frodovdr
/
log2ram
mirror of https://github.com/azlux/log2ram.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update log2ram.service

This commit is contained in:
TubbyCat 2022-08-25 18:31:43 -04:00 committed by GitHub
parent c7aef205b1
commit c449994e22
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
log2ram.service
View File

@ -15,13 +15,13 @@ ExecReload= /usr/local/bin/log2ram write
TimeoutStartSec=120 TimeoutStartSec=120
RemainAfterExit=yes RemainAfterExit=yes
# SANDBOXING # Sandboxing
LockPersonality=true LockPersonality=true
MemoryDenyWriteExecute=true MemoryDenyWriteExecute=true
NoNewPriviliges=true NoNewPriviliges=true
PrivateDevices=true PrivateDevices=true
PrivateNetwork=true PrivateNetwork=true
#Will likely break "MAIL" in log2ram.config if does not point to localhost or is unused. #May break "MAIL" in log2ram.conf if it points to non-local web address.
ProtectClock=true ProtectClock=true
ProtectControlGroups=true ProtectControlGroups=true
ProtectHostname=true ProtectHostname=true
@ -32,8 +32,8 @@ RestrictSUIDSGID=true
ProtectSystem=true ProtectSystem=true
# ALT: ProtectSystem=full # needs rw whitelisting for /var/hdd.log/ # ALT: ProtectSystem=full # needs rw whitelisting for /var/hdd.log/
ProtectHome=true ProtectHome=true
#will likely break situations wherein configured to also copy logs from $HOME. #may cause breakage in situations wherein user has configured log2ram to also copy logs from $HOME.
#can probably fix with systemctl edit to whitelist relevant dirs #can probably fix with systemctl edit to whitelist relevant dirs. See: ReadWritePaths=
[Install] [Install]
WantedBy=sysinit.target WantedBy=sysinit.target