NoNewPrivileges breaks ability to send email via sendmail because it restricts abilit...

author Mark Felder <feld@FreeBSD.org>

Fri, 23 Oct 2020 20:32:32 +0000 (15:32 -0500)

committer Mark Felder <feld@FreeBSD.org>

Fri, 23 Oct 2020 20:32:32 +0000 (15:32 -0500)
author Mark Felder <feld@FreeBSD.org>
Fri, 23 Oct 2020 20:32:32 +0000 (15:32 -0500)
committer Mark Felder <feld@FreeBSD.org>
Fri, 23 Oct 2020 20:32:32 +0000 (15:32 -0500)
diff --git a/installation/pleroma.service b/installation/pleroma.service

index ee00a3b7ad5b7654b7e8dcdf23f362f284e0786c..63e83ed6efe27842d4867a2927fcf5c6c0aebd16 100644 (file)
--- a/installation/pleroma.service
+++ b/installation/pleroma.service
@@ -31,8 +31,6 @@ ProtectHome=true
  ProtectSystem=full
  ; Sets up a new /dev mount for the process and only adds API pseudo devices like /dev/null, /dev/zero or /dev/random but not physical devices. Disabled by default because it may not work on devices like the Raspberry Pi.
  PrivateDevices=false
-; Ensures that the service process and all its children can never gain new privileges through execve().
-NoNewPrivileges=true
  ; Drops the sysadmin capability from the daemon.
  CapabilityBoundingSet=~CAP_SYS_ADMIN
author	Mark Felder <feld@FreeBSD.org>
	Fri, 23 Oct 2020 20:32:32 +0000 (15:32 -0500)
committer	Mark Felder <feld@FreeBSD.org>
	Fri, 23 Oct 2020 20:32:32 +0000 (15:32 -0500)