Skip to content

Commit

Permalink
workaround livepatch disable failure
Browse files Browse the repository at this point in the history 
`pro detach` fails due to livepatch disable failing in a container.
Lifting some systemd service restrictions is enough as a workaround to
make it work until a proper fix lands in ubuntu-pro.
  • Loading branch information
@jibel
jibel committed Jun 25, 2024
1 parent fe1c859 commit 15c149b
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions wsl-pro-service/services/wsl-pro.service
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,13 +21,13 @@ ProtectHostname=yes
ProtectKernelLogs=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
RestrictNamespaces=yes
RestrictNamespaces=mnt
RestrictRealtime=yes
RestrictSUIDSGID=yes
SystemCallArchitectures=native

# Only permit system calls used by common system services, excluding any special purpose calls
SystemCallFilter=@system-service
SystemCallFilter=@system-service @sandbox

[Install]
WantedBy=multi-user.target

0 comments on commit 15c149b

Please sign in to comment.