Relax sand boxing to allow planetdump to send mail

author Tom Hughes <tom@compton.nu>

Mon, 11 Oct 2021 19:14:59 +0000 (20:14 +0100)

committer Tom Hughes <tom@compton.nu>

Mon, 11 Oct 2021 19:14:59 +0000 (20:14 +0100)
author Tom Hughes <tom@compton.nu>
Mon, 11 Oct 2021 19:14:59 +0000 (20:14 +0100)
committer Tom Hughes <tom@compton.nu>
Mon, 11 Oct 2021 19:14:59 +0000 (20:14 +0100)
diff --git a/cookbooks/planet/recipes/dump.rb b/cookbooks/planet/recipes/dump.rb

index 85243f335dd8b27a3d865c05c1cd77b40f1c6d15..83717fad4c8f38ce7778946fcc99a751befcb952 100644 (file)
--- a/cookbooks/planet/recipes/dump.rb
+++ b/cookbooks/planet/recipes/dump.rb
@@ -116,11 +116,9 @@ systemd_service "planetdump@" do
    exec_start "/usr/local/bin/planetdump %i"
    memory_max "64G"
    private_tmp true
-  private_devices true
-  private_network true
    protect_system "full"
    protect_home true
-  no_new_privileges true
+  read_write_paths "/var/log/exim4"
  end
  
  cron_d "planet-dump-mirror" do
author	Tom Hughes <tom@compton.nu>
	Mon, 11 Oct 2021 19:14:59 +0000 (20:14 +0100)
committer	Tom Hughes <tom@compton.nu>
	Mon, 11 Oct 2021 19:14:59 +0000 (20:14 +0100)