yalh76
|
965f253be5
|
Merge pull request #136 from YunoHost/sandbox-baseline-for-systemd-services
[WIP] Add some systemd.service security baseline
|
2021-06-11 00:02:06 +02:00 |
|
Kay0u
|
cc0ac3c16a
|
Fix systemd stdout/stderr
|
2020-12-10 13:46:39 +01:00 |
|
Alexandre Aubin
|
6dd9c32323
|
Not sure why but @priviledged is causing issue on some legit services..
|
2020-11-11 20:00:58 +01:00 |
|
|
Alexandre Aubin
|
f1ec6a6c85
|
Add RestrictAddressFamilies and SystemCallFilter
|
2020-11-11 19:54:27 +01:00 |
|
|
Alexandre Aubin
|
1ac3a1c1f7
|
Add RestrictNamespaces=yes
|
2020-11-11 19:15:01 +01:00 |
|
|
Alexandre Aubin
|
fe29c72b12
|
Remove two options that may in fact cause issues ... and add a bunch of CapabilityBoundingSet instructions that should be somewhat sane defaults ?
|
2020-11-11 18:50:52 +01:00 |
|
|
Alexandre Aubin
|
2b8e86f9c3
|
Update systemd.service
|
2020-11-11 16:02:30 +01:00 |
|
Maniack Crudelis
|
5ef1d07752
|
Add a systemd default file
|
2017-09-05 17:47:31 +02:00 |
|