diff options
Diffstat (limited to 'tw')
-rw-r--r-- | tw/services/mail.scm | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/tw/services/mail.scm b/tw/services/mail.scm index 2eb5c435..59cb1bf2 100644 --- a/tw/services/mail.scm +++ b/tw/services/mail.scm @@ -16,12 +16,17 @@ (define-configuration/no-serialization mta-configuration (host-name string "The system's host name, which is needed by nullmailer.") (user (string "mail") "The UNIX user name to allocate for the MTA.") + ;; Setuid programs are created before user accounts. When we first activate + ;; this service, the "mail" user does not exist and if we try to make + ;; `privileged-program' use it as a string, it fails. + (user-id (integer 469) "The user ID of the UNIX user to create. This ID +must be known in order to install the setuid programs.") (group (string "mail") "The UNIX user group to allocate for the MTA.")) (define (mta-accounts config) - (match-record config <mta-configuration> (user group) + (match-record config <mta-configuration> (user user-id group) (list (user-account - (name user) (group group) (system? #t) + (name user) (group group) (uid user-id) (system? #t) (comment "Nullmailer daemon user") (home-directory "/var/spool/nullmailer") (shell (file-append shadow "/sbin/nologin"))) @@ -37,11 +42,11 @@ ;; Allow any user to send mail. This also prevents annoying failures ;; when root tries to send mail, since nullmailer-send cannot read the ;; messages it puts in the queue with 0600 permissions. - (match-record config <mta-configuration> (user) + (match-record config <mta-configuration> (user-id) (map (lambda (prog) (privileged-program (program (file-append nullmailer prog)) - (setuid? #t) (user user))) + (setuid? #t) (user user-id))) '("/sbin/sendmail" "/bin/mailq")))) (define (mta-shepherd-services config) |