[Nix-commits] SVN commit: nix - r24193 - in nixos/trunk/modules: . services/mail

Sun, 10 Oct 2010 03:44:01 -0700 

Author: viric
Date: Sun Oct 10 10:43:28 2010
New Revision: 24193
URL: https://svn.nixos.org/websvn/nix/?rev=24193&sc=1

Log:
Making a nixos option about the system 'sendmail', which postfix sets, for 
example.

Added:
   nixos/trunk/modules/services/mail/mail.nix
Modified:
   nixos/trunk/modules/module-list.nix
   nixos/trunk/modules/services/mail/postfix.nix

Modified: nixos/trunk/modules/module-list.nix
==============================================================================
--- nixos/trunk/modules/module-list.nix Sun Oct 10 07:39:01 2010        (r24192)
+++ nixos/trunk/modules/module-list.nix Sun Oct 10 10:43:28 2010        (r24193)
@@ -14,6 +14,7 @@
   ./config/users-groups.nix
   ./hardware/network/intel-2200bg.nix
   ./hardware/network/intel-3945abg.nix
+  ./hardware/network/rt2870.nix 
   ./hardware/network/rt73.nix 
   ./hardware/pcmcia.nix
   ./installer/generations-dir/generations-dir.nix
@@ -59,6 +60,7 @@
   ./services/logging/logrotate.nix
   ./services/logging/syslogd.nix
   ./services/mail/dovecot.nix
+  ./services/mail/mail.nix
   ./services/mail/postfix.nix
   ./services/misc/autofs.nix
   ./services/misc/disnix.nix

Added: nixos/trunk/modules/services/mail/mail.nix
==============================================================================
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ nixos/trunk/modules/services/mail/mail.nix  Sun Oct 10 10:43:28 2010        
(r24193)
@@ -0,0 +1,33 @@
+{ config, pkgs, ... }:
+
+with pkgs.lib;
+
+{
+
+  ###### interface
+
+  options = {
+  
+    services.mail = {
+    
+      sendmailSetuidWrapper = mkOption {
+        default = null;
+        description = ''
+          Configuration for the sendmail setuid wrwapper (like an element of
+          security.setuidOwners)";
+        '';
+      };
+
+    };
+
+  };
+
+  ###### implementation
+
+  config = mkIf (config.services.mail.sendmailSetuidWrapper != null) {
+
+    security.setuidOwners = [ config.services.mail.sendmailSetuidWrapper ];
+
+  };
+
+}

Modified: nixos/trunk/modules/services/mail/postfix.nix
==============================================================================
--- nixos/trunk/modules/services/mail/postfix.nix       Sun Oct 10 07:39:01 
2010        (r24192)
+++ nixos/trunk/modules/services/mail/postfix.nix       Sun Oct 10 10:43:28 
2010        (r24193)
@@ -111,6 +111,11 @@
         default = false;
         description = "Whether to run the Postfix mail server.";
       };
+
+      setSendmail = mkOption {
+        default = true;
+        description = "Whether to set the system sendmail to postfix's.";
+      };
       
       user = mkOption {
         default = "postfix";
@@ -254,10 +259,24 @@
 
   config = mkIf config.services.postfix.enable {
 
-    environment.etc = singleton
-      { source = "/var/postfix/conf";
-        target = "postfix";
-      };
+    environment = {
+      etc = singleton
+        { source = "/var/postfix/conf";
+          target = "postfix";
+        };
+
+      # This makes comfortable for root to run 'postqueue' for example.
+      systemPackages = [ pkgs.postfix ];
+    };
+
+    services.mail.sendmailSetuidWrapper = mkIf 
config.services.postfix.setSendmail {
+      program = "sendmail";
+      source = "${pkgs.postfix}/bin/sendmail";
+      owner = "nobody";
+      group = "postdrop";
+      setuid = false;
+      setgid = true;
+    };
 
     users.extraUsers = singleton
       { name = user;
_______________________________________________
nix-commits mailing list
[email protected]
http://mail.cs.uu.nl/mailman/listinfo/nix-commits

Reply via email to