| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
| |
This reverts commit 6a716208b346b742053cfd01e76f76fb27c4ea47.
Apparently this doesn't work.
http://lists.freedesktop.org/archives/systemd-devel/2015-February/028212.html
|
| |
|
|
|
|
| |
No setuid programs are expected to be executed, so add
SecureBits=noroot noroot-locked
to unit files.
|
| | |
|
| |
|
|
|
| |
The daemon requires the busname unit to operate, since it contains the
policy that allows it to acquire its service name.
|
| |
|
|
|
|
|
|
|
|
| |
also mounting /etc read-only
Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit.
With this in place we now have two neat options ProtectSystem= and
ProtectHome= for protecting the OS itself (and optionally its
configuration), and for protecting the user's data.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
ReadOnlySystem= uses fs namespaces to mount /usr and /boot read-only for
a service.
ProtectedHome= uses fs namespaces to mount /home and /run/user
inaccessible or read-only for a service.
This patch also enables these settings for all our long-running services.
Together they should be good building block for a minimal service
sandbox, removing the ability for services to modify the operating
system or access the user's private data.
|
| |
|
|
|
|
| |
This service is not yet network facing, but let's prepare nonetheless.
Currently all caps are dropped, but some may need to be kept in the
future.
|
|
|
Also remove the equivalent functionality from networkd.
|
