From owner-freebsd-stable@FreeBSD.ORG Wed Jan 13 13:34:09 2010 Return-Path: Delivered-To: stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B52C81065679 for ; Wed, 13 Jan 2010 13:34:09 +0000 (UTC) (envelope-from jhellenthal@gmail.com) Received: from mail-qy0-f174.google.com (mail-qy0-f174.google.com [209.85.221.174]) by mx1.freebsd.org (Postfix) with ESMTP id 642668FC0C for ; Wed, 13 Jan 2010 13:34:09 +0000 (UTC) Received: by qyk4 with SMTP id 4so10697868qyk.7 for ; Wed, 13 Jan 2010 05:34:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:date:from:to:cc :subject:in-reply-to:message-id:references:user-agent :x-openpgp-key-id:x-openpgp-key-fingerprint:mime-version :content-type; bh=0EykSX3OnI01vnGbf4TpvPpbbVv45cExtF9wql5aMgg=; b=TXrzsfXrsQwgwGaZ7bYNa5j6YoL0qSgeTgwFfu/i9FOYN9v4s5t1g3uCFPS79r7ix3 /A5qUJ7Htw5sLJYGv79wiDIo3IqJhvVwbGnFrVthEV6FP8FCfGrM9Ld6GCTGSVc8CYOj pWOwEKU2sxqH92u9YjuvhJbTYBuORCbiu+X6U= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:date:from:to:cc:subject:in-reply-to:message-id:references :user-agent:x-openpgp-key-id:x-openpgp-key-fingerprint:mime-version :content-type; b=fqjqvO1EWD6uyvj6t+HYoKP8E4JkicCapAljemKc39DzKI/eSF6DE74kfg68hZWSZV PYEKKQf4Wx8WKv2GStSxCbQpH3mgkb1p4a4V3LtiWHBR4ny4UEjtNRNR8hyflruCTF5I DGFc56oMHLHxy+ngqBC0n6RPqVTGa+WsjBGN0= Received: by 10.224.125.71 with SMTP id x7mr280702qar.301.1263389641880; Wed, 13 Jan 2010 05:34:01 -0800 (PST) Received: from centel.dataix.local (ppp-22.23.dialinfree.com [209.172.22.23]) by mx.google.com with ESMTPS id 21sm1448018qyk.12.2010.01.13.05.33.56 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 13 Jan 2010 05:34:00 -0800 (PST) Sender: "J. Hellenthal" Date: Wed, 13 Jan 2010 08:33:45 -0500 From: jhell To: "S.N.Grigoriev" In-Reply-To: <10471263386697@webmail49.yandex.ru> Message-ID: References: <661263379937@webmail51.yandex.ru> <4B4DAF41.5090903@infracaninophile.co.uk> <10471263386697@webmail49.yandex.ru> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) X-OpenPGP-Key-Id: 0x89D8547E X-OpenPGP-Key-Fingerprint: 85EF E26B 07BB 3777 76BE B12A 9057 8789 89D8 547E MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: stable@freebsd.org Subject: Re: Re: sendmail replacement X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Jan 2010 13:34:09 -0000 On Wed, 13 Jan 2010 07:44, serguey-grigoriev@ wrote: > > > 13.01.10, 11:32, "Matthew Seaman" : > >> S.N.Grigoriev wrote: >> >> > I would like to know if there is a way to completely >> > replace the base sendmail with a ports one. The goal >> > is to have corresponding files on the traditional places >> > (not in /usr/local) and to use the system sendmail >> > startup script but not /usr/local/etc/rc.d/sendmail.sh. >> >> That's not the usual approach with sendmail, unlike several other software packages. >> >> Because of the existence of mailer.conf(5) you can achieve equivalent >> functionality without overwriting the base system sendmail. With the >> following contents: >> >> % cat /etc/mail/mailer.conf >> # $FreeBSD: src/etc/mail/mailer.conf,v 1.3.36.1 2009/08/03 08:13:06 kensmith Exp $ >> # >> # Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail >> # >> sendmail /usr/local/sbin/sendmail >> send-mail /usr/local/sbin/sendmail >> mailq /usr/local/sbin/sendmail >> newaliases /usr/local/sbin/sendmail >> hoststat /usr/local/sbin/sendmail >> purgestat /usr/local/sbin/sendmail >> >> all sendmail related commands are mapped onto the ports version of sendmail, >> installed under LOCALBASE=/usr/local as usual. These commands are in fact >> exactly the same wrapper scripts as used with the system sendmail. With this >> setup it is not necessary to use the init script provided by the sendmail port: >> simply adding >> >> sendmail_enable="YES" >> >> to /etc/rc.conf will now cause the ports version of sendmail to be started >> using /etc/rc.d/sendmail. In addition, the following entries in /etc/make.conf >> will allow rebuild sendmail configurations and db maps using the Makefile in >> /etc/mail: >> >> WITH_SENDMAIL_PORT= yes >> SENDMAIL_CF_DIR= /usr/local/share/sendmail/cf >> MAKEMAP= /usr/local/sbin/makemap >> >> Finally, adding >> >> WITHOUT_SENDMAIL=yes >> >> to /etc/src.conf will suppress building sendmail as part of the base system, >> while still building and installing the mailwrapper commands. >> >> Cheers, >> >> Matthew >> >> > > Matthew, > > I thank you for your response. All you wrote is quite right. > But it is a general rule not to use in the system two sets > of slightly different programs with duplicating names. It is > a direct way to have problems. > > For example, all third party scripts should be revised to check > absolute pathes, program search results becomes depending > of the PATH value, and so on. > If all third party scripts and they are using absolute path names then they should not need to be revised at all. This is effectively what mailer.conf does. /usr/sbin/sendmail continues to use mailer.conf which wraps what you have set in there. So no matter whether they call /usr/sbin/sendmail or /usr/local/sbin/sendmail they will still be getting the same results after your install of the ports sendmail. So really what is the exact problem ? I can understand from a security standpoint why you would want to have less software on your systems but to blame it on third party scripts is irrelevant. > It is relatively easy to do such revisions on a small home system. > But a production server with significant amount of third party software > will require a lot of time to do that job. > > To my mind it will be better to have an options in the port Makefile > allowing to replace the sendmail files in place. > > -- Wed Jan 13 08:27:21 2010 It may not be able to take your machine down, but it can fill up your Internet Pipe. jhell