저는 systemd 253.5를 사용하고 있으며 제 목표는 DynamicUser=GNU Mailutils 3.15를 사용하여 이 명령을 통해 mail이메일을 보내는 것입니다.
[[email protected]:~]# systemctl cat [email protected]
# /etc/systemd/system/[email protected]
[Unit]
After=network.target
Description=Unit Status Mail Notifier
[Service]
Environment="LOCALE_ARCHIVE=/nix/store/5l0qzzkb3r3yxygdq3688fjcc18lwg3j-glibc-locales-2.37-8/lib/locale/locale-archive"
Environment="PATH=/nix/store/n0wyrb99dxinh0y6rjixmqdgvbm57fa6-mailutils-3.15/bin:/nix/store/f11ibsj5vmqcy8ihfa8mzvpfs4af7cw5-coreutils-9.1/bin:/nix/store/jvh4fbqfxwwn162k5hb8ndc4h5555wfa-findutils-4.9.0/bin:/nix/store/rn5b13lbsslbvmmbqnqxdcagzqp4435w-gnugrep-3.7/bin:/nix/store/w64nwxs3r6cyqgy6ssxib5i2r6k8yfc2-gnused-4.9/bin:/nix/store/8lgs0dqh9ks1164fp4g14gq7w1ihjbf0-systemd-253.5/bin:/nix/store/n0wyrb99dxinh0y6rjixmqdgvbm57fa6-mailutils-3.15/sbin:/nix/store/f11ibsj5vmqcy8ihfa8mzvpfs4af7cw5-coreutils-9.1/sbin:/nix/store/jvh4fbqfxwwn162k5hb8ndc4h5555wfa-findutils-4.9.0/sbin:/nix/store/rn5b13lbsslbvmmbqnqxdcagzqp4435w-gnugrep-3.7/sbin:/nix/store/w64nwxs3r6cyqgy6ssxib5i2r6k8yfc2-gnused-4.9/sbin:/nix/store/8lgs0dqh9ks1164fp4g14gq7w1ihjbf0-systemd-253.5/sbin"
Environment="TZDIR=/nix/store/4faw3w020cjxvd1dnxhg73mi10wcxvpw-tzdata-2023c/share/zoneinfo"
CapabilityBoundingSet=
ExecStart=/nix/store/1asmwq09fdn42k8rw09ps3jwsq6b0pqf-unit-status-mail/bin/unit-status-mail "[email protected]" "[email protected]" %I \
" Pretty hostname: Server 1" \
" Authoritative FQDN: server1.example.com" \
" Machine ID: %m" \
" Boot ID: %b"
IPAddressDeny=any
LockPersonality=true
MemoryDenyWriteExecute=true
PrivateDevices=true
PrivateNetwork=true
PrivateTmp=true
ProtectControlGroups=true
ProtectHostname=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectSystem=strict
RemoveIPC=true
RestrictAddressFamilies=AF_UNIX
RestrictNamespaces=true
RestrictRealtime=true
RestrictSUIDSGID=true
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service
SystemCallFilter=~@privileged
SystemCallFilter=~@resources
Type=simple
UMask=0077
[[email protected]:~]# cat /nix/store/1asmwq09fdn42k8rw09ps3jwsq6b0pqf-unit-status-mail/bin/unit-status-mail
#!/nix/store/7q1b1bsmxi91zci6g8714rcljl620y7f-bash-5.2-p15/bin/bash
MAILTO="$1"
MAILFROM="$2"
UNIT="$3"
EXTRA=""
for e in "${@:4}"; do
EXTRA+="$e"$'\n'
done
UNITSTATUS="$(systemctl status $UNIT)"
mail \
--content-type 'text/plain; charset=utf-8' \
--append=From:"$MAILFROM" \
--subject="Status for unit: $UNIT" \
"$MAILTO" <<EOF
Status report for unit: $UNIT
$EXTRA
$UNITSTATUS
EOF
DynamicUser=ProtectSystem=strict이는 내 장치가 GNU Mailutils 3.15를 사용하여 이메일을 보내는 것을 방지한다는 의미입니다 mail: cannot send message: Process exited with a non-zero status. 그것은 그것 으로 잘 작동합니다 ProtectSystem=full.
이를 사용하여 다시 작동시킬 수 있다고 생각 ReadWritePaths=하지만 어떤 경로가 필요한지 모르겠습니다.
GNU Mailutils가 작동하려면 systemd 장치에 어떤 경로가 필요합니까?