mirror of
https://codeberg.org/grunfink/snac2.git
synced 2024-11-25 14:35:04 +00:00
On OpenBSD, don't enable sendmail if email notifications are disabled.
This commit is contained in:
parent
b8975b472d
commit
b6f8d8e900
1 changed files with 11 additions and 2 deletions
11
data.c
11
data.c
|
@ -117,18 +117,27 @@ int srv_open(char *basedir, int auto_upgrade)
|
||||||
srv_debug(1, xs_dup("OpenBSD security disabled by admin"));
|
srv_debug(1, xs_dup("OpenBSD security disabled by admin"));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
int smail = xs_type(xs_dict_get(srv_config, "disable_email_notifications")) != XSTYPE_TRUE;
|
||||||
|
|
||||||
srv_debug(1, xs_fmt("Calling unveil()"));
|
srv_debug(1, xs_fmt("Calling unveil()"));
|
||||||
unveil(basedir, "rwc");
|
unveil(basedir, "rwc");
|
||||||
unveil("/tmp", "rwc");
|
unveil("/tmp", "rwc");
|
||||||
unveil("/usr/sbin/sendmail", "x");
|
|
||||||
unveil("/etc/resolv.conf", "r");
|
unveil("/etc/resolv.conf", "r");
|
||||||
unveil("/etc/hosts", "r");
|
unveil("/etc/hosts", "r");
|
||||||
unveil("/etc/ssl/openssl.cnf", "r");
|
unveil("/etc/ssl/openssl.cnf", "r");
|
||||||
unveil("/etc/ssl/cert.pem", "r");
|
unveil("/etc/ssl/cert.pem", "r");
|
||||||
unveil("/usr/share/zoneinfo", "r");
|
unveil("/usr/share/zoneinfo", "r");
|
||||||
|
|
||||||
|
if (smail)
|
||||||
|
unveil("/usr/sbin/sendmail", "x");
|
||||||
|
|
||||||
unveil(NULL, NULL);
|
unveil(NULL, NULL);
|
||||||
srv_debug(1, xs_fmt("Calling pledge()"));
|
srv_debug(1, xs_fmt("Calling pledge()"));
|
||||||
|
|
||||||
|
if (smail)
|
||||||
pledge("stdio rpath wpath cpath flock inet proc exec dns fattr", NULL);
|
pledge("stdio rpath wpath cpath flock inet proc exec dns fattr", NULL);
|
||||||
|
else
|
||||||
|
pledge("stdio rpath wpath cpath flock inet proc dns fattr", NULL);
|
||||||
}
|
}
|
||||||
#endif /* __OpenBSD__ */
|
#endif /* __OpenBSD__ */
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue