Chrooted Postfix? How would I know?

panicbox · 03-02-2006, 12:28 AM

How would I know that postfix is already running in a chroot jail? I already did this:

[root@mirage postfix]# ps -aux | grep postfix
root 10896 0.0 0.3 6636 1736 ? Ss 14:17 0:00 /usr/libexec/postfix/master
postfix 10898 0.0 0.3 6692 1744 ? S 14:17 0:00 pickup -l -t fifo -u -c
postfix 10899 0.0 0.3 6736 1776 ? S 14:17 0:00 qmgr -l -t fifo -u -c
root 10995 0.0 0.1 3756 688 pts/1 R+ 14:28 0:00 grep postfix

[root@mirage postfix]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 10.10.5.171 ESMTP Postfix
^]

telnet>

But it's running directory is /usr/libexec/postfix/master.

nx5000 · 03-03-2006, 08:45 AM

To check if a process is chrooted, go to /proc/<its_pid>
and look the file root
if it points to / then its not chrooted, otherwise it should point to the chroot

unSpawn · 03-07-2006, 04:27 AM

Another way to check, if you can run a command in the chrooted account, would be to test the inode number of toplevel dirs:
in Sh/Bash:

Code:

[ "$(stat -c %i ".")" = "2" -o "$(stat -c %i "..")" = "2" ] && echo "Not chrooted"