cjdns service: allow writing keys to /etc

20e81f7c0d prevented key generation in
`preStart`, leaving the service broken for the case where the user has
no pre-existing key.

Eventually, we ought to store the state elsewhere so that `/etc` can be
read-only but for now we fix this the easy way.
This commit is contained in:
Joachim Fasting 2017-02-05 04:42:16 +01:00
parent f9c684e152
commit a0338afe5f
No known key found for this signature in database
GPG key ID: 7544761007FE4E08

View file

@ -260,7 +260,7 @@ in
RestartSec = 1;
CapabilityBoundingSet = "CAP_NET_ADMIN CAP_NET_RAW";
AmbientCapabilities = "CAP_NET_ADMIN CAP_NET_RAW";
ProtectSystem = "full";
ProtectSystem = true;
MemoryDenyWriteExecute = true;
ProtectHome = true;
PrivateTmp = true;