On Fri, Feb 26, 2021 at 09:59:00AM +0800, Paul Wise wrote: > Well, you change the config, and it is still broken even though you > changed the config, but you don't notice that, later on you do notice > that, but you don't understand systemd so you don't know that it could > have broken that and cannot figure out how to fix it so you contact the > developers of plocate to find out, and they say to fix PrivateTmp too > and then you wonder why you need to make essentially the same change to > the settings of another program rather than just the plocate settings. > > I think this is a fairly poor user experience for this situation.
Well, what do you think is the right fix? Setting PrivateTmp=false, reducing security for everyone except the tiny minority who wants /tmp indexed? Having something parse PRUNEPATHS and synthesize a systemd unit from that? /* Steinar */ -- Homepage: https://www.sesse.net/
