summary refs log tree commit diff
path: root/nixos/modules/services/web-servers/phpfpm/default.nix
diff options
context:
space:
mode:
authorFranz Pletz <fpletz@fnordicwalking.de>2017-08-29 00:41:31 +0200
committerFranz Pletz <fpletz@fnordicwalking.de>2017-08-29 00:41:31 +0200
commit8e622d268934c56b465850b74f2cf65682f78ff7 (patch)
tree9862aadc3d9e3b31aa1b7b0fc6c793fb3dd7032c /nixos/modules/services/web-servers/phpfpm/default.nix
parent8d6682ca0b5f022d8322c3e47d2a1978efafd5ff (diff)
downloadnixpkgs-8e622d268934c56b465850b74f2cf65682f78ff7.tar
nixpkgs-8e622d268934c56b465850b74f2cf65682f78ff7.tar.gz
nixpkgs-8e622d268934c56b465850b74f2cf65682f78ff7.tar.bz2
nixpkgs-8e622d268934c56b465850b74f2cf65682f78ff7.tar.lz
nixpkgs-8e622d268934c56b465850b74f2cf65682f78ff7.tar.xz
nixpkgs-8e622d268934c56b465850b74f2cf65682f78ff7.tar.zst
nixpkgs-8e622d268934c56b465850b74f2cf65682f78ff7.zip
phpfpm service: allow netlink sockets for sendmail
Fixes #26611.
Diffstat (limited to 'nixos/modules/services/web-servers/phpfpm/default.nix')
-rw-r--r--nixos/modules/services/web-servers/phpfpm/default.nix3
1 files changed, 2 insertions, 1 deletions
diff --git a/nixos/modules/services/web-servers/phpfpm/default.nix b/nixos/modules/services/web-servers/phpfpm/default.nix
index f9febbfbacd..e1f4ff5db7f 100644
--- a/nixos/modules/services/web-servers/phpfpm/default.nix
+++ b/nixos/modules/services/web-servers/phpfpm/default.nix
@@ -150,7 +150,8 @@ in {
           PrivateDevices = true;
           ProtectSystem = "full";
           ProtectHome = true;
-          RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6";
+          # XXX: We need AF_NETLINK to make the sendmail SUID binary from postfix work
+          RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6 AF_NETLINK";
           Type = "notify";
           ExecStart = "${cfg.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${phpIni}";
           ExecReload = "${pkgs.coreutils}/bin/kill -USR2 $MAINPID";
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-20 15:02:27 +0000