#79 post: Re-instate systemd ProtectHome/ProtectSystem and PrivateTmp
Merged 6 years ago by jlebon. Opened 6 years ago by walters.
walters/fedora-atomic f26-systemd-protectsystem  into  f26

file modified
-3
@@ -4,6 +4,3 @@ 

  

  # Work around https://bugzilla.redhat.com/show_bug.cgi?id=1265295

  echo 'Storage=persistent' >> /etc/systemd/journald.conf

- 

- # Work around https://github.com/systemd/systemd/issues/4082

- find /usr/lib/systemd/system/ -type f -exec sed -i -e '/^PrivateTmp=/d' -e '/^Protect\(Home\|System\)=/d' {} \;

This reverts https://pagure.io/fedora-atomic/c/6a8ee9a65491d5a37c9177a6d8a709a4ecb3baf7?branch=master

I've tested that a rebase of F26AH works with the latest systemd there; for
example it looks like chronyd.service uses PrivateTmp=yes and
ProtectSystem=full, and it's running fine.

Cherry pick from master. To be merged right after the next F26AH release.

Just to be sure, you meant the release that already went out today or in the next one in two weeks? Seems like it should be safe to merge now.

I think I got confused since I thought I saw a release but now I can't find it in my email. I don't see it on https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2017-August/thread.html either. And hmm...trying to pull I get an error about the commit not being signed.

Pull-Request has been merged by jlebon

6 years ago
Metadata