From nobody Thu Nov 10 06:00:35 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N7B5b4HfJz4f3yn; Thu, 10 Nov 2022 06:00:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4N7B5b3pdcz4H0J; Thu, 10 Nov 2022 06:00:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1668060035; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=YGfEq5xnRwUMaAZHMqeWAVGpMOoBpbQ8e/6L/Htdpfc=; b=EPn5J5LUmQQ9Q+zQhpjVOiPWo9QBVc/R0D9Q3xSHFpiz5dzRaJpZwT2qIelzDHuCy9kzkU QwnxNroCJd8gJowQZgPpLaoRpWflP7zw4p1+Vzzwg+SCDbs+RrjJbLfANG9h2Gbeg9BMrU broaUJF7ZAOULqol7/JOge5k2rrgyvdtnezoMOPKbjF9qUbyL69VNTKpdFLoieQl0wA7DT Oyn5ChmmeOU75Hzs5ay6YiuVgbW6pGEt/lbptfG8FnxSABO0+B3Ym8G2Lka4/BZntz56gP l8kndUQofkD9WAchc7B9JgKx4cbLewMqfd7wmqsG2duWhh7aZUopPAgcEE+C+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1668060035; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=YGfEq5xnRwUMaAZHMqeWAVGpMOoBpbQ8e/6L/Htdpfc=; b=KXS0EqU5N5mdhySBSf5FAkEaMBqmtgMgDuiF6LEqgE4RA1IfjlAIYBnCiaVD3zZII1z/Tr 4EW2dVYXiQBchFII79/7dOCaUehXHe2/4LZgOkeKC5RdMtXOdxZWJ8VCFxrnkUy4CKhSSf EOGVoYcV006vMij9jyNgRw0g21vzXRXiBlZdIsbqJ0EnrUFK7AXM9UaY7t0HYHTmJ261Ov vgiI16IQ3ndz9pKlanY13KgJb2+WBpnHpzJcZHGLOomu/PrrOh8nqFJqGmvIXEuUOT7msz vgMHJdyBAJSupSJCjdnBsgW73iQdg/SySpAgFj2DeB0NM7bxg42zIHwYtghPfA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1668060035; a=rsa-sha256; cv=none; b=ea55s2Xmr2f9b2rzdRBqaLqlhUGE8CkzmkGfKosd08SQfe1V1HPnawUmMLSGQ1DUBwSzmT Jv/3XzvnPmj78iF/khLyCLTybgsdOpWaDMYA61a/wE0WkdqZAqkbZ9QWlC4SYS6mllgfuC zzOtZBLbtviX5OHISFQFfoXgzXRk9rl9IDFotRlnOUmKsSYKZnv82r/X9llhCz9d1EF85m e39iYWl4I1LFtd0Iz9at/3fOlPWhHSdzldv16IVnHu3KicHdo1z+MqTwdxvNvw2uUECJyx XMjBxA3BIkJ/XgCgQ670elDU+6Y3ZxV9+dCZeu2mIZAeusOaA9bYBMD14JFDzw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4N7B5b2vHVzqdv; Thu, 10 Nov 2022 06:00:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2AA60Z2q072803; Thu, 10 Nov 2022 06:00:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2AA60ZPa072802; Thu, 10 Nov 2022 06:00:35 GMT (envelope-from git) Date: Thu, 10 Nov 2022 06:00:35 GMT Message-Id: <202211100600.2AA60ZPa072802@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Baptiste Daroussin Subject: git: d88828148d89 - main - rc.conf: document the sendmail options List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bapt X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: d88828148d893e3d7c747f9331187ec6e44f26bd Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=d88828148d893e3d7c747f9331187ec6e44f26bd commit d88828148d893e3d7c747f9331187ec6e44f26bd Author: Baptiste Daroussin AuthorDate: 2022-11-10 05:59:12 +0000 Commit: Baptiste Daroussin CommitDate: 2022-11-10 06:00:33 +0000 rc.conf: document the sendmail options While here remove the deprecation of the sendmail_enable="NONE" as it has been deprecated for 20 years and never removed --- share/man/man5/rc.conf.5 | 159 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 158 insertions(+), 1 deletion(-) diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5 index dd42375d31c8..33390f77c8f3 100644 --- a/share/man/man5/rc.conf.5 +++ b/share/man/man5/rc.conf.5 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 9, 2022 +.Dd November 10, 2022 .Dt RC.CONF 5 .Os .Sh NAME @@ -4709,6 +4709,162 @@ which means that the script will attempt to unlock all datasets. Define the total number of seconds to wait for the zfskeys script to unlock an encrypted dataset. The default is 10. +.It Va sendmail_enable +.Pq Vt str +If set to +.Dq Li YES , +run the +.Xr sendmail 8 +daemon at system boot time. +If set to +.Dq Li NO , +do not run a +.Xr sendmail 8 +daemon to listen for incoming network mail. +This does not preclude a +.Xr sendmail 8 +daemon listening on the SMTP port of the loopback interface. +The +.Dq Li NONE +option sets each +.Va sendmail_enable , +.Va sendmail_submit_enable , +.Va sendmail_outbound_enable , +.Va sendmail_msp_queue_enable +to +.Dq Li NO . +.It Va sendmail_cert_create +.Pq Vt str +If +.Va sendmail_enable +is set to +.Dq Li YES , +create a signed certificate +.Pa /etc/mail/certs/host.cert +representing +.Pa /etc/mail/certs/host.key +by the CA certificate in +.Pa /etc/mail/certs/cacert.pem . +This will enable connecting hosts to negotiate STARTTLS allowing incoming +email to be encrypted in transit. +.Xr sendmail 8 +needs to be configured to use these generated files. +The default configuration in +.Pa /etc/mail/freebsd.mc +has the required options in it. +.It Va sendmail_cert_cn +.Pq Vt str +If +.Va sendmail_enable +is set to +.Dq Li YES +and +.Va sendmail_cert_create +is set to +.Dq Li YES , +this is the Common Name (CN) of the certificate that will be created. +If +.Va sendmail_cert_cn +is not set, the system's hostname will be used. +If there is no hostname set, +.Dq Li amnesiac +will be used. +.It Va sendmail_flags +.Pq Vt str +If +.Va sendmail_enable +is set to +.Dq Li YES , +these are the flags to pass to the +.Xr sendmail 8 +daemon. +.It Va sendmail_submit_enable +.Pq Vt bool +If set to +.Dq Li YES +and +.Va sendmail_enable +is set to +.Dq Li NO , +run +.Xr sendmail 8 +using +.Va sendmail_submit_flags +instead of +.Va sendmail_flags . +This is intended to allow local mail submission via +a localhost-only listening SMTP service required for running +.Xr sendmail 8 +as a non-set-user-ID binary. +Note that this does not work inside +.Xr jail 2 +systems, as jails do not allow binding to just the localhost interface. +.It Va sendmail_submit_flags +.Pq Vt str +If +.Va sendmail_enable +is set to +.Dq Li NO +and +.Va sendmail_submit_enable +is set to +.Dq Li YES , +these are the flags to pass to the +.Xr sendmail 8 +daemon. +.It Va sendmail_outbound_enable +.Pq Vt bool +If set to +.Dq Li YES +and both +.Va sendmail_enable +and +.Va sendmail_submit_enable +are set to +.Dq Li NO , +run +.Xr sendmail 8 +using +.Va sendmail_outbound_flags +instead of +.Va sendmail_flags . +This is intended to allow local mail queue management +for systems that do not offer a listening SMTP service. +.It Va sendmail_outbound_flags +.Pq Vt str +If both +.Va sendmail_enable +and +.Va sendmail_submit_enable +are set to +.Dq Li NO +and +.Va sendmail_outbound_enable +is set to +.Dq Li YES , +these are the flags to pass to the +.Xr sendmail 8 +daemon. +.It Va sendmail_msp_queue_enable +.Pq Vt bool +If set to +.Dq Li YES , +start a client (MSP) queue runner +.Xr sendmail 8 +daemon at system boot time. +As of sendmail 8.12, a separate queue is used for command line +submissions. +The client queue runner ensures that nothing is +left behind in the submission queue. +.It Va sendmail_msp_queue_flags +.Pq Vt str +If +.Va sendmail_msp_queue_enable +is set to +daemon. +.Dq Li YES , +these are the flags to pass to the +.Xr sendmail 8 .El .Sh FILES .Bl -tag -width "/etc/defaults/rc.conf" -compact @@ -4808,6 +4964,7 @@ The default is 10. .Xr rwhod 8 , .Xr savecore 8 , .Xr sdpd 8 , +.Xr sendmail 8 , .Xr service 8 , .Xr sshd 8 , .Xr swapon 8 ,