]> git.openstreetmap.org Git - chef.git/commitdiff
projects / chef.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 37f9006)
Avoid systemd warnings on 20.04
authorTom Hughes <tom@compton.nu>
Tue, 29 Nov 2022 21:45:39 +0000 (21:45 +0000)
committerTom Hughes <tom@compton.nu>
Tue, 29 Nov 2022 21:45:39 +0000 (21:45 +0000)
cookbooks/systemd/resources/service.rb patch | blob | history
cookbooks/systemd/templates/default/service.erb patch | blob | history

diff --git a/cookbooks/systemd/resources/service.rb b/cookbooks/systemd/resources/service.rb
index ef7c86d760cc76daa0e4e1bc5e58a72b9e7dcd4d..94d0217c637be35b04011eb0a9ae7be0c4e47604 100644 (file)
--- a/cookbooks/systemd/resources/service.rb
+++ b/cookbooks/systemd/resources/service.rb
@@ -127,7 +127,7 @@ action :create do
     service_variables[:protect_kernel_modules] = true unless property_is_set?(:protect_kernel_modules)
     service_variables[:protect_kernel_logs] = true unless property_is_set?(:protect_kernel_logs)
     service_variables[:protect_control_groups] = true unless property_is_set?(:protect_control_groups)
-    service_variables[:restrict_address_families] = "none" unless property_is_set?(:restrict_address_families)
+    service_variables[:restrict_address_families] = [] unless property_is_set?(:restrict_address_families)
     service_variables[:restrict_namespaces] = true unless property_is_set?(:restrict_namespaces)
     service_variables[:lock_personality] = true unless property_is_set?(:lock_personality)
     service_variables[:memory_deny_write_execute] = true unless property_is_set?(:memory_deny_write_execute)
diff --git a/cookbooks/systemd/templates/default/service.erb b/cookbooks/systemd/templates/default/service.erb
index c53439a2b292003868c090dce6e8c8378422d815..e64ead225fca2f350958f242611cc838b30b8137 100644 (file)
--- a/cookbooks/systemd/templates/default/service.erb
+++ b/cookbooks/systemd/templates/default/service.erb
@@ -111,10 +111,10 @@ StandardOutput=<%= @standard_output %>
 <% if @standard_error -%>
 StandardError=<%= @standard_error %>
 <% end -%>
-<% if @protect_proc -%>
+<% if @protect_proc && node[:lsb][:release].to_f >= 22.04  -%>
 ProtectProc=<%= @protect_proc %>
 <% end -%>
-<% if @proc_subset -%>
+<% if @proc_subset && node[:lsb][:release].to_f >= 22.04 -%>
 ProcSubset=<%= @proc_subset %>
 <% end -%>
 <% if @no_new_privileges -%>
@@ -147,7 +147,7 @@ PrivateDevices=<%= @private_devices %>
 <% if @private_network -%>
 PrivateNetwork=<%= @private_network %>
 <% end -%>
-<% if @private_ipc -%>
+<% if @private_ipc && node[:lsb][:release].to_f >= 22.04 -%>
 PrivateIPC=<%= @private_ipc %>
 <% end -%>
 <% if @private_users -%>
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.