TubbyCat
2 years ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 5 deletions
Unified View
Diff Options
-
+2 -5log2ram.service
+ 2
- 5
log2ram.service
View File
| @@ -15,13 +15,13 @@ ExecReload= /usr/local/bin/log2ram write | |||||
| TimeoutStartSec=120 | TimeoutStartSec=120 | ||||
| RemainAfterExit=yes | RemainAfterExit=yes | ||||
| #SANDBOXING# -- partly tested | |||||
| # SANDBOXING | |||||
| LockPersonality=true | LockPersonality=true | ||||
| MemoryDenyWriteExecute=true | MemoryDenyWriteExecute=true | ||||
| NoNewPriviliges=true | NoNewPriviliges=true | ||||
| PrivateDevices=true | PrivateDevices=true | ||||
| PrivateNetwork=true | PrivateNetwork=true | ||||
| #Will likely break "MAIL" in log2ram.config if does not point to localhost / disabled | |||||
| #Will likely break "MAIL" in log2ram.config if does not point to localhost or is unused. | |||||
| ProtectClock=true | ProtectClock=true | ||||
| ProtectControlGroups=true | ProtectControlGroups=true | ||||
| ProtectHostname=true | ProtectHostname=true | ||||
| @@ -35,8 +35,5 @@ ProtectHome=true | |||||
| #will likely break situations wherein configured to also copy logs from $HOME. | #will likely break situations wherein configured to also copy logs from $HOME. | ||||
| #can probably fix with systemctl edit to whitelist relevant dirs | #can probably fix with systemctl edit to whitelist relevant dirs | ||||
| [Install] | [Install] | ||||
| WantedBy=sysinit.target | WantedBy=sysinit.target | ||||