oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity

Remove restrictive systemd security settings across multiple services and add ProtectSystem=no for SQLite WAL mode compatibility
Some checks failed
Systemd Sync / sync-systemd (push) Has been cancelled
Details

Browse Source 
- Remove ProtectSystem=strict and ReadWritePaths from agent-daemon, gpu, learning, marketplace, modality-optimization, monitor, multimodal, and openclaw services
- Add ProtectSystem=no to coordinator-api, exchange-api, and explorer services to allow database writes for SQLite WAL mode
- Retain NoNewPrivileges and ProtectHome security settings across all services
This commit is contained in:
aitbc
2026-04-15 08:54:38 +02:00
parent 984a5f7c9a
commit faf1ca996c
11 changed files with 9 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
systemd/aitbc-explorer.service
View File

@@ -15,5 +15,8 @@ StandardOutput=journal
StandardError=journal
SyslogIdentifier=aitbc-explorer
# Allow database writes for SQLite WAL mode
ProtectSystem=no
[Install]
WantedBy=multi-user.target