search

Snawoot / postfix-mta-sts-resolver

Daemon which provides TLS client policy for Postfix via socketmap, according to domain MTA-STS policy
MIT License
117 stars 23 forks source link

add command-line options "-g", "-u", "-p" #97

Closed jschauma closed 1 year ago

jschauma commented 1 year ago

-g GROUP, --group GROUP change eGID to this group (default: None)

-p PIDFILE, --pidfile PIDFILE name of the file to write the current pid to (default: None) -u USER, --user USER change eUID to this user (default: None)

Purpose of proposed changes

With these changes, it is easier to run the daemon as a daemon (although it still doesn't daemonize :-). That is, you can specify a pidfile for the daemon to write its PID to, and specify a username/groupname to have the daemon change to at startup. This allows you to kick off mta-sts-daemon via normal startup scripts as root and then have the daemon run unprivileged without having to play sudo/su games.

Essential steps taken

At daemon startup time, try to write the pid (prior to changing eUID), then change group (prior to changing eUID), then finally change eUID.

Snawoot commented 1 year ago

Thank you for the contribution!

Snawoot commented 1 year ago

Released in v1.3.0.

jschauma commented 1 year ago

Snawoot @.***> wrote:

Thank you for the contribution!

Thanks for merging so quickly!

-Jan