Hi, > Davmail seems to run with systemd's DynamicUser configuration. That means > that the user the daemon runs with is not known before runtime. Therefore > I cannot give specific permissions to the private keys for SSL. See the > excerpt from the configuration file /etc/davmail.properties below. I > use davmail.ssl.keystoreFile to set the file with the certificate and > the private key. I have to give o+r permissions to make this work, > because I cannot change the ownership to the user davmail uses.
I can see multiple solutions to this: 1) if you adduser --system _davmail, systemd should use that user and you can set permissions on your keystoreFile 2) adding to the service the following and the associated script that copies the keystoreFile in /var/lib/davmail StateDirectory=davmail PermissionsStartOnly=true ExecStartPre=/usr/share/davmail/service-prepare The second solution would also copy the conf file so that it can be writable by davmail in order to save Oauth session tokens which does not work at the moment using DynamicUser. I'll try this solution and get back to you. > Aug 11 14:21:52 delta davmail[167802]: 2020-08-11 14:21:52,294 ERROR [main] > davmail - Unable to set log file path > > The log file directive in /etc/davmail.properties is also printed below. > I use davmail.logFilePath to set the log path. But I cannot give the > daemon the right permissions to the /var/log path, because the user is > not known before runtime due to the DynamicUser configuration. The service file reads: LogsDirectory=davmail which means that the service is given access to /var/log/davmail/ and that configuring the following should work: davmail.logFilePath=/var/log/davmail/davmail.log (as it is in the default conf) Thanks a lot for your feedback, and please get back to me on what works for you so I can document and improve the package on what works and what does not. Alex