www.LinuxHowtos.org

POSTFI-NO-BDB

Section: User Commands (1)
Index Return to Main Contents

NAME

postfi-no-bdb - Postfix non-Berkeley-DB migration

SYNOPSIS

postfix non-bdb subcommand

DESCRIPTION

The "postfix non-bdb subcommand" feature edits main.cf and master.cf, to manage the migration of an existing Postfix configuration that uses Berkeley DB type "hash:" or "btree:" tables (which are no longer supported on some OS distributions), to supported types such as "cdb:" or "lmdb:".

The following subcommands are available:

status

Reports the non-Berkeley-DB migration status, without making any changes.

disable

Edits main.cf and master.cf, to turn off the enable-redirect and enable-reindex features.

This will break integration with other software such as mailman versions from before May 2025 when they want to use "postmap hash:/path/to/file", for example, to update a mailman-maintained table.

enable-redirect (aliasing)

Edits main.cf and master.cf, to enable redirection (aliasing) from Berkeley DB types "hash" and "btree" to the non-Berkeley-DB types specified with $default_database_type and $default_cache_db_type. Custom redirection may be configured with non_bdb_custom_mapping.

This configuration will not automatically create non-Berkeley-DB indexed database files. Instead, Postfix programs will log an error as they fail to open an indexed database file, and will leave it to the system administrator to run postmap(1) or postalias(1) to create that file.

This will fix integration with other software such as mailman versions from before May 2025 when they want to use "postmap hash:/path/to/file", for example, to update a mailman-maintained table.

This subcommand will not make any changes when default_database_type or default_cache_db_type specify a hash: or btree: type.

enable-reindex

Edits main.cf and master.cf, to implement enable-redirect, and to automatically create a non-Berkeley-DB indexed database file when a daemon program wants to access a file that does not yet exist. This uses the nbdb_reindexd(8) daemon to run postmap(1) or postalias(1) as described in "SECURITY" below.

This subcommand immediately generates non-Berkeley-DB indexed files for unprivileged command-line programs that cannot send requests to the nbdb_reindexd(8) daemon server. This involves "hash:" and "btree:" tables that are used by postqueue(1) and sendmail(1) as specified in authorized_flush_users and authorized_mailq_users, and by sendmail(1) and postdrop(1) as specified in authorized_submit_users and local_login_sender_maps.

This subcommand will not make any changes when default_database_type or default_cache_db_type specify a hash: or btree: type.

NOTE: enable-reindex should be used only temporarily to generate most of the non-Berkeley-DB indexed files that Postfix needs. Leaving this enabled may expose the system to privilege-escalation attacks. There are no security concerns for using enable-redirect.

SECURITY

The nbdb_reindexd(8) daemon automatically generates a non-Berkeley-DB indexed file only if the database pathname matches the directory prefixes specified with non_bdb_migration_allow_root_prefixes (for files that must be owned by root), or with non_bdb_migration_allow_user_prefixes (for files that must be owned by a non-root user). Additional restrictions on file and directory ownership and permissions are documented in nbdb_reindexd(8).

CONFIGURATION PARAMETERS

The "postfix non-bdb subcommand" feature updates the following configuration parameter:

non_bdb_migration_level (disable): The non-Berkeley-DB migration service level.

Other relevant parameters:

non_bdb_custom_mapping (empty): When non-Berkeley-DB migration is enabled, an optional mapping from a hash: or btree: type to a non-Berkeley-DB type.
non_bdb_migration_allow_root_prefixes (see 'postconf-d non_bdb_migration_allow_root_prefixes' output): A list of trusted pathname prefixes that must be matched when the non-Berkeley-DB migration service (nbdb_reindexd(8)) needs to run postmap(1) or postalias(1) commands with "root" privilege.
non_bdb_migration_allow_user_prefixes (see 'postconf-d non_bdb_migration_allow_user_prefixes' output): A list of trusted pathname prefixes that must be matched when the non-Berkeley-DB migration service (nbdb_reindexd(8)) needs to run postmap(1) or postalias(1) commands with non-root privilege.

README FILES

Use "postconf readme_directory" or "postconf html_directory" to locate this information.

NON_BERKELEYDB_README, migration guide

LICENSE

The Secure Mailer license must be distributed with this software.

HISTORY

The "postfix non-bdb" command was introduced with Postfix version 3.11.

AUTHOR(S)

Wietse Venema
porcupine.org