diff options
| author | Wojtek Kosior <koszko@koszko.org> | 2024-01-09 12:15:02 +0100 |
|---|---|---|
| committer | W. Kosior <koszko@koszko.org> | 2024-05-03 14:46:45 +0200 |
| commit | 87aef1a9b8cc794c7d32336f23a99b58c05be5a5 (patch) | |
| tree | 95081487129809b6c573b919d90de5074da3280a /manifest.scm | |
| parent | e531bd087c6191b8efed72d0aaf7dcc98c5bffa3 (diff) | |
| download | guix-87aef1a9b8cc794c7d32336f23a99b58c05be5a5.tar.gz guix-87aef1a9b8cc794c7d32336f23a99b58c05be5a5.zip | |
services: Support running Exim with setuid/setgid.
In a typical configuration, Exim binary is setuid root and the Exim daemon
process listens for connections under a non-root system account (usually
`exim`). Upon receiving a message, it forks into a child process which
re-executes the binary to regain privileges and deliver the mail to its
destination (e.g. a Maildir inside user's home directory).
Besides the setuid binary itself, such setup also requires the Exim
configuration file to live at the path Exim considers safe. It defaults to
/etc/exim.conf and changing it requires rebuilding the Exim daemon. If a
configuration at unsafe path is used instead, Exim drops its privileges before
reading it and becomes unable to perform certain kinds of email delivery.
* gnu/services/mail.scm (<exim-configuration>)[setuid-user]: New field.
(<exim-configuration>)[setgid-group]: New field.
(exim-computed-config-file): Delete variable.
(exim-shepherd-service)[start]: Use Exim's default config at /etc/exim.conf.
(exim-activation): Atomically put Exim's current config at /etc/exim.conf and
verify its syntactic correctness.
(exim-setuids): New variable.
(exim-service-type)[extensions]: Extend `setuid-program-service-type`.
Change-Id: Ie6153baac80180d3d48f6b5a6959895df06aef0b
Diffstat (limited to 'manifest.scm')
0 files changed, 0 insertions, 0 deletions