gearheads/mastodon
Archived
2
0
Fork 0
Code Releases 4 Activity

templates/systemd/mastodon: update sandbox mode (#16103)

Browse source
This commit is contained in:
Yurii Izorkin 2021-04-24 14:41:03 +03:00 committed by GitHub
parent f4b7c6b619
commit 863ae47b51
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
dist/mastodon-sidekiq.service vendored
View file

@ -38,7 +38,7 @@ PrivateMounts=true
ProtectClock=true
# System Call Filtering
SystemCallArchitectures=native
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @reboot @resources @setuid @swap
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @privileged @raw-io @reboot @resources @setuid @swap
[Install]
WantedBy=multi-user.target

2
dist/mastodon-streaming.service vendored
View file

@ -38,7 +38,7 @@ PrivateMounts=true
ProtectClock=true
# System Call Filtering
SystemCallArchitectures=native
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @reboot @resources @setuid @swap
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @privileged @raw-io @reboot @resources @setuid @swap
[Install]
WantedBy=multi-user.target

2
dist/mastodon-web.service vendored
View file

@ -38,7 +38,7 @@ PrivateMounts=true
ProtectClock=true
# System Call Filtering
SystemCallArchitectures=native
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @reboot @resources @setuid @swap
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @privileged @raw-io @reboot @resources @setuid @swap
[Install]
WantedBy=multi-user.target