[systemd-devel] restart vs. stop/start

Reindl Harald h.reindl at thelounge.net
Mon May 23 21:52:57 UTC 2016



Am 23.05.2016 um 23:33 schrieb Michael Biebl:
> 2016-05-23 22:52 GMT+02:00 Christian Boltz <systemd-devel at cboltz.de>:
>> I'd argue that nobody will complain if "systemctl restart apparmor" does
>> something sane (reloading the profiles) instead of making the system
>> insecure by removing the confinement from all running processes ;-)
>
> So, you really want reload here, not restart.
> Since you want to prevent that running systemclt restart apparmor does
> something insecure, using RefuseManualStop=true (as mentioned before),
> sounds like a good solution for your problem

since it's a oneshot unit the whole problem of a existing stop action 
which would do more harm than good is selfmade from the begin




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20160523/9cead9e2/attachment.sig>


More information about the systemd-devel mailing list