<html> <head> </head> <body> <pre> SPAWN(8) SPAWN(8) <b>NAME</b> spawn - Postfix external command spawner <b>SYNOPSIS</b> <b>spawn</b> [generic Postfix daemon options] command_attributes... <b>DESCRIPTION</b> The <b>spawn</b> daemon provides the Postfix equivalent of <b>inetd</b>. It listens on a port as specified in the Postfix <b>master.cf</b> file and spawns an external command whenever a connection is established. The connection can be made over local IPC (such as UNIX-domain sockets) or over non-local IPC (such as TCP sockets). The command's standard input, output and error streams are connected directly to the communication endpoint. This daemon expects to be run from the <a href="master.8.html"><b>master</b>(8)</a> process manager. <b>COMMAND</b> <b>ATTRIBUTE</b> <b>SYNTAX</b> The external command attributes are given in the <b>master.cf</b> file at the end of a service definition. The syntax is as follows: <b>user</b>=<i>username</i> (required) <b>user</b>=<i>username</i>:<i>groupname</i> The external command is executed with the rights of the specified <i>username</i>. The software refuses to execute commands with root privileges, or with the privileges of the mail system owner. If <i>groupname</i> is specified, the corresponding group ID is used instead of the group ID of of <i>username</i>. <b>argv</b>=<i>command</i>... (required) The command to be executed. This must be specified as the last command attribute. The command is exe- cuted directly, i.e. without interpretation of shell meta characters by a shell command inter- preter. <b>BUGS</b> In order to enforce standard Postfix process resource con- trols, the <b>spawn</b> daemon runs only one external command at a time. As such, it presents a noticeable overhead by wasting precious process resources. The <b>spawn</b> daemon is expected to be replaced by a more structural solution. <b>DIAGNOSTICS</b> The <b>spawn</b> daemon reports abnormal child exits. Problems are logged to <b>syslogd</b>(8). <b>SECURITY</b> This program needs root privilege in order to execute external commands as the specified user. It is therefore security sensitive. However the <b>spawn</b> daemon does not talk to the external command and thus is not vulnerable to data-driven attacks. <b>CONFIGURATION</b> <b>PARAMETERS</b> The following <b>main.cf</b> parameters are especially relevant to this program. See the Postfix <b>main.cf</b> file for syntax details and for default values. Use the <b>postfix</b> <b>reload</b> command after a configuration change. <b>Miscellaneous</b> <b>export</b><i>_</i><b>environment</b> List of names of environment parameters that can be exported to non-Postfix processes. <b>mail</b><i>_</i><b>owner</b> The process privileges used while not running an external command. <b>Resource</b> <b>control</b> <i>service_</i><b>command</b><i>_</i><b>time</b><i>_</i><b>limit</b> The amount of time the command is allowed to run before it is killed with force. The <i>service</i> name is the name of the entry in the <b>master.cf</b> file. The default time limit is given by the global <b>com-</b> <b>mand</b><i>_</i><b>time</b><i>_</i><b>limit</b> configuration parameter. <b>SEE</b> <b>ALSO</b> <a href="master.8.html">master(8)</a> process manager syslogd(8) system logging <b>LICENSE</b> The Secure Mailer license must be distributed with this software. <b>AUTHOR(S)</b> Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown Heights, NY 10598, USA 1 </pre> </body> </html>