database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-08-09 22:24:09 +03:00
Code Activity

MDEV-10404 - Improved systemd service hardening causes SELinux problems

Browse Source 
Disabled NoNewPrivileges until SELinux policy is fixed.
This commit is contained in:
Sergey Vojtovich
2016-08-17 13:57:34 +04:00
parent 48fbb2bf07
commit 1e160e5cb3
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
support-files/mariadb.service.in
View File

@@ -48,7 +48,8 @@ CapabilityBoundingSet=CAP_IPC_LOCK
# Prevent writes to /usr, /boot, and /etc # Prevent writes to /usr, /boot, and /etc
ProtectSystem=full ProtectSystem=full
NoNewPrivileges=true # Doesn't yet work properly with SELinux enabled
# NoNewPrivileges=true
PrivateDevices=true PrivateDevices=true

3
support-files/mariadb@.service.in
View File

@@ -55,7 +55,8 @@ CapabilityBoundingSet=CAP_IPC_LOCK
# Prevent writes to /usr, /boot, and /etc # Prevent writes to /usr, /boot, and /etc
ProtectSystem=full ProtectSystem=full
NoNewPrivileges=true # Doesn't yet work properly with SELinux enabled
# NoNewPrivileges=true
PrivateDevices=true PrivateDevices=true