /var/postfix
+#Else set POSTFIX_DIR in environment
+POSTFIX_DIR=${POSTFIX_DIR-/var/postfix}
+
+/bin/mkdir -p ${POSTFIX_DIR}/etc
+/bin/chmod 755 ${POSTFIX_DIR}
+/bin/cp /etc/services /etc/resolv.conf ${POSTFIX_DIR}/etc
+
+-- Ayamura Kikuchi
+
+
diff --git a/examples/chroot-setup/IRIX6 b/examples/chroot-setup/IRIX6
new file mode 100644
index 0000000..a8e3a40
--- /dev/null
+++ b/examples/chroot-setup/IRIX6
@@ -0,0 +1,39 @@
+From owner-postfix-testers@porcupine.org Wed Oct 7 17:19:31 1998
+Delivered-To: wietse@porcupine.org
+Delivered-To: postfix-testers@porcupine.org
+Received: from star.win.or.jp (star.win.or.jp [202.26.20.3])
+ by spike.porcupine.org (Postfix) with ESMTP
+ id 3123445D04; Wed, 7 Oct 1998 17:19:24 -0400 (EDT)
+Received: (from ayamura@localhost)
+ by star.win.or.jp (8.9.1+CL.3.10/8.9.1) id GAA26589;
+ Thu, 8 Oct 1998 06:19:23 +0900 (JST)
+ (envelope-from ayamura)
+From: Ayamura Kikuchi <ayamura@ayamura.org>
+To: postfix-testers@porcupine.org
+Subject: chroot-setup on IRIX
+X-PGP-Fingerprint: 9F 4F FD B6 47 0D 87 65 7B 67 7C A9 70 F3 8C 52
+MIME-Version: 1.0 (generated by SEMI 1.9.0 - "Isurugi")
+Content-Type: text/plain; charset=US-ASCII
+Date: 08 Oct 1998 06:19:22 +0900
+Message-ID: <86u31g3w9x.fsf@star.ayamura.org>
+Lines: 14
+User-Agent: Semi-gnus/6.8.19 SEMI/1.9.0 (Isurugi) FLIM/1.10.1 (Miyamaki) Emacs/20.3.90 (mips-sgi-irix6.2) MULE/4.0 (HANANOEN)
+Sender: owner-postfix-testers@porcupine.org
+Status: RO
+
+# Setup chroot jail for IRIX-5.x or 6.x -- Ayamura Kikuchi <ayamura@ayamura.org>
+
+set -e
+umask 022
+
+#Default POSTFIX_DIR = /var/postfix
+#Else set POSTFIX_DIR in environment
+POSTFIX_DIR=${POSTFIX_DIR-/var/postfix}
+
+/bin/mkdir -p ${POSTFIX_DIR}/etc
+/bin/chmod 755 ${POSTFIX_DIR}
+/bin/cp /etc/services /etc/resolv.conf ${POSTFIX_DIR}/etc
+
+-- Ayamura Kikuchi
+
+
diff --git a/examples/chroot-setup/LINUX2 b/examples/chroot-setup/LINUX2
new file mode 100644
index 0000000..f9c6184
--- /dev/null
+++ b/examples/chroot-setup/LINUX2
@@ -0,0 +1,91 @@
+#! /bin/sh
+
+# LINUX2 - shell script to set up a Postfix chroot jail for Linux
+# Tested on SuSE Linux 5.3 (libc5) and 7.0 (glibc2.1)
+
+# Other testers reported as working:
+#
+# 2001-01-15 Debian sid (unstable)
+# Christian Kurz <shorty@getuid.de>
+
+# Copyright (c) 2000 - 2001 by Matthias Andree
+# Redistributable unter the MIT-style license that follows:
+# Abstract: "do whatever you want except hold somebody liable or change
+# the copyright information".
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
+# 2000-09-29
+# v0.1: initial release
+
+# 2000-12-05
+# v0.2: copy libdb.* for libnss_db.so
+# remove /etc/localtime in case it's a broken symlink
+# restrict find to maxdepth 1 (faster)
+
+# Revision 1.4 2001/01/15 09:36:35 emma
+# add note it was successfully tested on Debian sid
+#
+# 20060101 /lib64 support by Keith Owens.
+#
+
+CP="cp -p"
+
+cond_copy() {
+ # find files as per pattern in $1
+ # if any, copy to directory $2
+ dir=`dirname "$1"`
+ pat=`basename "$1"`
+ lr=`find "$dir" -maxdepth 1 -name "$pat"`
+ if test ! -d "$2" ; then exit 1 ; fi
+ if test "x$lr" != "x" ; then $CP $1 "$2" ; fi
+}
+
+set -e
+umask 022
+
+POSTFIX_DIR=${POSTFIX_DIR-/var/spool/postfix}
+cd ${POSTFIX_DIR}
+
+mkdir -p etc lib usr/lib/zoneinfo
+test -d /lib64 && mkdir -p lib64
+
+# find localtime (SuSE 5.3 does not have /etc/localtime)
+lt=/etc/localtime
+if test ! -f $lt ; then lt=/usr/lib/zoneinfo/localtime ; fi
+if test ! -f $lt ; then lt=/usr/share/zoneinfo/localtime ; fi
+if test ! -f $lt ; then echo "cannot find localtime" ; exit 1 ; fi
+rm -f etc/localtime
+
+# copy localtime and some other system files into the chroot's etc
+$CP -f $lt /etc/services /etc/resolv.conf /etc/nsswitch.conf etc
+$CP -f /etc/host.conf /etc/hosts /etc/passwd etc
+ln -s -f /etc/localtime usr/lib/zoneinfo
+
+# copy required libraries into the chroot
+cond_copy '/lib/libnss_*.so*' lib
+cond_copy '/lib/libresolv.so*' lib
+cond_copy '/lib/libdb.so*' lib
+if test -d /lib64; then
+ cond_copy '/lib64/libnss_*.so*' lib64
+ cond_copy '/lib64/libresolv.so*' lib64
+ cond_copy '/lib64/libdb.so*' lib64
+fi
+
+postfix reload
diff --git a/examples/chroot-setup/NETBSD1 b/examples/chroot-setup/NETBSD1
new file mode 100644
index 0000000..53a2361
--- /dev/null
+++ b/examples/chroot-setup/NETBSD1
@@ -0,0 +1,4 @@
+umask 022
+mkdir /var/spool/postfix/etc
+chmod 755 /var/spool/postfix/etc
+cd /etc ; cp localtime services resolv.conf /var/spool/postfix/etc
diff --git a/examples/chroot-setup/NEXTSTEP3 b/examples/chroot-setup/NEXTSTEP3
new file mode 100644
index 0000000..a2f163e
--- /dev/null
+++ b/examples/chroot-setup/NEXTSTEP3
@@ -0,0 +1,31 @@
+# Setup chroot jail for NeXT, NEXTSTEP3.
+# Some remarks to the NEXTSTEP3 jail apply:
+# syslog:
+# Logging with syslog(3) uses a sendto ("/dev/log"). For this to work in
+# the jail, ${POSTFIX_DIR}/dev/log must be a hard link to /dev/log. This
+# fails if /usr/spool/postfix is on another filesystem, and consequently,
+# running chrooted will not be possible, unless you like to run your mail
+# system without logging (not).
+#
+# For this trick to work, the following should be run at every reboot,
+# preferably from /etc/rc, after syslog has been started (and given time
+# to create /dev/log):
+# POSTFIX_DIR=/usr/spool/postfix
+# rm ${POSTFIX_DIR}/dev/log
+# ln /dev/log ${POSTFIX_DIR}/dev/log
+
+set -e
+
+umask 022
+
+POSTFIX_DIR=${POSTFIX_DIR-/usr/spool/postfix}
+
+cd ${POSTFIX_DIR}
+
+# If this fails, running chrooted will be useless.
+mkdir dev
+ln /dev/log dev
+
+mkdir etc etc/zoneinfo
+cp /etc/zoneinfo/localtime etc/zoneinfo
+cp /etc/resolv.conf etc
diff --git a/examples/chroot-setup/OPENSTEP4 b/examples/chroot-setup/OPENSTEP4
new file mode 100644
index 0000000..a2f163e
--- /dev/null
+++ b/examples/chroot-setup/OPENSTEP4
@@ -0,0 +1,31 @@
+# Setup chroot jail for NeXT, NEXTSTEP3.
+# Some remarks to the NEXTSTEP3 jail apply:
+# syslog:
+# Logging with syslog(3) uses a sendto ("/dev/log"). For this to work in
+# the jail, ${POSTFIX_DIR}/dev/log must be a hard link to /dev/log. This
+# fails if /usr/spool/postfix is on another filesystem, and consequently,
+# running chrooted will not be possible, unless you like to run your mail
+# system without logging (not).
+#
+# For this trick to work, the following should be run at every reboot,
+# preferably from /etc/rc, after syslog has been started (and given time
+# to create /dev/log):
+# POSTFIX_DIR=/usr/spool/postfix
+# rm ${POSTFIX_DIR}/dev/log
+# ln /dev/log ${POSTFIX_DIR}/dev/log
+
+set -e
+
+umask 022
+
+POSTFIX_DIR=${POSTFIX_DIR-/usr/spool/postfix}
+
+cd ${POSTFIX_DIR}
+
+# If this fails, running chrooted will be useless.
+mkdir dev
+ln /dev/log dev
+
+mkdir etc etc/zoneinfo
+cp /etc/zoneinfo/localtime etc/zoneinfo
+cp /etc/resolv.conf etc
diff --git a/examples/chroot-setup/OSF1 b/examples/chroot-setup/OSF1
new file mode 100644
index 0000000..dd6ae64
--- /dev/null
+++ b/examples/chroot-setup/OSF1
@@ -0,0 +1,21 @@
+*******************************************************************
+# setup chroot jail for OSF1
+# prabhat@wonder
+set -e
+umask 022
+
+#Default POSTFIX_DIR = /var/spool/postfix
+#Else set POSTFIX_DIR in environment
+
+POSTFIX_DIR=${POSTFIX_DIR-/var/spool/postfix}
+
+cd ${POSTFIX_DIR}
+mkdir etc
+cp /etc/svc.conf /etc/services /etc/resolv.conf etc
+#
+# The following line added to make the timestamps in syslog to be correct.
+# /PetBi@UNIT.LiU.SE
+#
+cp -r /etc/zoneinfo etc
+
+#*******************************************************************
diff --git a/examples/chroot-setup/Solaris10 b/examples/chroot-setup/Solaris10
new file mode 100644
index 0000000..8647d9a
--- /dev/null
+++ b/examples/chroot-setup/Solaris10
@@ -0,0 +1,112 @@
+#!/bin/sh
+# From original Solaris 8 version by Matthew X. Economou
+# Solaris 10 version updated by JD Bronson. Caution: this copies
+# too many files. There is no need to copy libc.so and other files
+# that are already linked in before a Postfix daemon chroots itself.
+
+COMMAND_DIRECTORY="/usr/sbin"
+DAEMON_DIRECTORY="/usr/libexec/postfix"
+QUEUE_DIRECTORY="/var/spool/postfix"
+
+## Copy any shared libraries, device entries, or configuration files
+## needed by Postfix into the jail.
+binlist="
+$DAEMON_DIRECTORY/virtual
+$DAEMON_DIRECTORY/trivial-rewrite
+$DAEMON_DIRECTORY/spawn
+$DAEMON_DIRECTORY/smtpd
+$DAEMON_DIRECTORY/smtp
+$DAEMON_DIRECTORY/showq
+$DAEMON_DIRECTORY/qmqpd
+$DAEMON_DIRECTORY/qmgr
+$DAEMON_DIRECTORY/proxymap
+$DAEMON_DIRECTORY/pipe
+$DAEMON_DIRECTORY/pickup
+$DAEMON_DIRECTORY/nqmgr
+$DAEMON_DIRECTORY/master
+$DAEMON_DIRECTORY/local
+$DAEMON_DIRECTORY/lmtp
+$DAEMON_DIRECTORY/flush
+$DAEMON_DIRECTORY/error
+$DAEMON_DIRECTORY/cleanup
+$DAEMON_DIRECTORY/bounce
+/usr/lib/sendmail
+$COMMAND_DIRECTORY/postsuper
+$COMMAND_DIRECTORY/postqueue
+$COMMAND_DIRECTORY/postmap
+$COMMAND_DIRECTORY/postlog
+$COMMAND_DIRECTORY/postlock
+$COMMAND_DIRECTORY/postkick
+$COMMAND_DIRECTORY/postfix
+$COMMAND_DIRECTORY/postdrop
+$COMMAND_DIRECTORY/postconf
+$COMMAND_DIRECTORY/postcat
+$COMMAND_DIRECTORY/postalias
+"
+ldd $binlist | awk '/[=]>/ { print $3 }' | sort -u | while read i
+do
+ mkdir -p $QUEUE_DIRECTORY`dirname $i`
+ ## Sun's version of tar sucks. We'll have to remove the leading
+ ## slashes from file names ourself, otherwise the copy doesn't
+ ## work.
+ (cd / && tar cphf - `echo $i | sed -e 's/^\///'`) | (cd $QUEUE_DIRECTORY && tar xpf -)
+done
+
+## More stuff for the jail, mostly discovered by inspection
+## (e.g. strings, lsof).
+more="
+/dev/zero
+/dev/null
+/dev/udp6
+/dev/tcp6
+/dev/udp
+/dev/tcp
+/dev/poll
+/dev/rawip
+/dev/ticlts
+/dev/ticotsord
+/dev/ticots
+/devices/pseudo/mm@0:zero
+/devices/pseudo/mm@0:null
+/devices/pseudo/udp6@0:udp6
+/devices/pseudo/tcp6@0:tcp6
+/devices/pseudo/udp@0:udp
+/devices/pseudo/tcp@0:tcp
+/devices/pseudo/poll@0:poll
+/devices/pseudo/icmp@0:icmp
+/devices/pseudo/tl@0:ticlts
+/devices/pseudo/tl@0:ticotsord
+/devices/pseudo/tl@0:ticots
+/etc/hosts
+/etc/nsswitch.conf
+/etc/netconfig
+/etc/passwd
+/etc/resolv.conf
+/etc/default/init
+/etc/default/nss
+/etc/inet/services
+/etc/inet/hosts
+/etc/services
+/lib/ld.so
+/lib/ld.so.1
+/usr/lib/nss_dns.so.1
+/usr/lib/sparcv9/straddr.so
+/usr/lib/straddr.so
+/usr/lib/straddr.so.2
+/lib/libintl.so
+/lib/libintl.so.1
+/lib/libw.so
+/lib/libw.so.1
+/lib/nss_nis.so.1
+/lib/nss_nisplus.so.1
+/lib/nss_dns.so.1
+/lib/nss_files.so.1
+/usr/share/lib/zoneinfo
+/var/ld/ld.config
+"
+for i in $more; do
+ mkdir -p $QUEUE_DIRECTORY`dirname $i`
+ (cd / && tar cpf - `echo $i | sed -e 's/^\///'`) | (cd $QUEUE_DIRECTORY && tar xpf -)
+done
+
+exit 0
diff --git a/examples/chroot-setup/Solaris2 b/examples/chroot-setup/Solaris2
new file mode 100644
index 0000000..024492c
--- /dev/null
+++ b/examples/chroot-setup/Solaris2
@@ -0,0 +1,75 @@
+#!/bin/sh
+
+umask 022
+PATH=/usr/bin:/sbin:/usr/sbin
+
+# Create chroot'd area under Solaris 2.5.1 for postfix.
+#
+# Dug Song <dugsong@UMICH.EDU>
+
+if [ $# -ne 1 ]; then
+ echo "Usage: `basename $0` <directory>, e.g.: /var/spool/postfix" ; exit 1
+fi
+
+CHROOT=$1
+
+# If CHROOT does not exist but parent does, create CHROOT
+if [ ! -d ${CHROOT} ]; then
+ # lack of -p below is intentional
+ mkdir ${CHROOT}
+fi
+if [ ! -d ${CHROOT} -o "${CHROOT}" = "/" -o "${CHROOT}" = "/usr" ]; then
+ echo "$0: bad chroot directory ${CHROOT}"
+ exit 2
+fi
+for dir in etc/default etc/inet dev usr/lib usr/share/lib/zoneinfo ; do
+ if [ ! -d ${CHROOT}/${dir} ]; then mkdir -p ${CHROOT}/${dir} ; fi
+done
+#chmod -R 755 ${CHROOT}
+
+# AFS support.
+if [ "`echo $CHROOT | cut -c1-4`" = "/afs" ]; then
+ echo '\tCreating memory resident /dev...'
+ mount -F tmpfs -o size=10 swap ${CHROOT}/dev
+fi
+
+# Setup /etc files.
+cp /etc/nsswitch.conf ${CHROOT}/etc
+cp /etc/netconfig /etc/resolv.conf ${CHROOT}/etc
+cp /etc/default/init ${CHROOT}/etc/default
+cp /etc/inet/services ${CHROOT}/etc/inet/services
+ln -s /etc/inet/services ${CHROOT}/etc/services
+find ${CHROOT}/etc -type f -exec chmod 444 {} \;
+
+# Most of the following are needed for basic operation, except
+# for libnsl.so, nss_nis.so, libsocket.so, and straddr.so which are
+# needed to resolve NIS names.
+cp /usr/lib/ld.so /usr/lib/ld.so.1 ${CHROOT}/usr/lib
+for lib in libc libdl libintl libmp libnsl libsocket libw \
+ nss_nis nss_nisplus nss_dns nss_files; do
+ cp /usr/lib/${lib}.so.1 ${CHROOT}/usr/lib
+ rm -f ${CHROOT}/usr/lib/${lib}.so
+ ln -s ./${lib}.so.1 ${CHROOT}/usr/lib/${lib}.so
+done
+cp /usr/lib/straddr.so.2 ${CHROOT}/usr/lib
+rm -f ${CHROOT}/usr/lib/straddr.so
+ln -s ./straddr.so.2 ${CHROOT}/usr/lib/straddr.so
+chmod 555 ${CHROOT}/usr/lib/*
+
+# Copy timezone database.
+(cd ${CHROOT}/usr/share/lib/zoneinfo
+ (cd /usr/share/lib/zoneinfo; find . -print | cpio -o) | cpio -imdu
+ find . -print | xargs chmod 555
+)
+
+# Make device nodes. We need ticotsord, ticlts and udp to resolve NIS names.
+for device in zero tcp udp ticotsord ticlts; do
+ line=`ls -lL /dev/${device} | sed -e 's/,//'`
+ major=`echo $line | awk '{print $5}'`
+ minor=`echo $line | awk '{print $6}'`
+ rm -f ${CHROOT}/dev/${device}
+ mknod ${CHROOT}/dev/${device} c ${major} ${minor}
+done
+chmod 666 ${CHROOT}/dev/*
+
+exit 0
diff --git a/examples/chroot-setup/Solaris8 b/examples/chroot-setup/Solaris8
new file mode 100644
index 0000000..973e731
--- /dev/null
+++ b/examples/chroot-setup/Solaris8
@@ -0,0 +1,106 @@
+#!/bin/sh
+
+# Solaris 8 version by Matthew X. Economou. Caution: this copies
+# too many files. There is no need to copy libc.so and other files
+# that are already linked in before a Postfix daemon chroots itself.
+
+COMMAND_DIRECTORY="/usr/sbin"
+DAEMON_DIRECTORY="/usr/libexec/postfix"
+QUEUE_DIRECTORY="/var/spool/postfix"
+
+## Copy any shared libraries, device entries, or configuration files
+## needed by Postfix into the jail.
+binlist="
+$DAEMON_DIRECTORY/virtual
+$DAEMON_DIRECTORY/trivial-rewrite
+$DAEMON_DIRECTORY/spawn
+$DAEMON_DIRECTORY/smtpd
+$DAEMON_DIRECTORY/smtp
+$DAEMON_DIRECTORY/showq
+$DAEMON_DIRECTORY/qmqpd
+$DAEMON_DIRECTORY/qmgr
+$DAEMON_DIRECTORY/proxymap
+$DAEMON_DIRECTORY/pipe
+$DAEMON_DIRECTORY/pickup
+$DAEMON_DIRECTORY/nqmgr
+$DAEMON_DIRECTORY/master
+$DAEMON_DIRECTORY/local
+$DAEMON_DIRECTORY/lmtp
+$DAEMON_DIRECTORY/flush
+$DAEMON_DIRECTORY/error
+$DAEMON_DIRECTORY/cleanup
+$DAEMON_DIRECTORY/bounce
+/usr/lib/sendmail
+$COMMAND_DIRECTORY/postsuper
+$COMMAND_DIRECTORY/postqueue
+$COMMAND_DIRECTORY/postmap
+$COMMAND_DIRECTORY/postlog
+$COMMAND_DIRECTORY/postlock
+$COMMAND_DIRECTORY/postkick
+$COMMAND_DIRECTORY/postfix
+$COMMAND_DIRECTORY/postdrop
+$COMMAND_DIRECTORY/postconf
+$COMMAND_DIRECTORY/postcat
+$COMMAND_DIRECTORY/postalias
+"
+ldd $binlist | awk '/[=]>/ { print $3 }' | sort -u | while read i
+do
+ mkdir -p $QUEUE_DIRECTORY`dirname $i`
+ ## Sun's version of tar sucks. We'll have to remove the leading
+ ## slashes from file names ourself, otherwise the copy doesn't
+ ## work.
+ (cd / && tar cphf - `echo $i | sed -e 's/^\///'`) | (cd $QUEUE_DIRECTORY && tar xpf -)
+done
+
+## More stuff for the jail, mostly discovered by inspection
+## (e.g. strings, lsof).
+more="
+/dev/zero
+/dev/null
+/dev/udp6
+/dev/tcp6
+/dev/udp
+/dev/tcp
+/dev/poll
+/dev/rawip
+/dev/ticlts
+/dev/ticotsord
+/dev/ticots
+/devices/pseudo/mm@0:zero
+/devices/pseudo/mm@0:null
+/devices/pseudo/udp6@0:udp6
+/devices/pseudo/tcp6@0:tcp6
+/devices/pseudo/udp@0:udp
+/devices/pseudo/tcp@0:tcp
+/devices/pseudo/poll@0:poll
+/devices/pseudo/icmp@0:icmp
+/devices/pseudo/tl@0:ticlts
+/devices/pseudo/tl@0:ticotsord
+/devices/pseudo/tl@0:ticots
+/etc/nsswitch.conf
+/etc/netconfig
+/etc/default/init
+/etc/inet/services
+/etc/resolv.conf
+/etc/services
+/usr/lib/ld.so
+/usr/lib/ld.so.1
+/usr/lib/sparcv9/straddr.so
+/usr/lib/straddr.so
+/usr/lib/libintl.so
+/usr/lib/libintl.so.1
+/usr/lib/libw.so
+/usr/lib/libw.so.1
+/usr/lib/nss_nis.so.1
+/usr/lib/nss_nisplus.so.1
+/usr/lib/nss_dns.so.1
+/usr/lib/nss_files.so.1
+/usr/share/lib/zoneinfo
+/var/ld/ld.config
+"
+for i in $more; do
+ mkdir -p $QUEUE_DIRECTORY`dirname $i`
+ (cd / && tar cpf - `echo $i | sed -e 's/^\///'`) | (cd $QUEUE_DIRECTORY && tar xpf -)
+done
+
+exit 0