2015-12-20 17:33 GMT+01:00 Michael Biebl :
> # /etc/systemd/system/rsyslog.service.d/override.conf
> [Unit]
...
> Am I doing something wrong or is this a bug in systemd?
Apparently the former. I mixed up [Unit] and [Service]. Should have
checked the journal logs more carefully for errors. After
Am 20.12.2015 um 19:06 schrieb Michael Biebl:
2015-12-20 18:40 GMT+01:00 Reindl Harald :
InaccessibleDirectories=-/home
Makes no difference here. Using InaccessibleDirectories, rsyslogd can
still monitor and read the file in /home/michael
sounds like a *serious* regression
at least "system
2015-12-20 18:40 GMT+01:00 Reindl Harald :
> InaccessibleDirectories=-/home
Makes no difference here. Using InaccessibleDirectories, rsyslogd can
still monitor and read the file in /home/michael.
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away f
Am 20.12.2015 um 17:33 schrieb Michael Biebl:
I'm using systemd v228 and tried to lock down rsyslog a bit.
For that I added
# /etc/systemd/system/rsyslog.service.d/override.conf
[Unit]
ProtectSystem=yes
ProtectHome=yes
CapabilityBoundingSet=~CAP_SYS_ADMIN
I thought ProtectHome=yes would deny
20.12.2015 16:47, Marc Haber пишет:
> On Sun, Dec 20, 2015 at 02:34:15PM +0100, Tomasz Torcz wrote:
>> On Sun, Dec 20, 2015 at 02:30:30PM +0100, Marc Haber wrote:
>>> On Fri, Dec 18, 2015 at 05:00:32PM +0100, Michael Biebl wrote:
and then tell admin to use systemctl edit
[Unit]
Envir
Hi,
I'm using systemd v228 and tried to lock down rsyslog a bit.
For that I added
# /etc/systemd/system/rsyslog.service.d/override.conf
[Unit]
ProtectSystem=yes
ProtectHome=yes
CapabilityBoundingSet=~CAP_SYS_ADMIN
I then went on to test it. For that I created the following rsyslog
config which
*nudge*
Is there really no option about this rather common issue?
Greetings
Marc
On Tue, Dec 15, 2015 at 01:20:34PM +0100, Marc Haber wrote:
> I would like to do policy routing on a router with ~ 10 interfaces
> running Debian Linux and systemd. Networking is managed with ferm and
> systemd-net
On Sun, Dec 20, 2015 at 02:34:15PM +0100, Tomasz Torcz wrote:
> On Sun, Dec 20, 2015 at 02:30:30PM +0100, Marc Haber wrote:
> > On Fri, Dec 18, 2015 at 05:00:32PM +0100, Michael Biebl wrote:
> > > and then tell admin to use systemctl edit
> > > [Unit]
> > > Environment=OPTS=-baz
> >
> > How would
On Fri, Dec 11, 2015 at 03:59:54PM +0100, Reindl Harald wrote:
> EnvironmentFile is a great way to make units flexible with sane
> defaults and i am *not* talking about upstream or distributions here
>
> so taking away that option gains you nothing but breaks things for
> no valid reason - it woul
On Tue, Dec 15, 2015 at 05:59:11PM +, Simon Peeters wrote:
> Why not do like normal people and use configmanagement to put the
> right apache config on the right host?
> This whole "-D testserver" and "" looks like an
> ugly workaround for a lacking configmanagment system.
And what is your bu
On Sun, Dec 20, 2015 at 02:30:30PM +0100, Marc Haber wrote:
> On Fri, Dec 18, 2015 at 05:00:32PM +0100, Michael Biebl wrote:
> > and then tell admin to use systemctl edit
> > [Unit]
> > Environment=OPTS=-baz
>
> How would I do the equivalent of systemctl edit with a declarative
> configuration man
On Fri, Dec 18, 2015 at 05:00:32PM +0100, Michael Biebl wrote:
> and then tell admin to use systemctl edit
> [Unit]
> Environment=OPTS=-baz
How would I do the equivalent of systemctl edit with a declarative
configuration management tool like puppet?
Greetings
Marc
--
---
12 matches
Mail list logo