[Pkg-dns-devel] Bug#863841: Enable systemd hardening options for named
Bernhard Schmidt
berni at birkenwald.de
Wed Dec 13 18:54:40 UTC 2017
FTR, these are the "others" using (just as a reference, I think we can
easily add more):
Fedora/RHEL:
https://src.fedoraproject.org/rpms/bind/blob/master/f/named.service
PrivateTmp=true
SLES:
Unknown, but https://build.opensuse.org/package/revisions/network/bind
sports a nice "Add back init scripts, systemd units aren't ready yet"
Gentoo:
https://gitweb.gentoo.org/repo/gentoo.git/tree/net-dns/bind/files/named.service-r1
nothing
Arch:
https://git.archlinux.org/svntogit/packages.git/tree/trunk/named.service?h=packages/bind
nothing
The only thing I can think of that might interfere with this is
chrooting the named daemon, which is possible with the "-t" command line
option. We do this to run multiple instances without the need to specify
the full path to the configuration file. I will test this in the
upcoming days.
Bernhard
More information about the pkg-dns-devel
mailing list