http://bugzilla.suse.com/show_bug.cgi?id=996203
http://bugzilla.suse.com/show_bug.cgi?id=996203#c5
Dr. Werner Fink changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags|needinfo?(werner@suse.com) |
--- Comment #5 from Dr. Werner Fink ---
(In reply to Petr Gajdos from comment #4)
No it is not. What is this /usr/sbin/start_apache2 be ... script, binary, or
daemon? If this is a script it should NEVER use su nor sudo nor sg nor any
other tool using PAM.
If der service uses Type=notify there is a limitation that is that
PrivateNetwork=yes does not work ... also the NotifyAccess is set to the
systemd default (which is none) if not overwritten.
Maybe apache is using the private name space for its sockets with
PrivateTmp=true
or similar therefore I's like to suggest something like
PrivateTmp=false
NoNewPrivileges=yes
--
You are receiving this mail because:
You are on the CC list for the bug.