Skip to content

Commit c6d765c

Browse files
sipsorcerysipsorcery
committed
Fix systemd service file to set usable permissions on config directory. Additionally add protection for /home.
1 parent de5af41 commit c6d765c

File tree

1 file changed

+4
-1
lines changed

1 file changed

+4
-1
lines changed

contrib/init/bitcoind.service

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ RuntimeDirectoryMode=0710
3838

3939
# /etc/bitcoin
4040
ConfigurationDirectory=bitcoin
41-
ConfigurationDirectoryMode=0710
41+
ConfigurationDirectoryMode=0755
4242

4343
# /var/lib/bitcoind
4444
StateDirectory=bitcoind
@@ -64,5 +64,8 @@ PrivateDevices=true
6464
# Deny the creation of writable and executable memory mappings.
6565
MemoryDenyWriteExecute=true
6666

67+
# Deny access to /home
68+
ProtectHome=true
69+
6770
[Install]
6871
WantedBy=multi-user.target

0 commit comments

Comments
 (0)