1 = System Users and Filesystem Access = 2 3 The data handled by imip-agent needs to be accessible to other software, 4 notably mail handling software and Web server software. Two approaches to 5 [[../MailIntegration|e-mail integration]] affect the choice of system users 6 and groups: 7 8 {{{#!table 9 '''Integration Method''' || '''System Users and Groups''' 10 == 11 [[../MailIntegration/LMTP|LMTP delivery]] 12 || `imip-agent` belongs to `lmtp` and `www-data` groups<<BR>> 13 .. `www-data` also belongs to the `lmtp` group 14 == 15 [[../MailIntegration/LocalSMTP|Local SMTP delivery]] 16 || `imip-agent` belongs to the `www-data` group 17 }}} 18 19 The corresponding strategies are described in more detail below. 20 21 == LMTP Delivery == 22 23 Here, imip-agent's programs run in a way that permits LMTP delivery (requiring 24 suitable local privileges to communicate with the mail storage solution) 25 whilst allowing the Web server to read data written by those programs. 26 27 A system group needs to be created for LMTP delivery and for certain users to 28 share resources: 29 30 {{{ 31 addgroup lmtp 32 }}} 33 34 This group should be employed for LMTP delivery by systems like Cyrus and 35 Dovecot. See the [[../MailboxIntegration|mail storage guide]] for more 36 information. 37 38 A system user needs to be created and to belong to certain groups in order to 39 deliver messages to mail stores and to publish resources on the Web: 40 41 {{{ 42 useradd -d /var/lib/imip-agent -m -U -G lmtp,www-data -r imip-agent 43 }}} 44 45 Store details and published resources need to be accessible by the `imip-agent` 46 and `www-data` users. Thus, `www-data` also needs to belong to the `lmtp` group: 47 48 {{{ 49 adduser www-data lmtp 50 }}} 51 52 == Local SMTP Delivery == 53 54 Here, imip-agent's programs run in a way that permits local SMTP delivery 55 (which merely needs the ability to connect to a local network service) whilst 56 allowing the Web server to read data written by those programs. 57 58 {{{#!wiki tip 59 It is possible to use the above strategy for LMTP with local SMTP delivery 60 because there may be a need to create the `lmtp` group so that MTAs can deliver 61 to [[../MailboxIntegration|mail storage solutions]]. However, this approach 62 provides a means of separating imip-agent from mail-related users and groups. 63 }}} 64 65 A system user needs to be created and to belong to certain groups in order to 66 deliver messages to mail stores and to publish resources on the Web: 67 68 {{{ 69 useradd -d /var/lib/imip-agent -m -U -G www-data -r imip-agent 70 }}} 71 72 Again, the `tools/init.sh` script will initialise directories for stored and 73 published data. The `tools/config.sh` script should be edited and the group 74 redefined as follows: 75 76 {{{ 77 IMIP_AGENT_GROUP=www-data 78 }}} 79 80 If already installed, the `/etc/imip-agent/config.sh` script should be edited 81 instead. See the [[../Configuration|configuration guide]] for more information. 82 83 With local SMTP delivery, the mail system will need to be configured to route 84 messages for local recipients. See the [[../MailIntegration/LocalSMTP|local SMTP]] 85 description of mail configuration for more information. 86 87 == Updating the Configuration == 88 89 Once the necessary decisions have been taken here, the system's 90 [[../Configuration|configuration]] will need updating so that the software and 91 tools will work correctly.