tarrien/Mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

templates/systemd/mastodon: update sandbox mode (#16103)

Browse Source
This commit is contained in:
Yurii Izorkin
2021-04-24 14:41:03 +03:00
committed by GitHub
parent f4b7c6b619
commit 863ae47b51
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dist/mastodon-sidekiq.service vendored
View File

@@ -38,7 +38,7 @@ PrivateMounts=true
ProtectClock=true
# System Call Filtering
SystemCallArchitectures=native
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @reboot @resources @setuid @swap
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @privileged @raw-io @reboot @resources @setuid @swap
[Install]
WantedBy=multi-user.target

2
dist/mastodon-streaming.service vendored
View File

@@ -38,7 +38,7 @@ PrivateMounts=true
ProtectClock=true
# System Call Filtering
SystemCallArchitectures=native
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @reboot @resources @setuid @swap
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @privileged @raw-io @reboot @resources @setuid @swap
[Install]
WantedBy=multi-user.target

2
dist/mastodon-web.service vendored
View File

@@ -38,7 +38,7 @@ PrivateMounts=true
ProtectClock=true
# System Call Filtering
SystemCallArchitectures=native
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @reboot @resources @setuid @swap
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @privileged @raw-io @reboot @resources @setuid @swap
[Install]
WantedBy=multi-user.target