]> git.ipfire.org Git - thirdparty/chrony.git/commitdiff
projects / thirdparty / chrony.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2aefadd)
examples: don't set ProcSubset=pid in systemd unit files
authorMiroslav Lichvar <mlichvar@redhat.com>
Thu, 15 Jun 2023 13:23:40 +0000 (15:23 +0200)
committerMiroslav Lichvar <mlichvar@redhat.com>
Thu, 15 Jun 2023 13:23:40 +0000 (15:23 +0200)
This option seems to break detection of the FIPS mode, which is needed
by gnutls.

examples/chrony-wait.service patch | blob | blame | history
examples/chronyd-restricted.service patch | blob | blame | history
examples/chronyd.service patch | blob | blame | history

diff --git a/examples/chrony-wait.service b/examples/chrony-wait.service
index 72b028f21c53f9baa91dabe3f49b0fb0f6935d14..374f63335292665503d74cafd9edf13111e0bff4 100644 (file)
--- a/examples/chrony-wait.service
+++ b/examples/chrony-wait.service
@@ -25,7 +25,6 @@ LockPersonality=yes
 MemoryDenyWriteExecute=yes
 PrivateDevices=yes
 PrivateUsers=yes
-ProcSubset=pid
 ProtectClock=yes
 ProtectControlGroups=yes
 ProtectHome=yes
diff --git a/examples/chronyd-restricted.service b/examples/chronyd-restricted.service
index 50998338040a5cef3426e6f4a2ac49e1647a61f2..30ba7d9f55c5227939d5c4fe05d8f972d276a474 100644 (file)
--- a/examples/chronyd-restricted.service
+++ b/examples/chronyd-restricted.service
@@ -36,7 +36,6 @@ PrivateDevices=yes
 PrivateTmp=yes
 # This breaks adjtimex()
 #PrivateUsers=yes
-ProcSubset=pid
 ProtectControlGroups=yes
 ProtectHome=yes
 ProtectHostname=yes
diff --git a/examples/chronyd.service b/examples/chronyd.service
index 4fb930efd96a5fe8589d2b7d9104231ff7dd5c03..a42eb92a1ceaab394911a24a5fb280e5e44a919d 100644 (file)
--- a/examples/chronyd.service
+++ b/examples/chronyd.service
@@ -24,7 +24,6 @@ LockPersonality=yes
 MemoryDenyWriteExecute=yes
 NoNewPrivileges=yes
 PrivateTmp=yes
-ProcSubset=pid
 ProtectControlGroups=yes
 ProtectHome=yes
 ProtectHostname=yes
Mirror of https://git.tuxfamily.org/chrony/chrony.git