From 51e58dafca6303a3e98c728b157753d8567bac76 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Tue, 28 Aug 2012 16:27:28 +0200 Subject: spamassassin: use a dedicated user for running spamd --- modules/services/mail/spamassassin.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'modules/services/mail/spamassassin.nix') diff --git a/modules/services/mail/spamassassin.nix b/modules/services/mail/spamassassin.nix index 69d3c390bc9..9b387eb940f 100644 --- a/modules/services/mail/spamassassin.nix +++ b/modules/services/mail/spamassassin.nix @@ -33,11 +33,17 @@ in # Allow users to run 'spamc'. environment.systemPackages = [ pkgs.spamassassin ]; + users.extraUsers = singleton + { name = "spamd"; + description = "Spam Assassin Daemon"; + uid = config.ids.uids.spamd; + }; + jobs.spamd = { description = "Spam Assassin Server"; startOn = "started networking and filesystem"; environment.TZ = config.time.timeZone; - exec = "${pkgs.spamassassin}/bin/spamd -C /etc/spamassassin/init.pre --siteconfigpath=/etc/spamassassin --debug --pidfile=/var/run/spamd.pid"; + exec = "${pkgs.spamassassin}/bin/spamd -C /etc/spamassassin/init.pre --siteconfigpath=/etc/spamassassin --username=spamd --pidfile=/var/run/spamd.pid"; }; }; -- cgit 1.4.1