]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/dns/recipes/default.rb
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add no_new_privilegese to some additional services
[chef.git] / cookbooks / dns / recipes / default.rb
diff --git a/cookbooks/dns/recipes/default.rb b/cookbooks/dns/recipes/default.rb
index 11ae88e8ac0a4246c06a7d9c146cd7dacb7b8982..d25c4573177fe57c43fa6ba8fbfba110eda859e0 100644 (file)
--- a/cookbooks/dns/recipes/default.rb
+++ b/cookbooks/dns/recipes/default.rb
@@ -41,7 +41,7 @@ package %w[
 
 cache_dir = Chef::Config[:file_cache_path]
 
-dnscontrol_version = "3.20.0"
+dnscontrol_version = "3.21.0"
 
 dnscontrol_arch = if arm?
                     "arm64"
@@ -178,6 +178,7 @@ systemd_service "dns-check" do
   protect_system "strict"
   protect_home true
   read_write_paths "/var/lib/dns"
+  no_new_privileges true
 end
 
 systemd_timer "dns-check" do
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.