-
Notifications
You must be signed in to change notification settings - Fork 260
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Correct setup doc #639
base: master
Are you sure you want to change the base?
Correct setup doc #639
Conversation
Wondering why systemd doesn't do it already since we set StateDirectory and RuntimeDirectory.
Same goes for capabilities:
|
AmbientCapabilities was added in systemd v229. What is your distribution/systemd version? |
|
Is there anything in the system journal regarding maddy.service when you run |
I tried disable maddy.service and remove those permissions and enable again, this time the permissions are applied automatically just as you described. However, this is not a fresh installation anymore. I can't tell why the first time it didn't work. My journalctl does not keep logs persistently. Let me paste the log of the fresh installation (months ago) in Click to expandwget https://github.com/foxcpp/maddy/releases/download/v0.7.0/maddy-0.7.0-x86_64-linux-musl.tar.zst
unzstd maddy-0.7.0-x86_64-linux-musl.tar.zst
tar -xvf maddy-
tar -xvf maddy-0.7.0-x86_64-linux-musl.tar
cd maddy-0.7.0-x86_64-linux-musl
mkdir /etc/maddy
cp maddy.conf /etc/maddy
cp maddy maddyctl /usr/bin
cp systemd/*.service /etc/systemd/system
mkdir /etc/maddy
cp maddy.conf /etc/maddy
cp maddy /usr/bin
cp systemd/*.service /etc/systemd/system
ls /sbin
useradd -mrU -s /sbin/nologin -d /var/lib/maddy -c "maddy mail server" maddy
dnf install certbot
dnf install python-certbot-nginx
vim /etc/nginx/conf.d/maddy.conf
vim /etc/maddy/maddy.conf
ip a
lsblk -f
for i in 25 465 587 993 143;do lsof -i $i;done
for i in 25 465 587 993 143;do lsof -i:$i;done
for i in 25 465 587 993 143 443;do lsof -i:$i;done
ls -l /
ls -l /etc/certkey
ls -l /etc/
setfacl
setfacl -R -m u:maddy:rx /etc/certkey/cert.{key,pem}
setfacl -R -m u:maddy:rx /etc/certkey/cert.{key,pemm}
systemctl enable --now maddy.service
systemctl status maddy.service
vim /etc/maddy/maddy.conf
systemctl start maddy
journalctl -xeu maddy.service
systemctl status maddy.service
systemctl daemon-reload
clear
useradd -mrU -s /sbin/nologin -d /var/lib/maddy -c "maddy mail server" maddy
userdel maddy
useradd -mrU -s /sbin/nologin -d /var/lib/maddy -c "maddy mail server" maddy
userdel maddy
rm -rf /var/lib/maddy
useradd -mrU -s /sbin/nologin -d /var/lib/maddy -c "maddy mail server" maddy
systemctl start maddy
maddy
su maddy
maddy run
systemctl status maddy
systemctl start maddy
vifm /etc/systemd/system maddy-0.7.0-x86_64-linux-musl/systemd
mv /usr/bin/maddy /usr/local/bin/maddy
systemctl start maddy
maddy
which maddy
/usr/local/bin/maddy run
su - maddy -c /usr/local/bin/maddy run
runuser -l maddy -c '/usr/local/bin/maddy run'
chsh -s /bin/bash maddy
runuser -l maddy -c '/usr/local/bin/maddy run'
ls /run/maddy
vifm /run/maddy
chown maddy:maddy /run/maddy
runuser -l maddy -c '/usr/local/bin/maddy run'
chown -R maddy:maddy /var/lib/maddy
runuser -l maddy -c '/usr/local/bin/maddy run'
chown -R maddy:maddy /run/maddy
runuser -l maddy -c '/usr/local/bin/maddy run'
lsof -i:25
netstat -tulpn | grep :25
setcap 'cap_net_bind_service=+ep' /usr/local/bin/maddy
runuser -l maddy -c '/usr/local/bin/maddy run'
systemctl start maddy
systemctl enable maddy
chown -R maddy:maddy /var/lib/maddy /run/maddy
setcap 'cap_net_bind_service=+ep' /usr/local/bin/maddy NOTE: I use vifm (TUI filemanager) sometimes, so that not all paths of edited files nor the Maybe it's because of SELinux? I'm not familiar with this thing, but could it be possible that once I gave the permission manually, the restriction disappeared so that systemd could add it for me after that? |
Add two lines of commands in Installation guide.
As for my test, it won't work without either of these lines.