Update config #19
Open
Update config #19
Commits on Jun 10, 2021
-
This is more in line with current PAM setup for a service like sshd. It will handle systemd, audit, etc.
-
Configure systemd unit to start after network
This needs the network to be up to work and also to bind to specific IPs. Add ordering dependency on network.target.
-
Move logs to their own directory /var/log/webdavd
This is more in line with current practice for services that create their own logfiles. Add a line to the systemd unit that will create the log directory before starting. systemd will also handle permissions on the directory and can do various things with namespaces to prevent access to other files in /var or elsewhere. Update logrotate to match. Remove owner/permission setting for logrotate. It will copy the existing logfiles' values, which allows it to work properly if webdavd runs as another user or with a different umask.
-
This will protect various files from being edited by webdavd. Additional protections, e.g. ProtectHome, cause a problem with webdavd's worker attempts to start a new session as the remote user.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.