From c8166690732f5304223d73b0dde045610f592421 Mon Sep 17 00:00:00 2001
From: downtownallday <downtownallday@gmail.com>
Date: Fri, 6 Oct 2023 05:48:52 -0400
Subject: [PATCH 1/2] Even though smtpd is not chrooted, move auth socket back
 to postfix's chroot/working directory anyway.

---
 setup/mail-users.sh | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/setup/mail-users.sh b/setup/mail-users.sh
index f1c5623f..1522d77f 100755
--- a/setup/mail-users.sh
+++ b/setup/mail-users.sh
@@ -29,6 +29,9 @@ source ${STORAGE_ROOT}/ldap/miab_ldap.conf # user-data specific vars
 dovecot_setting() {
     /usr/bin/doveconf $1 2>/dev/null | awk -F= '{gsub(/^ +/, "", $2); print $2}'
 }
+postfix_setting() {
+    /usr/sbin/postconf $1 2>/dev/null | awk -F= '{gsub(/^ +/, "", $2); print $2}'
+}
 
 # ### User Authentication
 
@@ -101,7 +104,7 @@ ln -sf /etc/dovecot/dovecot-ldap.conf.ext /etc/dovecot/dovecot-userdb-ldap.conf.
 # Have Dovecot provide an authorization service that Postfix can access & use.
 cat > /etc/dovecot/conf.d/99-local-auth.conf << EOF;
 service auth {
-  unix_listener auth-postfix {
+  unix_listener $(postfix_setting queue_directory)/private/auth {
     mode = 0660
     user = dovecot
     group = postfix
@@ -117,7 +120,7 @@ EOF
 # submission port.
 tools/editconf.py /etc/postfix/main.cf \
 	smtpd_sasl_type=dovecot \
-	smtpd_sasl_path=$(dovecot_setting base_dir)/auth-postfix \
+	smtpd_sasl_path=private/auth \
 	smtpd_sasl_auth_enable=no
 
 # ### Sender Validation

From 75baac8d60a62ab7dcf7b563470945826e2d2582 Mon Sep 17 00:00:00 2001
From: downtownallday <downtownallday@gmail.com>
Date: Fri, 6 Oct 2023 05:50:16 -0400
Subject: [PATCH 2/2] Update rsyslog's postfix configuration, which creates a
 socket in postfix's chroot

---
 setup/mods.available/move-postfix-queue-to-user-data.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/setup/mods.available/move-postfix-queue-to-user-data.sh b/setup/mods.available/move-postfix-queue-to-user-data.sh
index 5cfed112..389153f5 100755
--- a/setup/mods.available/move-postfix-queue-to-user-data.sh
+++ b/setup/mods.available/move-postfix-queue-to-user-data.sh
@@ -55,7 +55,14 @@ change_queue_directory() {
     mkdir -p "$(dirname "$where")"
     mv "$cur" "$where"
     /usr/sbin/postconf -e "queue_directory=$where"
-    systemctl start postfix
+    
+    # change rsyslog so chrooted postfix services can log at the
+    # new location
+    tools/editconf.py /etc/rsyslog.d/postfix.conf -s "\$AddUnixListenSocket=$where/dev/log"
+    systemctl restart rsyslog
+
+    # re-run setup/mail-users.sh so the new queue_directory is used
+    source setup/mail-users.sh
     echo "New postfix queue directory: $where (was: $cur)"
 }