From a663b73634ddf355827051cc139c0159f8eb794b Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Tue, 13 Jun 2023 12:45:18 +0200 Subject: Add no_new_privs to OpenRC service files --- rel/files/installation/init.d/pleroma | 1 + 1 file changed, 1 insertion(+) (limited to 'rel/files') diff --git a/rel/files/installation/init.d/pleroma b/rel/files/installation/init.d/pleroma index dea1db26c..ca5b842e1 100755 --- a/rel/files/installation/init.d/pleroma +++ b/rel/files/installation/init.d/pleroma @@ -9,6 +9,7 @@ command=/opt/pleroma/bin/pleroma command_args="start" command_user=pleroma command_background=1 +no_new_privs="yes" # Ask process to terminate within 30 seconds, otherwise kill it retry="SIGTERM/30/SIGKILL/5" -- cgit v1.2.3 From 818712f99f165011aaaad5fd82c40304004ace23 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Thu, 23 May 2024 00:35:38 +0200 Subject: pleroma_ctl: Use realpath(1) instead of readlink(1) From realpath(1) in POSIX 202x Draft 4.1: > If file does not name a symbolic link, readlink shall write a diagnostic > message to standard error and exit with non-zero status. Which also doesn't includes `-f`, in preference of `realpath`. --- rel/files/bin/pleroma_ctl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'rel/files') diff --git a/rel/files/bin/pleroma_ctl b/rel/files/bin/pleroma_ctl index 87c486514..6f0dba3a8 100755 --- a/rel/files/bin/pleroma_ctl +++ b/rel/files/bin/pleroma_ctl @@ -134,7 +134,7 @@ if [ -z "$1" ] || [ "$1" = "help" ]; then " else - SCRIPT=$(readlink -f "$0") + SCRIPT=$(realpath "$0") SCRIPTPATH=$(dirname "$SCRIPT") FULL_ARGS="$*" -- cgit v1.2.3