On 2023-07-24 Heiko Schlittermann via Exim-users <exim-users@lists.exim.org> wrote: > Andreas Metzler via Exim-users <exim-users@lists.exim.org> (Mo 24 Jul 2023 > 18:52:14 CEST): [...] > Maybe you want to check the branch hs/systemd-units, there I started to > collect my effort to provide native systemd units for Exim.
> I'd be happy if we can join our efforts. [...] Hello, I do not think ProtectSystem=strict works for exim, however OpenSuse has these and I think they should be fine: PrivateTmp=true ProtectSystem=full PrivateDevices=true ProtectHostname=true ProtectClock=true ProtectKernelTunables=true ProtectKernelModules=true ProtectKernelLogs=true ProtectControlGroups=true ProtectProc=invisible RestrictRealtime=true I do not see why this should not work either: ProtectProc=invisible cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## exim-users-unsubscr...@lists.exim.org ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
