issue with sieve forwarding after upgrade to 0.5.1
Aki Tuomi
aki.tuomi at dovecot.fi
Wed Apr 4 10:09:20 EEST 2018
We are thinking that we remove both this and CapabilityBoundingSet in next release, so feel free to remove them from the unit file.
---Aki TuomiDovecot oy
-------- Original message --------From: "Helmut K. C. Tessarek" <tessarek at evermeet.cx> Date: 04/04/2018 09:44 (GMT+02:00) To: dovecot at dovecot.org Subject: Re: issue with sieve forwarding after upgrade to 0.5.1
On 2018-04-04 01:54, B. Reino wrote:
> The new systemd service file has NoNewPrivileges set to true. You need
> to override that to false and then it should work again.
It seems that the NoNewPrivileges option messes with several things.
PAM authentication stopped working as well besides the fact that
CAP_AUDIT_WRITE is also missing in CapabilityBoundingSet.
I've opened a pull request https://github.com/dovecot/core/pull/71
Although I removed NoNewPrivileges altogether, since I didn't know what
to write in the comment.
The only thing I could think of was something along the lines:
# If you want most things to stop working, set this to true
I thought this would be rather counterproductive, thus I removed it.
Maybe somebody else could enlighten me who came up with this default
setting and why it was set to true in the first place.
Cheers,
K. C.
--
regards Helmut K. C. Tessarek KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944
/*
Thou shalt not follow the NULL pointer for chaos and madness
await thee at its end.
*/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180404/36f90587/attachment.html>
More information about the dovecot
mailing list