Skip to content

Commit

Permalink
Drop ProcSubset from systemd service
Browse files Browse the repository at this point in the history 
This breaks access to /proc/cmdline and /proc/sys

```
Mar 22 16:35:43 arch-phoenix fwupd[3519]: 15:35:43.727 FuPluginIommu        failed to get kernel cmdline: Failed to open file "/proc/cmdline": No such file or directory
Mar 22 16:35:43 arch-phoenix fwupd[3519]: 15:35:43.727 FuPluginLinuxTainted could not open /proc/sys/kernel/tainted: Error opening file /proc/sys/kernel/tainted: No such file or directory
```

Fixes: 850af66
See: #6956
  • Loading branch information
@superm1
superm1 committed Mar 22, 2024
1 parent d6bf31d commit f078eea
Showing 1 changed file with 0 additions and 1 deletion.
1 change: 0 additions & 1 deletion data/fwupd.service.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ MemoryDenyWriteExecute=yes
NoNewPrivileges=no
PrivateDevices=no
PrivateTmp=true
ProcSubset=pid
ProtectClock=yes
ProtectControlGroups=yes
ProtectHome=yes
Expand Down

1 comment on commit f078eea

@RZR7332
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for catching this - saw it a few days ago myself and have been experimenting with ways to get around it without removing the option. Was planning to submit a PR tomorrow to drop it.

Please sign in to comment.