RepoMirrors/ceph
1
0
Fork 0
mirror of https://github.com/ceph/ceph synced 2024-12-28 22:43:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
94f9e0e06b
ceph/systemd
History
Patrick Donnelly 9a84d5a09b
systemd: lock down more privileges 
Including:

        ProtectClock=true
        ProtectHostname=true
        ProtectKernelLogs=true
        RestrictSUIDSGID=true

Also, alphabetize [service] settings.

Finally, add some protections for
systemd/ceph-immutable-object-cache@.service.in present in our other
service files but not this one.

Signed-off-by: Patrick Donnelly <pdonnell@redhat.com>
2020-05-09 14:53:05 -07:00
..
50-ceph.preset
ceph-crash.service.in
ceph-fuse.target
ceph-fuse@.service.in systemd: lock down more privileges 2020-05-09 14:53:05 -07:00
ceph-immutable-object-cache.target
ceph-immutable-object-cache@.service.in systemd: lock down more privileges 2020-05-09 14:53:05 -07:00
ceph-mds.target
ceph-mds@.service.in systemd: lock down more privileges 2020-05-09 14:53:05 -07:00
ceph-mgr.target
ceph-mgr@.service.in systemd: lock down more privileges 2020-05-09 14:53:05 -07:00
ceph-mon.target
ceph-mon@.service.in systemd: lock down more privileges 2020-05-09 14:53:05 -07:00
ceph-osd.target
ceph-osd@.service.in systemd: lock down more privileges 2020-05-09 14:53:05 -07:00
ceph-radosgw.target
ceph-radosgw@.service.in systemd: lock down more privileges 2020-05-09 14:53:05 -07:00
ceph-rbd-mirror.target
ceph-rbd-mirror@.service.in systemd: lock down more privileges 2020-05-09 14:53:05 -07:00
ceph-volume@.service
ceph.target
ceph.tmpfiles.d
CMakeLists.txt
rbdmap.service.in