diff options
author | Ryan Kavanagh <rak@rak.ac> | 2023-08-21 10:27:49 -0400 |
---|---|---|
committer | Ryan Kavanagh <rak@rak.ac> | 2023-08-21 10:27:49 -0400 |
commit | e938c41e5734cb9b9e9633911a8040f5fce50ebb (patch) | |
tree | 8fe83b1fa9fbe2aa1e1c4612fe4afe9dace941e2 /dot_config | |
parent | wd-umount (diff) |
PrivateTmp=yes prevents systemd services from accessing SSH agent, drop it
Diffstat (limited to 'dot_config')
-rw-r--r-- | dot_config/systemd/user/backup-irclogs.service | 1 | ||||
-rw-r--r-- | dot_config/systemd/user/borgmatic@.service | 1 |
2 files changed, 0 insertions, 2 deletions
diff --git a/dot_config/systemd/user/backup-irclogs.service b/dot_config/systemd/user/backup-irclogs.service index 424073a..edfac91 100644 --- a/dot_config/systemd/user/backup-irclogs.service +++ b/dot_config/systemd/user/backup-irclogs.service @@ -13,7 +13,6 @@ Type=oneshot LockPersonality=true MemoryDenyWriteExecute=no NoNewPrivileges=yes -PrivateTmp=yes ProtectControlGroups=yes ProtectHostname=yes RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK diff --git a/dot_config/systemd/user/borgmatic@.service b/dot_config/systemd/user/borgmatic@.service index 0a2b3e7..5f553cf 100644 --- a/dot_config/systemd/user/borgmatic@.service +++ b/dot_config/systemd/user/borgmatic@.service @@ -19,7 +19,6 @@ LockPersonality=true # But you can try setting it to "yes" for improved security if you don't use those features. MemoryDenyWriteExecute=no NoNewPrivileges=yes -PrivateTmp=yes ProtectControlGroups=yes ProtectHostname=yes RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK |