wwsympa: allow write access to /var/spool/sympa.

Request to post and moderate messages using the web interface.
author: Guilhem Moulin <guilhem@fripost.org> 2017-05-14 15:07:43 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2017-05-14 15:07:46 +0200
commit: cc8bfb8f067b859a2f6aae467969c22703567d00 (patch)
tree: 77080f69825aee09b294dfd343b76705aa8ea385 /roles
parent: c55ae1e2a93b1debd8df3ef944c2ddc91055c423 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/roles/lists/files/lib/systemd/system/wwsympa.service b/roles/lists/files/lib/systemd/system/wwsympa.service
index bdbf17e..4e3d94b 100644
--- a/roles/lists/files/lib/systemd/system/wwsympa.service
+++ b/roles/lists/files/lib/systemd/system/wwsympa.service
@@ -2,23 +2,24 @@
 Description=WWSympa Service
 After=network.target
 PartOf=sympa.service
 Requires=wwsympa.socket
 
 [Service]
 StandardInput=socket
 User=sympa
 Group=sympa
 ExecStart=/usr/lib/cgi-bin/sympa/wwsympa.fcgi
 
 # Hardening
 NoNewPrivileges=yes
 PrivateDevices=yes
 ProtectHome=yes
 ProtectSystem=full
 PrivateTmp=yes
 ReadOnlyDirectories=/
 ReadWriteDirectories=-/var/lib/sympa
 ReadWriteDirectories=-/var/run/sympa
+ReadWriteDirectories=-/var/spool/sympa
 
 [Install]
 WantedBy=multi-user.target
author	Guilhem Moulin <guilhem@fripost.org>	2017-05-14 15:07:43 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2017-05-14 15:07:46 +0200
commit	cc8bfb8f067b859a2f6aae467969c22703567d00 (patch)
tree	77080f69825aee09b294dfd343b76705aa8ea385 /roles
parent	c55ae1e2a93b1debd8df3ef944c2ddc91055c423 (diff)