Linuxhotel Wiki

Wie ging das nochmal?




OpenSUSE 15.1 / Systemd 234:

Support for dynamically creating users for the lifetime of a service has been added. If DynamicUser=yes is specified, user and group IDs will be allocated from the range 61184..65519 for the lifetime of the service. They can be resolved using the new NSS module. The module must be enabled in /etc/nsswitch.conf. Services started in this way have PrivateTmp= and RemoveIPC= enabled, so that any resources allocated by the service will be cleaned up when the service exits. They also have ProtectHome=read-only and ProtectSystem=strict enabled, so they are not able to make any permanent modifications to the system.

admin_grundlagen/systemd-security.txt · Zuletzt geändert: 2020/09/16 22:42 von ingo_wichmann