mirror of https://github.com/azlux/log2ram.git
Update log2ram.service
This commit is contained in:
parent
c7aef205b1
commit
c449994e22
|
@ -15,13 +15,13 @@ ExecReload= /usr/local/bin/log2ram write
|
||||||
TimeoutStartSec=120
|
TimeoutStartSec=120
|
||||||
RemainAfterExit=yes
|
RemainAfterExit=yes
|
||||||
|
|
||||||
# SANDBOXING
|
# Sandboxing
|
||||||
LockPersonality=true
|
LockPersonality=true
|
||||||
MemoryDenyWriteExecute=true
|
MemoryDenyWriteExecute=true
|
||||||
NoNewPriviliges=true
|
NoNewPriviliges=true
|
||||||
PrivateDevices=true
|
PrivateDevices=true
|
||||||
PrivateNetwork=true
|
PrivateNetwork=true
|
||||||
#Will likely break "MAIL" in log2ram.config if does not point to localhost or is unused.
|
#May break "MAIL" in log2ram.conf if it points to non-local web address.
|
||||||
ProtectClock=true
|
ProtectClock=true
|
||||||
ProtectControlGroups=true
|
ProtectControlGroups=true
|
||||||
ProtectHostname=true
|
ProtectHostname=true
|
||||||
|
@ -32,8 +32,8 @@ RestrictSUIDSGID=true
|
||||||
ProtectSystem=true
|
ProtectSystem=true
|
||||||
# ALT: ProtectSystem=full # needs rw whitelisting for /var/hdd.log/
|
# ALT: ProtectSystem=full # needs rw whitelisting for /var/hdd.log/
|
||||||
ProtectHome=true
|
ProtectHome=true
|
||||||
#will likely break situations wherein configured to also copy logs from $HOME.
|
#may cause breakage in situations wherein user has configured log2ram to also copy logs from $HOME.
|
||||||
#can probably fix with systemctl edit to whitelist relevant dirs
|
#can probably fix with systemctl edit to whitelist relevant dirs. See: ReadWritePaths=
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=sysinit.target
|
WantedBy=sysinit.target
|
||||||
|
|
Loading…
Reference in New Issue