eessppeelllloo/listmonk
1
0
Fork 0
mirror of https://github.com/knadh/listmonk.git synced 2025-12-05 16:00:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Enable extra system calls in systemd service (#1309)

Browse Source
This commit is contained in:
runningnoodle
2023-07-12 10:12:54 -04:00
committed by GitHub
parent 329b645a3d
commit d69b766a3a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
listmonk@.service
View File

@@ -35,7 +35,7 @@ SystemCallArchitectures=native
# Only enable a reasonable set of system calls. # Only enable a reasonable set of system calls.
# see: https://www.freedesktop.org/software/systemd/man/systemd.exec.html#SystemCallFilter= # see: https://www.freedesktop.org/software/systemd/man/systemd.exec.html#SystemCallFilter=
SystemCallFilter=@system-service SystemCallFilter=@system-service
SystemCallFilter=~@privileged @resources SystemCallFilter=~@privileged
# ProtectSystem=strict, which is implied by DynamicUser=True, already disabled write calls # ProtectSystem=strict, which is implied by DynamicUser=True, already disabled write calls
# to the entire filesystem hierarchy, leaving only /dev/, /proc/, and /sys/ writable. # to the entire filesystem hierarchy, leaving only /dev/, /proc/, and /sys/ writable.
# listmonk doesnt need access to those so might as well disable them. # listmonk doesnt need access to those so might as well disable them.