octoleo/syncthing
1
0
Fork 0
mirror of https://github.com/octoleo/syncthing.git synced 2024-11-09 23:00:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Jail the whole thing a bit more

Browse Source 
Add WorkingDirectory to create and use the certificates within
/var/lib/syncthing-relaysrv. Add RootDirectory to chroot(2) the whole
thing into that directory.
This commit is contained in:
Stefan Tatschner 2015-10-10 14:56:47 +02:00
parent dc5627a2ef
commit 7e4f08c033
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/relaysrv/etc/linux-systemd/syncthing-relaysrv.service
View File

@ -6,6 +6,8 @@ After=network.target
User=syncthing-relaysrv
Group=syncthing-relaysrv
ExecStart=/usr/bin/syncthing-relaysrv
WorkingDirectory=/var/lib/syncthing-relaysrv
RootDirectory=/var/lib/syncthing-relaysrv
PrivateTmp=true
ProtectSystem=full