- systemd improves daemon security by creating an isolated tmp
directory, however it breaks programs that are not yet
aware and, in Kimchi particular case, all directories created
under tmp are randomized, meaning that a possible attacker
cannot easily guess which file/dir will be created beforehand.
https://access.redhat.com/blogs/766093/posts/1976243
Signed-off-by: Jose Ricardo Ziviani <joserz(a)linux.vnet.ibm.com>
---
contrib/kimchid.service.fedora | 2 +-
contrib/kimchid.service.ubuntu | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/contrib/kimchid.service.fedora b/contrib/kimchid.service.fedora
index cd8e137..d7b10d2 100644
--- a/contrib/kimchid.service.fedora
+++ b/contrib/kimchid.service.fedora
@@ -4,4 +4,4 @@ After=libvirtd.service wokd.service
[Service]
Nice=0
-PrivateTmp=yes
+PrivateTmp=no
diff --git a/contrib/kimchid.service.ubuntu b/contrib/kimchid.service.ubuntu
index 1c7d63f..f865987 100644
--- a/contrib/kimchid.service.ubuntu
+++ b/contrib/kimchid.service.ubuntu
@@ -4,4 +4,4 @@ After=libvirt-bin.service wokd.service
[Service]
Nice=0
-PrivateTmp=yes
+PrivateTmp=no
--
2.7.4