Arav/dwelling-upload
1
0
Fork 0
Code Releases 12 Activity

Another attempt on restricting executable paths.

Browse Source
This commit is contained in:
Alexander Andreev 2022-03-30 01:32:00 +04:00
parent 14f2cdba24
commit 3f8fbc4e12
Signed by: Arav
GPG Key ID: 1327FE8A374CC86F
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
init/systemd/dwelling-upload-clean.service
View File

@ -6,9 +6,12 @@ Type=oneshot
User=dwupload User=dwupload
Group=dwupload Group=dwupload
ExecStart=/usr/bin/dwelling-upload-clean -conf /etc/dwelling/upload.yaml ExecStart=/usr/bin/dwelling-upload-clean -conf /etc/dwelling/upload.yaml
ReadOnlyPaths=/ ReadOnlyPaths=/
# Set here path to directory where uploads are stored. # Set here path to directory where uploads are stored.
ReadWritePaths=/srv/upload ReadWritePaths=/srv/upload
NoExecPaths=/
ExecPaths=/usr/bin/dwelling-upload-clean
LogsDirectory=dwelling-upload LogsDirectory=dwelling-upload