Re: Any issues running as root vs. opendkim?
On 03/08/14 05:15, Steve Jenkins wrote:
> Yikes, Daniel. That's awesome... but WAY over my head. :)
>
> 1) Can you make that comment on the Bugzilla report for the benefit of
> the other guys on the bug?
ack. There's a bunch of cluey people on the bug already but getting the
below information would help defining a policy for all of opendkim.
> 2) Is there anything I should be doing on the package side to try and
> address?
Can you try to define the other thing that opendkim would need?
e.g. there are database things - so need to define what these are, so in
selinux there will be selinux booleans to enable opendkim access to
mysql for instance.
So please list all databases :
- mysql
- postgres
..
- ldap
Are all berkdb interactions read only from opendkim?
Memcache interactions are needed I think.
Does the dnssec unbound libraries read special files (got
TrustAnchorFile) or communicate over anything ?
What system calls occur with lua / erlang datasets?
Is there any other funky features that interact with other components
that would need selinux rules to allow those interactions?
Received on Sat Aug 02 2014 - 23:31:10 PST
This archive was generated by hypermail 2.3.0
: Sat Aug 02 2014 - 23:36:00 PST