mirror of
https://github.com/deuill/coreos-home-server.git
synced 2024-09-21 05:30:45 +00:00
dovecot: Add chroot
in container
Dovecot will, by default, have login processes run under a limited `chroot` environment. However, this broke recently with the update to Podman 4.4.1 and the removal of implicit `CAP_CHROOT` capabilities. This commit re-adds these in place.
This commit is contained in:
parent
c01eed0761
commit
e7e90f0002
@ -11,6 +11,7 @@ SyslogIdentifier=%N
|
||||
Restart=on-failure
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
ExecStart=/bin/podman run --replace --name %N --net internal --sdnotify=conmon \
|
||||
--cap-add SYS_CHROOT \
|
||||
--env-file %E/coreos-home-server/%N/%N.env \
|
||||
--env-file %E/coreos-home-server/rspamd/rspamd.env \
|
||||
--publish 143:143 --publish 993:993 --publish 4190:4190 \
|
||||
|
Loading…
Reference in New Issue
Block a user