23 lines
703 B
Diff
23 lines
703 B
Diff
|
commit 597d3e0d2643c96cbb1c8282066f0b0bc8534b5c
|
||
|
Author: Luca Boccassi <bluca@debian.org>
|
||
|
Date: Sun Oct 8 19:34:41 2023 +0100
|
||
|
|
||
|
unit: drop IPAddressDeny=any
|
||
|
|
||
|
It is not useful, as only AF_UNIX sockets are permitted anyway, and
|
||
|
a network namespace it is used. It requires loading a BPF program
|
||
|
which might not work everywhere.
|
||
|
|
||
|
diff --git a/data/polkit.service.in b/data/polkit.service.in
|
||
|
index 4b44a80..539a25d 100644
|
||
|
--- a/data/polkit.service.in
|
||
|
+++ b/data/polkit.service.in
|
||
|
@@ -11,7 +11,6 @@ DevicePolicy=strict
|
||
|
ExecStart=@libprivdir@/polkitd --no-debug
|
||
|
User=@polkitd_user@
|
||
|
Group=@polkitd_user@
|
||
|
-IPAddressDeny=any
|
||
|
LimitMEMLOCK=0
|
||
|
LockPersonality=yes
|
||
|
MemoryDenyWriteExecute=yes
|