Add no_new_privs to OpenRC service files

This commit is contained in:
Haelwenn (lanodan) Monnier 2023-06-13 12:45:18 +02:00 committed by Norm
parent 33e7ae7637
commit 166ddebdbc
No known key found for this signature in database
GPG key ID: 41288320096BE045
2 changed files with 2 additions and 0 deletions

View file

@ -8,6 +8,7 @@ pidfile="/var/run/akkoma.pid"
directory=/opt/akkoma directory=/opt/akkoma
healthcheck_delay=60 healthcheck_delay=60
healthcheck_timer=30 healthcheck_timer=30
no_new_privs="yes"
: ${akkoma_port:-4000} : ${akkoma_port:-4000}

View file

@ -9,6 +9,7 @@ command=/opt/akkoma/bin/pleroma
command_args="start" command_args="start"
command_user=akkoma command_user=akkoma
command_background=1 command_background=1
no_new_privs="yes"
# Ask process to terminate within 30 seconds, otherwise kill it # Ask process to terminate within 30 seconds, otherwise kill it
retry="SIGTERM/30/SIGKILL/5" retry="SIGTERM/30/SIGKILL/5"