From a18449b5bd72308062724e70b9528d989d1f52a1 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 7 Mar 2019 14:38:11 +0100 Subject: [PATCH] units: turn of ProtectHostname= again for services hat need to know about system hostname changes ProtectHostname= turns off hostname change propagation from host to service. This means for services that care about the hostname and need to be able to notice changes to it it's not suitable (though it is useful for most other cases still). Let's turn it off hence for journald (which logs the current hostname) for networkd (which optionally sends the current hostname to dhcp servers) and resolved (which announces the current hostname via llmnr/mdns). --- units/systemd-journald.service.in | 1 - units/systemd-networkd.service.in | 1 - units/systemd-resolved.service.in | 1 - 3 files changed, 3 deletions(-) diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in index 1807d73c68..4684f095c0 100644 --- a/units/systemd-journald.service.in +++ b/units/systemd-journald.service.in @@ -23,7 +23,6 @@ IPAddressDeny=any LockPersonality=yes MemoryDenyWriteExecute=yes NoNewPrivileges=yes -ProtectHostname=yes Restart=always RestartSec=0 RestrictAddressFamilies=AF_UNIX AF_NETLINK diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in index 5da0e1e330..472ef045de 100644 --- a/units/systemd-networkd.service.in +++ b/units/systemd-networkd.service.in @@ -27,7 +27,6 @@ MemoryDenyWriteExecute=yes NoNewPrivileges=yes ProtectControlGroups=yes ProtectHome=yes -ProtectHostname=yes ProtectKernelModules=yes ProtectSystem=strict Restart=on-failure diff --git a/units/systemd-resolved.service.in b/units/systemd-resolved.service.in index eac3f31012..3144b70063 100644 --- a/units/systemd-resolved.service.in +++ b/units/systemd-resolved.service.in @@ -30,7 +30,6 @@ PrivateDevices=yes PrivateTmp=yes ProtectControlGroups=yes ProtectHome=yes -ProtectHostname=yes ProtectKernelModules=yes ProtectKernelTunables=yes ProtectSystem=strict