[systemd-devel] restart vs. stop/start
Michael Biebl
mbiebl at gmail.com
Mon May 23 21:33:43 UTC 2016
2016-05-23 22:52 GMT+02:00 Christian Boltz <systemd-devel at cboltz.de>:
> I'd argue that nobody will complain if "systemctl restart apparmor" does
> something sane (reloading the profiles) instead of making the system
> insecure by removing the confinement from all running processes ;-)
So, you really want reload here, not restart.
Since you want to prevent that running systemclt restart apparmor does
something insecure, using RefuseManualStop=true (as mentioned before),
sounds like a good solution for your problem.
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
More information about the systemd-devel
mailing list