* Harald Hanche-Olsen (Thu, Oct 07, 1999 at 12:35:51AM +0200)
> Our sysadmin installed a bunch of patches on our Solaris machines
> today - basically, he just got a cluster of recommended patches and
> installed them all.
>
> Now, one or more of these patches "upgraded" /usr/lib/sendmail (was a
> symlink to /var/qmail/bin/sendmail, became a "real" sendmail). But
> not only that; the patch most helpfully installed the file
> /etc/rc2.d/S88sendmail for us. Came time to reboot the machine, and
> lo and behold, we now had a running sendmail daemon, which started
> rejecting all kinds of incoming mail. (It got to the smtp port before
> tcpserver+qmail-smtpd did.)
To prevent sendmail from starting at boot, remove
/etc/sendmail.cf, as the /etc/init.d/sendmail script exits if
that does not exist.
As Giles Lean mentioned: If you run Solaris with sonething else
than Solaris stock sendmail installed, you need to check at
every boot (and after every patch) that it hasn't "repaired" the
sendmail installation.
If you're feeling _really_ paranoid, make sure these commands
are in the script used to start, stop, restart and reload qmail
(if you use such a thing), and not only in a script run only at
boot. (Not every Solaris patch package requires a reboot. You
might be surprised one day. :-)
--
SSM - Stig Sandbeck Mathisen
Trust the Computer, the Computer is your Friend
