summarylogtreecommitdiffstats
path: root/appgateservice.service.patch
diff options
context:
space:
mode:
Diffstat (limited to 'appgateservice.service.patch')
-rw-r--r--appgateservice.service.patch30
1 files changed, 30 insertions, 0 deletions
diff --git a/appgateservice.service.patch b/appgateservice.service.patch
new file mode 100644
index 000000000000..1ac29c283a85
--- /dev/null
+++ b/appgateservice.service.patch
@@ -0,0 +1,30 @@
+diff --git a/lib/systemd/system/appgateservice.service b/lib/systemd/system/appgateservice.service
+index 7a8faf7..f944300 100644
+--- a/lib/systemd/system/appgateservice.service
++++ b/lib/systemd/system/appgateservice.service
+@@ -12,8 +12,8 @@ ExecStart="/opt/appgate/service/appgateservice" --service
+ ExecReload=/bin/kill -HUP $MAINPID
+ Type=simple
+ Restart=always
+-InaccessibleDirectories=/media /boot /srv
+-ReadOnlyDirectories=/etc /usr /bin /lib /lib64 /sbin /mnt
++InaccessibleDirectories=-/media -/boot -/srv
++ReadOnlyDirectories=-/etc -/usr -/bin -/lib -/lib64 -/sbin -/mnt
+ PrivateDevices=true
+ NoNewPrivileges=true
+ PrivateTmp=true
+diff --git a/lib/systemd/system/appgateservice@.service b/lib/systemd/system/appgateservice@.service
+index 74faa34..269ffc4 100644
+--- a/lib/systemd/system/appgateservice@.service
++++ b/lib/systemd/system/appgateservice@.service
+@@ -11,8 +11,8 @@ ExecReload=/bin/kill -HUP $MAINPID
+ Type=forking
+ TimeoutStopSec=30
+ Restart=always
+-InaccessibleDirectories=/media /boot /srv
+-ReadOnlyDirectories=/etc /usr /bin /lib /lib64 /sbin
++InaccessibleDirectories=-/media -/boot -/srv
++ReadOnlyDirectories=-/etc -/usr -/bin -/lib -/lib64 -/sbin
+ PrivateDevices=true
+ NoNewPrivileges=true
+ PrivateTmp=true