Name
confGBIN...
Synopsis
The non-set-user-id root version of sendmail (Section 2.6.2) uses a set-group-id means of identity instead of the normal set-user-id root means. That is, it assumes the group identity specified, no matter who runs it.
Three macros tune the group identity and permission for this non-set-user-id root version. They are:
- confGBINGRP
This macro sets the group that the non-set-user-id root version of sendmail should belong to. The group defaults to
smmsp. If, as illustrated in Section 2.6.2.2, you wish to use a different group, you can do so like this:define(`confGBINGRP', `nullmail') ← use a group name define(`confGBINGRP', `5343') ←use a group number
If you use a positive number that is not too large, it will be accepted no matter what. If you use a name that is not defined in the /etc/group file, you might see the following error and the build will fail:
chgrp: nullmail: unknown group
- confGBINMODE
This macro defines the execution mode that the non-set-user-id root version of sendmail will have. The default is mode 2555, which is set-group-id (the 2), and readable and executable by the owner, group, and world (the 555). One reason to change this default might be to prevent ordinary users from copying the binary. You would make such a change like this:
define(`confGBINMODE', `2551') ← correct define(`confGBINMODE', `551') ←wrong, don't omit the leading 2
If you mistakenly omit the leading 2, the created non-set-user-id root version of sendmail will loose its ability ...
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
