wwsympa.service: Use existing directory /run/sympa.

We shouldn't use RuntimeDirectory to create it anew because is belongs to the Sympa daemon and WWSympa looks up for PID files in there.
author: Guilhem Moulin <guilhem@fripost.org> 2020-05-16 14:54:59 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2020-05-16 15:51:58 +0200
commit: 809a185dca11424cef6220b5314a8b7aed487164 (patch)
tree: 8878adb340c065ade53c301bb569bac5d121c99b
parent: 0d844c7a788901fec3036e14ab07a4756f344415 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/lists/files/etc/systemd/system/wwsympa.service b/roles/lists/files/etc/systemd/system/wwsympa.service
index 1d302ef..cff2db7 100644
--- a/roles/lists/files/etc/systemd/system/wwsympa.service
+++ b/roles/lists/files/etc/systemd/system/wwsympa.service
@@ -1,30 +1,30 @@
 [Unit]
 Description=WWSympa Service
 After=network.target
 PartOf=sympa.service
 Requires=wwsympa.socket
 
 [Service]
 StandardInput=socket
 User=sympa
 Group=sympa
 ExecStart=/usr/lib/cgi-bin/sympa/wwsympa.fcgi
 
 # Hardening
 NoNewPrivileges=yes
 ReadWriteDirectories=/etc/sympa
 ReadWriteDirectories=/var/lib/sympa
 ReadWriteDirectories=/var/spool/sympa
-RuntimeDirectory=sympa
+ReadWriteDirectories=/run/sympa
 PrivateDevices=yes
 PrivateNetwork=yes
 ProtectHome=yes
 ProtectSystem=strict
 PrivateTmp=yes
 ProtectControlGroups=yes
 ProtectKernelModules=yes
 ProtectKernelTunables=yes
 RestrictAddressFamilies=
 
 [Install]
 WantedBy=multi-user.target
author	Guilhem Moulin <guilhem@fripost.org>	2020-05-16 14:54:59 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2020-05-16 15:51:58 +0200
commit	809a185dca11424cef6220b5314a8b7aed487164 (patch)
tree	8878adb340c065ade53c301bb569bac5d121c99b
parent	0d844c7a788901fec3036e14ab07a4756f344415 (diff)