fix: DMS state volume must ensure `o+x` permission (#4420)
This commit is contained in:
Brennan Kinney
GitHub
parent
8ca2bd212c
commit
a3571a88c1
|
|
@ -17,14 +17,17 @@ All notable changes to this project will be documented in this file. The format
|
||||||
- Gender-neutral language
|
- Gender-neutral language
|
||||||
- **Postfix:**
|
- **Postfix:**
|
||||||
- `setup email restrict` generated configs now only prepend to `dms_smtpd_sender_restrictions` ([#4379](https://github.com/docker-mailserver/docker-mailserver/pull/4379))
|
- `setup email restrict` generated configs now only prepend to `dms_smtpd_sender_restrictions` ([#4379](https://github.com/docker-mailserver/docker-mailserver/pull/4379))
|
||||||
|
- **Rspamd:**
|
||||||
|
- Change detection support now monitors all files found within the DMS _Config Volume_ Rspamd directory ([#4418](https://github.com/docker-mailserver/docker-mailserver/pull/4418))
|
||||||
- **Internal:**
|
- **Internal:**
|
||||||
- A permissions fix for `/var/log/mail` that was [added in DMS v15]((https://github.com/docker-mailserver/docker-mailserver/pull/4374)) no longer encounters an error when no log files are present during a container restart, such as with a `tmpfs` volume mount ([#4391](https://github.com/docker-mailserver/docker-mailserver/pull/4391))
|
- A permissions fix for `/var/log/mail` that was [added in DMS v15]((https://github.com/docker-mailserver/docker-mailserver/pull/4374)) no longer encounters an error when no log files are present during a container restart, such as with a `tmpfs` volume mount ([#4391](https://github.com/docker-mailserver/docker-mailserver/pull/4391))
|
||||||
|
- The DMS _State Volume_ (`/var/mail-state`) will now ensure it's file tree is accessible for services when the volume was created with missing executable bit ([#4420](https://github.com/docker-mailserver/docker-mailserver/pull/4420))
|
||||||
|
- The DMS _Config Volume_ (`/tmp/docker-mailserver`) now correctly updates permissions on container restarts ([#4417](https://github.com/docker-mailserver/docker-mailserver/pull/4417))
|
||||||
|
|
||||||
### Updates
|
### Updates
|
||||||
|
|
||||||
- **Internal:**
|
- **Internal:**
|
||||||
- Minor improvements to `_install_utils()` in `packages.sh` ([#4376](https://github.com/docker-mailserver/docker-mailserver/pull/4376))
|
- Minor improvements to `_install_utils()` in `packages.sh` ([#4376](https://github.com/docker-mailserver/docker-mailserver/pull/4376))
|
||||||
- Change detection support for Rspamd now monitors all files at the rspamd Config Volume directory ([#4418](https://github.com/docker-mailserver/docker-mailserver/pull/4418))
|
|
||||||
|
|
||||||
## [v15.0.0](https://github.com/docker-mailserver/docker-mailserver/releases/tag/v15.0.0)
|
## [v15.0.0](https://github.com/docker-mailserver/docker-mailserver/releases/tag/v15.0.0)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -95,6 +95,11 @@ function _setup_save_states() {
|
||||||
function _setup_adjust_state_permissions() {
|
function _setup_adjust_state_permissions() {
|
||||||
[[ ! -d ${DMS_STATE_DIR} ]] && return 0
|
[[ ! -d ${DMS_STATE_DIR} ]] && return 0
|
||||||
|
|
||||||
|
# Parent directories must have executable bit set to descend the file tree for access,
|
||||||
|
# as each service running as a non-root user requires this to access their state directory,
|
||||||
|
# `/var/mail-state` must allow all users `+x`:
|
||||||
|
chmod +x "${DMS_STATE_DIR}"
|
||||||
|
|
||||||
# This ensures the user and group of the files from the external mount have their
|
# This ensures the user and group of the files from the external mount have their
|
||||||
# numeric ID values in sync. New releases where the installed packages order changes
|
# numeric ID values in sync. New releases where the installed packages order changes
|
||||||
# can change the values in the Docker image, causing an ownership mismatch.
|
# can change the values in the Docker image, causing an ownership mismatch.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue