RandFile
Source for random numbers V8.11 and later
STARTTLS requires that it have some source for randomized data. It uses /dev/urandom on systems that support that device. On systems that don’t, you must specify an alternative.
The RandFile option
is used to specify an alternative source like
this:
O RandFile=where ← configuration file (V8.11 and later) -ORandFile=where ← command line (V8.11 and later) define(`confRAND_FILE',`where') ← mc configuration (V8.11 and later)
Here, where is of type
string, and specifies the
source for the randomized data. That source can be
either a Unix-domain socket used by the
egd(8) daemon (EGD on page 204), or a file you
update with randomized data yourself (Roll your own on page 204). You tell
sendmail which you are using
by prefixing where with
either a literal egd: or file: expression:
define(`confRAND_FILE',`egd:/var/run/entropy') ← socket for the egd daemon define(`confRAND_FILE',`file:/etc/randfile') ← a file of random data
See Roll your own on page 204 for a full discussion of how this option and those file types fit into the STARTTLS scheme.
The RandFile option
is not safe. If specified from the command line, it
can cause sendmail to
relinquish its special privileges.
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
