~ubuntu-branches/ubuntu/feisty/postfix/feisty

« back to all changes in this revision

Viewing changes to html/tlsmgr.8.html

Committer: Bazaar Package Importer
Author(s): Tollef Fog Heen
Date: 2006-11-27 09:09:56 UTC
Revision ID: james.westby@ubuntu.com-20061127090956-154brf16pz0kler2

Tags: 2.3.4-1ubuntu1

Remove cdb support as cdb isn't in main in Ubuntu.

files modified:
debian/changelog

debian/control

debian/patches/20maps.dpatch

debian/rules

html/postconf.1.html

html/postmap.1.html

html/tlsmgr.8.html

man/man1/postmap.1

Show diffs side-by-side

added added

removed removed

html/tlsmgr.8.html

generator) pool. It answers queries by the <a href="smtpd.8.html">smtpd(8)</a> and

<a href="smtp.8.html">smtp(8)</a> processes to seed their internal PRNG pools.

The <a href="tlsmgr.8.html">tlsmgr(8)</a>'s PRNG pool is initially seeded from an

The <a href="tlsmgr.8.html">tlsmgr(8)</a>’s PRNG pool is initially seeded from an

external source (EGD, /dev/urandom, or regular file). It

is updated at configurable pseudo-random intervals with

data from the external source. It is updated periodically

The <a href="tlsmgr.8.html">tlsmgr(8)</a> is not security-sensitive. The code that

maintains the external and internal PRNG pools does not

"trust" the data that it manipulates, and the code that

maintains the TLS session cache does not touch the con-

tents of the cached entries, except for seeding its inter-

maintains the TLS session cache does not touch the con‐

tents of the cached entries, except for seeding its inter‐

nal PRNG pool.

The <a href="tlsmgr.8.html">tlsmgr(8)</a> can be run chrooted and with reduced privi-

The <a href="tlsmgr.8.html">tlsmgr(8)</a> can be run chrooted and with reduced privi‐

leges. At process startup it connects to the entropy

source and exchange file, and creates or truncates the

optional TLS session cache files.

CONFIGURATION PARAMETERS

Changes to <a href="postconf.5.html">main.cf</a> are not picked up automatically,

because <a href="tlsmgr.8.html">tlsmgr(8)</a> is a persistent processes. Use the com-

because <a href="tlsmgr.8.html">tlsmgr(8)</a> is a persistent processes. Use the com‐

mand "postfix reload" after a configuration change.

The text below provides only a parameter summary. See

configuration parameter.

<a href="postconf.5.html#lmtp_tls_session_cache_database">lmtp_tls_session_cache_database</a> (empty)

The LMTP-specific version of the smtp_tls_ses-

The LMTP-specific version of the smtp_tls_ses‐

sion_cache_database configuration parameter.

<a href="postconf.5.html#lmtp_tls_session_cache_timeout">lmtp_tls_session_cache_timeout</a> (3600s)

The LMTP-specific version of the smtp_tls_ses-

The LMTP-specific version of the smtp_tls_ses‐

sion_cache_timeout configuration parameter.

<a href="postconf.5.html#smtp_tls_loglevel">smtp_tls_loglevel</a> (0)

SMTP client TLS session cache.

<a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> (3600s)

The expiration time of Postfix SMTP client TLS ses-

The expiration time of Postfix SMTP client TLS ses‐

sion cache information.

<a href="postconf.5.html#smtpd_tls_loglevel">smtpd_tls_loglevel</a> (0)

SMTP server TLS session cache.

<a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a> (3600s)

100

The expiration time of Postfix SMTP server TLS ses-

100

The expiration time of Postfix SMTP server TLS ses‐

101

sion cache information.

102

103

PSEUDO RANDOM NUMBER GENERATOR

104

<a href="postconf.5.html#tls_random_source">tls_random_source</a> (see 'postconf -d' output)

104

<a href="postconf.5.html#tls_random_source">tls_random_source</a> (see ’postconf -d’ output)

105

The external entropy source for the in-memory

106

<a href="tlsmgr.8.html">tlsmgr(8)</a> pseudo random number generator (PRNG)

107

pool.

118

<a href="postconf.5.html#tls_random_prng_update_period">tls_random_prng_update_period</a> (3600s)

119

The time between attempts by <a href="tlsmgr.8.html">tlsmgr(8)</a> to save the

120

state of the pseudo random number generator (PRNG)

121

to the file specified with $<a href="postconf.5.html#tls_random_exchange_name">tls_ran</a>-

122

<a href="postconf.5.html#tls_random_exchange_name">dom_exchange_name</a>.

121

to the file specified with $tls_ran‐

122

dom_exchange_name.

123

124

<a href="postconf.5.html#tls_random_reseed_period">tls_random_reseed_period</a> (3600s)

125

The maximal time between attempts by <a href="tlsmgr.8.html">tlsmgr(8)</a> to

126

re-seed the in-memory pseudo random number genera-

126

re-seed the in-memory pseudo random number genera‐

127

tor (PRNG) pool from external sources.

128

129

MISCELLANEOUS CONTROLS

130

<a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)

130

<a href="postconf.5.html#config_directory">config_directory</a> (see ’postconf -d’ output)

131

The default location of the Postfix <a href="postconf.5.html">main.cf</a> and

132

<a href="master.5.html">master.cf</a> configuration files.

133

137

built-in watchdog timer.

138

139

<a href="postconf.5.html#process_id">process_id</a> (read-only)

140

The process ID of a Postfix command or daemon

141

process.

140

The process ID of a Postfix command or daemon pro‐

141

cess.

142

143

<a href="postconf.5.html#process_name">process_name</a> (read-only)

144

The process name of a Postfix command or daemon

148

The syslog facility of Postfix logging.

149

150

<a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)

151

The mail system name that is prepended to the

152

process name in syslog records, so that "smtpd"

151

The mail system name that is prepended to the pro‐

152

cess name in syslog records, so that "smtpd"

153

becomes, for example, "postfix/smtpd".

154

155

SEE ALSO

Older »