[amavisd-new] Use systemd timer units instead of cronjobs and use PrivateDevices
Juan Orti
jorti at fedoraproject.org
Tue Apr 29 11:33:40 UTC 2014
commit dde04c229566976adc4789155be268ff08f289c7
Author: Juan Orti Alcaine <j.orti.alcaine at gmail.com>
Date: Tue Apr 29 13:31:43 2014 +0200
Use systemd timer units instead of cronjobs and use PrivateDevices
amavisd-clean-quarantine.service | 8 +++++++
amavisd-clean-quarantine.timer | 9 ++++++++
amavisd-clean-tmp.service | 8 +++++++
amavisd-clean-tmp.timer | 9 ++++++++
amavisd-new.spec | 43 ++++++++++++++++++++++++++++---------
amavisd.cron | 2 -
amavisd.service | 3 +-
7 files changed, 68 insertions(+), 14 deletions(-)
---
diff --git a/amavisd-clean-quarantine.service b/amavisd-clean-quarantine.service
new file mode 100644
index 0000000..62c01cd
--- /dev/null
+++ b/amavisd-clean-quarantine.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Clean amavisd quarantine folder
+
+[Service]
+Type=oneshot
+User=amavis
+Group=amavis
+ExecStart=/usr/sbin/tmpwatch -d 720 /var/spool/amavisd/quarantine
diff --git a/amavisd-clean-quarantine.timer b/amavisd-clean-quarantine.timer
new file mode 100644
index 0000000..1afedc1
--- /dev/null
+++ b/amavisd-clean-quarantine.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=Amavisd clean quarantine timer
+
+[Timer]
+OnBootSec=5min
+OnUnitActiveSec=24h
+
+[Install]
+WantedBy=timers.target
diff --git a/amavisd-clean-tmp.service b/amavisd-clean-tmp.service
new file mode 100644
index 0000000..ff5073f
--- /dev/null
+++ b/amavisd-clean-tmp.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Clean amavisd tmp folder
+
+[Service]
+Type=oneshot
+User=amavis
+Group=amavis
+ExecStart=/usr/sbin/tmpwatch 24 /var/spool/amavisd/tmp
diff --git a/amavisd-clean-tmp.timer b/amavisd-clean-tmp.timer
new file mode 100644
index 0000000..75878a2
--- /dev/null
+++ b/amavisd-clean-tmp.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=Amavisd clean tmp timer
+
+[Timer]
+OnBootSec=5min
+OnUnitActiveSec=24h
+
+[Install]
+WantedBy=timers.target
diff --git a/amavisd-new.spec b/amavisd-new.spec
index e56caf7..716defd 100644
--- a/amavisd-new.spec
+++ b/amavisd-new.spec
@@ -3,7 +3,7 @@
Summary: Email filter with virus scanner and spamassassin support
Name: amavisd-new
Version: 2.8.1
-Release: 2%{?prerelease:.%{prerelease}}%{?dist}
+Release: 3%{?prerelease:.%{prerelease}}%{?dist}
# LDAP schema is GFDL, some helpers are BSD, core is GPLv2+
License: GPLv2+ and BSD and GFDL
Group: Applications/System
@@ -12,10 +12,13 @@ Source0: http://www.ijs.si/software/amavisd/amavisd-new-%{version}%{?prer
Source2: amavis-clamd.conf
Source4: README.fedora
Source5: README.quarantine
-Source6: amavisd.cron
Source8: amavisd-new-tmpfiles.conf
Source9: amavisd.service
Source10: amavisd-snmp.service
+Source11: amavisd-clean-tmp.service
+Source12: amavisd-clean-tmp.timer
+Source13: amavisd-clean-quarantine.service
+Source14: amavisd-clean-quarantine.timer
Patch0: amavisd-conf.patch
Patch1: amavisd-init.patch
Patch2: amavisd-condrestart.patch
@@ -29,8 +32,8 @@ BuildArch: noarch
BuildRequires: systemd
Requires: clamav-server
Requires: clamav-server-systemd
-Requires: /usr/sbin/tmpwatch, /etc/cron.daily
-Requires: /usr/bin/ar
+Requires: tmpwatch
+Requires: binutils
Requires: altermime
Requires: arj
Requires: bzip2
@@ -141,17 +144,18 @@ install -p -m 755 amavisd-{agent,nanny,release} $RPM_BUILD_ROOT%{_bindir}/
install -D -p -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{_unitdir}/amavisd.service
install -D -p -m 644 %{SOURCE10} $RPM_BUILD_ROOT%{_unitdir}/amavisd-snmp.service
+install -D -p -m 644 %{SOURCE11} $RPM_BUILD_ROOT%{_unitdir}/amavisd-clean-tmp.service
+install -D -p -m 644 %{SOURCE12} $RPM_BUILD_ROOT%{_unitdir}/amavisd-clean-tmp.timer
+install -D -p -m 644 %{SOURCE13} $RPM_BUILD_ROOT%{_unitdir}/amavisd-clean-quarantine.service
+install -D -p -m 644 %{SOURCE14} $RPM_BUILD_ROOT%{_unitdir}/amavisd-clean-quarantine.timer
install -D -p -m 644 amavisd.conf $RPM_BUILD_ROOT%{_sysconfdir}/amavisd/amavisd.conf
install -D -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/clamd.d/amavisd.conf
-install -D -p -m 755 %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily/amavisd
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/spool/amavisd/{tmp,db,quarantine}
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/{clamd.amavisd,amavisd}
-%if 0%{?fedora} > 17
install -D -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{_tmpfilesdir}/amavisd-new.conf
-%endif
%clean
rm -rf $RPM_BUILD_ROOT
@@ -165,18 +169,30 @@ exit 0
%preun
%systemd_preun amavisd.service
+%systemd_preun amavisd-clean-tmp.service
+%systemd_preun amavisd-clean-tmp.timer
+%systemd_preun amavisd-clean-quarantine.service
+%systemd_preun amavisd-clean-quarantine.timer
%preun snmp
%systemd_preun amavisd-snmp.service
%post
%systemd_post amavisd.service
+%systemd_post amavisd-clean-tmp.service
+%systemd_post amavisd-clean-tmp.timer
+%systemd_post amavisd-clean-quarantine.service
+%systemd_post amavisd-clean-quarantine.timer
%post snmp
%systemd_post amavisd-snmp.service
%postun
%systemd_postun_with_restart amavisd.service
+%systemd_postun_with_restart amavisd-clean-tmp.service
+%systemd_postun_with_restart amavisd-clean-tmp.timer
+%systemd_postun_with_restart amavisd-clean-quarantine.service
+%systemd_postun_with_restart amavisd-clean-quarantine.timer
%postun snmp
%systemd_postun_with_restart amavisd-snmp.service
@@ -187,18 +203,19 @@ exit 0
%doc README_FILES test-messages amavisd.conf-*
%dir %{_sysconfdir}/amavisd/
%{_unitdir}/amavisd.service
+%{_unitdir}/amavisd-clean-tmp.service
+%{_unitdir}/amavisd-clean-tmp.timer
+%{_unitdir}/amavisd-clean-quarantine.service
+%{_unitdir}/amavisd-clean-quarantine.timer
%config(noreplace) %{_sysconfdir}/amavisd/amavisd.conf
%config(noreplace) %{_sysconfdir}/clamd.d/amavisd.conf
-%config(noreplace) %{_sysconfdir}/cron.daily/amavisd
%{_sbindir}/amavisd
%{_bindir}/amavisd-*
%dir %attr(710,amavis,amavis) %{_localstatedir}/spool/amavisd
%dir %attr(700,amavis,amavis) %{_localstatedir}/spool/amavisd/tmp
%dir %attr(700,amavis,amavis) %{_localstatedir}/spool/amavisd/db
%dir %attr(700,amavis,amavis) %{_localstatedir}/spool/amavisd/quarantine
-%if 0%{?fedora} > 17
-%attr(644,root,root) %{_tmpfilesdir}/amavisd-new.conf
-%endif
+%{_tmpfilesdir}/amavisd-new.conf
%dir %attr(755,amavis,amavis) %{_localstatedir}/run/amavisd
%dir %attr(770,amavis,clamupdate) %{_localstatedir}/run/clamd.amavisd
@@ -209,6 +226,10 @@ exit 0
%{_sbindir}/amavisd-snmp-subagent
%changelog
+* Wed Mar 19 2014 Juan Orti Alcaine <jorti at fedoraproject.org> 2.8.1-3
+- Use systemd timer units instead of cronjobs
+- Add PrivateDevices to service unit
+
* Mon Feb 17 2014 Juan Orti Alcaine <jorti at fedoraproject.org> 2.8.1-2
- Move clamd socket to /var/run/clamd.amavisd
- Add permissions to clamupdate to notify clamd
diff --git a/amavisd.service b/amavisd.service
index 3acd93e..fc3e928 100644
--- a/amavisd.service
+++ b/amavisd.service
@@ -1,7 +1,7 @@
[Unit]
Description=Amavisd-new is an interface between MTA and content checkers.
Documentation=http://www.ijs.si/software/amavisd/#doc
-After=syslog.target network.target
+After=network.target
Wants=clamd at amavisd.service
[Service]
@@ -12,6 +12,7 @@ PIDFile=/var/run/amavisd/amavisd.pid
ExecStart=/usr/sbin/amavisd -c /etc/amavisd/amavisd.conf
Restart=on-failure
PrivateTmp=true
+PrivateDevices=true
NoNewPrivileges=true
[Install]
More information about the perl-devel
mailing list