From 9c58e1c4d54533caf172d6f4fa440641a30c1bbd Mon Sep 17 00:00:00 2001
From: Michael Prokop <mprokop@sipwise.com>
Date: Mon, 10 Oct 2022 18:40:50 +0200
Subject: [PATCH] TT#76552 systemd: allow r/w access to /var/mail

When mails are sent to root@localhost, they might end up in local system
under /var/mail, e.g.:

| root@sp1:~# grep -i Read-only /var/log/exim4/mainlog
| [...] 1ohvHe-001kri-L3 == /var/mail/mail <root@localhost> R=mail4root T=address_file defer (30): Read-only file system: creating lock file hitching post /var/mail/mail.lock.sp1.634442d2.000662b4 (euid=8 egid=8)

Change-Id: Iea608327032cc84491c3fe02c2c6be3da10a9c58
---
 debian/ngcp-panel.service | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/ngcp-panel.service b/debian/ngcp-panel.service
index 881351643a..ef60d414c1 100644
--- a/debian/ngcp-panel.service
+++ b/debian/ngcp-panel.service
@@ -45,6 +45,7 @@ ReadWritePaths=-/ngcp-data/spool/faxserver
 # NOTE: we need r/w access for sendmail usage with exim
 ReadWritePaths=-/var/spool/exim4/
 ReadWritePaths=-/var/log/exim4/
+ReadWritePaths=-/var/mail/
 
 # Service has own user namespace, only root, nobody, and the uid/gid under which the service is running are mapped
 # NOTE: we can't have our own user namespace, as we need proper permissions e.g. to /ngcp-data/spool/faxserver