knadh/listmonk
1
1
Fork 0
mirror of https://github.com/knadh/listmonk.git synced 2024-11-10 09:02:36 +08:00
Code Issues Projects Releases Packages Wiki Activity

Enable extra system calls in systemd service (#1309)

Browse source
This commit is contained in:
runningnoodle 2023-07-12 10:12:54 -04:00 committed by GitHub
parent 329b645a3d
commit d69b766a3a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
listmonk@.service
View file

@ -35,7 +35,7 @@ SystemCallArchitectures=native
# Only enable a reasonable set of system calls.
# see: https://www.freedesktop.org/software/systemd/man/systemd.exec.html#SystemCallFilter=
SystemCallFilter=@system-service
SystemCallFilter=~@privileged @resources
SystemCallFilter=~@privileged
# ProtectSystem=strict, which is implied by DynamicUser=True, already disabled write calls
# to the entire filesystem hierarchy, leaving only /dev/, /proc/, and /sys/ writable.
# listmonk doesnt need access to those so might as well disable them.