auditdistd (distributed audit daemon) to the build:
- Manual cross references
- Makefile for auditdistd
- rc.d script, rc.conf entrie
- New group and user for auditdistd; associated aliases, etc.
The audit trail distribution daemon provides reliable,
cryptographically protected (and sandboxed) delivery of audit tails
from live clients to audit server hosts in order to both allow
centralised analysis, and improve resilience in the event of client
compromises: clients are not permitted to change trail contents
after submission.
Submitted by: pjd
Sponsored by: The FreeBSD Foundation (auditdistd)
`hostname`.submit.mc which is templated from freebsd.submit.mc if the
default file does not exist. This makes the building of the submit.cf
behavior identical to that of the the sendmail.cf.
PR: 44256
Submitted by: Matt Emmerton <matt@gsicomp.on.ca>
MFC after: 5 days
permissions to use for alias and map database files built by
/etc/mail/Makefile. The default is 0640 to assist users in avoiding
a file locking local denial of service.
MFC after: 1 day
pending RE approval
Apparently binding only to 127.0.0.1 inside of a jail actually binds
to the jail IP address as well (in effect, bind to all available
interfaces in the jail).
Submitted by: Helge Oldach <test-smtp@oldach.net>
MFC after: 1 day
pending RE approval
the .mc file used for /etc/mail/submit.cf. By default,
/etc/mail/freebsd.submit.mc is installed and used.
Requested by: fenner
Submitted by: ume
MFC after: 1 week
again."
As an alternative to sendmail_enable=NONE, solve the boot time problem
for non-sendmail users completely by moving all of the sendmail startup
code from /etc/rc to /etc/rc.sendmail. The source for that script will
be kept in src/etc/sendmail/rc.sendmail so make.conf's NO_SENDMAIL will
prevent it from being installed. A new rc.conf variable,
mta_start_script specifies the script to run to start the user's
preferred MTA. For backward compatibility, it will default to
/etc/rc.sendmail. The specified script is called out of /etc/rc after
checking to make sure it exists. A new rc.sendmail.8 man page has also
been added which now houses the sendmail_* variable descriptions
formerly in rc.conf.5.
Use /etc/rc.sendmail in /etc/mail/Makefile to reduce code duplication.
Reviewed by: -current, -stable, obrien, peter, ru
MFC after: 1 week
logic and added a new set of targets for controlling the MSP queue runner
(start-mspq, stop-mspq, and restart-mspq).
Reminded by: Mark Santcroos <marks@ripe.net>
MFC after: 1 week
works and ways to work around common problems people might have.
Include information on reverting to a set-user-ID root sendmail binary in
case anyone really needs to do this.
install /etc/mail/sendmail.cf to /etc/mail/sendmail.cf and exits with an
error:
===> etc/sendmail
install -c -o root -g wheel -m 644 /etc/mail/sendmail.cf /etc/mail/sendmail.cf
install: /etc/mail/sendmail.cf and /etc/mail/sendmail.cf are the same file
*** Error code 64
Catch this in the Makefile and don't call install if the source and target
are the same file.
Reported by: Alexandr Listopad <laa@reis.zp.ua>
MFC after: 1 week
building a .cf file from a .mc file.
Include -D_FFR_TLS_O_T to enable tls policy control since the sendmail binary
build enables that FFR as well.
PR: conf/28361
MFC after: 1 week
is not set. This allows admins to create a per-machine configuration file
while leaving the freebsd.mc template pristine. Provide a rule to create
`hostname`.mc from freebsd.mc if it doesn't exist.
PR: misc/26299
MFC after: 8 days
+ Add support for the new SENDMAIL_MC make.conf knob
+ Add the ability to build .cf files from .mc files
+ Generalize map rebuilding
+ Add the ability to rebuild the aliases file
+ Add the ability to stop, start, and restart sendmail
PR: bin/13759, bin/19897, bin/24397