From owner-freebsd-stable Wed Sep 4 19:24:41 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 56D8537B484 for ; Wed, 4 Sep 2002 19:24:33 -0700 (PDT) Received: from zircon.seattle.wa.us (sense-sea-CovadSub-0-80.oz.net [216.39.147.80]) by mx1.FreeBSD.org (Postfix) with SMTP id 32A5743E4A for ; Wed, 4 Sep 2002 19:24:32 -0700 (PDT) (envelope-from joe@zircon.seattle.wa.us) Received: (qmail 3380 invoked from network); 5 Sep 2002 02:24:31 -0000 Received: from localhost (127.0.0.1) by localhost with SMTP; 5 Sep 2002 02:24:31 -0000 Subject: Re: NO_SENDMAIL From: Joe Kelsey To: Juha Saarinen Cc: "freebsd-stable@freebsd.org" In-Reply-To: References: Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Ximian Evolution 1.0.8 Date: 04 Sep 2002 19:24:31 -0700 Message-Id: <1031192671.24794.132.camel@zircon.zircon.seattle.wa.us> Mime-Version: 1.0 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, 2002-09-04 at 19:16, Juha Saarinen wrote: > On 4 Sep 2002, Joe Kelsey wrote: > > > In addition to setting > > > > NO_SENDMAIL=true > > > > in /etc/make.conf, you also need to remove the ability to create > > sendmail. I used to have the following in /usr/sup/refuse: > > > > *sendmail* > > > > which *used* to be quite effective at keeping all traces of sendmail out > > of my system. Unfortunately, some misguided soul decided that it wasn't > > enough to simply passively refuse sendmail. They *forced* the inclusion > > of /etc/sendmail.rc in the system startup and also refused to protect > > the inclusion of this idiotic file with the usual .ifdef NO_SENDMAIL > > that populates the rest of the make system. So, now I have to allow the > > presence of this file in my source tree, but I still consistently refuse > > to allow mergemaster to move it in place, since it has no business > > appearing on a non-sendmail system. I am now forced to use the > > following rules in /usr/sup/refuse: > > > > */sendmail* > > */etc/mtree/*sendmail* > > */share/doc/*sendmail* > > Does that get rid of the 'mailnull' and 'smmsp' users too? No. Both of these username entries are meaningless in a non-sendmail system, but they are not harmful, since they have /sbin/nologin as their default shell. There are a number of entries in /etc/master.passwd which are not used on every system. Do you use the xten or uucp or bind usernames? Qmail adds alias, qmaill, qmaild, qmailp, qmailq, qmailr and qmails to your system, but it doesn't hurt anything else. /Joe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message