perso/syncthing-arm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Jail the whole thing a bit more

Browse Source 
Add WorkingDirectory to create and use the certificates within
/var/lib/syncthing-relaysrv. Add RootDirectory to chroot(2) the whole
thing into that directory.
This commit is contained in:
Stefan Tatschner
2015-10-10 14:56:47 +02:00
parent dc5627a2ef
commit 7e4f08c033
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/relaysrv/etc/linux-systemd/syncthing-relaysrv.service
+2
View File
@@ -6,6 +6,8 @@ After=network.target
User=syncthing-relaysrv User=syncthing-relaysrv
Group=syncthing-relaysrv Group=syncthing-relaysrv
ExecStart=/usr/bin/syncthing-relaysrv ExecStart=/usr/bin/syncthing-relaysrv
WorkingDirectory=/var/lib/syncthing-relaysrv
RootDirectory=/var/lib/syncthing-relaysrv
PrivateTmp=true PrivateTmp=true
ProtectSystem=full ProtectSystem=full