Re: enforced systemd services

To: debian-devel@lists.debian.org
Subject: Re: enforced systemd services
From: Bjørn Mork <bjorn@mork.no>
Date: Tue, 25 Nov 2014 12:11:59 +0100
Message-id: <[🔎] 878uiz8rgg.fsf@nemi.mork.no>
In-reply-to: <[🔎] E1XtCpT-0003Oe-PU@swivel.zugschlus.de> (Marc Haber's message of "Tue, 25 Nov 2014 10:54:39 +0100")
References: <[🔎] CAOkSjBiFyTdnAtwSAxU+SS-_CGbr+Og5hwfoC0PphGmmCP8Q7w@mail.gmail.com> <[🔎] E1XtCpT-0003Oe-PU@swivel.zugschlus.de>

Marc Haber <mh+debian-devel@zugschlus.de> writes:

> Indeed. Do we really have to pull that from a video or presentation
> slides? Is this part of the official systemd docs anywhere?

I don't know of any collection of all security related directives, but
you can find an index of all unit file directives in
systemd.directives(7) with pointers to the man pages where they are
described further. If anyone ever doubted that systemd is bloated with
far too many features, then I do recommend reading systemd.directives(7)
;-)

You'll find the Private* and Protect* directives described in
systemd.exec(5) for a start.

Container services are of course nice features to have, and it is so
elegant to just configure them with a few keywords in a configuration
file. But this mix-it-all-together design does not come for free...

Bjørn

Reply to:

References:
- enforced systemd services (was: Misc Developer News (#37))
  - From: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
- Re: enforced systemd services (was: Misc Developer News (#37))
  - From: Marc Haber <mh+debian-devel@zugschlus.de>

Prev by Date: Re: Age of built packages to be part of the jessie release?
Next by Date: Re: enforced systemd services (was: Misc Developer News (#37))
Previous by thread: Re: enforced systemd services
Next by thread: Re: enforced systemd services (was: Misc Developer News (#37))
Index(es):
- Date
- Thread