opendkim:postfix versus opendkim:mail
Under the Security section, the specified groups don’t match for the opendkim.service file and chown opendkim:mail /run/opendkim. Is this intentional? --Acid reign (talk) 14:08, 5 September 2017 (UTC)
- In my service file it sais User=opendkim Group=mail, /run/opendkim is also owned by opendkim:mail. However, the group in the unit regulates the access of the daemon, while the group setting of the runtime file regulates the access for other users (opendkim already has rwx). In principle this could be used to grant other processes access to the runtime, but I doubt that this makes sense here. If noone objects I would change the wiki to mention the group mail in both places. Fordprefect (talk) 19:16, 6 September 2017 (UTC)
/etc/tmpfiles.d versus RuntimeDirectory
The guide as it currently stands tells users to create a file in /etc/tmpfiles.d that essentially creates the /run/opendkim directory with systemd. But according to the tmpfiles.d manpage:
System daemons frequently require private runtime directories below /run to place communication sockets and similar in. For these, consider declaring them in their unit files using RuntimeDirectory= (see systemd.exec(5) for details), if this is feasible.
I created a RuntimeDirectory=opendkim in the service file, and thus far it works. According to the man page this is better. Plus then it's two files to edit instead of 1. T.ink.er (talk) 01:49, 21 July 2014 (UTC)