Removes the comments in systemd service files

Signed-off-by: JenTing Hsiao <jenting.hsiao@suse.com>
2025-09-07 01:30:13 +00:00 · 2020-12-13 08:14:49 +08:00
parent 39bb5c28c7
commit 5661b491af
2 changed files with 2 additions and 16 deletions
--- a/scripts/rpm/falco.service
+++ b/scripts/rpm/falco.service
@@ -8,22 +8,15 @@ ExecStart=/usr/bin/falco --pidfile=/var/run/falco.pid
 UMask=0077
 TimeoutSec=30
 RestartSec=15s
-#Restart=always
 Restart=on-failure
-NoNewPrivileges=yes
 PrivateTmp=true
+NoNewPrivileges=yes
 ProtectHome=read-only
 ProtectSystem=full
 ProtectKernelTunables=true
 RestrictRealtime=true
-#RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
 RestrictAddressFamilies=~AF_PACKET
 SystemCallFilter=~@debug @mount @cpu-emulation @obsolete @privileged
-# FIXME!
-# PANIC: unprotected error in call to Lua API (runtime code generation failed, restricted kernel?)
-# https://www.freelists.org/post/luajit/luajit-crashes-with-grsec-kernel,1
-# MemoryDenyWriteExecute=true
-# PrivateMounts=true

 [Install]
 WantedBy=multi-user.target