From 81826ad2d27511a1c8fda032ffdba0795b53b93c Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Fri, 29 Jul 2022 15:29:35 -0400 Subject: [PATCH] Apply #11 --- contrib/telodendria.conf | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/contrib/telodendria.conf b/contrib/telodendria.conf index fce4853..cc3bec4 100644 --- a/contrib/telodendria.conf +++ b/contrib/telodendria.conf @@ -31,11 +31,31 @@ listen "localhost:8008"; # it should never change, unless you want to start over. server-name "example.com"; +# Chroot to the specified directory immediately upon starting. Note that all +# other paths and files must be specified relative to the chroot. +# +# This only works if Telodendria is being run as root. If it isn't, then a +# warning is printed to the log, and no chroot is done. In that case, this +# path is prepended to all the other paths and files, to create a sort of +# soft chroot. +chroot "/var/telodendria"; + +# Set the effective user and group to run as, immediately after making the +# chroot and socket binding calls. +# +# Note that this only works if Telodendria is being run as root. If it isn't, +# then a warning is printed to the log if the current user and group are not +# equal to what's specified here. +# +# The first parameter is the user, and the second is the group. If the second +# is not specified, then it is assumed to be the same as the first. +id "_telodendria" "_telodendria"; + # The data directory in which Telodendria will store all user and # event information. Telodendria doesn't use a database; it uses a # flat-file directory structure, sort of like how most SMTP servers # use Maildirs or mbox files. -data-dir "/var/telodendria"; +data-dir "/data"; # Whether to enable federation or not. Matrix is by default # a federated protocol, but if you just want your own internal chat @@ -71,7 +91,7 @@ registration "false"; # in a chroot, the log file will have to live inside the chroot. # # Acceptable values here are "stdout", "stderr", or a log file. -log "/var/log/telodendria.log" { +log "/telodendria.log" { # The level to log. This can be one of "error", "warning", # "task", "message", or "debug", with each level showing all # the levels above it as well. For example, "error" shows