forked from mirrors/nixpkgs
Merge pull request #48460 from Mic92/postfix-setuid
postfix: add setgid wrapper for postqueue/postdrop
This commit is contained in:
commit
f6ded23889
|
@ -602,7 +602,7 @@ in
|
||||||
target = "postfix";
|
target = "postfix";
|
||||||
};
|
};
|
||||||
|
|
||||||
# This makes comfortable for root to run 'postqueue' for example.
|
# This makes it comfortable to run 'postqueue/postdrop' for example.
|
||||||
systemPackages = [ pkgs.postfix ];
|
systemPackages = [ pkgs.postfix ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -616,6 +616,22 @@ in
|
||||||
setgid = true;
|
setgid = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
security.wrappers.postqueue = {
|
||||||
|
program = "postqueue";
|
||||||
|
source = "${pkgs.postfix}/bin/postqueue";
|
||||||
|
group = setgidGroup;
|
||||||
|
setuid = false;
|
||||||
|
setgid = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
security.wrappers.postdrop = {
|
||||||
|
program = "postdrop";
|
||||||
|
source = "${pkgs.postfix}/bin/postdrop";
|
||||||
|
group = setgidGroup;
|
||||||
|
setuid = false;
|
||||||
|
setgid = true;
|
||||||
|
};
|
||||||
|
|
||||||
users.users = optional (user == "postfix")
|
users.users = optional (user == "postfix")
|
||||||
{ name = "postfix";
|
{ name = "postfix";
|
||||||
description = "Postfix mail server user";
|
description = "Postfix mail server user";
|
||||||
|
|
Loading…
Reference in a new issue