Update collabore-tunnel.service
This commit is contained in:
parent
ac1b5209e8
commit
8fba5f8ecb
|
|
@ -34,6 +34,7 @@ PrivateDevices=true
|
|||
ProtectControlGroups=true
|
||||
ProtectKernelModules=true
|
||||
ProtectKernelTunables=true
|
||||
ProtectKernelLogs=true
|
||||
ReadWritePaths=
|
||||
|
||||
# network
|
||||
|
|
@ -54,7 +55,7 @@ ProtectClock=true
|
|||
ProtectProc=invisible
|
||||
|
||||
# capabilities
|
||||
RestrictNamespaces=uts ipc pid cgroup
|
||||
RestrictNamespaces=yes
|
||||
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||
AmbientCapabilities=
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user