> On Mar 13, 2016, at 5:07 AM, Jim Reid <j...@rfc1035.com> wrote: > > >> On 13 Mar 2016, at 08:41, Alice Wonder <al...@domblogger.net> wrote: >> >> It's possible the mail command on OS X is using the OS X sendmail command >> provided by the OS X postfix which would want its configuration file at >> /etc/postfix/main.cf > > It is. Though MacOSX puts the sendmail front-end in /usr/sbin: > % strings /usr/bin/mail | grep / > ... > /usr/sbin/sendmail > ... > >> You may need to move the OS X sendmail command and make a symlink from >> /usr/local/sbin/sendmail (as provided by postfix built from source) to >> /sbin/sendmail (or wherever OS X keeps it) so that the right sendmail >> command is available to OS X mail command. > > Easier said than done. MacOSX 10.11 introduced System Integrity Protection. > This means most, if not all, of the OS cannot be modified by anything unless > the OS is booted in recovery mode and csrutil is used to disable or enable > SIP. [Which probably explains why the Macs now boot twice during an upgrade: > once in recovery mode to make the changes and then another to resume “normal” > operations.] By default the SIP-protected directories and files include > everything in /usr except /usr/local. > > The path of least resistance would be to put the postfix config files in > /etc/postfix where the Apple-supplied postfix tools expect to find them. Be > sure to keep copies of these files elsewhere in case Apple stamps all over > them at the next OS upgrade. Messing around with SIP settings or being clever > with symbolic links is likely to end in pain, particularly when the next > upgrade comes along.
I run Postfix (built from source) on one of my Macs and installed into /usr/local. I turned off SIP in order to get my built version of /usr/sbin/sendmail there and have left it off. The only “pain” likely to result is if you aren’t smart and let malware do something bad. OS X (at least so far) does not care if SIP is on or off. SIP, IMHO, is protection for those who don’t know what they are doing but is in the way of us who know our way around a system. While Apple has thrown more barricades in the way of running your own locally built Unix software, they haven’t blocked it yet. Turning off SIP is easy: • Restart your Mac, and as soon as the screen turns black hold down ⌘R until the Apple logo appears on your screen. • Now click on the "Utilities" menu, and then "Terminal". • In the Terminal Window type: • csrutil disable • Restart OS X, your Mac should then restart as normal with SIP disabled, This is a permanent setting so once done would never need to be done again. But if you want to toggle it on and off as needed, to turn it on, just say “csrutil enable” instead. -- Larry Stone lston...@stonejongleux.com
smime.p7s
Description: S/MIME cryptographic signature
