chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
7181dbd
)
core: enable PrivateNetwork= for a number of our long running services where this...
author
Lennart Poettering
<lennart@poettering.net>
Wed, 19 Mar 2014 22:08:39 +0000
(23:08 +0100)
committer
Lennart Poettering
<lennart@poettering.net>
Wed, 19 Mar 2014 22:25:28 +0000
(23:25 +0100)
units/systemd-bus-driverd.service.in
patch
|
blob
|
history
units/systemd-bus-proxyd@.service.in
patch
|
blob
|
history
units/systemd-hostnamed.service.in
patch
|
blob
|
history
units/systemd-journal-gatewayd.service.in
patch
|
blob
|
history
units/systemd-localed.service.in
patch
|
blob
|
history
units/systemd-machined.service.in
patch
|
blob
|
history
units/systemd-networkd.service.in
patch
|
blob
|
history
diff --git
a/units/systemd-bus-driverd.service.in
b/units/systemd-bus-driverd.service.in
index 52264862c174cec1c37b48fb3387ae7284ceafc9..5df2a9551f98d8a6552b3d276b43f51679694cc1 100644
(file)
--- a/
units/systemd-bus-driverd.service.in
+++ b/
units/systemd-bus-driverd.service.in
@@
-15,3
+15,4
@@
WatchdogSec=1min
CapabilityBoundingSet=CAP_IPC_OWNER
PrivateTmp=yes
PrivateDevices=yes
+PrivateNetwork=yes
diff --git
a/units/systemd-bus-proxyd@.service.in
b/units/systemd-bus-proxyd@.service.in
index 1a6458ac5795f0192bb7980ada7b837051c96eff..fafd4ce033fd93fce7c0df1f35ed781b512c3037 100644
(file)
--- a/
units/systemd-bus-proxyd@.service.in
+++ b/
units/systemd-bus-proxyd@.service.in
@@
-17,3
+17,4
@@
NotifyAccess=main
CapabilityBoundingSet=CAP_IPC_OWNER
PrivateTmp=yes
PrivateDevices=yes
+PrivateNetwork=yes
diff --git
a/units/systemd-hostnamed.service.in
b/units/systemd-hostnamed.service.in
index c8bf8480c9762520b286ef0452da4daa2a1eb2bd..44812592e22c036fabfd0f5c9dfa87a724bdc36a 100644
(file)
--- a/
units/systemd-hostnamed.service.in
+++ b/
units/systemd-hostnamed.service.in
@@
-17,3
+17,4
@@
CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE
WatchdogSec=1min
PrivateTmp=yes
PrivateDevices=yes
+PrivateNetwork=yes
diff --git
a/units/systemd-journal-gatewayd.service.in
b/units/systemd-journal-gatewayd.service.in
index a01ce8da45372198d4e96d6a84c5e42815fa627d..e8e571e692a1362732f19cb719503691e48150a1 100644
(file)
--- a/
units/systemd-journal-gatewayd.service.in
+++ b/
units/systemd-journal-gatewayd.service.in
@@
-14,6
+14,9
@@
ExecStart=@rootlibexecdir@/systemd-journal-gatewayd
User=systemd-journal-gateway
Group=systemd-journal-gateway
SupplementaryGroups=systemd-journal
+PrivateTmp=yes
+PrivateDevices=yes
+PrivateNetwork=yes
[Install]
Also=systemd-journal-gatewayd.socket
diff --git
a/units/systemd-localed.service.in
b/units/systemd-localed.service.in
index 6fb05655ca1e00faa4718f2df65104400fb4d088..ae1c5e59d1592b13f8e98983348ce6c774472803 100644
(file)
--- a/
units/systemd-localed.service.in
+++ b/
units/systemd-localed.service.in
@@
-17,3
+17,4
@@
CapabilityBoundingSet=
WatchdogSec=1min
PrivateTmp=yes
PrivateDevices=yes
+PrivateNetwork=yes
diff --git
a/units/systemd-machined.service.in
b/units/systemd-machined.service.in
index 2be1dcf4eac48f8ad19d87a70dcc17e18e1406d0..1a27c6e421562d22ee0e09e1e747db0f2872154e 100644
(file)
--- a/
units/systemd-machined.service.in
+++ b/
units/systemd-machined.service.in
@@
-19,3
+19,4
@@
CapabilityBoundingSet=CAP_KILL
WatchdogSec=1min
PrivateTmp=yes
PrivateDevices=yes
+PrivateNetwork=yes
diff --git
a/units/systemd-networkd.service.in
b/units/systemd-networkd.service.in
index ca40691f5e946a2a23a4e1a7ee9b8e38507cdeaf..793381f894b541361e994766e7bc964e37e3c60c 100644
(file)
--- a/
units/systemd-networkd.service.in
+++ b/
units/systemd-networkd.service.in
@@
-20,6
+20,7
@@
Restart=always
RestartSec=0
ExecStart=@rootlibexecdir@/systemd-networkd
WatchdogSec=1min
+PrivateTmp=yes
[Install]
WantedBy=multi-user.target
~ianmdlvl / elogind.git / commitdiff