F20 - Unintended consequences of no default MTA - How best to fix
Ed Greshko
Ed.Greshko at greshko.com
Tue Dec 31 02:50:46 UTC 2013
On 12/31/13 10:14, Suvayu Ali wrote:
> On Mon, Dec 30, 2013 at 08:06:37PM -0500, Robert Moskowitz wrote:
>> I can see why the securities boundary issue means that a secure process with
>> elevated privledges has to do the writing to /var/mail, and mailx does not
>> run as such. Thus we need a real MTA for this purpose and choose sendmail
>> or postfix.
> All that is fine, and I follow the reasoning. But saying mailx cannot
> do the job is contradictory to Frank's experience in the original
> thread. I would like to know what is the bit that makes Frank's setup
> work so that I can replicate it on my less powerful machines.
>
First of all, let me reiterate one thing. "sendmail" does not do local delivery by itself. It relies on another program to do this. In the default configuration (sendmail.mc) on Fedora it is defined to use procmail for local delivery.
Now, if you (pl) would do a bit of man page reading you'd find in "man crond"....
-m This option allows you to specify a shell command to use for
sending Cron mail output instead of using sendmail(8) This com‐
mand must accept a fully formatted mail message (with headers) on
standard input and send it as a mail message to the recipients
specified in the mail headers. Specifying the string off (i.e.,
crond -m off) will disable the sending of mail.
So, you can edit /etc/sysconfig/crond to contain....
CRONDARGS=-m/bin/procmail
systemctl restart crond.service
Now, the only "problem" is that procmail cannot initially create files in /var/mail. So, to get this to work you'll need to do, as root....
touch /var/mail/username
chown username:mail /var/mail/username
I know this works with procmail but not sure about mailx. You can certainly test....
So, you don't need sendmail. procmail will do just fine.
--
Getting tired of non-Fedora discussions and self-serving posts
More information about the users
mailing list