Skip to Content
sendmail, 4th Edition
book

sendmail, 4th Edition

by Bryan Costales, Claus Assmann, George Jansen, Gregory Neil Shapiro
October 2007
Intermediate to advanced
1308 pages
161h 13m
English
O'Reilly Media, Inc.
Content preview from sendmail, 4th Edition

Add smmsp to /etc/group

When sendmail is run as non-set-user-id root, it is run either as root when it is invoked by the root user (in which case it can read all files), or as another user when it should not run as root. To enable the sendmail program to read and write its queue when it is not root, it needs to always run as a predefined group. It does this by having its set-group-id permission set, and by running under an appropriate group. The sendmail distribution clearly cannot divine ahead of time what group you wish to use when not running sendmail as set-group-id. It could have chosen nogroup, for example, but the user nogroup does not exist under all versions of Unix.

You can choose your own group by using the confGBINGRP build macro (confGBIN... on page 76) to place a line such as the following into your build m4 file. But don’t chose a group that is shared by any other user. For security reasons, the group you choose should be used only by sendmail:

define(`confGBINGRP', `nullgroup')

If you change the group, you will also have to build and install your own submit.cf file, and include in the mc file, for that creation, a definition for that new group with the RunAsUser option (The RunAsUser option (V8.8 and above) on page 176), like this:

FEATURE(`msp')
define(`confRUN_AS_USER', `:nullgroup')

Note that the same option sets both the user and the group. A combined declaration might look like this:

FEATURE(`msp')
define(`confRUN_AS_USER', `nullmail:nullgroup')

If you don’t change ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

Sendmail, 3rd Edition

Sendmail, 3rd Edition

Bryan Costales
Postfix

Postfix

Richard Blum
Linux Email

Linux Email

Ian Haycox, Ralf Hildebrandt, David Rusenko, Alistair McDonald, Patrick Ben Koetter, Carl Taylor, Magnus Back

Publisher Resources

ISBN: 9780596510299Errata Page