OpenDKIM icon indicating copy to clipboard operation
OpenDKIM copied to clipboard

Published 20 hours ago verified publisher icon trusteddomainproject

systemd: use Type=simple and no fork to avoid PIDFile race

Open mdomsch opened this issue 3 years ago • 3 comments

Red Hat BZ#2056209

mdomsch avatar Feb 24 '22 05:02 mdomsch

This just stretches the race condition a little bit.

A better solution is to just drop the PIDFile line and let systemd manage the opendkim process directly (systemd recommends this way of operating).

For example on Arch Linux it's done this way: https://github.com/archlinux/svntogit-community/blob/packages/opendkim/trunk/opendkim.service

ghen2 avatar Feb 24 '22 11:02 ghen2

@ghen2 fair play. We can instead use type=simple and opendkim -f so it doesn't fork. Then we don't care about the PIDFIle at all either.

mdomsch avatar Feb 24 '22 21:02 mdomsch

Looks good!

I have submitted a similar patch to Debian, that also enables various hardening options: https://salsa.debian.org/debian/opendkim/-/merge_requests/3

I'll open a PR here too.

Tachi107 avatar Jun 20 '22 09:06 Tachi107