Table 10-1 shows recommended permissions and ownerships.
Table 10-1 shows the recommended ownerships
and
permissions for all the files and directories in the
sendmail
system. The path components will vary
depending on the vendor version of sendmail
you
are running. For example, while we might show the
/usr/sbin/sendmail
path, your site might use
/usr/lib/sendmail
, or even
/usr/lib/mail/sendmail
.
In the “Owner” column of Table 10-1, the owner is indicated with a
root
, a T
, an
R
, or some combination thereof. A
T
means the owner can be the user listed with the
TrustedUser
option
(24.9.112[3ed]). An R
means the owner must be the one specified by the
RunAsUser
option
(24.9.94[3ed]) if that option was
specified. We show :group
when the group is
important.
Table 10-1. Recommended permissions for V8.12 and above
Path |
Type |
Owner |
Octal mode |
ls(1) mode |
---|---|---|---|---|
/ |
Directory |
|
0755 |
|
/usr |
Directory |
|
0755 |
|
/usr/sbin[a] |
Directory |
|
0755 |
|
/usr/sbin/sendmail |
File |
|
2555 |
|
/etc |
Directory |
|
0755 |
|
/etc/mail |
Directory |
|
0755 |
|
/etc/mail/sendmail.cf |
File |
|
0644 or 0640 |
|
/etc/mail/statistics |
File |
|
0600 |
|
/etc/mail/helpfile |
File |
|
0444 |
|
/etc/mail/aliases |
File |
|
0640 |
|
/etc/mail/aliases.pag |
File |
|
0640 |
|
/etc/mail/aliases.dir |
File |
|
0640 |
|
/etc/mail/aliases.db |
File |
|
0640 |
|
F/path[c] |
Directory |
|
0755 |
|
/var |
Directory |
|
0755 |
|
/var/spool |
Directory |
|
0755 |
|
/var/spool/mqueue |
Directory |
|
0700[d] |
|
/var/spool/clientmqueue |
Directory |
|
0770 |
|
:include:/path |
Directories |
|
0755 |
|
:include:/path/list |
File |
n/a |
0644 |
|
[a] The sendmail program sometimes lives in /usr/lib or in some other directory. If so, adjust this path accordingly. [b] As of V8.12,
[c] The F configuration command reads a class from a file. [d] CERT (Computing Emergency Response Team) and the
|
54.198.146.13