mirror of
https://github.com/abraunegg/onedrive
synced 2024-04-28 04:03:03 +02:00
systemd: disable non-working remaining sandboxing options (#2205)
* systemd: use PrivateUsers= in user unit ProtectSystem= and other sandboxing options require a user namespace in order to work as user units (the user manager does not run as root and thus without a user namespace it is unable to perform mounts).
This commit is contained in:
parent
4a6c78a7a6
commit
39a0048445
|
@ -5,9 +5,11 @@ After=network-online.target
|
|||
Wants=network-online.target
|
||||
|
||||
[Service]
|
||||
# Commented out hardenings are disabled because they don't work out of the box.
|
||||
# Commented out hardenings are disabled because they may not work out of the box on your distribution
|
||||
# If you know what you are doing please try to enable them.
|
||||
|
||||
ProtectSystem=full
|
||||
PrivateUsers=true
|
||||
#PrivateDevices=true
|
||||
ProtectHostname=true
|
||||
#ProtectClock=true
|
||||
|
|
Loading…
Reference in a new issue