UPWORK/ODESK guru: Tips and Tricks for clients

skype: odesk.by / upwork.link , email: info@odesk.by/upwork.link

CentOS7: How do disable PrivateTmp for Apache with systemd?

without comments

Technically better to provide a small override of service file rather than copying the whole new version in /etc/systemd/system … (www.freedesktop.org/software/systemd/man/systemd.unit.html)

mkdir /etc/systemd/system/httpd.service.d
echo "[Service]" >  /etc/systemd/system/httpd.service.d/nopt.conf
echo "PrivateTmp=false" >> /etc/systemd/system/httpd.service.d/nopt.conf

and

# systemctl daemon-reload
# systemctl cat httpd.service

# /usr/lib/systemd/system/httpd.service
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/httpd
ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
ExecReload=/usr/sbin/httpd $OPTIONS -k graceful
ExecStop=/bin/kill -WINCH ${MAINPID}
# We want systemd to give httpd some time to finish gracefully, but still want
# it to kill httpd after TimeoutStopSec if something went wrong during the
# graceful stop. Normally, Systemd sends SIGTERM signal right after the
# ExecStop, which would kill httpd. We are sending useless SIGCONT here to give
# httpd time to finish.
KillSignal=SIGCONT
PrivateTmp=true

[Install]
WantedBy=multi-user.target

# /etc/systemd/system/httpd.service.d/nopt.conf
[Service]
PrivateTmp=false  --------------------------------------------- THIS


# systemctl restart httpd.sevice

Written by spectre

January 30th, 2016 at 3:53 pm

Posted in Apache2