github-com-docker-mailserver/docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2024-01-19 02:48:50 +00:00
Code Issues Projects Releases Wiki Activity

chore: Remove redundant capability SYS_PTRACE (#2624)

Browse source 
* chore: Remove `SYS_PTRACE` capability from docs and configs
* chore: Remove `SYS_PTRACE` capability from tests

Doesn't seem to be required. It was originally added when the original change detection feature PR apparently needed it to function.
This commit is contained in:
Brennan Kinney 2022-06-07 01:20:13 +12:00 committed by GitHub
parent 54904aa02c
commit 62fdcb05f5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 0 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -259,7 +259,6 @@ services:
- ONE_DIR=1 - ONE_DIR=1
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
- SYS_PTRACE
restart: always restart: always
``` ```
@ -316,6 +315,5 @@ services:
- POSTFIX_MESSAGE_SIZE_LIMIT=100000000 - POSTFIX_MESSAGE_SIZE_LIMIT=100000000
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
- SYS_PTRACE
restart: always restart: always
``` ```

2
docker-compose.yml
View file

@ -26,5 +26,3 @@ services:
stop_grace_period: 1m stop_grace_period: 1m
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
- SYS_PTRACE

1
docs/content/config/advanced/full-text-search.md
View file

@ -83,7 +83,6 @@ While indexing is memory intensive, you can configure the plugin to limit the am
stop_grace_period: 1m stop_grace_period: 1m
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
- SYS_PTRACE
``` ```
3. Recreate containers: 3. Recreate containers:

1
docs/content/config/advanced/kubernetes.md
View file

@ -199,7 +199,6 @@ spec:
- NET_BIND_SERVICE - NET_BIND_SERVICE
# miscellaneous capabilities # miscellaneous capabilities
- SYS_CHROOT - SYS_CHROOT
- SYS_PTRACE
- KILL - KILL
drop: [ALL] drop: [ALL]
seccompProfile: seccompProfile:

1
docs/content/examples/tutorials/basic-installation.md
View file

@ -61,7 +61,6 @@ In this setup `docker-mailserver` is not intended to receive email externally, s
- SPOOF_PROTECTION=0 - SPOOF_PROTECTION=0
cap_add: cap_add:
- NET_ADMIN # For Fail2Ban to work - NET_ADMIN # For Fail2Ban to work
- SYS_PTRACE
``` ```
- The docs have a detailed page on [Environment Variables][docs-environment] for reference. - The docs have a detailed page on [Environment Variables][docs-environment] for reference.

1
test/default_relay_host.bats
View file

@ -8,7 +8,6 @@ function setup() {
-v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \ -v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \
-v "$(pwd)/test/test-files":/tmp/docker-mailserver-test:ro \ -v "$(pwd)/test/test-files":/tmp/docker-mailserver-test:ro \
-e DEFAULT_RELAY_HOST=default.relay.host.invalid:25 \ -e DEFAULT_RELAY_HOST=default.relay.host.invalid:25 \
--cap-add=SYS_PTRACE \
-e PERMIT_DOCKER=host \ -e PERMIT_DOCKER=host \
-h mail.my-domain.com -t "${NAME}" -h mail.my-domain.com -t "${NAME}"

1
test/mail_privacy.bats
View file

@ -8,7 +8,6 @@ function setup_file() {
-v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \ -v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \
-v "$(pwd)/test/test-files":/tmp/docker-mailserver-test:ro \ -v "$(pwd)/test/test-files":/tmp/docker-mailserver-test:ro \
-e ENABLE_MANAGESIEVE=1 \ -e ENABLE_MANAGESIEVE=1 \
--cap-add=SYS_PTRACE \
-e PERMIT_DOCKER=host \ -e PERMIT_DOCKER=host \
-h mail.my-domain.com \ -h mail.my-domain.com \
-e SSL_TYPE='snakeoil' \ -e SSL_TYPE='snakeoil' \

1
test/mail_special_use_folders.bats
View file

@ -10,7 +10,6 @@ setup_file() {
-e SASL_PASSWD="external-domain.com username:password" \ -e SASL_PASSWD="external-domain.com username:password" \
-e ENABLE_CLAMAV=0 \ -e ENABLE_CLAMAV=0 \
-e ENABLE_SPAMASSASSIN=0 \ -e ENABLE_SPAMASSASSIN=0 \
--cap-add=SYS_PTRACE \
-e PERMIT_DOCKER=host \ -e PERMIT_DOCKER=host \
-h mail.my-domain.com -t "${NAME}" -h mail.my-domain.com -t "${NAME}"

1
test/mail_undef_spam_subject.bats
View file

@ -29,7 +29,6 @@ function setup() {
-e ENABLE_SRS=1 \ -e ENABLE_SRS=1 \
-e SASL_PASSWD="external-domain.com username:password" \ -e SASL_PASSWD="external-domain.com username:password" \
-e ENABLE_MANAGESIEVE=1 \ -e ENABLE_MANAGESIEVE=1 \
--cap-add=SYS_PTRACE \
-e PERMIT_DOCKER=host \ -e PERMIT_DOCKER=host \
-h mail.my-domain.com -t "${NAME}") -h mail.my-domain.com -t "${NAME}")

1
test/mail_with_mdbox.bats
View file

@ -11,7 +11,6 @@ setup_file() {
-e ENABLE_CLAMAV=0 \ -e ENABLE_CLAMAV=0 \
-e ENABLE_SPAMASSASSIN=0 \ -e ENABLE_SPAMASSASSIN=0 \
-e DOVECOT_MAILBOX_FORMAT=mdbox \ -e DOVECOT_MAILBOX_FORMAT=mdbox \
--cap-add=SYS_PTRACE \
-e PERMIT_DOCKER=host \ -e PERMIT_DOCKER=host \
-h mail.my-domain.com -t "${NAME}" -h mail.my-domain.com -t "${NAME}"

1
test/mail_with_relays.bats
View file

@ -13,7 +13,6 @@ function setup_file() {
-e RELAY_PORT=2525 \ -e RELAY_PORT=2525 \
-e RELAY_USER=smtp_user \ -e RELAY_USER=smtp_user \
-e RELAY_PASSWORD=smtp_password \ -e RELAY_PASSWORD=smtp_password \
--cap-add=SYS_PTRACE \
-e PERMIT_DOCKER=host \ -e PERMIT_DOCKER=host \
-h mail.my-domain.com -t "${NAME}" -h mail.my-domain.com -t "${NAME}"

1
test/mail_with_sdbox.bats
View file

@ -11,7 +11,6 @@ setup_file() {
-e ENABLE_CLAMAV=0 \ -e ENABLE_CLAMAV=0 \
-e ENABLE_SPAMASSASSIN=0 \ -e ENABLE_SPAMASSASSIN=0 \
-e DOVECOT_MAILBOX_FORMAT=sdbox \ -e DOVECOT_MAILBOX_FORMAT=sdbox \
--cap-add=SYS_PTRACE \
-e PERMIT_DOCKER=host \ -e PERMIT_DOCKER=host \
-h mail.my-domain.com -t "${NAME}" -h mail.my-domain.com -t "${NAME}"

1
test/open_dkim.bats
View file

@ -14,7 +14,6 @@ function setup_file
docker run -d \ docker run -d \
--name "${CONTAINER_NAME}" \ --name "${CONTAINER_NAME}" \
--cap-add=SYS_PTRACE \
-v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \ -v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \
-v "${PWD}/test/test-files":/tmp/docker-mailserver-test:ro \ -v "${PWD}/test/test-files":/tmp/docker-mailserver-test:ro \
-e DEFAULT_RELAY_HOST=default.relay.host.invalid:25 \ -e DEFAULT_RELAY_HOST=default.relay.host.invalid:25 \

1
test/tests.bats
View file

@ -36,7 +36,6 @@ setup_file() {
-e SSL_TYPE='snakeoil' \ -e SSL_TYPE='snakeoil' \
-e VIRUSMAILS_DELETE_DELAY=7 \ -e VIRUSMAILS_DELETE_DELAY=7 \
-h mail.my-domain.com \ -h mail.my-domain.com \
--cap-add=SYS_PTRACE \
--tty \ --tty \
"${NAME}" "${NAME}"