fedora-atomic

Clone
Source Code
GIT

#78 post: Re-instate systemd ProtectHome/ProtectSystem and PrivateTmp
Merged 6 years ago by jlebon. Opened 6 years ago by walters.
walters/fedora-atomic systemd-protect  into  master

file modified
-3 
@@ -4,6 +4,3 @@ 
 

  

  # Work around https://bugzilla.redhat.com/show_bug.cgi?id=1265295
 

  echo 'Storage=persistent' >> /etc/systemd/journald.conf
 

- 

- # Work around https://github.com/systemd/systemd/issues/4082
 

- find /usr/lib/systemd/system/ -type f -exec sed -i -e '/^PrivateTmp=/d' -e '/^Protect\(Home\|System\)=/d' {} \;

This reverts https://pagure.io/fedora-atomic/c/6a8ee9a65491d5a37c9177a6d8a709a4ecb3baf7?branch=master

I've tested that a rebase of F26AH works with the latest systemd there; for
example it looks like chronyd.service uses PrivateTmp=yes and
ProtectSystem=full, and it's running fine.

It seems like the fix made it in systemd v232, which is in F26 as well. We should consider getting this in f26/f27 too, but let's prove it out in rawhide.

Pull-Request has been merged by jlebon
6 years ago
Metadata
None
No Tags
Changes Summary 1
+0 -3
file changed
treecompose-post.sh
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.