When installing postfix into ROOT=/ from binpkg file permissions are correct. ls -l /usr/sbin/post* -rwxr-xr-x 1 root root 18312 Sep 2 17:58 /usr/sbin/postalias -rwxr-xr-x 1 root root 18384 Sep 2 17:58 /usr/sbin/postcat -rwxr-xr-x 1 root root 175208 Sep 2 17:58 /usr/sbin/postconf -rwxr-sr-x 1 root postdrop 14344 Sep 2 17:58 /usr/sbin/postdrop -rwxr-xr-x 1 root root 14296 Sep 2 17:58 /usr/sbin/postfix -rwxr-xr-x 1 root root 10120 Sep 2 17:58 /usr/sbin/postkick -rwxr-xr-x 1 root root 10120 Sep 2 17:58 /usr/sbin/postlock -rwxr-xr-x 1 root root 10280 Sep 2 17:58 /usr/sbin/postlog -rwxr-xr-x 1 root root 18312 Sep 2 17:58 /usr/sbin/postmap -rwxr-xr-x 1 root root 26904 Sep 2 17:58 /usr/sbin/postmulti -rwxr-sr-x 1 root postdrop 22488 Sep 2 17:58 /usr/sbin/postqueue -rwxr-xr-x 1 root root 22744 Sep 2 17:58 /usr/sbin/postsuper When installing postfix into ROOT=/mnt/image from binpkg file permissions are incorrect: ls -l /mnt/image/usr/sbin/post* -rwxr-xr-x 1 root root 18312 Sep 2 17:58 /mnt/image/usr/sbin/postalias -rwxr-xr-x 1 root root 18384 Sep 2 17:58 /mnt/image/usr/sbin/postcat -rwxr-xr-x 1 root root 175208 Sep 2 17:58 /mnt/image/usr/sbin/postconf -rwxr-xr-x 1 root root 14344 Sep 2 17:58 /mnt/image/usr/sbin/postdrop -rwxr-xr-x 1 root root 14296 Sep 2 17:58 /mnt/image/usr/sbin/postfix -rwxr-xr-x 1 root root 10120 Sep 2 17:58 /mnt/image/usr/sbin/postkick -rwxr-xr-x 1 root root 10120 Sep 2 17:58 /mnt/image/usr/sbin/postlock -rwxr-xr-x 1 root root 10280 Sep 2 17:58 /mnt/image/usr/sbin/postlog -rwxr-xr-x 1 root root 18312 Sep 2 17:58 /mnt/image/usr/sbin/postmap -rwxr-xr-x 1 root root 26904 Sep 2 17:58 /mnt/image/usr/sbin/postmulti -rwxr-xr-x 1 root root 22488 Sep 2 17:58 /mnt/image/usr/sbin/postqueue -rwxr-xr-x 1 root root 22744 Sep 2 17:58 /mnt/image/usr/sbin/postsuper Interestingly, when removing group/g+s from /usr/sbin/postdrop, re-installing postfix under ROOT=/mnt/image restores the special permissions for /usr/sbin/postdrop (instead of fixing those of /mnt/image/usr/sbin/postdrop). Note: not tested for non-binpkg installs. Portage version: sys-apps/portage-2.3.40-r1 Probably a regression since sys-apps/portage-2.3.24-r1.
This must be due to postfix set-permissions call in pkg_postinst of the postfix-3.2.6 and later ebuilds: # check and fix file permissions "${EROOT}"/usr/sbin/postfix set-permissions 2>/dev/null
It seem like calling `postfix set-permissions` with some extra arguments can get things in a better shape. Shouldn't it be called during src_install while setting the various location variables to point to $E? Worst-case running it in pkg_postinst for it to recreate empty directories but then setting paths with proper ${EROOT} prefix. Kind of postfix set-permissions queue_directory=${E}/var/spool/postfix command_directory=${E}/usr/sbin ... Such as to cover all location prefixes from /etc/postfix/postfix-files: $command_directory $config_directory $daemon_directory $data_directory $html_directory $mailq_path $manpage_directory $meta_directory $newaliases_path $queue_directory $readme_directory $sample_directory $sendmail_path $shlib_directory