Fedora 10 - Boot Analysis
Les Mikesell
lesmikesell at gmail.com
Thu Dec 18 16:21:07 UTC 2008
Jeff Spaleta wrote:
> On Thu, Dec 18, 2008 at 5:27 AM, Steve Grubb <sgrubb at redhat.com> wrote:
>> We ran into a problem doing the LSPP evaluation with regards to email. Of all
>> the packages listed, the only one that really mattered for security was cron.
>> So, what we did was patched cron to be able to take an argument, -m, to
>> define the mail delivery agent. It could be a shell script, procmail, or
>> anything you wanted to take the cron output and move it into the local spool
>> dir. Would using this solve the problems being debated here? (And since cron
>> can take a mail agent argument, it should not have a hard requirement for
>> sendmail.)
>
> How would you expose the option to use the argument for a local admin?
> Having them edit the service file in init.d seems inappropriate. Would
> you expose it in an etc/sysconfig/ file to be parsed at service
> script start?
That just seems like the wrong place to short-circuit an existing good
general solution. If you want root's mail to go somewhere else, use
aliases or .procmailrc. If you want to splat text onto a screen on the
odd chance that someone who cares happens to be watching, add a program
that takes a message on a pipe and does that, and use the existing
mechanisms to run it. Or add one that alerts for mailbox deliveries.
But don't break the well-designed ability to send to multiple
destinations, including local and non-local for the people who actually
do want the messages.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-devel-list
mailing list