Commit db0a2bd0 authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

archweb: harden mirrorresolv service

parent 025a8ce6
...@@ -7,6 +7,16 @@ Type=oneshot ...@@ -7,6 +7,16 @@ Type=oneshot
User=archweb User=archweb
WorkingDirectory={{ archweb_dir }} WorkingDirectory={{ archweb_dir }}
ExecStart={{ archweb_dir }}/env/bin/python manage.py mirrorresolv ExecStart={{ archweb_dir }}/env/bin/python manage.py mirrorresolv
Nice=5
NoNewPrivileges=yes
ProtectSystem=strict
ProtectHome=true
PrivateTmp=true
PrivateDevices=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectControlGroups=true
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment