aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--newsboat/systemd/user/reload-newsboat.service20
-rw-r--r--systemd/user/notify-email@.service11
2 files changed, 0 insertions, 31 deletions
diff --git a/newsboat/systemd/user/reload-newsboat.service b/newsboat/systemd/user/reload-newsboat.service
index 981ef7bc..2699697c 100644
--- a/newsboat/systemd/user/reload-newsboat.service
+++ b/newsboat/systemd/user/reload-newsboat.service
@@ -8,23 +8,3 @@ Type=oneshot
LogsDirectory=newsboat
LogsDirectoryMode=0700
ExecStart=newsboat --execute=reload --log-file=%L/newsboat/%p.log --log-level=5
-# Hardening
-IPAddressDeny=any
-IPAddressAllow=localhost
-KeyringMode=private
-LockPersonality=true
-MemoryDenyWriteExecute=true
-NoNewPrivileges=true
-RestrictAddressFamilies=AF_UNIX
-RestrictAddressFamilies=~AF_UNIX
-RestrictNamespaces=true
-RestrictRealtime=true
-SystemCallArchitectures=native
-SystemCallErrorNumber=EPERM
-SystemCallFilter=@system-service
-SystemCallFilter=~@privileged @resources
-UMask=0077
-# Slowing
-Nice=10
-IOSchedulingClass=best-effort
-IOSchedulingPriority=7
diff --git a/systemd/user/notify-email@.service b/systemd/user/notify-email@.service
index bddee12a..9293c423 100644
--- a/systemd/user/notify-email@.service
+++ b/systemd/user/notify-email@.service
@@ -4,14 +4,3 @@ Description=unit status mailer service for %i
[Service]
Type=oneshot
ExecStart=sh -c 'systemctl --user status %i | mail --append="From: systemd" --append="X-systemd: %H %m %b" --subject="[systemd] %i failure" %u'
-# Hardening
-DevicePolicy=closed
-IPAddressDeny=any
-PrivateMounts=true
-PrivateTmp=true
-ProtectControlGroups=true
-ProtectHome=true
-ProtectSystem=full
-RemoveIPC=true
-SystemCallErrorNumber=EPERM
-UMask=027
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 09:15:48 +0000