A service could receive multiple listeners sockets, but I don't remember systemd having an option to pass client connection sockets – and I don't think it would make much sense, as the SMTP server is likely to close the connection while the service is still running, and then systemd would definitely have no way to inject a replacement socket.
Instead, I'd probably make the fcgi service talk SMTP to localhost or even over a Unix socket (i.e. to a local MTA); filesystem-based Unix sockets are not bound to a network namespace.
On Fri, Jul 5, 2024, 17:25 Andrea Pappacoda <andrea@xxxxxxxxxxxx> wrote:
Hi all!
I'm writing a small FastCGI daemon which, in addition to the socket used
to talk FastCGI to the web server, talks SMTP through another (inet)
socket (as an SMTP client).
The FastCGI socket is created by systemd with a .socket unit and passed
to the service as an fd (which also enables socket activation), while
the SMTP socket is opened and managed by the daemon itself.
What I'm asking here is if there's a way to also pass the SMTP socket as
a file descriptor to the daemon from systemd, so that the daemon doesn't
need to manage sockets itself (as all it does is reading fds passed by
the service manager) and can be further restricted with options like
PrivateNetwork=yes.
Ideally, I'd just get fd 3 and use it to listen for incoming requests,
and get fd 4 and use it to talk TLS + SMTP over TCP to the remote (or
local) SMTP server.
Is this currently possible with systemd? Am I missing something which
would make this a bad idea?
Thanks!
