Name
DontInitGroups
Synopsis
Just before executing any delivery agent (including the
*include*
delivery agent) and just before opening
a ~/.forward file, sendmail
sets its group and user identities as appropriate. To illustrate,
consider the U=
equate (U=). If the fax
delivery agent
has the U=
equate set like this:
U=fax:fax
its A=
program will be executed by the user
fax who is in the group
fax. In addition, sendmail
calls the initgroups(3) system call to expand
the list of groups to which the user belongs. In the case of
fax, it might also belong to the groups
faxadm and faxusers. The
total result is that fax can execute, read, and
write any files that have the appropriate group permissions set for
any of the groups fax,
faxadm, and faxusers.
This versatility, however, has a price. As group files get huge or as nis, nisplus, or hesiod services become slow (probably because they are also large), the initgroups(3) call can start to adversely affect sendmail’s performance.
When performance is a concern, the DontInitGroups
option can be used to disable initgroups(3):
O DontInitGroups=bool ← configuration file (V8.7 and later) -ODontInitGroups=bool ← command line (V8.7 and later) define(`confDONT_INIT_GROUPS',bool)← mc configuration (V8.7 and later)
The argument bool
is of type
Boolean. If it is missing, the default value is
true—don’t call
initgroups(3). If the entire option is missing,
the default value is false—do call
initgroups(3). See NO_GROUP_SET for a discussion of how NO_GROUP_SET ...
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.