[rpms/postfix] rawhide: Used workarounds for /var to support Image mode

public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed

* [rpms/postfix] rawhide: Used workarounds for /var to support Image mode
@ 2026-06-17 14:12 
  0 siblings, 0 replies; only message in thread
From:  @ 2026-06-17 14:12 UTC (permalink / raw)
  To: git-commits

A new commit has been pushed.

Repo   : rpms/postfix
Branch : rawhide
Commit : 6360422a378f28074bf1430084269f4fb0a57f71
Author : Jaroslav Škarvada <jskarvad@redhat.com>
Date   : 2026-06-17T16:10:42+02:00
Stats  : +51/-23 in 3 file(s)
URL    : https://src.fedoraproject.org/rpms/postfix/c/6360422a378f28074bf1430084269f4fb0a57f71?branch=rawhide

Log:
Used workarounds for /var to support Image mode

---
diff --git a/postfix.service b/postfix.service
index 1016ac3..d8ce880 100644
--- a/postfix.service
+++ b/postfix.service
@@ -11,12 +11,16 @@ PrivateTmp=true
 CapabilityBoundingSet=~ CAP_NET_ADMIN CAP_SYS_ADMIN CAP_SYS_BOOT CAP_SYS_MODULE
 ProtectSystem=true
 PrivateDevices=true
-ExecStartPre=-/usr/sbin/restorecon -R /var/spool/postfix/pid
-ExecStartPre=-/usr/libexec/postfix/aliasesdb
-ExecStartPre=-/usr/libexec/postfix/chroot-update
-ExecStart=/usr/sbin/postfix start
-ExecReload=/usr/sbin/postfix reload
-ExecStop=/usr/sbin/postfix stop
+ExecStartPre=!-/usr/sbin/restorecon -R /var/spool/postfix/pid
+ExecStartPre=!-/usr/libexec/postfix/aliasesdb
+ExecStartPre=!-/usr/libexec/postfix/chroot-update
+ExecStart=!/usr/sbin/postfix start
+ExecReload=!/usr/sbin/postfix reload
+ExecStop=!/usr/sbin/postfix stop
+User=postfix
+Group=root
+StateDirectory=postfix
+StateDirectoryMode=0700
 
 [Install]
 WantedBy=multi-user.target

diff --git a/postfix.spec b/postfix.spec
index 9a07125..1f09df3 100644
--- a/postfix.spec
+++ b/postfix.spec
@@ -57,7 +57,7 @@
 Name: postfix
 Summary: Postfix Mail Transport Agent
 Version: 3.11.3
-Release: 3%{?dist}
+Release: 4%{?dist}
 Epoch: 2
 URL: http://www.postfix.org
 License: (IPL-1.0 OR EPL-2.0) AND GPL-2.0-or-later AND BSD-4-Clause-UC
@@ -81,6 +81,7 @@ Source3: README-Postfix-SASL-RedHat.txt
 Source4: postfix.aliasesdb
 Source5: postfix-chroot-update
 Source6: postfix.sysusers
+Source7: postfix.tmpfiles
 
 # Sources 50-99 are upstream [patch] contributions
 
@@ -432,6 +433,9 @@ install -m 755 %{SOURCE5} %{buildroot}%{postfix_daemon_dir}/chroot-update
 # systemd-sysusers
 install -p -D -m 0644 %{SOURCE6} %{buildroot}%{_sysusersdir}/postfix.conf
 
+# systemd-tmpfiles
+install -p -D -m 0644 %{SOURCE7} %{buildroot}%{_tmpfilesdir}/postfix.conf
+
 install -c auxiliary/rmail/rmail $RPM_BUILD_ROOT%{_bindir}/rmail.postfix
 
 for i in active bounce corrupt defer deferred flush incoming private saved maildrop public pid saved trace; do
@@ -652,6 +656,7 @@ fi
 %config(noreplace) %{sasl_config_dir}/smtpd.conf
 %endif
 %config(noreplace) %{_sysconfdir}/pam.d/smtp.postfix
+%{_tmpfilesdir}/postfix.conf
 %{_unitdir}/postfix.service
 
 # Documentation
@@ -680,23 +685,23 @@ fi
 
 %dir %attr(0755, root, root) %{postfix_config_dir}
 %dir %attr(0755, root, root) %{postfix_daemon_dir}
-%dir %attr(0755, root, root) %{postfix_queue_dir}
+%ghost %dir %attr(0755, root, root) %{postfix_queue_dir}
 %dir %attr(0755, root, root) %{postfix_shlib_dir}
-%dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/active
-%dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/bounce
-%dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/corrupt
-%dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/defer
-%dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/deferred
-%dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/flush
-%dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/hold
-%dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/incoming
-%dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/saved
-%dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/trace
-%dir %attr(0730, %{postfix_user}, %{maildrop_group}) %{postfix_queue_dir}/maildrop
-%dir %attr(0755, root, root) %{postfix_queue_dir}/pid
-%dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/private
-%dir %attr(0710, %{postfix_user}, %{maildrop_group}) %{postfix_queue_dir}/public
-%dir %attr(0700, %{postfix_user}, root) %{postfix_data_dir}
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/active
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/bounce
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/corrupt
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/defer
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/deferred
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/flush
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/hold
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/incoming
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/saved
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/trace
+%ghost %dir %attr(0730, %{postfix_user}, %{maildrop_group}) %{postfix_queue_dir}/maildrop
+%ghost %dir %attr(0755, root, root) %{postfix_queue_dir}/pid
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_queue_dir}/private
+%ghost %dir %attr(0710, %{postfix_user}, %{maildrop_group}) %{postfix_queue_dir}/public
+%ghost %dir %attr(0700, %{postfix_user}, root) %{postfix_data_dir}
 %dir %attr(0755, root, root) %{postfix_config_dir}/dynamicmaps.cf.d
 %dir %attr(0755, root, root) %{postfix_config_dir}/postfix-files.d
 
@@ -858,6 +863,9 @@ fi
 %endif
 
 %changelog
+* Wed Jun 17 2026 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.11.3-4
+- Used workarounds for /var to support Image mode
+
 * Fri Jun 12 2026 Yaakov Selkowitz <yselkowi@redhat.com> - 2:3.11.3-3
 - Rebuilt for openssl 4.0
 

diff --git a/postfix.tmpfiles b/postfix.tmpfiles
new file mode 100644
index 0000000..567af18
--- /dev/null
+++ b/postfix.tmpfiles
@@ -0,0 +1,16 @@
+# postfix spool
+d /var/spool/postfix 0755 root root -
+d /var/spool/postfix/active 0700 postfix root -
+d /var/spool/postfix/bounce 0700 postfix root -
+d /var/spool/postfix/corrupt 0700 postfix root -
+d /var/spool/postfix/defer 0700 postfix root -
+d /var/spool/postfix/deferred 0700 postfix root -
+d /var/spool/postfix/flush 0700 postfix root -
+d /var/spool/postfix/hold 0700 postfix root -
+d /var/spool/postfix/incoming 0700 postfix root -
+d /var/spool/postfix/saved 0700 postfix root -
+d /var/spool/postfix/trace 0700 postfix root -
+d /var/spool/postfix/maildrop 0730 postfix postdrop -
+d /var/spool/postfix/pid 0755 root root -
+d /var/spool/postfix/private 0700 postfix root -
+d /var/spool/postfix/public 0710 postfix postdrop -

^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2026-06-17 14:12 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-17 14:12 [rpms/postfix] rawhide: Used workarounds for /var to support Image mode

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox