diff --git a/README.md b/README.md
index 9effd9765c1de60822cef23a725877fafaf4736f..82679bbf836c9851f41688c59816ce2ea2c3c0e3 100644
--- a/README.md
+++ b/README.md
@@ -160,6 +160,11 @@ A string to define the e-mail address to which all mail directed to root should
Default: 'nobody'.
Example: 'root_catch@example.com'.
+##### `chroot`
+A boolean to define if postfix should be run in a chroot jail or not. If not defined, '-' is used (OS dependant)
+Default: Undefined.
+Example: true
+
##### `satellite`
A Boolean to define whether to configure postfix as a satellite relay host. This setting is mutually exclusive with the mta Boolean.
Default: False.
diff --git a/manifests/files.pp b/manifests/files.pp
index c8205f488ef3e41c8c826b134a364024a4beba4a..d8f09ba738a139b3ea172a9647b86aae11857f11 100644
--- a/manifests/files.pp
+++ b/manifests/files.pp
@@ -14,6 +14,7 @@ class postfix::files {
$myorigin = $postfix::myorigin
$manage_root_alias = $postfix::manage_root_alias
$root_mail_recipient = $postfix::root_mail_recipient
+ $chroot = $postfix::chroot
$smtp_listen = $postfix::_smtp_listen
$use_amavisd = $postfix::use_amavisd
$use_dovecot_lda = $postfix::use_dovecot_lda
@@ -24,6 +25,12 @@ class postfix::files {
assert_type(Optional[String], $master_smtp)
assert_type(Optional[String], $master_smtps)
+ $jail = $chroot ? {
+ undef => '-',
+ true => 'y',
+ default => 'n',
+ }
+
File {
replace => $manage_conffiles,
}
@@ -56,9 +63,9 @@ class postfix::files {
$mastercf_content = undef
} else {
$mastercf_content = template(
- $postfix::params::master_os_template,
- 'postfix/master.cf.common.erb'
- )
+ $postfix::params::master_os_template,
+ 'postfix/master.cf.common.erb'
+ )
}
file { '/etc/postfix/master.cf':
@@ -89,7 +96,7 @@ class postfix::files {
'myorigin': value => $myorigin;
}
- case $::osfamily {
+ case $facts['os']['family'] {
'RedHat': {
::postfix::config {
'mailq_path': value => '/usr/bin/mailq.postfix';
diff --git a/manifests/init.pp b/manifests/init.pp
index 23565f298810d1d1b0f9388d379f85ba09d11876..69990dd213c8d21139665281ab68a233e5eab1d3 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -50,6 +50,8 @@
#
# [*root_mail_recipient*] - (string)
#
+# [*chroot*] - (undef/boolean) Whether postfix should be run in a chroot
+#
# [*satellite*] - (boolean) Whether to use as a satellite
# (implies MTA)
#
@@ -97,6 +99,7 @@ class postfix (
Optional[String] $relayhost = undef, # postfix_relayhost
Boolean $manage_root_alias = true,
Variant[Array[String], String] $root_mail_recipient = 'nobody', # root_mail_recipient
+ Optional[Boolean] $chroot = undef,
Boolean $satellite = false,
String $smtp_listen = '127.0.0.1', # postfix_smtp_listen
Boolean $use_amavisd = false, # postfix_use_amavisd
diff --git a/spec/acceptance/postfix_spec.rb b/spec/acceptance/postfix_spec.rb
index b03b54cd84605a591d8108b32668bac2f474be71..e85cdde24274683919d4f4a2ef57e705b4bf438f 100644
--- a/spec/acceptance/postfix_spec.rb
+++ b/spec/acceptance/postfix_spec.rb
@@ -21,7 +21,9 @@ describe 'postfix class' do
}
}
- class { 'postfix': }
+ class { 'postfix':
+ smtp_listen => 'all',
+ }
EOS
# Run it twice and test for idempotency
diff --git a/templates/master.cf.SLES11.2.erb b/templates/master.cf.SLES11.2.erb
index 0cccd7ea27c0df80370bb371aebe6791e5e91c89..855519c3258277320358860c4160c30199efde27 100644
--- a/templates/master.cf.SLES11.2.erb
+++ b/templates/master.cf.SLES11.2.erb
@@ -10,9 +10,9 @@
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
<% if @smtp_listen == 'all' -%>
-smtp inet n - n - - smtpd
+smtp inet n - <%= @jail %> - - smtpd
<% else -%>
-<%= @smtp_listen %>:smtp inet n - n - - smtpd
+<%= @smtp_listen %>:smtp inet n - <%= @jail %> - - smtpd
<% end -%>
#smtp inet n - n - - smtpd
#submission inet n - n - - smtpd
@@ -24,32 +24,32 @@ smtp inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628 inet n - n - - qmqpd
-pickup fifo n - n 60 1 pickup
-cleanup unix n - n - 0 cleanup
+pickup fifo n - <%= @jail %> 60 1 pickup
+cleanup unix n - <%= @jail %> - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
#tlsmgr unix - - n 1000? 1 tlsmgr
-rewrite unix - - n - - trivial-rewrite
-bounce unix - - n - 0 bounce
-defer unix - - n - 0 bounce
-trace unix - - n - 0 bounce
-verify unix - - n - 1 verify
-flush unix n - n 1000? 0 flush
+rewrite unix - - <%= @jail %> - - trivial-rewrite
+bounce unix - - <%= @jail %> - 0 bounce
+defer unix - - <%= @jail %> - 0 bounce
+trace unix - - <%= @jail %> - 0 bounce
+verify unix - - <%= @jail %> - 1 verify
+flush unix n - <%= @jail %> 1000? 0 flush
proxymap unix - - n - - proxymap
-smtp unix - - n - - smtp
+smtp unix - - <%= @jail %> - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
-relay unix - - n - - smtp
+relay unix - - <%= @jail %> - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
-showq unix n - n - - showq
-error unix - - n - - error
-discard unix - - n - - discard
+showq unix n - <%= @jail %> - - showq
+error unix - - <%= @jail %> - - error
+discard unix - - <%= @jail %> - - discard
local unix - n n - - local
virtual unix - n n - - virtual
-lmtp unix - - n - - lmtp
-anvil unix - - n - 1 anvil
+lmtp unix - - <%= @jail %> - - lmtp
+anvil unix - - <%= @jail %> - 1 anvil
#localhost:10025 inet n - n - - smtpd -o content_filter=
-scache unix - - n - 1 scache
+scache unix - - <%= @jail %> - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
diff --git a/templates/master.cf.SLES11.3.erb b/templates/master.cf.SLES11.3.erb
index 2b7c296eff94a14371c6e3ebbb2ab83006dbebd0..af5d34e23f55096dc244b8957b009fb48c125beb 100644
--- a/templates/master.cf.SLES11.3.erb
+++ b/templates/master.cf.SLES11.3.erb
@@ -10,9 +10,9 @@
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
<% if @smtp_listen == 'all' -%>
-smtp inet n - n - - smtpd
+smtp inet n - <%= @jail %> - - smtpd
<% else -%>
-<%= @smtp_listen %>:smtp inet n - n - - smtpd
+<%= @smtp_listen %>:smtp inet n - <%= @jail %> - - smtpd
<% end -%>
#smtp inet n - n - - smtpd
#submission inet n - n - - smtpd
@@ -24,32 +24,32 @@ smtp inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628 inet n - n - - qmqpd
-pickup fifo n - n 60 1 pickup
-cleanup unix n - n - 0 cleanup
+pickup fifo n - <%= @jail %> 60 1 pickup
+cleanup unix n - <%= @jail %> - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
#tlsmgr unix - - n 1000? 1 tlsmgr
-rewrite unix - - n - - trivial-rewrite
-bounce unix - - n - 0 bounce
-defer unix - - n - 0 bounce
-trace unix - - n - 0 bounce
-verify unix - - n - 1 verify
-flush unix n - n 1000? 0 flush
+rewrite unix - - <%= @jail %> - - trivial-rewrite
+bounce unix - - <%= @jail %> - 0 bounce
+defer unix - - <%= @jail %> - 0 bounce
+trace unix - - <%= @jail %> - 0 bounce
+verify unix - - <%= @jail %> - 1 verify
+flush unix n - <%= @jail %> 1000? 0 flush
proxymap unix - - n - - proxymap
-smtp unix - - n - - smtp
+smtp unix - - <%= @jail %> - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
-relay unix - - n - - smtp
+relay unix - - <%= @jail %> - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
-showq unix n - n - - showq
-error unix - - n - - error
-discard unix - - n - - discard
+showq unix n - <%= @jail %> - - showq
+error unix - - <%= @jail %> - - error
+discard unix - - <%= @jail %> - - discard
local unix - n n - - local
virtual unix - n n - - virtual
-lmtp unix - - n - - lmtp
-anvil unix - - n - 1 anvil
+lmtp unix - - <%= @jail %> - - lmtp
+anvil unix - - <%= @jail %> - 1 anvil
#localhost:10025 inet n - n - - smtpd -o content_filter=
-scache unix - - n - 1 scache
+scache unix - - <%= @jail %> - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
diff --git a/templates/master.cf.SLES11.4.erb b/templates/master.cf.SLES11.4.erb
index 9f621478e2d44aa30ee6d0c9be3371f0f7401b89..0518183036e0199396131b6d6a603334a58aca2f 100644
--- a/templates/master.cf.SLES11.4.erb
+++ b/templates/master.cf.SLES11.4.erb
@@ -10,9 +10,9 @@
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
<% if @smtp_listen == 'all' -%>
-smtp inet n - n - - smtpd
+smtp inet n - <%= @jail %> - - smtpd
<% else -%>
-<%= @smtp_listen %>:smtp inet n - n - - smtpd
+<%= @smtp_listen %>:smtp inet n - <%= @jail %> - - smtpd
<% end -%>
#submission inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
@@ -23,32 +23,32 @@ smtp inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628 inet n - n - - qmqpd
-pickup fifo n - n 60 1 pickup
-cleanup unix n - n - 0 cleanup
+pickup fifo n - <%= @jail %> 60 1 pickup
+cleanup unix n - <%= @jail %> - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
-tlsmgr unix - - n 1000? 1 tlsmgr
-rewrite unix - - n - - trivial-rewrite
-bounce unix - - n - 0 bounce
-defer unix - - n - 0 bounce
-trace unix - - n - 0 bounce
-verify unix - - n - 1 verify
-flush unix n - n 1000? 0 flush
+tlsmgr unix - - <%= @jail %> 1000? 1 tlsmgr
+rewrite unix - - <%= @jail %> - - trivial-rewrite
+bounce unix - - <%= @jail %> - 0 bounce
+defer unix - - <%= @jail %> - 0 bounce
+trace unix - - <%= @jail %> - 0 bounce
+verify unix - - <%= @jail %> - 1 verify
+flush unix n - <%= @jail %> 1000? 0 flush
proxymap unix - - n - - proxymap
-smtp unix - - n - - smtp
+smtp unix - - <%= @jail %> - - smtp
# When relaying mail as backup MX, disable smtp_fallback_relay to avoid MX loops
-relay unix - - n - - smtp
+relay unix - - <%= @jail %> - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
-showq unix n - n - - showq
-error unix - - n - - error
-discard unix - - n - - discard
+showq unix n - <%= @jail %> - - showq
+error unix - - <%= @jail %> - - error
+discard unix - - <%= @jail %> - - discard
local unix - n n - - local
virtual unix - n n - - virtual
-lmtp unix - - n - - lmtp
-anvil unix - - n - 1 anvil
+lmtp unix - - <%= @jail %> - - lmtp
+anvil unix - - <%= @jail %> - 1 anvil
#localhost:10025 inet n - n - - smtpd -o content_filter=
-scache unix - - n - 1 scache
+scache unix - - <%= @jail %> - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
diff --git a/templates/master.cf.common.erb b/templates/master.cf.common.erb
index c21f0e23ae25e69dd03468fe4ba4f4fc8efee493..fdd6c11c762d6c3a1c9973e1c4c9d940c104a2d9 100644
--- a/templates/master.cf.common.erb
+++ b/templates/master.cf.common.erb
@@ -1,9 +1,9 @@
<% if @use_amavisd %>
-amavis unix - - - - 2 smtp
+amavis unix - - <%= @jail %> - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-127.0.0.1:10025 inet n - - - - smtpd
+127.0.0.1:10025 inet n - <%= @jail %> - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
diff --git a/templates/master.cf.debian.erb b/templates/master.cf.debian.erb
index aadcc286b90d39b363ebd60d5ae5c9fa95314078..748d9d9e7304b35c14ddd05466dc8ccc95bc8dbb 100644
--- a/templates/master.cf.debian.erb
+++ b/templates/master.cf.debian.erb
@@ -10,9 +10,9 @@
<% if @master_smtp -%>
<%= @master_smtp %>
<% elsif @smtp_listen == 'all' -%>
-smtp inet n - - - - smtpd
+smtp inet n - <%= @jail %> - - smtpd
<% else -%>
-<%= @smtp_listen %>:smtp inet n - - - - smtpd
+<%= @smtp_listen %>:smtp inet n - <%= @jail %> - - smtpd
<% end -%>
<% if @master_submission -%>
<%= @master_submission %>
@@ -29,31 +29,31 @@ smtp inet n - - - - smtpd
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628 inet n - - - - qmqpd
-pickup fifo n - - 60 1 pickup
-cleanup unix n - - - 0 cleanup
+pickup fifo n - <%= @jail %> 60 1 pickup
+cleanup unix n - <%= @jail %> - 0 cleanup
qmgr fifo n - n 300 1 qmgr
-#qmgr fifo n - - 300 1 oqmgr
-tlsmgr unix - - - 1000? 1 tlsmgr
-rewrite unix - - - - - trivial-rewrite
-bounce unix - - - - 0 bounce
-defer unix - - - - 0 bounce
-trace unix - - - - 0 bounce
-verify unix - - - - 1 verify
-flush unix n - - 1000? 0 flush
+#qmgr fifo n - n 300 1 oqmgr
+tlsmgr unix - - <%= @jail %> 1000? 1 tlsmgr
+rewrite unix - - <%= @jail %> - - trivial-rewrite
+bounce unix - - <%= @jail %> - 0 bounce
+defer unix - - <%= @jail %> - 0 bounce
+trace unix - - <%= @jail %> - 0 bounce
+verify unix - - <%= @jail %> - 1 verify
+flush unix n - <%= @jail %> 1000? 0 flush
proxymap unix - - n - - proxymap
-smtp unix - - - - - smtp
+smtp unix - - <%= @jail %> - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
-relay unix - - - - - smtp
+relay unix - - <%= @jail %> - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
-showq unix n - - - - showq
-error unix - - - - - error
-discard unix - - - - - discard
+showq unix n - <%= @jail %> - - showq
+error unix - - <%= @jail %> - - error
+discard unix - - <%= @jail %> - - discard
local unix - n n - - local
virtual unix - n n - - virtual
-lmtp unix - - - - - lmtp
-anvil unix - - - - 1 anvil
-scache unix - - - - 1 scache
+lmtp unix - - <%= @jail %> - - lmtp
+anvil unix - - <%= @jail %> - 1 anvil
+scache unix - - <%= @jail %> - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
diff --git a/templates/master.cf.redhat.erb b/templates/master.cf.redhat.erb
index bfaf972847fbd0dbab78919518d88ec5b66844a9..91a2aee33e4ff08eb30fb330528d1732fece1180 100644
--- a/templates/master.cf.redhat.erb
+++ b/templates/master.cf.redhat.erb
@@ -10,9 +10,9 @@
<% if @master_smtp -%>
<%= @master_smtp %>
<% elsif @smtp_listen == 'all' -%>
-smtp inet n - n - - smtpd
+smtp inet n - <%= @jail %> - - smtpd
<% else -%>
-<%= @smtp_listen %>:smtp inet n - n - - smtpd
+<%= @smtp_listen %>:smtp inet n - <%= @jail %> - - smtpd
<% end -%>
<% if @master_submission -%>
<%= @master_submission %>
@@ -30,31 +30,31 @@ smtp inet n - n - - smtpd
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628 inet n - n - - qmqpd
-pickup fifo n - n 60 1 pickup
-cleanup unix n - n - 0 cleanup
+pickup fifo n - <%= @jail %> 60 1 pickup
+cleanup unix n - <%= @jail %> - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
-tlsmgr unix - - n 1000? 1 tlsmgr
-rewrite unix - - n - - trivial-rewrite
-bounce unix - - n - 0 bounce
-defer unix - - n - 0 bounce
-trace unix - - n - 0 bounce
-verify unix - - n - 1 verify
-flush unix n - n 1000? 0 flush
+tlsmgr unix - - <%= @jail %> 1000? 1 tlsmgr
+rewrite unix - - <%= @jail %> - - trivial-rewrite
+bounce unix - - <%= @jail %> - 0 bounce
+defer unix - - <%= @jail %> - 0 bounce
+trace unix - - <%= @jail %> - 0 bounce
+verify unix - - <%= @jail %> - 1 verify
+flush unix n - <%= @jail %> 1000? 0 flush
proxymap unix - - n - - proxymap
-smtp unix - - n - - smtp
+smtp unix - - <%= @jail %> - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
-relay unix - - n - - smtp
+relay unix - - <%= @jail %> - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
-showq unix n - n - - showq
-error unix - - n - - error
-discard unix - - n - - discard
+showq unix n - <%= @jail %> - - showq
+error unix - - <%= @jail %> - - error
+discard unix - - <%= @jail %> - - discard
local unix - n n - - local
virtual unix - n n - - virtual
-lmtp unix - - n - - lmtp
-anvil unix - - n - 1 anvil
-scache unix - - n - 1 scache
+lmtp unix - - <%= @jail %> - - lmtp
+anvil unix - - <%= @jail %> - 1 anvil
+scache unix - - <%= @jail %> - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
diff --git a/templates/master.cf.sles.erb b/templates/master.cf.sles.erb
index 6297e4e9fb042c768692066a04e3fd36e0acb40f..9c8fa01f07192d1aaca832cb833391da1c18ff4f 100644
--- a/templates/master.cf.sles.erb
+++ b/templates/master.cf.sles.erb
@@ -13,9 +13,9 @@
<% if @master_smtp -%>
<%= @master_smtp %>
<% elsif @smtp_listen == 'all' -%>
-smtp inet n - n - - smtpd
+smtp inet n - <%= @jail %> - - smtpd
<% else -%>
-<%= @smtp_listen %>:smtp inet n - n - - smtpd
+<%= @smtp_listen %>:smtp inet n - <%= @jail %> - - smtpd
<% end -%>
<% if @master_submission -%>
<%= @master_submission %>
@@ -56,32 +56,32 @@ smtp inet n - n - - smtpd
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - qmqpd
-pickup unix n - n 60 1 pickup
-cleanup unix n - n - 0 cleanup
+pickup unix n - <%= @jail %> 60 1 pickup
+cleanup unix n - <%= @jail %> - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
-tlsmgr unix - - n 1000? 1 tlsmgr
-rewrite unix - - n - - trivial-rewrite
-bounce unix - - n - 0 bounce
-defer unix - - n - 0 bounce
-trace unix - - n - 0 bounce
-verify unix - - n - 1 verify
-flush unix n - n 1000? 0 flush
+tlsmgr unix - - <%= @jail %> 1000? 1 tlsmgr
+rewrite unix - - <%= @jail %> - - trivial-rewrite
+bounce unix - - <%= @jail %> - 0 bounce
+defer unix - - <%= @jail %> - 0 bounce
+trace unix - - <%= @jail %> - 0 bounce
+verify unix - - <%= @jail %> - 1 verify
+flush unix n - <%= @jail %> 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
-smtp unix - - n - - smtp
+smtp unix - - <%= @jail %> - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
-relay unix - - n - - smtp
+relay unix - - <%= @jail %> - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
-showq unix n - n - - showq
-error unix - - n - - error
-retry unix - - n - - error
-discard unix - - n - - discard
+showq unix n - <%= @jail %> - - showq
+error unix - - <%= @jail %> - - error
+retry unix - - <%= @jail %> - - error
+discard unix - - <%= @jail %> - - discard
local unix - n n - - local
virtual unix - n n - - virtual
-lmtp unix - - n - - lmtp
-anvil unix - - n - 1 anvil
+lmtp unix - - <%= @jail %> - - lmtp
+anvil unix - - <%= @jail %> - 1 anvil
#localhost:10025 inet n - n - - smtpd
# -o content_filter=
# -o smtpd_delay_reject=no
@@ -102,7 +102,7 @@ anvil unix - - n - 1 anvil
# -o local_header_rewrite_clients=
# -o local_recipient_maps=
# -o relay_recipient_maps=
-scache unix - - n - 1 scache
+scache unix - - <%= @jail %> - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual