diff options
author | Austin S. Hemmelgarn <austin@netdata.cloud> | 2020-07-27 09:14:59 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-07-27 09:14:59 -0400 |
commit | 92b7d6fe9af95edf7d082a3c49e514b62d9acd13 (patch) | |
tree | b1f28680fac6578b80bf893ae37484d3b3d95d99 /system | |
parent | 7377887f361fa08ad0101e2af2a8af41a7d29187 (diff) |
Addd sandboxing exception for `/run/netdata`. (#9613)
This marks `/run/netdata` as writable in our systemd unit files so that
users who are listening on a UNIX socket in the 'standard' location can
do so witout the sandboxing getting in their way.
Diffstat (limited to 'system')
-rw-r--r-- | system/netdata.service.in | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/system/netdata.service.in b/system/netdata.service.in index 89755146c2..a1d7c5735b 100644 --- a/system/netdata.service.in +++ b/system/netdata.service.in @@ -61,6 +61,8 @@ ProtectHome=read-only #PrivateTmp=true ProtectControlGroups=true PrivateMounts=true +# We whitelist this because it's the standard location to listen on a UNIX socket. +ReadWriteDirectories=/run/netdata [Install] WantedBy=multi-user.target |