Skip to content

C
caddy
Commit fd3fafa5 authored by magikstm's avatar magikstm Committed by Matt Holt
Browse files
Options

Disable PrivateDevices in systemd as it doesn't work for some devices (#1990)

parent e20779e4
Show whitespace changes
Inline Side-by-side
Showing with 2 additions and 2 deletions
dist/init/linux-systemd/caddy.service
View file @ fd3fafa5
...@@ -30,8 +30,8 @@ LimitNPROC=512 ...@@ -30,8 +30,8 @@ LimitNPROC=512
; Use private /tmp and /var/tmp, which are discarded after caddy stops. ; Use private /tmp and /var/tmp, which are discarded after caddy stops.
PrivateTmp=true PrivateTmp=true
; Use a minimal /dev ; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.)
PrivateDevices=true PrivateDevices=false
; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys. ; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys.
ProtectHome=true ProtectHome=true
; Make /usr, /boot, /etc and possibly some more folders read-only. ; Make /usr, /boot, /etc and possibly some more folders read-only.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7