dovecot/dovecot-2.2.22-systemd_w_protectsystem.patch

12 lines
544 B
Diff

diff -up dovecot-2.3.0.1/dovecot.service.in.systemd_w_protectsystem dovecot-2.3.0.1/dovecot.service.in
--- dovecot-2.3.0.1/dovecot.service.in.systemd_w_protectsystem 2018-03-01 10:41:05.591067106 +0100
+++ dovecot-2.3.0.1/dovecot.service.in 2018-03-01 10:42:52.859959021 +0100
@@ -20,6 +20,7 @@ ExecReload=@bindir@/doveadm reload
ExecStop=@bindir@/doveadm stop
PrivateTmp=true
NonBlocking=yes
+# this will make /usr /boot /etc read only for dovecot
ProtectSystem=full
PrivateDevices=true
# disable this if you want to use apparmor plugin