danwin1210/hosting
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

BindPaths -> ReadWritePaths for all systemd services

Browse Source
This commit is contained in:
Daniel Winzen
2020-01-05 19:31:52 +01:00
parent d7c886bb54
commit 930052fe1e
3 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
etc/systemd/system/mariadb.service.d/custom.conf
View File

@ -11,8 +11,8 @@ ProtectKernelModules=true
ProtectControlGroups=true
LockPersonality=true
SystemCallArchitectures=native
BindPaths=-/var/log/mysql/
BindPaths=-/var/lib/mysql/
BindPaths=-/var/run/mysqld/
BindPaths=-/run/mysqld/
ReadWritePaths=-/var/log/mysql/
ReadWritePaths=-/var/lib/mysql/
ReadWritePaths=-/var/run/mysqld/
ReadWritePaths=-/run/mysqld/
InaccessiblePaths=/var/www/

6
etc/systemd/system/postfix.service.d/custom.conf
View File

@ -9,6 +9,6 @@ ProtectControlGroups=true
LockPersonality=true
MemoryDenyWriteExecute=true
SystemCallArchitectures=native
BindPaths=/var/spool/
BindPaths=/var/lib/postfix/
InaccessiblePaths=/var/www/
ReadWritePaths=-/var/spool/
ReadWritePaths=-/var/lib/postfix/
InaccessiblePaths=-/var/www/

6
etc/systemd/system/postfix@.service.d/custom.conf
View File

@ -9,6 +9,6 @@ ProtectControlGroups=true
LockPersonality=true
MemoryDenyWriteExecute=true
SystemCallArchitectures=native
BindPaths=/var/spool/
BindPaths=/var/lib/
InaccessiblePaths=/var/www/
ReadWritePaths=-/var/spool/
ReadWritePaths=-/var/lib/
InaccessiblePaths=-/var/www/