pool/Radicale
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity
Files
factory
Radicale/radicale.service
Ákos Szőts 2bbbe5d100 - Set "radicale" as the syslog identifier (replacing the generic "python3") when started via systemd 
(Thanks for David Walker for the suggestion in https://bugzilla.suse.com/show_bug.cgi?id=1248151)
- Update to 3.5.5
  * Improve: [auth] ldap: do not read server info by bind to avoid needless network traffic
  * Improve: add details about platform and effective user on startup
  * Improve: display owner+permissions on directories on startup, extend error message in case of missing permissions
  * Improve: add options [logging] trace_on_debug and trace_filter for supporting trace logging
  * Improve: catch items having tzinfo only on dtstart or dtend set for whatever reason, overtake tzinfo from the other one
  * Improve: conditional log level for base_prefix strip action depending on auth and web type
  * Fix: [storage] broken support of 'folder_umask'
  * Fix: logging ignores not retrievable get_native_id if not supported by OS
  * Fix: report with enabled expand honors now provided filter proper
  * Fix: catch case where getpwuid is not returning a username
  * Fix: add support for query without comp-type
  * Fix: expanded event with dates are missing VALUE=DATE
  * Fix: storage hook path now added to DELETE, MKCOL, MKCALENDAR, MOVE, and PROPPATCH
  * Feature: add hook for server-side e-mail notification
  * Add: [hook] dryrun: option to disable real hook action for testing, add tests for email+rabbitmq
  * Add: storage hook placeholder now supports "request" and "to_path" (MOVE only)

OBS-URL: https://build.opensuse.org/package/show/network/Radicale?expand=0&rev=66
2025-08-22 10:27:53 +00:00

53 lines
1.2 KiB
Desktop File
Raw Permalink Blame History

[Unit]
Description=Radicale CalDAV (calendar) and CardDAV (contact) server
Documentation=https://radicale.org
After=network-online.target
Wants=network-online.target
[Service]
User=radicale
Group=radicale
ExecStart=/usr/bin/python3 -m radicale
Restart=on-failure
# To cope with error message "Address family for hostname not supported"
# (EAFNOSUPPORT) during startup
RestartSec=2
# Deny other users access to the calendar data
UMask=0027
# To have a unique entry in syslog (instead of python3)
SyslogIdentifier=radicale
# Additional security settings
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
DevicePolicy=closed
IPAccounting=true
LockPersonality=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateDevices=true
PrivateIPC=true
PrivateTmp=true
PrivateUsers=true
ProcSubset=pid
ProtectClock=true
ProtectControlGroups=true
ProtectHome=true
ProtectHostname=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectProc=invisible
ProtectSystem=strict
ReadOnlyPaths=/
ReadWritePaths=/var/lib/radicale/collections
RemoveIPC=true
RestrictAddressFamilies=AF_INET AF_INET6
RestrictNamespaces=true
RestrictRealtime=true
RestrictSUIDSGID=true
SystemCallArchitectures=native
SystemCallFilter=@system-service
[Install]
WantedBy=multi-user.target
Reference in New Issue View Git Blame Copy Permalink