diff options
Diffstat (limited to 'debian/NOTES')
| -rw-r--r-- | debian/NOTES | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/debian/NOTES b/debian/NOTES index 35bc43d..656a56f 100644 --- a/debian/NOTES +++ b/debian/NOTES @@ -109,6 +109,17 @@ used chroots working, and fix the remaining bugs if possible. See https://bugs.debian.org/151692 https://bugs.debian.org/1084167 and numerous bug reports marked with "[chroot]" in the title. +We copy nss stuff to chroot because this is what's used by postfix smtp +client as "native" way for host lookups (smtp_host_lookup). By default +it uses internal dns routines directly, which utilizes res_* functions. +Also, various networking maps might use nss host lookups, but these are +better to be handled with proxy: map type. Glibc does not need libresolv +anymore. And picks up changes to resolv.conf immediately on next lookup. + +#572841 says /dev/random and /dev/urandom are needed in chroot jail +to run ldaps. Is this true still? Are these device files needed for +something else? In 3.9.1-5, I stopped creating /dev/random in chroot. + rmail ~~~~~ |