If set, this user will own database map files (such as aliases), and will
also own the control socket (?§24.9.25 on page 990). Even though only root can start
sendmail, this user can stop and restart the sendmail daemon.
By setting this option, you can employ a user other than root to administer sendmail.
But if you have been administering sendmail as root, you cannot simply set this
option and be done. Instead, you need to shut down sendmail, make a few changes
and then restart.
??? The first change is needed to ensure that this trusted user can edit the source
files for database files created by sendmail (the aliases database).
??? The second change is needed to remove the control socket (if you use one) so
that sendmail can create it with the proper ownerships.
With these simple changes in place, you can add the following line to your mc configuration
file, and build and install a new configuration file from it:
define(`confTRUSTED_USER??,`user??)
* If that user ID is already in use, find an available number that is below nobody??™s number, and use it instead.
This is the Title of the Book, eMatter Edition
Copyright ?© 2007 O??™Reilly & Associates, Inc. All rights reserved.
4.8 Security Features | 177
Here, user is a user login name, or a user ID number.
When you restart sendmail with this new trusted user in place, you can thereafter
routinely employ that user to administer sendmail.
Pages:
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342