summaryrefslogtreecommitdiff
path: root/units/systemd-networkd.service.in
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-06-04 18:07:55 +0200
committerLennart Poettering <lennart@poettering.net>2014-06-04 18:12:55 +0200
commit1b8689f94983b47bf190e77ddb03a8fc6af15fb3 (patch)
tree7bb1324b3b882adaa0b8bf786f8848ccec156a94 /units/systemd-networkd.service.in
parent4c02dd7153f970244950b5e00f7bdfea8d2ff0be (diff)
core: rename ReadOnlySystem= to ProtectSystem= and add a third value for also mounting /etc read-only
Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit. With this in place we now have two neat options ProtectSystem= and ProtectHome= for protecting the OS itself (and optionally its configuration), and for protecting the user's data.
Diffstat (limited to 'units/systemd-networkd.service.in')
-rw-r--r--units/systemd-networkd.service.in4
1 files changed, 2 insertions, 2 deletions
diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in
index a928999205..373ac4e0fd 100644
--- a/units/systemd-networkd.service.in
+++ b/units/systemd-networkd.service.in
@@ -20,8 +20,8 @@ Restart=always
RestartSec=0
ExecStart=@rootlibexecdir@/systemd-networkd
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SETUID CAP_SETGID CAP_SETPCAP CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER
-ReadOnlySystem=yes
-ProtectedHome=yes
+ProtectSystem=full
+ProtectHome=yes
WatchdogSec=1min
[Install]