2017-11-30 18:24 GMT+01:00 Lennart Poettering :
> On Do, 30.11.17 10:35, Mantas Mikulėnas (graw...@gmail.com) wrote:
>
>> Then I'm guessing ProtectSystem=strict overrides ReadWritePaths and makes
>> /var/log read-only...
>
> Hmm, it does? It really shouldn't.
>
> I thought the issues were mostly ar
On Do, 30.11.17 10:35, Mantas Mikulėnas (graw...@gmail.com) wrote:
> Then I'm guessing ProtectSystem=strict overrides ReadWritePaths and makes
> /var/log read-only...
Hmm, it does? It really shouldn't.
I thought the issues were mostly around InaccessiblePaths= not
permitting exclusions, not abo
2017-11-30 16:07 GMT+01:00 Michael Biebl :
> 2017-11-30 9:35 GMT+01:00 Mantas Mikulėnas :
>> On Thu, Nov 30, 2017 at 10:31 AM, Michael Biebl wrote:
>>>
>>> 2017-11-30 6:52 GMT+01:00 Mantas Mikulėnas :
>>> > On Thu, Nov 30, 2017 at 5:27 AM, Michael Biebl wrote:
>>> >>
>>> >> [Service]
>>> >> Prote
On Thu, Nov 30, 2017 at 10:31 AM, Michael Biebl wrote:
> 2017-11-30 6:52 GMT+01:00 Mantas Mikulėnas :
> > On Thu, Nov 30, 2017 at 5:27 AM, Michael Biebl wrote:
> >>
> >> Hi,
> >>
> >> today I tried to lock down the rsyslog.service that I have on my system.
> >>
> >> For that I first created an o
2017-11-30 6:52 GMT+01:00 Mantas Mikulėnas :
> On Thu, Nov 30, 2017 at 5:27 AM, Michael Biebl wrote:
>>
>> Hi,
>>
>> today I tried to lock down the rsyslog.service that I have on my system.
>>
>> For that I first created an override.conf that contained
>>
>> [Service]
>> ProtectHome=yes
>> Private
On Thu, Nov 30, 2017 at 5:27 AM, Michael Biebl wrote:
> Hi,
>
> today I tried to lock down the rsyslog.service that I have on my system.
>
> For that I first created an override.conf that contained
>
> [Service]
> ProtectHome=yes
> PrivateTmp=yes
> PrivateDevices=yes
>
> ProtectSystem=strict
> Re
Hi,
today I tried to lock down the rsyslog.service that I have on my system.
For that I first created an override.conf that contained
[Service]
ProtectHome=yes
PrivateTmp=yes
PrivateDevices=yes
ProtectSystem=strict
ReadWritePaths=/var/log
ReadWritePaths=/var/spool/rsyslog
ReadWritePaths=/proc/k