diff options
Diffstat (limited to 'roles/munin-master/files/etc/systemd/system')
| -rw-r--r-- | roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service | 3 | ||||
| -rw-r--r-- | roles/munin-master/files/etc/systemd/system/munin-cgi-html.service | 3 |
2 files changed, 2 insertions, 4 deletions
diff --git a/roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service b/roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service index 60ab444..c8a3609 100644 --- a/roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service +++ b/roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service @@ -1,23 +1,22 @@ [Unit] Description=Munin CGI Graph Service After=network.target PartOf=munin.service Requires=munin-cgi-graph.socket [Service] StandardInput=socket User=www-data Group=munin ExecStart=/usr/lib/munin/cgi/munin-cgi-graph # Hardening NoNewPrivileges=yes PrivateDevices=yes ProtectHome=yes -ProtectSystem=full -ReadOnlyDirectories=/ +ProtectSystem=strict ReadWriteDirectories=-/var/log/munin ReadWriteDirectories=-/var/lib/munin/cgi-tmp/munin-cgi-graph [Install] WantedBy=multi-user.target diff --git a/roles/munin-master/files/etc/systemd/system/munin-cgi-html.service b/roles/munin-master/files/etc/systemd/system/munin-cgi-html.service index 119d3a2..3c0c0e5 100644 --- a/roles/munin-master/files/etc/systemd/system/munin-cgi-html.service +++ b/roles/munin-master/files/etc/systemd/system/munin-cgi-html.service @@ -1,22 +1,21 @@ [Unit] Description=Munin CGI HTML Service After=network.target PartOf=munin.service Requires=munin-cgi-html.socket [Service] StandardInput=socket User=www-data Group=munin ExecStart=/usr/lib/munin/cgi/munin-cgi-html # Hardening NoNewPrivileges=yes PrivateDevices=yes ProtectHome=yes -ProtectSystem=full -ReadOnlyDirectories=/ +ProtectSystem=strict ReadWriteDirectories=-/var/log/munin [Install] WantedBy=multi-user.target |