On Sat, 5 Jul 2025, 23:54 Holger Levsen, <hol...@layer-acht.org> wrote:
> > On Mon, Jun 30, 2025 at 07:26:37PM +0100, Richard Lewis wrote: > > I have 2 thoughts, one is that we set ProtectSystem=strict so /tmp is > > read-only when the unit runs: However, we set > > Environment=TMPDIR=/run/chkrootkit which should mean things dont write > > to /tmp --- maybe your email sending setup ignores TMPDIR? are you > > using something non-standard? > > I can send mail on these machines using this command: > > $ date| mail -s test root > great -- but this isnt sending mail from a systemd unit with a read-only /tmp or with a different TMPDIR setting --- does the systemd workaround in the earlier message work? --- does running /sbin/chkrootkit-daily directly work? (just in case) can you also tell me --- how to configure a system to reproduce this in a new container: what packages do i install (postfix? ssmtp? please assume.no knowledge of these!) and what settings to make (if any? i think we would just need "local delivery"): this seems like something we will need to test more, however we reaolve this --- what provides mail(1) --is it mailx or mailutils etc? (probably doesnt matter, but.)
