diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/mail/postfix.nix')
| -rw-r--r-- | nixpkgs/nixos/modules/services/mail/postfix.nix | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/nixpkgs/nixos/modules/services/mail/postfix.nix b/nixpkgs/nixos/modules/services/mail/postfix.nix index 2b8edb9c51f8..6fc09682e0c0 100644 --- a/nixpkgs/nixos/modules/services/mail/postfix.nix +++ b/nixpkgs/nixos/modules/services/mail/postfix.nix @@ -505,6 +505,7 @@ in tlsTrustedAuthorities = mkOption { type = types.str; default = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + defaultText = literalExpression ''"''${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"''; description = '' File containing trusted certification authorities (CA) to verify certificates of mailservers contacted for mail delivery. This basically sets smtp_tls_CAfile and enables opportunistic tls. Defaults to NixOS trusted certification authorities. ''; @@ -544,7 +545,7 @@ in type = types.lines; default = ""; description = " - Entries for the virtual alias map, cf. man-page virtual(8). + Entries for the virtual alias map, cf. man-page virtual(5). "; }; @@ -673,7 +674,7 @@ in services.mail.sendmailSetuidWrapper = mkIf config.services.postfix.setSendmail { program = "sendmail"; source = "${pkgs.postfix}/bin/sendmail"; - owner = "nobody"; + owner = "root"; group = setgidGroup; setuid = false; setgid = true; @@ -682,7 +683,7 @@ in security.wrappers.mailq = { program = "mailq"; source = "${pkgs.postfix}/bin/mailq"; - owner = "nobody"; + owner = "root"; group = setgidGroup; setuid = false; setgid = true; @@ -691,7 +692,7 @@ in security.wrappers.postqueue = { program = "postqueue"; source = "${pkgs.postfix}/bin/postqueue"; - owner = "nobody"; + owner = "root"; group = setgidGroup; setuid = false; setgid = true; @@ -700,7 +701,7 @@ in security.wrappers.postdrop = { program = "postdrop"; source = "${pkgs.postfix}/bin/postdrop"; - owner = "nobody"; + owner = "root"; group = setgidGroup; setuid = false; setgid = true; |