3703749252
The hardening-extraction subagent (commit just prior) re-introduced
ProcSubset=pid into the server@ drop-in because the design plan's
template had it. The directive had previously been removed from the
live unit by ckn-bw 4339289 — it hides /proc/cpuinfo and breaks
SteamAPI master-server registration, leaving the server in LAN-only
fallback ("LAN servers are restricted to local clients (class C)").
Add a negative assertion in the drop-in test so the regression cannot
sneak back in via a copy-paste edit.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| left4me | ||
| sudoers.d | ||
| sysctl.d | ||
| systemd/system | ||