upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- Fix #1229: Systemd service sandboxing, options in wrong sections.

Browse source 
git-svn-id: file:///svn/unbound/trunk@4078 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2017-03-22 07:22:34 +00:00
parent 78fecfe558
commit 4fb762f6e4
2 changed files with 9 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
contrib/unbound.service.in
View file

@ -1,13 +1,15 @@
[Service] [Unit]
Type=notify Description=Validating, recursive, and caching DNS resolver
NotifyAccess=main Documentation=man:unbound(8)
ExecStart=/home/vagrant/unbound_systemd/unbound
ExecReload=/bin/kill -HUP $MAINPID
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
[Unit] [Service]
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/home/vagrant/unbound_systemd/unbound
NotifyAccess=main
Type=notify
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT
MemoryDenyWriteExecute=true MemoryDenyWriteExecute=true
NoNewPrivileges=true NoNewPrivileges=true

1
doc/Changelog
View file

@ -2,6 +2,7 @@
- Fix #1238: segmentation fault when adding through the remote - Fix #1238: segmentation fault when adding through the remote
interface a per-view local zone to a view with no previous interface a per-view local zone to a view with no previous
(configured) local zones. (configured) local zones.
- Fix #1229: Systemd service sandboxing, options in wrong sections.
21 March 2017: Ralph 21 March 2017: Ralph
- Merge EDNS Client subnet implementation from feature branch into main - Merge EDNS Client subnet implementation from feature branch into main