|
@@ -19,6 +19,7 @@ PrivateTmp = yes
|
|
DeviceAllow = /dev/null rw
|
|
DeviceAllow = /dev/null rw
|
|
DeviceAllow = /dev/urandom r
|
|
DeviceAllow = /dev/urandom r
|
|
InaccessibleDirectories = /home
|
|
InaccessibleDirectories = /home
|
|
|
|
+NoNewPrivileges = yes
|
|
|
|
|
|
[Install]
|
|
[Install]
|
|
WantedBy = multi-user.target
|
|
WantedBy = multi-user.target
|