mirror of
https://git.savannah.gnu.org/git/guix.git
synced 2025-01-31 06:46:50 +01:00
services: postfix: Extend setuid-program-service-type.
* gnu/services/mail.scm (postfix-service-type): Set gid of postfix executables.
This commit is contained in:
Ricardo Wurmus
parent
b2b364298c
commit
16d3fc8365
1 changed files with 35 additions and 4 deletions
|
|
@ -94,6 +94,7 @@ (define-module (gnu services mail)
|
||||||
postfix-configuration-data-directory
|
postfix-configuration-data-directory
|
||||||
postfix-configuration-user
|
postfix-configuration-user
|
||||||
postfix-configuration-group
|
postfix-configuration-group
|
||||||
|
postfix-configuration-setgid-commands?
|
||||||
|
|
||||||
postfix-service-type))
|
postfix-service-type))
|
||||||
|
|
||||||
|
|
@ -2025,6 +2026,7 @@ (define-record-type* <postfix-configuration>
|
||||||
(default "/var/lib/postfix"))
|
(default "/var/lib/postfix"))
|
||||||
(meta-directory postfix-configuration-meta-directory
|
(meta-directory postfix-configuration-meta-directory
|
||||||
(default #f))
|
(default #f))
|
||||||
|
(setgid-commands? postfix-configuration-setgid-commands? (default #t))
|
||||||
(user postfix-configuration-user
|
(user postfix-configuration-user
|
||||||
(default "postfix"))
|
(default "postfix"))
|
||||||
(group postfix-configuration-group
|
(group postfix-configuration-group
|
||||||
|
|
@ -2135,12 +2137,41 @@ (define (postfix-shepherd-service config)
|
||||||
(start (postfix-action "start"))
|
(start (postfix-action "start"))
|
||||||
(stop (postfix-action "stop")))))))
|
(stop (postfix-action "stop")))))))
|
||||||
|
|
||||||
|
(define (postfix-set-gids config)
|
||||||
|
(match-record config <postfix-configuration>
|
||||||
|
(postfix setgid-commands? group)
|
||||||
|
(if setgid-commands?
|
||||||
|
(list
|
||||||
|
(setuid-program
|
||||||
|
(program (file-append postfix "/bin/mailq"))
|
||||||
|
(setuid? #false)
|
||||||
|
(setgid? #true)
|
||||||
|
(group group))
|
||||||
|
(setuid-program
|
||||||
|
(program (file-append postfix "/bin/sendmail"))
|
||||||
|
(setuid? #false)
|
||||||
|
(setgid? #true)
|
||||||
|
(group group))
|
||||||
|
(setuid-program
|
||||||
|
(program (file-append postfix "/sbin/postqueue"))
|
||||||
|
(setuid? #false)
|
||||||
|
(setgid? #true)
|
||||||
|
(group group))
|
||||||
|
(setuid-program
|
||||||
|
(program (file-append postfix "/sbin/postdrop"))
|
||||||
|
(setuid? #false)
|
||||||
|
(setgid? #true)
|
||||||
|
(group group)))
|
||||||
|
'())))
|
||||||
|
|
||||||
(define postfix-service-type
|
(define postfix-service-type
|
||||||
(service-type
|
(service-type
|
||||||
(name 'postfix)
|
(name 'postfix)
|
||||||
(extensions (list (service-extension account-service-type postfix-accounts)
|
(extensions
|
||||||
(service-extension activation-service-type postfix-activation)
|
(list (service-extension account-service-type postfix-accounts)
|
||||||
(service-extension shepherd-root-service-type postfix-shepherd-service)
|
(service-extension activation-service-type postfix-activation)
|
||||||
(service-extension mail-aliases-service-type (const '()))))
|
(service-extension shepherd-root-service-type postfix-shepherd-service)
|
||||||
|
(service-extension mail-aliases-service-type (const '()))
|
||||||
|
(service-extension setuid-program-service-type postfix-set-gids)))
|
||||||
(description "Run the Postfix MTA.")
|
(description "Run the Postfix MTA.")
|
||||||
(default-value (postfix-configuration))))
|
(default-value (postfix-configuration))))
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue