From owner-freebsd-stable@FreeBSD.ORG Thu Mar 15 10:35:54 2007 Return-Path: X-Original-To: freebsd-stable@FreeBSD.ORG Delivered-To: freebsd-stable@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0EAE616A400 for ; Thu, 15 Mar 2007 10:35:54 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [83.120.8.8]) by mx1.freebsd.org (Postfix) with ESMTP id 8C2F313C45E for ; Thu, 15 Mar 2007 10:35:53 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (clejqd@localhost [127.0.0.1]) by lurza.secnetix.de (8.13.4/8.13.4) with ESMTP id l2FAZkNs097747 for ; Thu, 15 Mar 2007 11:35:51 +0100 (CET) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.13.4/8.13.1/Submit) id l2FAZjKa097746; Thu, 15 Mar 2007 11:35:45 +0100 (CET) (envelope-from olli) Date: Thu, 15 Mar 2007 11:35:45 +0100 (CET) Message-Id: <200703151035.l2FAZjKa097746@lurza.secnetix.de> From: Oliver Fromme To: freebsd-stable@FreeBSD.ORG X-Newsgroups: list.freebsd-stable User-Agent: tin/1.8.2-20060425 ("Shillay") (UNIX) (FreeBSD/4.11-STABLE (i386)) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.2 (lurza.secnetix.de [127.0.0.1]); Thu, 15 Mar 2007 11:35:52 +0100 (CET) Cc: Subject: Making /var/mail mode 1777 (was Re: Installing sendmail SUID installworld suggestion) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-stable@FreeBSD.ORG List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Mar 2007 10:35:54 -0000 Joel Hatton wrote: > When sendmail is set to SUID in /etc/make.conf with SENDMAIL_SET_USER_ID=y, > it would be very helpful if installworld could also rename (or, to be > consistent with /etc/mail/README, remove) /etc/mail/submit.cf. This is > pretty trivial, but I seem to burn myself every time I rebuild a particular > system with this option set by forgetting that submit.cf gets recreated > during the install. On a related note ... On several machines I need to be able to have dot-locks for mail folders in /var/mail, which is only possible if that directory is world-writable (i.e. mode 1777). I certainly don't want to make all MUAs and other programs that access the directory setgid mail. However, upon each upgrade, "make installworld" resets the directory to mode 775. What's the best way to prevent that? I tried editing the appropriate mtree file, but that feels like a hack rather than a clean solution. Comments? How do others handle that situation? Best regards Oliver PS: I'm running RELENG_6. -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd Passwords are like underwear. You don't share them, you don't hang them on your monitor or under your keyboard, you don't email them, or put them on a web site, and you must change them very often.