Adjust systemd restrictions #90
Conversation
corny
commented
Oct 1, 2019
- ReadWriteDirectories needs to be set to store data
- RestrictSUIDSGID has been introduced with Systemd 242
templates/alertmanager.service.j2
Outdated
| RemoveIPC=true | ||
| {% if alertmanager_systemd_version | int >= 242 %} |
There was a problem hiding this comment.
This is unnecessary as systemd discards options which it doesn't know about, prints a log message, and proceeds to start a service. So on older systemd versions service still will be started just without this parameter.
There was a problem hiding this comment.
I prefer to don't see noise about unknown options in my log messages.
There was a problem hiding this comment.
Sorry for that but from the maintainer point of view I don't want to track which systemd option was introduced in which version, especially when there is an easy way allowing to not do that. Additionally, this would mean that if we want to have consistency then almost all systemd options would need to get such conditionals. This, in turn, would unneccessarily cloud jinja template and make it much less readable.
You can treat those log messages as notifications of what you will get if you upgrade to newer systemd :)
There was a problem hiding this comment.
Okay, that's reasonable for me.
ReadWriteDirectories needs to be set to store data