RuhNetConsulting
/
rtpengine
mirror of https://github.com/sipwise/rtpengine
1
1
Fork 0
Code Issues 0 Projects 0 Releases 822 Wiki Activity
Browse Source

TT#182450 systemd hardening: allow R/W access to /var/spool/rtpengine 

By default we use /var/spool/rtpengine as recording directory,
so ensure we have R/W access to it.

Change-Id: I4abf4df218b1ba0dc70ed8974c0661d16e0b6ea7
pull/1509/head
Michael Prokop 4 years ago
parent
81a9366f49
commit
26bf2b05a5
1 changed files with 3 additions and 0 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -0
      debian/ngcp-rtpengine-daemon.service

+ 3
- 0
debian/ngcp-rtpengine-daemon.service View File

@ -43,6 +43,9 @@ ProtectKernelTunables=true
# Service has strict read-only access to the OS file hierarchy # Service has strict read-only access to the OS file hierarchy
ProtectSystem=strict ProtectSystem=strict
# Allow write access
ReadWritePaths=/var/spool/rtpengine
# Access to the kernel log ring buffer will be denied # Access to the kernel log ring buffer will be denied
ProtectKernelLogs=true ProtectKernelLogs=true


Write Preview
Loading…
Cancel
Save