We chose /bin/false because
that program always exits with a nonzero (failure) value.
2.5.2 Add smmsp to /etc/group
When sendmail is run as non-set-user-id root, it is run either as root when it is
invoked by the root user (in which case it can read all files), or as another user when
it should not run as root. To enable the sendmail program to read and write its queue
when it is not root, it needs to always run as a predefined group. It does this by having
its set-group-id permission set, and by running under an appropriate group. The
sendmail distribution clearly cannot divine ahead of time what group you wish to use
when not running sendmail as set-group-id. It could have chosen nogroup, for example,
but the user nogroup does not exist under all versions of Unix.
This is the Title of the Book, eMatter Edition
Copyright ?© 2007 O??™Reilly & Associates, Inc. All rights reserved.
64 | Chapter 2: Download, Build, and Install
You can choose your own group by using the confGBINGRP build macro (?§2.7.16 on
page 76) to place a line suchas the following into your build m4 file. But don??™t chose
a group that is shared by any other user. For security reasons, the group you choose
should be used only by sendmail:
define(`confGBINGRP??, `nullgroup??)
If you change the group, you will also have to build and install your own submit.
Pages:
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138