mirrors/maddy
1
0
Fork 0
mirror of https://github.com/foxcpp/maddy.git synced 2025-04-04 05:37:34 +03:00
Code Issues Projects Releases Packages Wiki Activity

Make it easier to avoid permission issues when setting up maddy

Browse source 
1. Clarify that you need to manually create the user and group
when building from source. ./build.sh does not do that since
it is a packaging tool, not system configuration one.

2. Do not require "go" command to be present when running
./build.sh install. go installation may be user-specific and
unavailable when running with sudo.

3. Ease UMask restrictions. Allow group access.
This allows CLI commands to be run by any user in maddy group.

See #569.
This commit is contained in:
fox.cpp 2024-01-21 21:57:00 +03:00
parent a2f8916183
commit 28bdf6d33f
No known key found for this signature in database
GPG key ID: 5B991F6215D2FCC0
5 changed files with 32 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

5
dist/systemd/maddy.service vendored
View file

@ -54,8 +54,9 @@ KillSignal=SIGTERM
AmbientCapabilities=CAP_NET_BIND_SERVICE
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
# Force all files created by maddy to be only readable by it.
UMask=0027
# Force all files created by maddy to be only readable by it
# and maddy group.
UMask=0007
# Bump FD limitations. Even idle mail server can have a lot of FDs open (think
# of idle IMAP connections, especially ones abandoned on the other end and

5
dist/systemd/maddy@.service vendored
View file

@ -50,8 +50,9 @@ KillSignal=SIGTERM
AmbientCapabilities=CAP_NET_BIND_SERVICE
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
# Force all files created by maddy to be only readable by it.
UMask=0027
# Force all files created by maddy to be only readable by it and
# maddy group.
UMask=0007
# Bump FD limitations. Even idle mail server can have a lot of FDs open (think
# of idle IMAP connections, especially ones abandoned on the other end and