mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-01-21 07:55:00 +00:00
a4505978ad
- Earlier PrivateTmp=no is set freedombox-privileged.service in 4140d3b4444d2fd55ac682d066fd859cb2f034b5 and the fix was not properly tested. Similar change was needed in plinth.service and it was not done. - Complete the fix but this time enable private tmp and join namespaces for the two daemons. - This will cause issues with file uploading when plinth is run from command line (for development purposes). This will be addressed separately. Tests: - Apply the change and reload systemd and restart service. Don't run plinth on command line and run it as service. - Uploading libraries to kiwix works - Uploading backup tarballs works. - Uploading TiddlyWiki and Feature Wiki wiki files works. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
29 lines
658 B
Desktop File
29 lines
658 B
Desktop File
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
[Unit]
|
|
Description=FreedomBox Service (Plinth)
|
|
Documentation=man:plinth(1)
|
|
After=network.target
|
|
StartLimitIntervalSec=0
|
|
# Uploaded files in /var/tmp/ are shared with FreedomBox privileged service.
|
|
JoinsNamespaceOf=freedombox-privileged.service
|
|
|
|
[Service]
|
|
Type=notify
|
|
ExecStart=/usr/bin/plinth
|
|
TimeoutSec=300s
|
|
Restart=on-failure
|
|
RestartSec=5
|
|
ExecReload=/bin/kill -HUP $MAINPID
|
|
User=plinth
|
|
Group=plinth
|
|
StandardOutput=null
|
|
StandardError=null
|
|
NotifyAccess=main
|
|
# Uploaded files in /var/tmp/ are shared with FreedomBox privileged service by
|
|
# joining namespaces.
|
|
PrivateTmp=yes
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|