diff options
| author | Lluís Batlle i Rossell <viric@vicerveza.homeunix.net> | 2010-10-10 10:43:28 +0000 |
|---|---|---|
| committer | Lluís Batlle i Rossell <viric@vicerveza.homeunix.net> | 2010-10-10 10:43:28 +0000 |
| commit | a069fcffc6022debe23c11f146bacd7ce5a7db5b (patch) | |
| tree | 71ba463cb2a7fd86eb35a81471ab1efcc6140f99 /modules/services/mail | |
| parent | f9d4df1e04ca14041c15c1b2cf5d9604cc2d30af (diff) | |
| download | nixlib-a069fcffc6022debe23c11f146bacd7ce5a7db5b.tar nixlib-a069fcffc6022debe23c11f146bacd7ce5a7db5b.tar.gz nixlib-a069fcffc6022debe23c11f146bacd7ce5a7db5b.tar.bz2 nixlib-a069fcffc6022debe23c11f146bacd7ce5a7db5b.tar.lz nixlib-a069fcffc6022debe23c11f146bacd7ce5a7db5b.tar.xz nixlib-a069fcffc6022debe23c11f146bacd7ce5a7db5b.tar.zst nixlib-a069fcffc6022debe23c11f146bacd7ce5a7db5b.zip | |
Making a nixos option about the system 'sendmail', which postfix sets, for example.
svn path=/nixos/trunk/; revision=24193
Diffstat (limited to 'modules/services/mail')
| -rw-r--r-- | modules/services/mail/mail.nix | 33 | ||||
| -rw-r--r-- | modules/services/mail/postfix.nix | 27 |
2 files changed, 56 insertions, 4 deletions
diff --git a/modules/services/mail/mail.nix b/modules/services/mail/mail.nix new file mode 100644 index 000000000000..bdf6b28ffbc7 --- /dev/null +++ b/modules/services/mail/mail.nix @@ -0,0 +1,33 @@ +{ config, pkgs, ... }: + +with pkgs.lib; + +{ + + ###### interface + + options = { + + services.mail = { + + sendmailSetuidWrapper = mkOption { + default = null; + description = '' + Configuration for the sendmail setuid wrwapper (like an element of + security.setuidOwners)"; + ''; + }; + + }; + + }; + + ###### implementation + + config = mkIf (config.services.mail.sendmailSetuidWrapper != null) { + + security.setuidOwners = [ config.services.mail.sendmailSetuidWrapper ]; + + }; + +} diff --git a/modules/services/mail/postfix.nix b/modules/services/mail/postfix.nix index 03c77885d069..3eda558f1c50 100644 --- a/modules/services/mail/postfix.nix +++ b/modules/services/mail/postfix.nix @@ -111,6 +111,11 @@ in default = false; description = "Whether to run the Postfix mail server."; }; + + setSendmail = mkOption { + default = true; + description = "Whether to set the system sendmail to postfix's."; + }; user = mkOption { default = "postfix"; @@ -254,10 +259,24 @@ in config = mkIf config.services.postfix.enable { - environment.etc = singleton - { source = "/var/postfix/conf"; - target = "postfix"; - }; + environment = { + etc = singleton + { source = "/var/postfix/conf"; + target = "postfix"; + }; + + # This makes comfortable for root to run 'postqueue' for example. + systemPackages = [ pkgs.postfix ]; + }; + + services.mail.sendmailSetuidWrapper = mkIf config.services.postfix.setSendmail { + program = "sendmail"; + source = "${pkgs.postfix}/bin/sendmail"; + owner = "nobody"; + group = "postdrop"; + setuid = false; + setgid = true; + }; users.extraUsers = singleton { name = user; |