http://bugzilla.suse.com/show_bug.cgi?id=996203 http://bugzilla.suse.com/show_bug.cgi?id=996203#c5 Dr. Werner Fink changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(werner@suse.com) | --- Comment #5 from Dr. Werner Fink --- (In reply to Petr Gajdos from comment #4) No it is not. What is this /usr/sbin/start_apache2 be ... script, binary, or daemon? If this is a script it should NEVER use su nor sudo nor sg nor any other tool using PAM. If der service uses Type=notify there is a limitation that is that PrivateNetwork=yes does not work ... also the NotifyAccess is set to the systemd default (which is none) if not overwritten. Maybe apache is using the private name space for its sockets with PrivateTmp=true or similar therefore I's like to suggest something like PrivateTmp=false NoNewPrivileges=yes -- You are receiving this mail because: You are on the CC list for the bug.