Systemd, Spamassassin, and the Missing Portreserve Package
Reindl Harald
h.reindl at thelounge.net
Thu Feb 5 21:53:32 UTC 2015
Am 05.02.2015 um 22:05 schrieb Tom Rivers:
> On 2/5/2015 15:58, Reindl Harald wrote:
>> why in the world does SA need portreserve?
>
> To be honest, I'm not sure that SA is the package that needs it. It is
> actually systemd that references it in the spamassassin.service file:
>
> # cat /usr/lib/systemd/system/spamassassin.service
> [Unit]
> Description=Spamassassin daemon
> After=syslog.target network.target
>
> [Service]
> EnvironmentFile=-/etc/sysconfig/spamassassin
> ExecStartPre=-/sbin/portrelease spamd
> ExecStart=/usr/bin/spamd $SPAMDOPTIONS
> StandardOutput=null
> StandardError=null
> Restart=always
>
> [Install]
> WantedBy=multi-user.target
well, thats why the first after install a service is fork the
systemd-unit in /etc/systemd/system and get rid of cruft
root at testserver:~]$ cat /etc/systemd/system/spamassassin.service
[Unit]
Description=Spamassassin Daemon
After=network.service systemd-networkd.service network-online.target
Before=postfix.service
[Service]
Environment="TMPDIR=/tmp"
PermissionsStartOnly=true
ExecStartPre=/usr/bin/find /var/lib/spamassassin/ -type d -exec
/bin/chmod 0755 "{}" \;
ExecStartPre=/usr/bin/find /var/lib/spamassassin/ -type f -exec
/bin/chmod 0644 "{}" \;
ExecStart=/usr/bin/spamd -c -H --max-children=10 --min-children=1
--min-spare=1 --max-spare=3 --port=10028
ExecReload=/usr/bin/kill -HUP $MAINPID
Environment="LANG=en_GB.UTF-8"
User=sa-milt
Group=sa-milt
Nice=15
StandardOutput=null
StandardError=null
SyslogFacility=mail
Restart=always
RestartSec=1
PrivateTmp=yes
PrivateDevices=yes
NoNewPrivileges=yes
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_WRITE CAP_NET_ADMIN
CAP_NET_BIND_SERVICE CAP_SYS_ADMIN CAP_SYS_BOOT CAP_SYS_MODULE
CAP_SYS_PTRACE
RestrictAddressFamilies=~AF_APPLETALK AF_ATMPVC AF_AX25 AF_PACKET AF_X25
ReadOnlyDirectories=/etc
ReadOnlyDirectories=/usr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150205/6e17739a/attachment.sig>
More information about the devel
mailing list