msfjarvis/server-config
1
Fork 0
mirror of https://github.com/msfjarvis/server-config synced 2025-08-14 08:17:01 +05:30
Code Issues Projects Releases Packages Wiki Activity Actions

systemd/caddy: Allow access to AF_UNIX namespace

Browse source 
caddy connects to php-fpm through a unix socket and thus needs access to it aside from IPv4 and IPv6

http://man7.org/linux/man-pages/man2/socket.2.html
Signed-off-by: Harsh Shandilya <msfjarvis@gmail.com>
This commit is contained in:
Harsh Shandilya 2020-01-09 09:55:45 +05:30
parent e40c2c999b
commit daec82e7ee
No known key found for this signature in database
GPG key ID: C2E74282C2133D62
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
systemd_units/caddy.service
View file

@ -29,7 +29,7 @@ ProtectControlGroups=true
ProtectKernelModules=true ProtectKernelModules=true
ProtectKernelTunables=true ProtectKernelTunables=true
PrivateDevices=true PrivateDevices=true
RestrictAddressFamilies=AF_INET AF_INET6 RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
RestrictNamespaces=true RestrictNamespaces=true
RestrictRealtime=true RestrictRealtime=true
SystemCallArchitectures=native SystemCallArchitectures=native