1<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN" 2 "https://www.w3.org/TR/html4/loose.dtd"> 3<html> <head> 4<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 5<link rel='stylesheet' type='text/css' href='postfix-doc.css'> 6<title> Postfix manual - spawn(8) </title> 7</head> <body> <pre> 8SPAWN(8) SPAWN(8) 9 10<b><a name="name">NAME</a></b> 11 spawn - Postfix external command spawner 12 13<b><a name="synopsis">SYNOPSIS</a></b> 14 <b>spawn</b> [generic Postfix daemon options] command_attributes... 15 16<b><a name="description">DESCRIPTION</a></b> 17 The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon monitors a TCP or UNIX-domain stream socket, con- 18 figured in <a href="master.5.html"><b>master.cf</b></a> with a service type <b>inet</b> or <b>unix</b>. 19 20 This daemon spawns an external command whenever a connection is estab- 21 lished, with the standard input, output and error file descriptors con- 22 nected to the remote client. 23 24 The command process is subject to the time limit specified with the 25 parameter <a href="postconf.5.html#transport_time_limit"><i>transport</i>_time_limit</a> (default: <a href="postconf.5.html#command_time_limit">command_time_limit</a>) where 26 <i>transport</i> equals the service name field in <a href="master.5.html">master.cf</a>. A process that 27 exceeds the time limit will receive a SIGKILL signal. 28 29 The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon service typically has a process limit > 1 in its 30 <a href="master.5.html"><b>master.cf</b></a> service definition, so that the number of processes can scale 31 with demand. 32 33<b><a name="command_attribute_syntax">COMMAND ATTRIBUTE SYNTAX</a></b> 34 The external command attributes are given in the <a href="master.5.html"><b>master.cf</b></a> file at the 35 end of a service definition. The syntax is as follows: 36 37 <b>user</b>=<i>username</i> (required) 38 39 <b>user</b>=<i>username</i>:<i>groupname</i> 40 The external command is executed with the rights of the speci- 41 fied <i>username</i>. The software refuses to execute commands with 42 root privileges, or with the privileges of the mail system 43 owner. If <i>groupname</i> is specified, the corresponding group ID is 44 used instead of the group ID of <i>username</i>. 45 46 <b>argv</b>=<i>command</i>... (required) 47 The command to be executed. This must be specified as the last 48 command attribute. The command is executed directly, i.e. with- 49 out interpretation of shell meta characters by a shell command 50 interpreter. 51 52 If a command argument must contain whitespace, or if a command 53 argument must begin with "{", enclose the argument with "{" and 54 "}". This form will ignore whitespace after the outer "{" and 55 before the outer "}". Example: 56 57 argv=/bin/sh -c { shell syntax here } 58 59<b><a name="diagnostics">DIAGNOSTICS</a></b> 60 The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon reports abnormal child exits. Problems are logged 61 to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>. 62 63<b><a name="security">SECURITY</a></b> 64 The <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon needs root privilege in order to execute external 65 commands as the specified user. It is therefore security sensitive. 66 67 However, the <a href="spawn.8.html"><b>spawn</b>(8)</a> daemon does not receive data from or about ser- 68 vice clients or external commands, and thus is not vulnerable to 69 data-driven attacks. 70 71<b><a name="configuration_parameters">CONFIGURATION PARAMETERS</a></b> 72 Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically as <a href="spawn.8.html"><b>spawn</b>(8)</a> processes 73 run for only a limited amount of time. Use the command "<b>postfix reload</b>" 74 to speed up a change. 75 76 The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for 77 more details including examples. 78 79 In the text below, <i>transport</i> is the first field of the entry in the 80 <a href="master.5.html"><b>master.cf</b></a> file. 81 82<b><a name="resource_and_rate_control">RESOURCE AND RATE CONTROL</a></b> 83 <b><a href="postconf.5.html#transport_time_limit">transport_time_limit</a> ($<a href="postconf.5.html#command_time_limit">command_time_limit</a>)</b> 84 A transport-specific override for the <a href="postconf.5.html#command_time_limit">command_time_limit</a> parame- 85 ter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of the message 86 delivery transport. 87 88<b><a name="miscellaneous">MISCELLANEOUS</a></b> 89 <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> 90 The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con- 91 figuration files. 92 93 <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b> 94 How much time a Postfix daemon process may take to handle a 95 request before it is terminated by a built-in watchdog timer. 96 97 <b><a href="postconf.5.html#export_environment">export_environment</a> (see 'postconf -d' output)</b> 98 The list of environment variables that a Postfix process will 99 export to non-Postfix processes. 100 101 <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b> 102 The time limit for sending or receiving information over an 103 internal communication channel. 104 105 <b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b> 106 The UNIX system account that owns the Postfix queue and most 107 Postfix daemon processes. 108 109 <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b> 110 The maximum amount of time that an idle Postfix daemon process 111 waits for an incoming connection before terminating voluntarily. 112 113 <b><a href="postconf.5.html#max_use">max_use</a> (100)</b> 114 The maximal number of incoming connections that a Postfix daemon 115 process will service before terminating voluntarily. 116 117 <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b> 118 The process ID of a Postfix command or daemon process. 119 120 <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b> 121 The process name of a Postfix command or daemon process. 122 123 <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b> 124 The location of the Postfix top-level queue directory. 125 126 <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b> 127 The syslog facility of Postfix logging. 128 129 <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b> 130 A prefix that is prepended to the process name in syslog 131 records, so that, for example, "smtpd" becomes "prefix/smtpd". 132 133 Available in Postfix 3.3 and later: 134 135 <b><a href="postconf.5.html#service_name">service_name</a> (read-only)</b> 136 The <a href="master.5.html">master.cf</a> service name of a Postfix daemon process. 137 138<b><a name="see_also">SEE ALSO</a></b> 139 <a href="postconf.5.html">postconf(5)</a>, configuration parameters 140 <a href="master.8.html">master(8)</a>, process manager 141 <a href="postlogd.8.html">postlogd(8)</a>, Postfix logging 142 syslogd(8), system logging 143 144<b><a name="license">LICENSE</a></b> 145 The Secure Mailer license must be distributed with this software. 146 147<b>AUTHOR(S)</b> 148 Wietse Venema 149 IBM T.J. Watson Research 150 P.O. Box 704 151 Yorktown Heights, NY 10598, USA 152 153 Wietse Venema 154 Google, Inc. 155 111 8th Avenue 156 New York, NY 10011, USA 157 158 SPAWN(8) 159</pre> </body> </html> 160