Hi Gerald, Am Mittwoch, 20. Oktober 2021, 15:16:18 CEST schrieb Gerald Wiese: > 1) Logging in the systemd service regarding both the wikibooks documentation > and the shipped script when downloading from > https://ftp.gnu.org/gnu/health/ > > The line > > "ExecStart=/home/gnuhealth/start_gnuhealth.sh" > > could be changed into > > "ExecStart=/home/gnuhealth/start_gnuhealth.sh --logconf > /home/gnuhealth/gnuhealth/tryton/server/config/gnuhealth_log.conf"
In the context of systemd, maybe you should consider the security settings that the openSUSE security team proposed: [Service] PrivateTmp=true ProtectSystem=true ProtectHome=true ProtectKernelModules=true ProtectKernelTunables=true ProtectControlGroups=true MountFlags=private NoNewPrivileges=true PrivateDevices=true ProtectHostname=true ProtectClock=true ProtectKernelLogs=true RestrictRealtime=true MemoryDenyWriteExecute=true Cheers Axel
