diff options
author | heimoshuiyu | 2021-10-12 22:51:58 +0800 |
---|---|---|
committer | heimoshuiyu | 2021-10-12 22:51:58 +0800 |
commit | b9b024605bad09d0441c247894e6486c5d411d6a (patch) | |
tree | b297672d0e012996782d20f0622b667a5a02985b | |
parent | 196aadc607e7c3e0327b41ad7d87459d4656ed35 (diff) | |
download | aur-b9b024605bad09d0441c247894e6486c5d411d6a.tar.gz |
Fix: systemd namespaces and protect
-rw-r--r-- | PKGBUILD | 4 | ||||
-rw-r--r-- | caddy.service | 7 |
2 files changed, 4 insertions, 7 deletions
@@ -1,7 +1,7 @@ # Maintainer: hmsy <heimoshuiyu at gmail dot com> pkgname=caddy-webdav-git -pkgver=20210927.059fc32f +pkgver=20211012.c4790d7f pkgrel=1 pkgdesc='HTTP/2 Web Server with Automatic HTTPS and webdav plugin' arch=('x86_64') @@ -18,7 +18,7 @@ source=("caddy::git://github.com/caddyserver/caddy" "caddy.service") sha256sums=('SKIP' '2bcb3cc1e19cec630ea64c014bba5463d49c45a2712d1107d1d10e87d3c023c6' - '9bdd2741269a0ac2088f325ca7c08bfa01ddc707149e5027170bc8aeb83cf0aa') + '7c5cd88ac3a35e3cb5f467118bcf0dac896aba00945ce1566df710c09bf985c2') pkgver() { diff --git a/caddy.service b/caddy.service index 96259b46503d..a35be2b03be7 100644 --- a/caddy.service +++ b/caddy.service @@ -22,8 +22,8 @@ StartLimitIntervalSec=14400 StartLimitBurst=10 [Service] -User=caddy -Group=caddy +User=http +Group=http Environment=XDG_DATA_HOME=/var/lib Environment=XDG_CONFIG_HOME=/etc ExecStartPre=/usr/bin/caddy validate --config /etc/caddy/Caddyfile @@ -54,15 +54,12 @@ PrivateTmp=true ProcSubset=pid ProtectClock=true ProtectControlGroups=true -ProtectHome=true ProtectHostname=true ProtectKernelLogs=true ProtectKernelModules=true ProtectKernelTunables=true ProtectProc=invisible -ProtectSystem=strict RemoveIPC=true -ReadWritePaths=/var/lib/caddy /var/log/caddy /run/caddy RestrictNamespaces=true RestrictRealtime=true RestrictSUIDSGID=true |