From abdcbd3f6535a7269ba5ea453fa8f80dbbe0b2b9 Mon Sep 17 00:00:00 2001
From: James Valleroy <jvalleroy@mailbox.org>
Date: Tue, 4 Feb 2020 18:07:52 -0500
Subject: [PATCH] security: Drop PrivateUsers=yes from all service files

Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
---
 actions/deluge                                                   | 1 -
 actions/infinoted                                                | 1 -
 .../lib/systemd/system/mldonkey-server.service.d/freedombox.conf | 1 -
 .../storage/data/lib/systemd/system/freedombox-udiskie.service   | 1 -
 .../lib/systemd/system/freedombox-setup-repositories.service     | 1 -
 5 files changed, 5 deletions(-)

diff --git a/actions/deluge b/actions/deluge
index ebd886eab..ad0f6f51c 100755
--- a/actions/deluge
+++ b/actions/deluge
@@ -58,7 +58,6 @@ LockPersonality=yes
 NoNewPrivileges=yes
 PrivateDevices=yes
 PrivateTmp=yes
-PrivateUsers=yes
 ProtectControlGroups=yes
 ProtectKernelLogs=yes
 ProtectKernelModules=yes
diff --git a/actions/infinoted b/actions/infinoted
index 7da3c7dd4..b5cff3763 100755
--- a/actions/infinoted
+++ b/actions/infinoted
@@ -101,7 +101,6 @@ NoNewPrivileges=yes
 PrivateDevices=yes
 PrivateMounts=yes
 PrivateTmp=yes
-PrivateUsers=yes
 ProtectControlGroups=yes
 ProtectHome=yes
 ProtectKernelLogs=yes
diff --git a/plinth/modules/mldonkey/data/lib/systemd/system/mldonkey-server.service.d/freedombox.conf b/plinth/modules/mldonkey/data/lib/systemd/system/mldonkey-server.service.d/freedombox.conf
index eacad4017..d898ba8e0 100644
--- a/plinth/modules/mldonkey/data/lib/systemd/system/mldonkey-server.service.d/freedombox.conf
+++ b/plinth/modules/mldonkey/data/lib/systemd/system/mldonkey-server.service.d/freedombox.conf
@@ -16,7 +16,6 @@ NoNewPrivileges=yes
 PrivateDevices=yes
 PrivateMounts=yes
 PrivateTmp=yes
-PrivateUsers=yes
 ProtectControlGroups=yes
 ProtectHome=yes
 ProtectKernelLogs=yes
diff --git a/plinth/modules/storage/data/lib/systemd/system/freedombox-udiskie.service b/plinth/modules/storage/data/lib/systemd/system/freedombox-udiskie.service
index 99dfb5f69..2598ba53f 100644
--- a/plinth/modules/storage/data/lib/systemd/system/freedombox-udiskie.service
+++ b/plinth/modules/storage/data/lib/systemd/system/freedombox-udiskie.service
@@ -23,7 +23,6 @@ Documentation=man:udiskie(1)
 ExecStart=/usr/bin/udiskie
 LockPersonality=yes
 PrivateTmp=yes
-PrivateUsers=yes
 ProtectControlGroups=yes
 ProtectHome=yes
 ProtectKernelLogs=yes
diff --git a/plinth/modules/upgrades/data/lib/systemd/system/freedombox-setup-repositories.service b/plinth/modules/upgrades/data/lib/systemd/system/freedombox-setup-repositories.service
index 512b718d4..7a12f7cb2 100644
--- a/plinth/modules/upgrades/data/lib/systemd/system/freedombox-setup-repositories.service
+++ b/plinth/modules/upgrades/data/lib/systemd/system/freedombox-setup-repositories.service
@@ -24,7 +24,6 @@ Type=oneshot
 LockPersonality=yes
 PrivateDevices=yes
 PrivateTmp=yes
-PrivateUsers=yes
 ProtectControlGroups=yes
 ProtectKernelLogs=yes
 ProtectKernelModules=yes