diff options
Diffstat (limited to 'roles/IMAP/files/etc')
-rw-r--r-- | roles/IMAP/files/etc/systemd/system/dovecot-auth-proxy.service | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/roles/IMAP/files/etc/systemd/system/dovecot-auth-proxy.service b/roles/IMAP/files/etc/systemd/system/dovecot-auth-proxy.service index d20f9c2..3ac0b31 100644 --- a/roles/IMAP/files/etc/systemd/system/dovecot-auth-proxy.service +++ b/roles/IMAP/files/etc/systemd/system/dovecot-auth-proxy.service @@ -4,8 +4,7 @@ After=dovecot.target Requires=dovecot-auth-proxy.socket [Service] -User=vmail -Group=vmail +User=_dovecot-auth-proxy StandardInput=null SyslogFacility=mail ExecStart=/usr/local/bin/dovecot-auth-proxy.pl @@ -13,14 +12,13 @@ ExecStart=/usr/local/bin/dovecot-auth-proxy.pl # Hardening NoNewPrivileges=yes PrivateDevices=yes -ProtectSystem=strict -ProtectHome=read-only -PrivateDevices=yes PrivateNetwork=yes +ProtectHome=yes +ProtectSystem=strict ProtectControlGroups=yes ProtectKernelModules=yes ProtectKernelTunables=yes -RestrictAddressFamilies= +RestrictAddressFamilies=AF_UNIX [Install] WantedBy=multi-user.target |