mirror of
https://github.com/abraunegg/onedrive
synced 2024-05-09 17:26:47 +02:00
systemd: disable non-working remaining sandboxing options (#2205)
* systemd: use PrivateUsers= in user unit ProtectSystem= and other sandboxing options require a user namespace in order to work as user units (the user manager does not run as root and thus without a user namespace it is unable to perform mounts).
This commit is contained in:
parent
4a6c78a7a6
commit
39a0048445
|
@ -5,9 +5,11 @@ After=network-online.target
|
||||||
Wants=network-online.target
|
Wants=network-online.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
# Commented out hardenings are disabled because they don't work out of the box.
|
# Commented out hardenings are disabled because they may not work out of the box on your distribution
|
||||||
# If you know what you are doing please try to enable them.
|
# If you know what you are doing please try to enable them.
|
||||||
|
|
||||||
ProtectSystem=full
|
ProtectSystem=full
|
||||||
|
PrivateUsers=true
|
||||||
#PrivateDevices=true
|
#PrivateDevices=true
|
||||||
ProtectHostname=true
|
ProtectHostname=true
|
||||||
#ProtectClock=true
|
#ProtectClock=true
|
||||||
|
|
Loading…
Reference in a new issue