TODO

dont spamfilter forwarded mails
gollum wiki
blog?
fix dkim not working sometimes
LDAP
oauth2/OpenID
icinga

Raspberry pi as soundcard

gadget mode
OTG g_audio
https://audiosciencereview.com/forum/index.php?threads/raspberry-pi-as-usb-to-i2s-adapter.8567/post-215824

systemd hardening

[Unit] Description=TEST

[Service] Type=oneshot ExecStart=/opt/test

ProtectSystem=strict ProtectHome=yes PrivateTmp=yes PrivateDevices=yes PrivateNetwork=yes PrivateUsers=yes ProtectHostname=yes ProtectClock=yes ProtectKernelTunables=yes ProtectKernelModules=yes ProtectKernelLogs=yes ProtectControlGroups=yes RestrictAddressFamilies=none RestrictFileSystems=ext4 tmpfs zfs RestrictNamespaces=yes LockPersonality=yes MemoryDenyWriteExecute=yes RestrictRealtime=yes RestrictSUIDSGID=yes RemoveIPC=yes PrivateMounts=yes SystemCallFilter= SystemCallArchitectures=native CapabilityBoundingSet=

ReadOnlyPaths=/

NoExecPaths=/ ExecPaths=/opt/test /bin/bash /lib

[Install] WantedBy=multi-user.target

1,011 B Raw Blame History

TODO

systemd hardening

1,011 B

Raw Blame History