Postfix chroot dns resolve problem (Ubuntu 18.04.4 LTS, Postfix 3.3.0)

Question

I have a Postfix setup configured with chroot=y in master.cf file(full original config). When the chroot is enabled, the DNS resolvation not work (the sender is from valid, popular service): "postfix/smtpd[19114]: connect from unknown[X.X.X.X]"

Possible solutions that i tried:

• copy /lib/x86_64-linux-gnu/libnss_* and needed lib files to the jail(/var/spool/postfix/...)
• with systemd-resolved and replaced with resolvconf package (for testing)
• static /etc/resolv.conf (not /run/systemd/system/resolv.conf symlink)
• various possibilites in nsswitch.conf

The hosts file is working in chroot mode, i've tested with static entries.

Any other possible solutions?

Thanks for the help.

Z

Answer 1

Ive found the solution.

If your system run ZFS or have any separated partitions (like /var/spool), than you need to make sure that partion (where is the postfix chroot) have exec rights.

Defaults are usually enough for the ext4 file system, zfs need exec flag.