mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-22 13:33:56 +03:00
portable: set PrivateTmp=yes in trusted profile too
When running on images you don't want to modify the /tmp
directory even if it's writable, and often it will just
be read-only. Set PrivateTmp=yes.
Fixes https://github.com/systemd/systemd/issues/23592
(cherry picked from commit f2d26cd89b
)
This commit is contained in:
parent
9f8b7ee55a
commit
6e111d2811
@ -1,7 +1,8 @@
|
||||
# The "trusted" profile for services, i.e. no restrictions are applied
|
||||
# The "trusted" profile for services, i.e. no restrictions are applied apart from a private /tmp
|
||||
|
||||
[Service]
|
||||
MountAPIVFS=yes
|
||||
PrivateTmp=yes
|
||||
BindPaths=/run
|
||||
BindReadOnlyPaths=/etc/machine-id
|
||||
BindReadOnlyPaths=/etc/resolv.conf
|
||||
|
Loading…
Reference in New Issue
Block a user