diff options
Diffstat (limited to 'systemd/user/notify-email@.service')
-rw-r--r-- | systemd/user/notify-email@.service | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/systemd/user/notify-email@.service b/systemd/user/notify-email@.service index 78c95a70..bddee12a 100644 --- a/systemd/user/notify-email@.service +++ b/systemd/user/notify-email@.service @@ -2,5 +2,16 @@ Description=unit status mailer service for %i [Service] -Type=simple +Type=oneshot ExecStart=sh -c 'systemctl --user status %i | mail --append="From: systemd" --append="X-systemd: %H %m %b" --subject="[systemd] %i failure" %u' +# Hardening +DevicePolicy=closed +IPAddressDeny=any +PrivateMounts=true +PrivateTmp=true +ProtectControlGroups=true +ProtectHome=true +ProtectSystem=full +RemoveIPC=true +SystemCallErrorNumber=EPERM +UMask=027 |