gnunet-developers
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-developers] service files


From: ng0
Subject: [GNUnet-developers] service files
Date: Thu, 7 Mar 2019 14:28:42 +0000

I just learned about a couple more specific systemd settings.
The ones I think which could be useful to extend our systemd
example service with are below.

> PrivateTmp:
> Use private /tmp and /var/tmp folders inside a new file system namespace, 
> which are discarded after the process stops.

> ProtectHome:
> The /home, /root, and /run/user folders can not be accessed by this service 
> anymore. If your Pleroma user has its home folder in one of the restricted 
> places, or use one of these folders as its working directory, you have to set 
> this to false.

> ProtectSystem:
> Mount /usr, /boot, and /etc as read-only for processes invoked by this 
> service.


Do you think this is okay for a good user experience, or should
this be a separate example file?



reply via email to

[Prev in Thread] Current Thread [Next in Thread]