diff options
| author | gshapiro <gshapiro@FreeBSD.org> | 2002-05-24 01:46:39 +0000 |
|---|---|---|
| committer | gshapiro <gshapiro@FreeBSD.org> | 2002-05-24 01:46:39 +0000 |
| commit | f6c55bbe1c2e913e94ff3b086b19f63cb9cc8a60 (patch) | |
| tree | 4924184f56b59988e34a4cdbd80af77808474832 | |
| parent | d71c35a87e20c1124674a76428a1db37c2c22f0b (diff) | |
| download | FreeBSD-src-f6c55bbe1c2e913e94ff3b086b19f63cb9cc8a60.zip FreeBSD-src-f6c55bbe1c2e913e94ff3b086b19f63cb9cc8a60.tar.gz | |
Add a new make.conf knob, SENDMAIL_MAP_PERMS, which specifies the
permissions to use for alias and map database files built by
/etc/mail/Makefile. The default is 0640 to assist users in avoiding
a file locking local denial of service.
MFC after: 1 day
pending RE approval
| -rw-r--r-- | etc/mail/Makefile | 6 | ||||
| -rw-r--r-- | share/examples/etc/make.conf | 5 | ||||
| -rw-r--r-- | share/man/man5/make.conf.5 | 5 |
3 files changed, 16 insertions, 0 deletions
diff --git a/etc/mail/Makefile b/etc/mail/Makefile index 8a5a7ff..1212cf9 100644 --- a/etc/mail/Makefile +++ b/etc/mail/Makefile @@ -101,6 +101,9 @@ SENDMAIL?= /usr/sbin/sendmail MAKEMAP?= /usr/sbin/makemap M4?= /usr/bin/m4 +# Permissions for generated maps +SENDMAIL_MAP_PERMS?= 0640 + # Set a reasonable default .MAIN: all @@ -134,10 +137,12 @@ ${_f}: ${_f}.sample ${_f}.db: ${_f} ${MAKEMAP} ${SENDMAIL_MAP_TYPE} ${.TARGET} < ${.OODATE} + chmod ${SENDMAIL_MAP_PERMS} ${.TARGET} .endfor userdb.db: userdb ${MAKEMAP} btree ${.TARGET} < ${.OODATE} + chmod ${SENDMAIL_MAP_PERMS} ${.TARGET} # @@ -160,6 +165,7 @@ M4FILES!= find ${SENDMAIL_CF_DIR} -type f -name '*.m4' -print # ${SENDMAIL_ALIASES}.db: ${SENDMAIL_ALIASES} ${SENDMAIL} -bi + chmod ${SENDMAIL_MAP_PERMS} ${.TARGET} # # ------------------------------------------------------------------------ diff --git a/share/examples/etc/make.conf b/share/examples/etc/make.conf index eade21b..db08016 100644 --- a/share/examples/etc/make.conf +++ b/share/examples/etc/make.conf @@ -301,3 +301,8 @@ # information. # #SENDMAIL_SET_USER_ID= +# +# The permissions to use on alias and map databases generated using +# /etc/mail/Makefile. Defaults to 0640. +# +#SENDMAIL_MAP_PERMS= diff --git a/share/man/man5/make.conf.5 b/share/man/man5/make.conf.5 index 47050d64..d9fefa5 100644 --- a/share/man/man5/make.conf.5 +++ b/share/man/man5/make.conf.5 @@ -567,6 +567,11 @@ and do not install Use of this flag is not recommended and the alternative advice in .Pa /etc/mail/README should be followed instead if at all possible. +.It Va SENDMAIL_MAP_PERMS +.Pq Vt str +Mode to use when generating alias and map database files using +.Pa /etc/mail/Makefile . +The default value is 0640. .It Va WANT_FORCE_OPTIMIZATION_DOWNGRADE .Pq Vt int Causes the system compiler to be built such that it forces high optimization |
