On Thu, February 21, 2008 4:28 pm, Brent Spencer wrote: > The tmda-ofmipd "Global mode" section at > http://wiki.tmda.net/TmdaOfmipdHowto#head-2277ea3bc4f06c43e0874f793cb96c57f8881490 > mentions "Invoke tmda-ofmipd under the root account...". I have found > that tmda-ofmipd will only properly work if I'm logged in as root and run > it in the foreground. When I'm logged in as root and execute "service > start tmda-ofmipd", the process starts and is owned by the "tofmipd" user. > Does anyone know what needs to be done to allow tmda-ofmipd to > successfully process requests when not running in the foreground? Any > help is greatly appreciated.
You need to start tmda-ofmipd as root so that it can later change UIDs to the actual user that connects. However, the code actually spends a lot of time running at the todmipd user, as a basic security protection. Pretty much all daemon applications work this way. So, yes, you may need to allow the tofmipd user to read some TMDA global configuration files etc. Also, if you're using virtual users, you need to ensure you've told tmda-ofmipd how to map SMTP login IDs to Unix user IDs, so tmda-ofmipd can read user's config files, etc. _____________________________________________ tmda-users mailing list ([email protected]) http://tmda.net/lists/listinfo/tmda-users
