Chapril/xmpp.chapril.org-ejabberd
24
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-06-18 22:15:20 +02:00
Code Releases Activity

Merge pull request #1178 from candrews/patch-1

Browse Source 
Harden the systemd unit
This commit is contained in:
Christophe Romain 2016-07-29 11:33:32 +02:00 committed by GitHub
commit 3c58a93eb8
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ejabberd.service.template
View File

@ -12,6 +12,13 @@ ExecStop=@ctlscriptpath@/ejabberdctl stop
ExecReload=@ctlscriptpath@/ejabberdctl reload_config ExecReload=@ctlscriptpath@/ejabberdctl reload_config
Type=oneshot Type=oneshot
RemainAfterExit=yes RemainAfterExit=yes
# The CAP_DAC_OVERRIDE capability is required for pam authentication to work
CapabilityBoundingSet=CAP_DAC_OVERRIDE
PrivateTmp=true
PrivateDevices=true
ProtectHome=true
ProtectSystem=full
NoNewPrivileges=true
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target