Name
RandFile
Synopsis
STARTTLS requires that it have some source for randomized data. It uses /dev/urandom on systems that support that device. On systems that don’t, you must specify an alternative.
The RandFile
option is used to specify an
alternative source like this:
O RandFile=where ← configuration file (V8.11 and later) -ORandFile=where ← command line (V8.11 and later) define(`confRAND_FILE',`where')← mc configuration (V8.11 and later)
Here, where
is of type
string, and specifies the source for the
randomized data. That source can be either a Unix-domain socket used
by the egd(8) daemon (Section 10.10.1.3), or a file you update with randomized data
yourself (Section 10.10.1.5). You tell
sendmail which you are using by prefixing
where
with either a literal
egd:
or file:
expression:
define(`confRAND_FILE',`egd:/var/run/entropy') ← socket for the egd daemon define(`confRAND_FILE',`file:/etc/randfile')← a file of random data
See Section 10.10 in Chapter 10 for a full discussion of how this option and those file types fit into the STARTTLS scheme.
The RandFile
option is not safe. If specified from
the command line, it can cause sendmail to
relinquish its special privileges.
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.