[amavisd-new] Use systemd timer units instead of cronjobs and use PrivateDevices

Juan Orti <jorti@xxxxxxxxxxxxxxxxx> · Tue, 29 Apr 2014 11:33:40 +0000 (UTC)

commit dde04c229566976adc4789155be268ff08f289c7
Author: Juan Orti Alcaine <j.orti.alcaine@xxxxxxxxx>
Date:   Tue Apr 29 13:31:43 2014 +0200

    Use systemd timer units instead of cronjobs and use PrivateDevices

 amavisd-clean-quarantine.service |    8 +++++++
 amavisd-clean-quarantine.timer   |    9 ++++++++
 amavisd-clean-tmp.service        |    8 +++++++
 amavisd-clean-tmp.timer          |    9 ++++++++
 amavisd-new.spec                 |   43 ++++++++++++++++++++++++++++---------
 amavisd.cron                     |    2 -
 amavisd.service                  |    3 +-
 7 files changed, 68 insertions(+), 14 deletions(-)
---

diff --git a/amavisd-clean-quarantine.service b/amavisd-clean-quarantine.service
new file mode 100644
index 0000000..62c01cd
--- /dev/null
+++ b/amavisd-clean-quarantine.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Clean amavisd quarantine folder
+
+[Service]
+Type=oneshot
+User=amavis
+Group=amavis
+ExecStart=/usr/sbin/tmpwatch -d 720 /var/spool/amavisd/quarantine
diff --git a/amavisd-clean-quarantine.timer b/amavisd-clean-quarantine.timer
new file mode 100644
index 0000000..1afedc1
--- /dev/null
+++ b/amavisd-clean-quarantine.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=Amavisd clean quarantine timer
+
+[Timer]
+OnBootSec=5min
+OnUnitActiveSec=24h
+
+[Install]
+WantedBy=timers.target
diff --git a/amavisd-clean-tmp.service b/amavisd-clean-tmp.service
new file mode 100644
index 0000000..ff5073f
--- /dev/null
+++ b/amavisd-clean-tmp.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Clean amavisd tmp folder
+
+[Service]
+Type=oneshot
+User=amavis
+Group=amavis
+ExecStart=/usr/sbin/tmpwatch 24 /var/spool/amavisd/tmp
diff --git a/amavisd-clean-tmp.timer b/amavisd-clean-tmp.timer
new file mode 100644
index 0000000..75878a2
--- /dev/null
+++ b/amavisd-clean-tmp.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=Amavisd clean tmp timer
+
+[Timer]
+OnBootSec=5min
+OnUnitActiveSec=24h
+
+[Install]
+WantedBy=timers.target
diff --git a/amavisd-new.spec b/amavisd-new.spec
index e56caf7..716defd 100644
--- a/amavisd-new.spec
+++ b/amavisd-new.spec
@@ -3,7 +3,7 @@
 Summary:        Email filter with virus scanner and spamassassin support
 Name:           amavisd-new
 Version:        2.8.1
-Release:        2%{?prerelease:.%{prerelease}}%{?dist}
+Release:        3%{?prerelease:.%{prerelease}}%{?dist}
 # LDAP schema is GFDL, some helpers are BSD, core is GPLv2+
 License:        GPLv2+ and BSD and GFDL
 Group:          Applications/System
@@ -12,10 +12,13 @@ Source0:        http://www.ijs.si/software/amavisd/amavisd-new-%{version}%{?prer
 Source2:        amavis-clamd.conf
 Source4:        README.fedora
 Source5:        README.quarantine
-Source6:        amavisd.cron
 Source8:        amavisd-new-tmpfiles.conf
 Source9:        amavisd.service
 Source10:       amavisd-snmp.service
+Source11:       amavisd-clean-tmp.service
+Source12:       amavisd-clean-tmp.timer
+Source13:       amavisd-clean-quarantine.service
+Source14:       amavisd-clean-quarantine.timer
 Patch0:         amavisd-conf.patch
 Patch1:         amavisd-init.patch
 Patch2:         amavisd-condrestart.patch
@@ -29,8 +32,8 @@ BuildArch:      noarch
 BuildRequires:  systemd
 Requires:       clamav-server
 Requires:       clamav-server-systemd
-Requires:       /usr/sbin/tmpwatch, /etc/cron.daily
-Requires:       /usr/bin/ar
+Requires:       tmpwatch
+Requires:       binutils
 Requires:       altermime
 Requires:       arj
 Requires:       bzip2
@@ -141,17 +144,18 @@ install -p -m 755 amavisd-{agent,nanny,release} $RPM_BUILD_ROOT%{_bindir}/
 
 install -D -p -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{_unitdir}/amavisd.service
 install -D -p -m 644 %{SOURCE10} $RPM_BUILD_ROOT%{_unitdir}/amavisd-snmp.service
+install -D -p -m 644 %{SOURCE11} $RPM_BUILD_ROOT%{_unitdir}/amavisd-clean-tmp.service
+install -D -p -m 644 %{SOURCE12} $RPM_BUILD_ROOT%{_unitdir}/amavisd-clean-tmp.timer
+install -D -p -m 644 %{SOURCE13} $RPM_BUILD_ROOT%{_unitdir}/amavisd-clean-quarantine.service
+install -D -p -m 644 %{SOURCE14} $RPM_BUILD_ROOT%{_unitdir}/amavisd-clean-quarantine.timer
 
 install -D -p -m 644 amavisd.conf $RPM_BUILD_ROOT%{_sysconfdir}/amavisd/amavisd.conf
 install -D -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/clamd.d/amavisd.conf
-install -D -p -m 755 %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily/amavisd
 
 mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/spool/amavisd/{tmp,db,quarantine}
 mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/{clamd.amavisd,amavisd}
 
-%if 0%{?fedora} > 17
 install -D -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{_tmpfilesdir}/amavisd-new.conf
-%endif
 
 %clean
 rm -rf $RPM_BUILD_ROOT
@@ -165,18 +169,30 @@ exit 0
 
 %preun
 %systemd_preun amavisd.service
+%systemd_preun amavisd-clean-tmp.service
+%systemd_preun amavisd-clean-tmp.timer
+%systemd_preun amavisd-clean-quarantine.service
+%systemd_preun amavisd-clean-quarantine.timer
 
 %preun snmp
 %systemd_preun amavisd-snmp.service
 
 %post
 %systemd_post amavisd.service
+%systemd_post amavisd-clean-tmp.service
+%systemd_post amavisd-clean-tmp.timer
+%systemd_post amavisd-clean-quarantine.service
+%systemd_post amavisd-clean-quarantine.timer
 
 %post snmp
 %systemd_post amavisd-snmp.service
 
 %postun
 %systemd_postun_with_restart amavisd.service
+%systemd_postun_with_restart amavisd-clean-tmp.service
+%systemd_postun_with_restart amavisd-clean-tmp.timer
+%systemd_postun_with_restart amavisd-clean-quarantine.service
+%systemd_postun_with_restart amavisd-clean-quarantine.timer
 
 %postun snmp
 %systemd_postun_with_restart amavisd-snmp.service
@@ -187,18 +203,19 @@ exit 0
 %doc README_FILES test-messages amavisd.conf-*
 %dir %{_sysconfdir}/amavisd/
 %{_unitdir}/amavisd.service
+%{_unitdir}/amavisd-clean-tmp.service
+%{_unitdir}/amavisd-clean-tmp.timer
+%{_unitdir}/amavisd-clean-quarantine.service
+%{_unitdir}/amavisd-clean-quarantine.timer
 %config(noreplace) %{_sysconfdir}/amavisd/amavisd.conf
 %config(noreplace) %{_sysconfdir}/clamd.d/amavisd.conf
-%config(noreplace) %{_sysconfdir}/cron.daily/amavisd
 %{_sbindir}/amavisd
 %{_bindir}/amavisd-*
 %dir %attr(710,amavis,amavis) %{_localstatedir}/spool/amavisd
 %dir %attr(700,amavis,amavis) %{_localstatedir}/spool/amavisd/tmp
 %dir %attr(700,amavis,amavis) %{_localstatedir}/spool/amavisd/db
 %dir %attr(700,amavis,amavis) %{_localstatedir}/spool/amavisd/quarantine
-%if 0%{?fedora} > 17
-%attr(644,root,root) %{_tmpfilesdir}/amavisd-new.conf
-%endif
+%{_tmpfilesdir}/amavisd-new.conf
 %dir %attr(755,amavis,amavis) %{_localstatedir}/run/amavisd
 %dir %attr(770,amavis,clamupdate) %{_localstatedir}/run/clamd.amavisd
 
@@ -209,6 +226,10 @@ exit 0
 %{_sbindir}/amavisd-snmp-subagent
 
 %changelog
+* Wed Mar 19 2014 Juan Orti Alcaine <jorti@xxxxxxxxxxxxxxxxx> 2.8.1-3
+- Use systemd timer units instead of cronjobs
+- Add PrivateDevices to service unit
+
 * Mon Feb 17 2014 Juan Orti Alcaine <jorti@xxxxxxxxxxxxxxxxx> 2.8.1-2
 - Move clamd socket to /var/run/clamd.amavisd
 - Add permissions to clamupdate to notify clamd
diff --git a/amavisd.service b/amavisd.service
index 3acd93e..fc3e928 100644
--- a/amavisd.service
+++ b/amavisd.service
@@ -1,7 +1,7 @@
 [Unit]
 Description=Amavisd-new is an interface between MTA and content checkers.
 Documentation=http://www.ijs.si/software/amavisd/#doc
-After=syslog.target network.target
+After=network.target
 Wants=clamd@amavisd.service
 
 [Service]
@@ -12,6 +12,7 @@ PIDFile=/var/run/amavisd/amavisd.pid
 ExecStart=/usr/sbin/amavisd -c /etc/amavisd/amavisd.conf
 Restart=on-failure
 PrivateTmp=true
+PrivateDevices=true
 NoNewPrivileges=true
 
 [Install]
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/perl-devel








