1.1 --- a/docs/wiki/SystemUsers Wed Nov 04 17:06:14 2015 +0100
1.2 +++ b/docs/wiki/SystemUsers Wed Nov 04 23:35:16 2015 +0100
1.3 @@ -6,23 +6,27 @@
1.4 and groups:
1.5
1.6 {{{#!table
1.7 -'''Integration Method''' || '''System Users and Groups'''
1.8 +'''Integration Method''' || '''System Users and Groups''' || '''Suitable for...'''
1.9 ==
1.10 -[[../MailIntegration/LMTP|LMTP delivery]]
1.11 +Using a dedicated `lmtp` group
1.12 || `imip-agent` belongs to `lmtp` and `www-data` groups<<BR>>
1.13 .. `www-data` also belongs to the `lmtp` group
1.14 +|| [[../MailIntegration/LMTP|LMTP delivery]] and
1.15 +.. [[../MailIntegration/LocalSMTP|Local SMTP delivery]]
1.16 ==
1.17 -[[../MailIntegration/LocalSMTP|Local SMTP delivery]]
1.18 +Using an existing group
1.19 || `imip-agent` belongs to the `www-data` group
1.20 +|| [[../MailIntegration/LocalSMTP|Local SMTP delivery]]
1.21 }}}
1.22
1.23 The corresponding strategies are described in more detail below.
1.24
1.25 -== LMTP Delivery ==
1.26 +== Using a Dedicated LMTP-Related Group ==
1.27
1.28 -Here, imip-agent's programs run in a way that permits LMTP delivery (requiring
1.29 -suitable local privileges to communicate with the mail storage solution)
1.30 -whilst allowing the Web server to read data written by those programs.
1.31 +Here, imip-agent's programs can run in a way that permits them to initiate
1.32 +[[../MailIntegration/LMTP|LMTP delivery]] (requiring suitable local privileges
1.33 +to communicate with the mail storage solution) whilst allowing the Web server
1.34 +to read data written by the [[../AgentPrograms|agent programs]].
1.35
1.36 A system group needs to be created for LMTP delivery and for certain users to
1.37 share resources:
1.38 @@ -49,18 +53,22 @@
1.39 adduser www-data lmtp
1.40 }}}
1.41
1.42 -== Local SMTP Delivery ==
1.43 +{{{#!wiki tip
1.44 +This configuration should also work with the
1.45 +[[../MailIntegration/LocalSMTP|local SMTP delivery]] method, because the `lmtp`
1.46 +group membership will be superfluous for the `imip-agent` user. So, if the use
1.47 +of such a group is not problematic, this approach is a reasonable default choice.
1.48 +Moreover, there may be a need to create the `lmtp` group, anyway, so that MTAs
1.49 +can deliver to [[../MailboxIntegration|mail storage solutions]].
1.50 +}}}
1.51 +
1.52 +== Using an Existing Group ==
1.53
1.54 Here, imip-agent's programs run in a way that permits local SMTP delivery
1.55 (which merely needs the ability to connect to a local network service) whilst
1.56 -allowing the Web server to read data written by those programs.
1.57 -
1.58 -{{{#!wiki tip
1.59 -It is possible to use the above strategy for LMTP with local SMTP delivery
1.60 -because there may be a need to create the `lmtp` group so that MTAs can deliver
1.61 -to [[../MailboxIntegration|mail storage solutions]]. However, this approach
1.62 -provides a means of separating imip-agent from mail-related users and groups.
1.63 -}}}
1.64 +allowing the Web server to read data written by the
1.65 +[[../AgentPrograms|agent programs]]. This approach provides a means of keeping
1.66 +imip-agent separate from mail-related users and groups.
1.67
1.68 A system user needs to be created and to belong to certain groups in order to
1.69 deliver messages to mail stores and to publish resources on the Web: