aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRyan Kavanagh <rak@rak.ac>2023-08-21 10:27:49 -0400
committerRyan Kavanagh <rak@rak.ac>2023-08-21 10:27:49 -0400
commite938c41e5734cb9b9e9633911a8040f5fce50ebb (patch)
tree8fe83b1fa9fbe2aa1e1c4612fe4afe9dace941e2
parentwd-umount (diff)
PrivateTmp=yes prevents systemd services from accessing SSH agent, drop it
-rw-r--r--dot_config/systemd/user/backup-irclogs.service1
-rw-r--r--dot_config/systemd/user/borgmatic@.service1
2 files changed, 0 insertions, 2 deletions
diff --git a/dot_config/systemd/user/backup-irclogs.service b/dot_config/systemd/user/backup-irclogs.service
index 424073a..edfac91 100644
--- a/dot_config/systemd/user/backup-irclogs.service
+++ b/dot_config/systemd/user/backup-irclogs.service
@@ -13,7 +13,6 @@ Type=oneshot
LockPersonality=true
MemoryDenyWriteExecute=no
NoNewPrivileges=yes
-PrivateTmp=yes
ProtectControlGroups=yes
ProtectHostname=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
diff --git a/dot_config/systemd/user/borgmatic@.service b/dot_config/systemd/user/borgmatic@.service
index 0a2b3e7..5f553cf 100644
--- a/dot_config/systemd/user/borgmatic@.service
+++ b/dot_config/systemd/user/borgmatic@.service
@@ -19,7 +19,6 @@ LockPersonality=true
# But you can try setting it to "yes" for improved security if you don't use those features.
MemoryDenyWriteExecute=no
NoNewPrivileges=yes
-PrivateTmp=yes
ProtectControlGroups=yes
ProtectHostname=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK