diff options
| author | Bogdan Khomutsky <bogdan@khomutsky.com> | 2018-07-09 11:13:28 +0300 |
|---|---|---|
| committer | 无闻 <u@gogs.io> | 2018-07-09 16:13:28 +0800 |
| commit | 66016b8499761460ccf3db99a4747ca87a50ff33 (patch) | |
| tree | 9e9b9a0baee2b26cb32facc34ab5bbb084d64362 /scripts | |
| parent | 8bbf0293f5f894911bb1df2f0bb80da3bb8c9dcd (diff) | |
scripts: apply hardening for systemd service (#5332)
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/systemd/gogs.service | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/scripts/systemd/gogs.service b/scripts/systemd/gogs.service index 9f105bf8..d9f12e30 100644 --- a/scripts/systemd/gogs.service +++ b/scripts/systemd/gogs.service @@ -18,6 +18,10 @@ WorkingDirectory=/home/git/gogs ExecStart=/home/git/gogs/gogs web Restart=always Environment=USER=git HOME=/home/git +# Hardening +ProtectSystem=full +PrivateDevices=yes +PrivateTmp=yes [Install] WantedBy=multi-user.target |