在 docker 中使用 `start-fg` 从 postfix 出现“致命:未知服务:smtp/tcp”

在 docker 中使用 `start-fg` 从 postfix 出现“致命:未知服务:smtp/tcp”

我正在尝试让 postfix 在 raspberry pi 上的 docker 容器中运行。以下方法有效

ENTRYPOINT service rsyslog restart && service postfix restart && sleep 2s && tail /var/log/syslog -f

但如果我改用下面的方法,即在前台运行 postfix(根据文档,并链接自服务器故障

ENTRYPOINT postfix start-fg

然后它启动了,但任何发送邮件的尝试都会导致fatal: unknown service: smtp/tcp


我的master.cf包含

# service type  private unpriv  chroot  wakeup  maxproc command + args
smtp       inet  n       -       y       -       -       smtpd

但是在阅读了许多有关 chroot 的其他问题后,我尝试关闭它,但没有成功。

我还检查了 smtp 是否存在于和中/etc/services/var/spool/postfix/etc/services并且权限已打开以供读取。我使用

RUN ln -snf /etc/services /var/spool/postfix/etc/services
-rw-r--r-- 1 root root 18774 Feb  3 23:28 /var/spool/postfix/etc/services
-rw-r--r-- 1 root root 18774 Feb 10  2019 /etc/services
#grep smtp /var/spool/postfix/etc/services
smtp        25/tcp      mail
submissions 465/tcp     ssmtp smtps urd # Submission over TLS [RFC8314]
#grep smtp /etc/services
smtp        25/tcp      mail
submissions 465/tcp     ssmtp smtps urd # Submission over TLS [RFC8314]


我的完整 dockerfile

FROM --platform=linux/arm/v7 debian:stable-slim
RUN apt-get update
RUN apt-get install postfix rsyslog -y
COPY etc /etc # I have main.cf, mcaster.cf, virtual, and mailname copying in
# Build the virtual.db database file
RUN postmap /etc/postfix/virtual
# This gets smtp working https://serverfault.com/questions/655116/postfix-fails-to-send-mail-with-fatal-unknown-service-smtp-tcp
RUN ln -snf /etc/services /var/spool/postfix/etc/services
EXPOSE 25
ENTRYPOINT service rsyslog restart && service postfix restart && sleep 2s && tail /var/log/syslog -f
#ENTRYPOINT postfix start-fg

我真的更愿意同时使用start-fg这两种最佳实践,在容器中拥有一个单一的进程,这将使 syslog 日志管理更清晰。


如果我没有包含重要内容,或者我可以获取有用的日志,请发表评论。我的 Linux 水平尚属中级,因此我会尽力获取日志和跟踪,但可能需要一些指导。

答案1

抱歉,我对此还很陌生,但我会尝试一下:当您使用postfix start-fg它时,将在 chroot 环境中启动 postfix 进程。Postfix 需要访问中的某些文件/etc(例如您提到的文件/etc/services)。根据 postfix 文档:

请注意,chrooted 守护进程会解析与 Postfix 队列目录 (/var/spool/postfix) 相关的所有文件名。为了成功使用 chroot jail,大多数 UNIX 系统都要求您引入一些文件或设备节点。源代码分发中的 examples/chroot-setup 目录包含一组脚本,可帮助您在不同的操作系统上设置 Postfix chroot 环境。

因此,用户有责任确保填充 chroot jail(获取所有文件和库),以使 postfix 能够按预期工作。以下是 postfix 提供的用于设置 chroot 环境的脚本。您可以看到它从 /etc 复制文件以及一些库。

#! /bin/sh

# LINUX2 - shell script to set up a Postfix chroot jail for Linux
# Tested on SuSE Linux 5.3 (libc5) and 7.0 (glibc2.1)

# Other testers reported as working:
#
# 2001-01-15 Debian sid (unstable)
#            Christian Kurz <[email protected]>

# Copyright (c) 2000 - 2001 by Matthias Andree
# Redistributable unter the MIT-style license that follows:
# Abstract: "do whatever you want except hold somebody liable or change
# the copyright information".

# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.

# 2000-09-29
# v0.1: initial release

# 2000-12-05
# v0.2: copy libdb.* for libnss_db.so
#       remove /etc/localtime in case it's a broken symlink
#       restrict find to maxdepth 1 (faster)

# Revision 1.4  2001/01/15 09:36:35  emma
# add note it was successfully tested on Debian sid
#
# 20060101 /lib64 support by Keith Owens.
#

CP="cp -p"

cond_copy() {
  # find files as per pattern in $1
  # if any, copy to directory $2
  dir=`dirname "$1"`
  pat=`basename "$1"`
  lr=`find "$dir" -maxdepth 1 -name "$pat"`
  if test ! -d "$2" ; then exit 1 ; fi
  if test "x$lr" != "x" ; then $CP $1 "$2" ; fi
} 

set -e
umask 022

POSTFIX_DIR=${POSTFIX_DIR-/var/spool/postfix}
cd ${POSTFIX_DIR}

mkdir -p etc lib usr/lib/zoneinfo
test -d /lib64 && mkdir -p lib64

# find localtime (SuSE 5.3 does not have /etc/localtime)
lt=/etc/localtime
if test ! -f $lt ; then lt=/usr/lib/zoneinfo/localtime ; fi
if test ! -f $lt ; then lt=/usr/share/zoneinfo/localtime ; fi
if test ! -f $lt ; then echo "cannot find localtime" ; exit 1 ; fi
rm -f etc/localtime

# copy localtime and some other system files into the chroot's etc
$CP -f $lt /etc/services /etc/resolv.conf /etc/nsswitch.conf etc
$CP -f /etc/host.conf /etc/hosts /etc/passwd etc
ln -s -f /etc/localtime usr/lib/zoneinfo

# copy required libraries into the chroot
cond_copy '/lib/libnss_*.so*' lib
cond_copy '/lib/libresolv.so*' lib
cond_copy '/lib/libdb.so*' lib
if test -d /lib64; then
  cond_copy '/lib64/libnss_*.so*' lib64
  cond_copy '/lib64/libresolv.so*' lib64
  cond_copy '/lib64/libdb.so*' lib64
fi

postfix reload

相关内容