NAME

spawn - Postfix external command spawner

SYNOPSIS


ssppaawwnn [generic Postfix daemon options] command_attributes...

DESCRIPTION

The ssppaawwnn(8) daemon provides the Postfix equivalent of iinneettdd. It listens on a port as specified in the Postfix mmaasstteerr..ccff file and spawns an external command whenever a connection is established. The connection can be made over local IPC (such as UNIX-domain sockets) or over non-local IPC (such as TCP sockets). The command´s standard input, output and error streams are connected directly to the communication endpoint.

This daemon expects to be run from the mmaasstteerr(8) process manager.

COMMAND ATTRIBUTE SYNTAX



The external command attributes are given in the mmaasstteerr..ccff
file at the end of a service definition.  The syntax is as follows:
uusseerr=_u_s_e_r_n_a_m_e (required)
uusseerr=_u_s_e_r_n_a_m_e:_g_r_o_u_p_n_a_m_e The external command is executed with the rights of the
specified _u_s_e_r_n_a_m_e. The software refuses to execute commands with root privileges, or with the privileges of the mail system owner. If _g_r_o_u_p_n_a_m_e is specified, the corresponding group ID is used instead of the group ID of _u_s_e_r_n_a_m_e.
aarrggvv=_c_o_m_m_a_n_d... (required) The command to be executed. This must be specified as the
last command attribute. The command is executed directly, i.e. without interpretation of shell meta characters by a shell command interpreter.

BUGS

In order to enforce standard Postfix process resource controls, the ssppaawwnn(8) daemon runs only one external command at a time. As such, it presents a noticeable overhead by wasting precious process resources. The ssppaawwnn(8) daemon is expected to be replaced by a more structural solution.

DIAGNOSTICS

The ssppaawwnn(8) daemon reports abnormal child exits. Problems are logged to ssyyssllooggdd(8).

SECURITY



This program needs root privilege in order to execute external
commands as the specified user. It is therefore security sensitive.
However the ssppaawwnn(8) daemon does not talk to the external command
and thus is not vulnerable to data-driven attacks.

CONFIGURATION PARAMETERS



Changes to mmaaiinn..ccff are picked up automatically as ssppaawwnn(8)
processes run for only a limited amount of time. Use the command
"ppoossttffiixx rreellooaadd" to speed up a change.
        

The text below provides only a parameter summary. See ppoossttccoonnff(5) for more details including examples.

In the text below, _t_r_a_n_s_p_o_r_t is the first field of the entry in the mmaasstteerr..ccff file.

RESOURCE AND RATE CONTROL



_t_r_a_n_s_p_o_r_t__ttiimmee__lliimmiitt (($$ccoommmmaanndd__ttiimmee__lliimmiitt)) The amount of time the command is allowed to run before it is
terminated.

Postfix 2.4 and later support a suffix that specifies the time unit: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is seconds.

MISCELLANEOUS



ccoonnffiigg__ddiirreeccttoorryy ((sseeee ''ppoossttccoonnff --dd'' oouuttppuutt)) The default location of the Postfix main.cf and master.cf
configuration files.
ddaaeemmoonn__ttiimmeeoouutt ((1188000000ss)) How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
eexxppoorrtt__eennvviirroonnmmeenntt ((sseeee ''ppoossttccoonnff --dd'' oouuttppuutt)) The list of environment variables that a Postfix process will export
to non-Postfix processes.
iippcc__ttiimmeeoouutt ((33660000ss)) The time limit for sending or receiving information over an internal
communication channel.
mmaaiill__oowwnneerr ((ppoossttffiixx)) The UNIX system account that owns the Postfix queue and most Postfix
daemon processes.
mmaaxx__iiddllee ((110000ss)) The maximum amount of time that an idle Postfix daemon process waits
for an incoming connection before terminating voluntarily.
mmaaxx__uussee ((110000)) The maximal number of incoming connections that a Postfix daemon
process will service before terminating voluntarily.
pprroocceessss__iidd ((rreeaadd--oonnllyy)) The process ID of a Postfix command or daemon process.
pprroocceessss__nnaammee ((rreeaadd--oonnllyy)) The process name of a Postfix command or daemon process.
qquueeuuee__ddiirreeccttoorryy ((sseeee ''ppoossttccoonnff --dd'' oouuttppuutt)) The location of the Postfix top-level queue directory.
ssyysslloogg__ffaacciilliittyy ((mmaaiill)) The syslog facility of Postfix logging.
ssyysslloogg__nnaammee ((sseeee ''ppoossttccoonnff --dd'' oouuttppuutt)) The mail system name that is prepended to the process name in syslog
records, so that "smtpd" becomes, for example, "postfix/smtpd".

SEE ALSO


postconf(5), configuration parameters
master(8), process manager
syslogd(8), system logging

LICENSE



The Secure Mailer license must be distributed with this software.

AUTHOR(S)


Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA