Alexandre Aubin
|
ac52667ca0
|
Merge pull request #180 from YunoHost/improve-systemd-security
Improve systemd hardening
|
2022-11-20 17:53:57 +01:00 |
|
Alexandre Aubin
|
028e7303ab
|
Update conf/systemd.service
Co-authored-by: Tagada <36127788+Tagadda@users.noreply.github.com>
|
2022-11-20 17:52:43 +01:00 |
|
yalh76
|
dd377da623
|
spaces
|
2022-07-02 18:44:48 +02:00 |
|
Alexandre Aubin
|
b6af3ebb37
|
systemd conf: Add AF_NETLINK address family
|
2022-01-25 01:29:14 +01:00 |
|
Alexandre Aubin
|
f6f814e69b
|
Update systemd.service
|
2022-01-19 19:40:39 +01:00 |
|
yalh76
|
965f253be5
|
Merge pull request #136 from YunoHost/sandbox-baseline-for-systemd-services
[WIP] Add some systemd.service security baseline
|
2021-06-11 00:02:06 +02:00 |
|
Kay0u
|
cc0ac3c16a
|
Fix systemd stdout/stderr
|
2020-12-10 13:46:39 +01:00 |
|
Alexandre Aubin
|
6dd9c32323
|
Not sure why but @priviledged is causing issue on some legit services..
|
2020-11-11 20:00:58 +01:00 |
|
Alexandre Aubin
|
f1ec6a6c85
|
Add RestrictAddressFamilies and SystemCallFilter
|
2020-11-11 19:54:27 +01:00 |
|
Alexandre Aubin
|
1ac3a1c1f7
|
Add RestrictNamespaces=yes
|
2020-11-11 19:15:01 +01:00 |
|
Alexandre Aubin
|
fe29c72b12
|
Remove two options that may in fact cause issues ... and add a bunch of CapabilityBoundingSet instructions that should be somewhat sane defaults ?
|
2020-11-11 18:50:52 +01:00 |
|
Alexandre Aubin
|
2b8e86f9c3
|
Update systemd.service
|
2020-11-11 16:02:30 +01:00 |
|
Maniack Crudelis
|
5ef1d07752
|
Add a systemd default file
|
2017-09-05 17:47:31 +02:00 |
|