On Do, 09.01.20 06:20, Reindl Harald (h.reindl@xxxxxxxxxxxxx) wrote: > Hi > > deployed http.service contains: > > * InaccessiblePaths=-/usr/bin/bash > * InaccessiblePaths=-/usr/bin/dash > * InaccessiblePaths=-/usr/bin/sh > > now there is one instance where passthru() in a php script is desired > > /etc/systemd/system/http.service/allow-paths.conf: > ReadOnlyPaths=-/usr/bin/bash > ReadOnlyPaths=-/usr/bin/dash > ReadOnlyPaths=-/usr/bin/sh > > that don't work - is there a way to disable specific "InaccessiblePaths" > from the main unit with a dropin other then clone the whole httpd.service? If you have InaccessiblePaths=, ReadOnlyPaths=, ReadWritePaths= for the same path then InaccessiblePaths= wins, as it is the "strongest" option. And ReadOnlyPaths= wins over ReadWritePaths= as it is stronger than that. There's no mechanism for removing individual entries from these paths lists. You can only reset the whole list by assigning the empty string, but then you need to start anew with putting together your list. Lennart -- Lennart Poettering, Berlin _______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: disable "InaccessiblePaths" with a dropin
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: disable "InaccessiblePaths" with a dropin
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Thu, 9 Jan 2020 10:14:18 +0100
- Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <91f274bb-b27e-5fe6-2390-5f3d1f6bcb18@thelounge.net>
- References: <91f274bb-b27e-5fe6-2390-5f3d1f6bcb18@thelounge.net>
- References:
- disable "InaccessiblePaths" with a dropin
- From: Reindl Harald
- disable "InaccessiblePaths" with a dropin
- Prev by Date: Re: disable "InaccessiblePaths" with a dropin
- Next by Date: lunch&meet before devconf
- Previous by thread: Re: disable "InaccessiblePaths" with a dropin
- Next by thread: lunch&meet before devconf
- Index(es):
 |