Matthias Fehring changed bug 1115999
What Removed Added
CC   buschmann23@opensuse.org

Comment # 1 on bug 1115999 from 
The current revision of the package from OBS project server:mail is not usable
with the native systemd service. There are two problems with the service file:

1. User cyrus is not allowed to place the master PID file into /run. I created
a fix for this by creating /run/cyrus-imapd through systemd-tmpfiles and place
the PID file into that directory. The OBS SR can be found here:
https://build.opensuse.org/request/show/653205

2. User cyrus is not allowed to bind to privileged ports below port 1024. I
tried to solve this on my server running Leap 42.3 by adding
Capabilities=CAP_NET_BIND_SERVICE to the service file, but systemd ignores it
with the following error: "Failed to parse capabilities, ignoring:
CAP_NET_BIND_SERVICE". It works if I set the capability via setcap command:
setcap 'CAP_NET_BIND_SERVICE=+ep' /usr/lib/cyrus/bin/master . systemd version
228 on Leap 42.3 offers the Capabilities= service file entry, while newer
versions have AmbientCapabilities= . Not sure how to solve this.

You are receiving this mail because: