Previous Section Next Section

DontInitGroups

Don't use initgroups(3) V8.7 and later

Just before executing any delivery agent (including the *include* delivery agent) and just before opening a ~/.forward file, sendmail sets its group and user identities as appropriate. To illustrate, consider the U= equate (U=). If the fax delivery agent has the U= equate set like this:

U=fax:fax

its A= program will be executed by the user fax who is in the group fax. In addition, sendmail calls the initgroups(3) system call to expand the list of groups to which the user belongs. In the case of fax, it might also belong to the groups faxadm and faxusers. The total result is that fax can execute, read, and write any files that have the appropriate group permissions set for any of the groups fax, faxadm, and faxusers.

This versatility, however, has a price. As group files get huge or as nis, nisplus, or hesiod services become slow (probably because they are also large), the initgroups(3) call can start to adversely affect sendmail's performance.

When performance is a concern, the DontInitGroups option can be used to disable initgroups(3):

O DontInitGroups=bool               configuration file (V8.7 and later) 
-ODontInitGroups=bool               command line (V8.7 and later) 
define(`confDONT_INIT_GROUPS',bool) mc configuration (V8.7 and later) 

The argument bool is of type Boolean. If it is missing, the default value is true—don't call initgroups(3). If the entire option is missing, the default value is false—do call initgroups(3). See NO_GROUP_SET for a discussion of how NO_GROUP_SET determines whether this option also affects the getgrgid(3) system call.

The DontInitGroups option is not safe as of V8.8.4. Even if it is specified from the command line, it can cause sendmail to relinquish its special privileges.

    Previous Section Next Section