Date: Fri, 7 Apr 2017 22:19:38 -0400 From: Jim Ohlstein <jim@ohlste.in> To: byrnejb@harte-lyne.ca Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD-11 OpenDKIM uid and gid Message-ID: <725756aa-6fab-1c68-ab1c-8d903b9cdc6a@ohlste.in> In-Reply-To: <a8aec87a5f6602e469a394ca04c1a4d3.squirrel@webmail.harte-lyne.ca> References: <a8aec87a5f6602e469a394ca04c1a4d3.squirrel@webmail.harte-lyne.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, On 4/7/17 1:04 PM, James B. Byrne via freebsd-questions wrote: > I am configuring a replacement MX service in a FreeBSD jail. I have > installed the Postfix and OpenDKIM packages (among others). The > configuration file for OpenDKIM differs somewhat from the version I > use on CentOS-6 but the problem I have is with a setting common to > both: UserID. > > In the CentOS version the setting is: > > UserID opendkim:opendkim > > and on CentOS hosts with OpenDKIM installed /etc/passwd contains this: > > opendkim:x:488:488:OpenDKIM Milter:/var/run/opendkim:/sbin/nologin > > But the version of OpenDKIM I have on FreeBSD creates no entry for a > user named opendkim in /etc/passwd when the package is installed. My > question is therefore: What username should I use? Do I create a user > named opendkim? And a similarly named group as well? Or is this > setting superfluous? > > It's up to you. I only use Postfix/OpenDKIM with Mailman (Mailman and Postfix just work so well together), so I don't have a lot of experience with that combination. Looking at my setup I have added an unprivileged user "opendkim" to the "mail" group, with a home directory of /var/db/opendkim. That directory, incidentally, is where I store the private key, in a file with 600 permissions. I then run OpenDKIM under that user with the following in /etc/rc.conf: milteropendkim_enable="YES" milteropendkim_uid="opendkim" You can find more info as to runtime variables in: /usr/local/etc/rc.d/milter-opendkim -- Jim Ohlstein "Never argue with a fool, onlookers may not be able to tell the difference." - Mark Twain
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?725756aa-6fab-1c68-ab1c-8d903b9cdc6a>