summaryrefslogtreecommitdiff
path: root/scripts/memcached.service
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/memcached.service')
-rw-r--r--scripts/memcached.service8
1 files changed, 8 insertions, 0 deletions
diff --git a/scripts/memcached.service b/scripts/memcached.service
index e896dd7..fbeb03d 100644
--- a/scripts/memcached.service
+++ b/scripts/memcached.service
@@ -6,5 +6,13 @@ After=network.target
EnvironmentFile=/etc/sysconfig/memcached
ExecStart=/usr/bin/memcached -p ${PORT} -u ${USER} -m ${CACHESIZE} -c ${MAXCONN} $OPTIONS
+PrivateTmp=true
+ProtectSystem=full
+NoNewPrivileges=true
+PrivateDevices=true
+
+# Required for dropping privileges and running as a different user
+CapabilityBoundingSet=CAP_SETGID CAP_SETUID
+
[Install]
WantedBy=multi-user.target
View Lorry Controller Status