xref: /netbsd-src/external/ibm-public/postfix/dist/html/spawn.8.html (revision b1c86f5f087524e68db12794ee9c3e3da1ab17a0) 
1<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
2        "http://www.w3.org/TR/html4/loose.dtd">
3<html> <head>
4<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
5<title> Postfix manual - spawn(8) </title>
6</head> <body> <pre>
7SPAWN(8)                                                              SPAWN(8)
8
9<b>NAME</b>
10       spawn - Postfix external command spawner
11
12<b>SYNOPSIS</b>
13       <b>spawn</b> [generic Postfix daemon options] command_attributes...
14
15<b>DESCRIPTION</b>
16       The  <a href="spawn.8.html"><b>spawn</b>(8)</a>  daemon  provides  the Postfix equivalent of
17       <b>inetd</b>.  It listens on a port as specified in  the  Postfix
18       <a href="master.5.html"><b>master.cf</b></a>  file  and spawns an external command whenever a
19       connection is established.  The  connection  can  be  made
20       over  local IPC (such as UNIX-domain sockets) or over non-
21       local IPC (such as TCP sockets).  The  command's  standard
22       input,  output and error streams are connected directly to
23       the communication endpoint.
24
25       This daemon expects to be run from the  <a href="master.8.html"><b>master</b>(8)</a>  process
26       manager.
27
28<b>COMMAND ATTRIBUTE SYNTAX</b>
29       The external command attributes are given in the <a href="master.5.html"><b>master.cf</b></a>
30       file at the end of a service definition.  The syntax is as
31       follows:
32
33       <b>user</b>=<i>username</i> (required)
34
35       <b>user</b>=<i>username</i>:<i>groupname</i>
36              The external command is executed with the rights of
37              the specified <i>username</i>.  The  software  refuses  to
38              execute  commands with root privileges, or with the
39              privileges of the mail system owner.  If  <i>groupname</i>
40              is  specified,  the  corresponding group ID is used
41              instead of the group ID of <i>username</i>.
42
43       <b>argv</b>=<i>command</i>... (required)
44              The command to be executed. This must be  specified
45              as the last command attribute.  The command is exe-
46              cuted  directly,  i.e.  without  interpretation  of
47              shell  meta  characters  by  a shell command inter-
48              preter.
49
50<b>BUGS</b>
51       In order to enforce standard Postfix process resource con-
52       trols,  the <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon runs only one external command
53       at a time.  As such, it presents a noticeable overhead  by
54       wasting precious process resources. The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon is
55       expected to be replaced by a more structural solution.
56
57<b>DIAGNOSTICS</b>
58       The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon reports abnormal child  exits.   Prob-
59       lems are logged to <b>syslogd</b>(8).
60
61<b>SECURITY</b>
62       This  program  needs  root  privilege  in order to execute
63       external commands as the specified user. It  is  therefore
64       security  sensitive.  However the <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon does not
65       talk to the external command and thus is not vulnerable to
66       data-driven attacks.
67
68<b>CONFIGURATION PARAMETERS</b>
69       Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically as <a href="spawn.8.html"><b>spawn</b>(8)</a>
70       processes run for only a limited amount of time.  Use  the
71       command "<b>postfix reload</b>" to speed up a change.
72
73       The  text  below  provides  only  a parameter summary. See
74       <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
75
76       In the text below, <i>transport</i> is the  first  field  of  the
77       entry in the <a href="master.5.html"><b>master.cf</b></a> file.
78
79<b>RESOURCE AND RATE CONTROL</b>
80       <b><a href="postconf.5.html#transport_time_limit"><i>transport</i>_time_limit</a> ($<a href="postconf.5.html#command_time_limit">command_time_limit</a>)</b>
81              The  amount  of  time the command is allowed to run
82              before it is terminated.
83
84              Postfix 2.4 and later support a suffix that  speci-
85              fies  the  time  unit:  s (seconds), m (minutes), h
86              (hours), d (days), w (weeks). The default time unit
87              is seconds.
88
89<b>MISCELLANEOUS</b>
90       <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
91              The  default  location  of  the Postfix <a href="postconf.5.html">main.cf</a> and
92              <a href="master.5.html">master.cf</a> configuration files.
93
94       <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
95              How much time a Postfix daemon process may take  to
96              handle  a  request  before  it  is  terminated by a
97              built-in watchdog timer.
98
99       <b><a href="postconf.5.html#export_environment">export_environment</a> (see 'postconf -d' output)</b>
100              The list of environment variables  that  a  Postfix
101              process will export to non-Postfix processes.
102
103       <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
104              The time limit for sending or receiving information
105              over an internal communication channel.
106
107       <b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
108              The UNIX system account that owns the Postfix queue
109              and most Postfix daemon processes.
110
111       <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
112              The  maximum  amount  of  time that an idle Postfix
113              daemon process waits  for  an  incoming  connection
114              before terminating voluntarily.
115
116       <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
117              The  maximal  number of incoming connections that a
118              Postfix daemon process will service  before  termi-
119              nating voluntarily.
120
121       <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
122              The  process  ID  of  a  Postfix  command or daemon
123              process.
124
125       <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
126              The process name of a  Postfix  command  or  daemon
127              process.
128
129       <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
130              The  location of the Postfix top-level queue direc-
131              tory.
132
133       <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
134              The syslog facility of Postfix logging.
135
136       <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
137              The mail system  name  that  is  prepended  to  the
138              process  name  in  syslog  records, so that "smtpd"
139              becomes, for example, "postfix/smtpd".
140
141<b>SEE ALSO</b>
142       <a href="postconf.5.html">postconf(5)</a>, configuration parameters
143       <a href="master.8.html">master(8)</a>, process manager
144       syslogd(8), system logging
145
146<b>LICENSE</b>
147       The Secure Mailer license must be  distributed  with  this
148       software.
149
150<b>AUTHOR(S)</b>
151       Wietse Venema
152       IBM T.J. Watson Research
153       P.O. Box 704
154       Yorktown Heights, NY 10598, USA
155
156                                                                      SPAWN(8)
157</pre> </body> </html>
158