mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-01-22 12:53:54 +00:00
142d83f90e
Our postfix-setup service ensures that the directory is only writable by root. postalias by default drops permissions to the user of the source file. In the case of NixOS that file is in the nix store and thus always owned by root and everything works. The problem is that when using a nixos-container with user namespaces (`-U`) then the nix store is owned by nobody/nogroup, and postfix-setup.service will be unable to create or modify `aliases.db`. Since the file would otherwise be owned by root, we should tell postfix to not assume the user and permissions of the `aliases` file by setting -o and -p From postalias(1) > -o Do not release root privileges when processing a non-root input file. By > default, postalias(1) drops root privileges and runs as the source file owner > instead. > -p Do not inherit the file access permissions from the input file when > creating a new file. Instead, create a new file with default access > permissions (mode 0644). |
||
|---|---|---|
| .. | ||
| config | ||
| hardware | ||
| i18n/input-method | ||
| image | ||
| installer | ||
| misc | ||
| profiles | ||
| programs | ||
| security | ||
| services | ||
| system | ||
| tasks | ||
| testing | ||
| virtualisation | ||
| module-list.nix | ||
| rename.nix | ||