summary refs log tree commit diff
path: root/nixos/modules/services/mail/dspam.nix
diff options
context:
space:
mode:
authorNikolay Amiantov <ab@fmap.me>2016-02-14 10:08:56 +0300
committerNikolay Amiantov <ab@fmap.me>2016-02-14 10:35:06 +0300
commita0afc49f0f199c73e1173ede7d58d74842c4551d (patch)
treec1603b5c1c9888bcbf11a331d47fd3bfd951028b /nixos/modules/services/mail/dspam.nix
parent2cee5a42b0d278577e791bbed51521ec0d103192 (diff)
downloadnixpkgs-a0afc49f0f199c73e1173ede7d58d74842c4551d.tar
nixpkgs-a0afc49f0f199c73e1173ede7d58d74842c4551d.tar.gz
nixpkgs-a0afc49f0f199c73e1173ede7d58d74842c4551d.tar.bz2
nixpkgs-a0afc49f0f199c73e1173ede7d58d74842c4551d.tar.lz
nixpkgs-a0afc49f0f199c73e1173ede7d58d74842c4551d.tar.xz
nixpkgs-a0afc49f0f199c73e1173ede7d58d74842c4551d.tar.zst
nixpkgs-a0afc49f0f199c73e1173ede7d58d74842c4551d.zip
dspam service: restrict socket access
Diffstat (limited to 'nixos/modules/services/mail/dspam.nix')
-rw-r--r--nixos/modules/services/mail/dspam.nix1


1 files changed, 1 insertions, 0 deletions
diff --git a/nixos/modules/services/mail/dspam.nix b/nixos/modules/services/mail/dspam.nix
index 96b0e165c4d..46e6f216b21 100644
--- a/nixos/modules/services/mail/dspam.nix
+++ b/nixos/modules/services/mail/dspam.nix
@@ -111,6 +111,7 @@ in {
           User = cfg.user;
           Group = cfg.group;
           RuntimeDirectory = optional (cfg.domainSocket == defaultSock) "dspam";
+          RuntimeDirectoryMode = optional (cfg.domainSocket == defaultSock) "0750";
           PermissionsStartOnly = true;
           # DSPAM segfaults on just about every error
           Restart = "on-failure";

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-09 08:48:18 +0000