diff mbox series

[BlueZ,3/3] build: Make use of StateDirectory and ConfigurationDirectory

Message ID 20220415212251.1065432-3-luiz.dentz@gmail.com
State Superseded
Headers show
Series [BlueZ,1/3] storage: Add support for STATE_DIRECTORY environment variable | expand

Commit Message

Luiz Augusto von Dentz April 15, 2022, 9:22 p.m. UTC 
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

This makes use of StateDirectory[1] and ConfigurationDirectory[1] to
inform systemd what those paths are used for instead of using
ReadWritePaths and ReadOnlyPaths which can lead to issues.

Fixes: https://github.com/bluez/bluez/issues/329

[1] https://www.freedesktop.org/software/systemd/man/systemd.exec.html
---
 src/bluetooth.service.in | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
diff mbox series

Patch

diff --git a/src/bluetooth.service.in b/src/bluetooth.service.in
index f18801866..4d39ad49d 100644
--- a/src/bluetooth.service.in
+++ b/src/bluetooth.service.in
@@ -15,12 +15,12 @@  LimitNPROC=1
 
 # Filesystem lockdown
 ProtectHome=true
-ProtectSystem=full
+ProtectSystem=strict
 PrivateTmp=true
 ProtectKernelTunables=true
 ProtectControlGroups=true
-ReadWritePaths=@statedir@
-ReadOnlyPaths=@confdir@
+StateDirectory=bluetooth
+ConfigurationDirectory=bluetooth
 
 # Execute Mappings
 MemoryDenyWriteExecute=true