Skip to content
This repository has been archived by the owner on Jun 21, 2018. It is now read-only.

Commit

Permalink
systemd: Override security measures for some services
Browse files Browse the repository at this point in the history
  • Loading branch information
KellerFuchs committed Sep 21, 2015
1 parent 39a713b commit 32c9893
Show file tree
Hide file tree
Showing 5 changed files with 14 additions and 0 deletions.
3 changes: 3 additions & 0 deletions systemd/system/auditd.service.d/override.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
[Service]
CapabilityBoundingSet=
NoNewPrivileges=false
2 changes: 2 additions & 0 deletions systemd/system/cron.service.d/override.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
[Service]
ProtectSystem=false
2 changes: 2 additions & 0 deletions systemd/system/lm-sensors.service.d/override.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
[Service]
PrivateDevices=false
4 changes: 4 additions & 0 deletions systemd/system/restorecond.service.d/override.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
[Service]
CapabilityBoundingSet=
ProtectSystem=true # restorecond handles files in /etc
ProtectHome=false # restorecond handles files in /root
3 changes: 3 additions & 0 deletions systemd/system/ssh.service.d/override.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
[Service]
CapabilityBoundingSet=
NoNewPrivileges=false

0 comments on commit 32c9893

Please sign in to comment.