Loading...
Request History
stroeder created request
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
dimstar_suse added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:60"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:adi:60"
dimstar accepted review
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:adi:60 got accepted.
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:adi:60 got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:adi:60 got accepted.
'harden' does not mean 'fix non working service files' - but ;enforce higher security;
Not sure what you mean.
The file harden_coturn.service.patch is patching an example systemd unit in coturn upstream source. But this example systemd unit is not used at all. Thus harden_coturn.service.patch is completely useless.
The package itself provides .services files which contain hardening options which are proven to work.
=> no need to maintain an unused back-port patch
Then it probably be nice to convert this hardening into the service file we ship?
Did you actually look into the existent .service files?
I've added systemd sandboxing options to the .service files on 2020-12-27. These options along with the AppArmor profile is used on my self-hosted installation since then.
cool! In this case all is good.