Verified Commit b5c138ca authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

Make ProtectHome tmpfs for aurweb

AURweb's rendercomment script uses python's libgit2 bindings which error
out when it can't read /home/aur/.git due to ProtectHome=true, instead
use ProtectHome=tmpfs.
parent eb83d2a4
Pipeline #559 passed with stage
in 1 minute and 4 seconds
...@@ -12,7 +12,9 @@ NoNewPrivileges=true ...@@ -12,7 +12,9 @@ NoNewPrivileges=true
;PrivateNetwork=true ;PrivateNetwork=true
PrivateDevices=true PrivateDevices=true
ProtectHome=true # AURweb's rendercomment script git bindings requires access to /home:
# failed to stat '/home/aur/.gitconfig
ProtectHome=tmpfs
ProtectSystem=full ProtectSystem=full
InaccessiblePaths=-/var/lib/mysql InaccessiblePaths=-/var/lib/mysql
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment