Hello,
I was looking into using RestrictFileSystems to further sandbox a
service that already uses a lot of systemd's sandboxing options,
including SystemCallFilter.
After starting the service I was surprised to see an audit message in
the kernel log (journalctl -t kernel -f) complaining about t
Hello,
we are currently using sd-sysupdate to roll out updates and we're wondering
if there is any possibility to limit updates to consider at most one next
major version. This would allow us to write the software to handle only
data migrations from the previous major version instead of any versio
