from small one page howto to huge articles all in one place

search text in:




Other .linuxhowtos.org sites:gentoo.linuxhowtos.org



Last additions:
using iotop to find disk usage hogs

using iotop to find disk usage hogs

words:

887

views:

209586

userrating:

May 25th. 2007:
Words

486

Views

258592

why adblockers are bad

Workaround and fixes for the current Core Dump Handling vulnerability affected kernels

Workaround and fixes for the current Core Dump Handling vulnerability affected kernels

words:

161

views:

149883

userrating:

April, 26th. 2006:
Words

38

Views

107374

New subdomain: toolsntoys.linuxhowtos.org

Druckversion
You are here: manpages





POSTFI-NO-BDB

Section: User Commands (1)
Index Return to Main Contents
 

NAME

postfi-no-bdb - Postfix non-Berkeley-DB migration  

SYNOPSIS

postfix non-bdb subcommand
 

DESCRIPTION

The "postfix non-bdb subcommand" feature edits main.cf and master.cf, to manage the migration of an existing Postfix configuration that uses Berkeley DB type "hash:" or "btree:" tables (which are no longer supported on some OS distributions), to supported types such as "cdb:" or "lmdb:".

The following subcommands are available:

status
Reports the non-Berkeley-DB migration status, without making any changes.
disable
Edits main.cf and master.cf, to turn off the enable-redirect and enable-reindex features.

This will break integration with other software such as mailman versions from before May 2025 when they want to use "postmap hash:/path/to/file", for example, to update a mailman-maintained table.

enable-redirect (aliasing)
Edits main.cf and master.cf, to enable redirection (aliasing) from Berkeley DB types "hash" and "btree" to the non-Berkeley-DB types specified with $default_database_type and $default_cache_db_type. Custom redirection may be configured with non_bdb_custom_mapping.

This configuration will not automatically create non-Berkeley-DB indexed database files. Instead, Postfix programs will log an error as they fail to open an indexed database file, and will leave it to the system administrator to run postmap(1) or postalias(1) to create that file.

This will fix integration with other software such as mailman versions from before May 2025 when they want to use "postmap hash:/path/to/file", for example, to update a mailman-maintained table.

This subcommand will not make any changes when default_database_type or default_cache_db_type specify a hash: or btree: type.

enable-reindex
Edits main.cf and master.cf, to implement enable-redirect, and to automatically create a non-Berkeley-DB indexed database file when a daemon program wants to access a file that does not yet exist. This uses the nbdb_reindexd(8) daemon to run postmap(1) or postalias(1) as described in "SECURITY" below.

This subcommand immediately generates non-Berkeley-DB indexed files for unprivileged command-line programs that cannot send requests to the nbdb_reindexd(8) daemon server. This involves "hash:" and "btree:" tables that are used by postqueue(1) and sendmail(1) as specified in authorized_flush_users and authorized_mailq_users, and by sendmail(1) and postdrop(1) as specified in authorized_submit_users and local_login_sender_maps.

This subcommand will not make any changes when default_database_type or default_cache_db_type specify a hash: or btree: type.

NOTE: enable-reindex should be used only temporarily to generate most of the non-Berkeley-DB indexed files that Postfix needs. Leaving this enabled may expose the system to privilege-escalation attacks. There are no security concerns for using enable-redirect.

 

SECURITY



The nbdb_reindexd(8) daemon automatically generates a
non-Berkeley-DB indexed file only if the database pathname matches
the directory prefixes specified with
non_bdb_migration_allow_root_prefixes (for files that must be
owned by root), or with non_bdb_migration_allow_user_prefixes
(for files that must be owned by a non-root user). Additional
restrictions on file and directory ownership and permissions
are documented in nbdb_reindexd(8).
 

CONFIGURATION PARAMETERS






The "postfix non-bdb subcommand" feature
updates the following configuration parameter:



non_bdb_migration_level (disable)

The non-Berkeley-DB migration service level.





Other relevant parameters:



non_bdb_custom_mapping (empty)

When non-Berkeley-DB migration is enabled, an optional mapping
from a hash: or btree: type to a non-Berkeley-DB type.

non_bdb_migration_allow_root_prefixes (see 'postconf-d non_bdb_migration_allow_root_prefixes' output)

A list of trusted pathname prefixes that must be matched when
the non-Berkeley-DB migration service (nbdb_reindexd(8)) needs to
run postmap(1) or postalias(1) commands with "root" privilege.

non_bdb_migration_allow_user_prefixes (see 'postconf-d non_bdb_migration_allow_user_prefixes' output)

A list of trusted pathname prefixes that must be matched when
the non-Berkeley-DB migration service (nbdb_reindexd(8)) needs to
run postmap(1) or postalias(1) commands with non-root privilege.


 

SEE ALSO




nbdb_reindexd(8) reindexing service

 

README FILES






Use "postconf readme_directory" or
"postconf html_directory" to locate this information.


NON_BERKELEYDB_README, migration guide

 

LICENSE






The Secure Mailer license must be distributed with this software.
 

HISTORY




The "postfix non-bdb" command was introduced with Postfix
version 3.11.
 

AUTHOR(S)




Wietse Venema
porcupine.org





 
Index




NAME


SYNOPSIS


DESCRIPTION


SECURITY


CONFIGURATION PARAMETERS


SEE ALSO


README FILES


LICENSE


HISTORY


AUTHOR(S)









Support us on Content Nation







rdf newsfeed |
rss newsfeed |
Atom newsfeed

- Powered by LeopardCMS - Running on Gentoo -

Copyright 2004-2025 Sascha Nitsch Unternehmensberatung GmbH
Valid XHTML1.1 :
Valid CSS

- Level Triple-A Conformance to Web Content Accessibility Guidelines 1.0 -

- Copyright and legal notices -
Time to create this page: 14.1 ms