mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-22 13:33:56 +03:00
portable: set PrivateTmp=yes in trusted profile too
When running on images you don't want to modify the /tmp directory even if it's writable, and often it will just be read-only. Set PrivateTmp=yes. Fixes https://github.com/systemd/systemd/issues/23592
This commit is contained in:
parent
e9c88a608c
commit
f2d26cd89b
@ -1,7 +1,8 @@
|
||||
# The "trusted" profile for services, i.e. no restrictions are applied
|
||||
# The "trusted" profile for services, i.e. no restrictions are applied apart from a private /tmp
|
||||
|
||||
[Service]
|
||||
MountAPIVFS=yes
|
||||
PrivateTmp=yes
|
||||
BindPaths=/run
|
||||
BindReadOnlyPaths=/etc/machine-id
|
||||
BindReadOnlyPaths=/etc/resolv.conf
|
||||
|
Loading…
Reference in New Issue
Block a user