Re: Can’t authenticate any users after upgrade.
Helmut K. C. Tessarek
tessarek at evermeet.cx
Fri Apr 6 05:02:26 EEST 2018
On 2018-04-05 02:34, B. Reino wrote:
> This way the fix survives any updates and you don't have to mess with
> package-provided files.
You'd also have to add the following:
CapabilityBoundingSet=CAP_CHOWN CAP_DAC_OVERRIDE CAP_IPC_LOCK CAP_KILL
CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT
CAP_SYS_RESOURCE CAP_AUDIT_WRITE
It won't work without CAP_AUDIT_WRITE, even, if NoNewPrivileges is set
to false, at least not on my server.
But as I've mentioned this _could_ be counterproductive if in the future
the systemd file that comes with dovecot is changed and you forget to
delete /etc/systemd/system/dovecot.service.d/NoNewPrivileges.conf again.
--
regards Helmut K. C. Tessarek KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944
/*
Thou shalt not follow the NULL pointer for chaos and madness
await thee at its end.
*/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180405/074110d2/attachment.sig>
More information about the dovecot
mailing list