Looks like this is now fixed as of Docker v1.2.0
For the benefit of the interwebs I'm documenting this here as I've spent several hours pulling my hair out.
When sending an email as a non-root user from within a container, you may see an error like this:
postdrop: warning: mail_queue_enter: create file maildrop/354182.390: Permission denied
The problem is that the postdrop process running with your user privileges is trying to create a file inside var/spool/postfix/maildrop
and failing. The reason it is failing is due to the setgid flag not being honoured on the postdrop
binary.
You can chmod g+s /usr/sbin/postdrop
all you like, it won't help.
The docker container needs the CAP_SETGID
capability before this will work. Currently, the only way to get this is to run the container with all capabilities turned on (aka --privileged
) but this is not generally a good idea for anything other than testing.
Docker issue #6687 should hopefully address this problem.
For now, a better solution is to chmod two directories in /var/spool/postfix
as follows:
chmod o+rwx /var/spool/postfix/maildrop
chmod o+x /var/spool/postfix/public
chmod o+rwx /var/spool/postfix/maildrop
chmod o+x /var/spool/postfix/public
Didn't work for me, what version did you test it on?
Thanks!