mirror of
https://github.com/ceph/ceph
synced 2025-01-18 17:12:29 +00:00
b65d9c5457
This change makes it so the mon/osd/mds/radosgw daemons:
o Cannot write to /usr, /etc, and /boot.
o Cannot access /home, /root, or /run/user.
o Each daemon gets its own private /tmp and /var/tmp.
o All daemons get a private /dev without physical devices (exception: osd)
I'm not sure if the osd daemon needs access to a full /dev so I left
ProtectDevices out for ceph-osd@.service.
Signed-off-by: Patrick Donnelly <batrick@batbytes.com>
|
||
|---|---|---|
| .. | ||
| ceph | ||
| ceph-create-keys@.service | ||
| ceph-disk@.service | ||
| ceph-mds.target | ||
| ceph-mds@.service | ||
| ceph-mon.target | ||
| ceph-mon@.service | ||
| ceph-osd.target | ||
| ceph-osd@.service | ||
| ceph-radosgw-prestart.sh | ||
| ceph-radosgw.target | ||
| ceph-radosgw@.service | ||
| ceph.target | ||
| ceph.tmpfiles.d | ||
| Makefile.am | ||
| rbdmap.service | ||