From 91167d1f453da1642f4f09f32be7621b2bf343a0 Mon Sep 17 00:00:00 2001
From: Daniel Winzen <d@winzen4.de>
Date: Mon, 24 Dec 2018 06:27:33 +0100
Subject: [PATCH] Fix systemd namespace issues taking effect after reboot

---
 etc/systemd/system/dovecot.service.d/custom.conf | 10 +++++-----
 etc/systemd/system/mariadb.service.d/custom.conf |  8 ++++----
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/etc/systemd/system/dovecot.service.d/custom.conf b/etc/systemd/system/dovecot.service.d/custom.conf
index 0ef4191..11e4548 100644
--- a/etc/systemd/system/dovecot.service.d/custom.conf
+++ b/etc/systemd/system/dovecot.service.d/custom.conf
@@ -10,8 +10,8 @@ ProtectControlGroups=true
 LockPersonality=true
 MemoryDenyWriteExecute=true
 SystemCallArchitectures=native
-BindPaths=/run/dovecot/
-BindPaths=/var/run/dovecot/
-BindPaths=/var/lib/dovecot/
-InaccessiblePaths=/var/www/
-InaccessiblePaths=/root/
+BindPaths=-/run
+BindPaths=-/var/run
+BindPaths=-/var/lib/dovecot
+InaccessiblePaths=/var/www
+InaccessiblePaths=/root
diff --git a/etc/systemd/system/mariadb.service.d/custom.conf b/etc/systemd/system/mariadb.service.d/custom.conf
index 9beeab5..c908517 100644
--- a/etc/systemd/system/mariadb.service.d/custom.conf
+++ b/etc/systemd/system/mariadb.service.d/custom.conf
@@ -11,8 +11,8 @@ ProtectKernelModules=true
 ProtectControlGroups=true
 LockPersonality=true
 SystemCallArchitectures=native
-BindPaths=/var/log/mysql/
-BindPaths=/var/lib/mysql/
-BindPaths=/var/run/mysqld/
-BindPaths=/run/mysqld/
+BindPaths=-/var/log/mysql/
+BindPaths=-/var/lib/mysql/
+BindPaths=-/var/run/mysqld/
+BindPaths=-/run/mysqld/
 InaccessiblePaths=/var/www/