mirror of https://github.com/azlux/log2ram.git
Update log2ram.service
This commit is contained in:
parent
c7aef205b1
commit
c449994e22
|
@ -15,13 +15,13 @@ ExecReload= /usr/local/bin/log2ram write
|
|||
TimeoutStartSec=120
|
||||
RemainAfterExit=yes
|
||||
|
||||
# SANDBOXING
|
||||
# Sandboxing
|
||||
LockPersonality=true
|
||||
MemoryDenyWriteExecute=true
|
||||
NoNewPriviliges=true
|
||||
PrivateDevices=true
|
||||
PrivateNetwork=true
|
||||
#Will likely break "MAIL" in log2ram.config if does not point to localhost or is unused.
|
||||
#May break "MAIL" in log2ram.conf if it points to non-local web address.
|
||||
ProtectClock=true
|
||||
ProtectControlGroups=true
|
||||
ProtectHostname=true
|
||||
|
@ -32,8 +32,8 @@ RestrictSUIDSGID=true
|
|||
ProtectSystem=true
|
||||
# ALT: ProtectSystem=full # needs rw whitelisting for /var/hdd.log/
|
||||
ProtectHome=true
|
||||
#will likely break situations wherein configured to also copy logs from $HOME.
|
||||
#can probably fix with systemctl edit to whitelist relevant dirs
|
||||
#may cause breakage in situations wherein user has configured log2ram to also copy logs from $HOME.
|
||||
#can probably fix with systemctl edit to whitelist relevant dirs. See: ReadWritePaths=
|
||||
|
||||
[Install]
|
||||
WantedBy=sysinit.target
|
||||
|
|
Loading…
Reference in New Issue