Commit graph

10 commits

Author SHA1 Message Date
oiseauroch
7d197c8959 initial commit 2022-07-27 10:00:43 +02:00
yalh76
dd377da623 spaces 2022-07-02 18:44:48 +02:00
yalh76
965f253be5
Merge pull request #136 from YunoHost/sandbox-baseline-for-systemd-services
[WIP] Add some systemd.service security baseline
2021-06-11 00:02:06 +02:00
Kay0u
cc0ac3c16a
Fix systemd stdout/stderr 2020-12-10 13:46:39 +01:00
Alexandre Aubin
6dd9c32323
Not sure why but @priviledged is causing issue on some legit services.. 2020-11-11 20:00:58 +01:00
Alexandre Aubin
f1ec6a6c85
Add RestrictAddressFamilies and SystemCallFilter 2020-11-11 19:54:27 +01:00
Alexandre Aubin
1ac3a1c1f7
Add RestrictNamespaces=yes 2020-11-11 19:15:01 +01:00
Alexandre Aubin
fe29c72b12
Remove two options that may in fact cause issues ... and add a bunch of CapabilityBoundingSet instructions that should be somewhat sane defaults ? 2020-11-11 18:50:52 +01:00
Alexandre Aubin
2b8e86f9c3
Update systemd.service 2020-11-11 16:02:30 +01:00
Maniack Crudelis
5ef1d07752 Add a systemd default file 2017-09-05 17:47:31 +02:00