studio/tuwunel
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

set ManagedOOMPreference=avoid to default systemd unit

Browse Source 
Signed-off-by: June Strawberry <june@vern.cc>
This commit is contained in:
June Strawberry
2026-02-02 18:17:21 -05:00
parent 5110b9e47b
commit 3b4300d033
3 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
arch/tuwunel.service
View File

@@ -25,6 +25,8 @@ TTYRows=40
AmbientCapabilities= AmbientCapabilities=
CapabilityBoundingSet= CapabilityBoundingSet=
ManagedOOMPreference=avoid
DevicePolicy=closed DevicePolicy=closed
LockPersonality=yes LockPersonality=yes
MemoryDenyWriteExecute=yes MemoryDenyWriteExecute=yes

2
debian/tuwunel.service vendored
View File

@@ -18,6 +18,8 @@ ReadWritePaths=/var/lib/tuwunel /etc/tuwunel
AmbientCapabilities= AmbientCapabilities=
CapabilityBoundingSet= CapabilityBoundingSet=
ManagedOOMPreference=avoid
DevicePolicy=closed DevicePolicy=closed
LockPersonality=yes LockPersonality=yes
MemoryDenyWriteExecute=yes MemoryDenyWriteExecute=yes

2
rpm/tuwunel.service
View File

@@ -18,6 +18,8 @@ ReadWritePaths=/var/lib/tuwunel /etc/tuwunel
AmbientCapabilities= AmbientCapabilities=
CapabilityBoundingSet= CapabilityBoundingSet=
ManagedOOMPreference=avoid
DevicePolicy=closed DevicePolicy=closed
LockPersonality=yes LockPersonality=yes
MemoryDenyWriteExecute=yes MemoryDenyWriteExecute=yes