clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 06:37:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Disable ProtectKernelTunables again

Browse Source 
This option was removed in ff8fd0be5c but reintroduced in c32b9e4ba9

Disable it with commentary in hope to prevent slipping it in again.
This commit is contained in:
Maryse47 2021-11-03 13:05:11 +00:00 committed by GitHub
parent 1a94a68fc2
commit 8eb5010104
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
contrib/unbound.service.in
View File

@ -64,7 +64,8 @@ ProtectClock=true
ProtectControlGroups=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
# This breaks using socket options like 'so-rcvbuf'. Explicitly disable for visibility.
ProtectKernelTunables=false
ProtectProc=invisible
ProtectSystem=strict
RuntimeDirectory=unbound