[pmg-devel] [PATCH pmg-api v3 10/10] fix #4926: run pmg-smtp-filter and pmgpolicy without root rights

From: Maximiliano Sandoval <m.sandoval@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [PATCH pmg-api v3 10/10] fix #4926: run pmg-smtp-filter and pmgpolicy without root rights
Date: Mon, 17 Jun 2024 16:18:07 +0200	[thread overview]
Message-ID: <20240617141807.722744-10-m.sandoval@proxmox.com> (raw)
In-Reply-To: <20240617141807.722744-1-m.sandoval@proxmox.com>

New users 'pmg-smpt-filter' and 'pmgpolicy' are created for their
respective processes and we set their systemd units to use them.

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 debian/pmg-smtp-filter.service | 2 ++
 debian/pmgpolicy.service       | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/debian/pmg-smtp-filter.service b/debian/pmg-smtp-filter.service
index c887dc2..c4d5e38 100644
--- a/debian/pmg-smtp-filter.service
+++ b/debian/pmg-smtp-filter.service
@@ -16,6 +16,8 @@ Type=forking
 Restart=on-abort
 RestartSec=10
 RuntimeDirectory=pmg-smtp-filter
+User=pmg-smtp-filter
+Group=pmg-smtp-filter
 
 [Install]
 WantedBy=multi-user.target
diff --git a/debian/pmgpolicy.service b/debian/pmgpolicy.service
index 21a403f..cd8ee60 100644
--- a/debian/pmgpolicy.service
+++ b/debian/pmgpolicy.service
@@ -13,6 +13,8 @@ ExecReload=/bin/kill -HUP $MAINPID
 PIDFile=/run/pmgpolicy/pmgpolicy.pid
 Type=forking
 RuntimeDirectory=pmgpolicy
+User=pmgpolicy
+Group=pmgpolicy
 
 [Install]
 WantedBy=multi-user.target
-- 
2.39.2



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

