scripts/hosts/guard/hosts-bind-mount.service

15 lines
396 B
SYSTEMD
Raw Permalink Normal View History

2025-10-01 20:50:56 +02:00
[Unit]
Description=Bind mount /etc/hosts over itself as read-only (friction layer)
After=local-fs.target
Before=network.target
[Service]
Type=oneshot
ExecStart=/bin/mount --bind /etc/hosts /etc/hosts
ExecStart=/bin/mount -o remount,ro,bind /etc/hosts
ExecStartPost=/usr/bin/logger -t hosts-bind-mount "Hosts file bind-mounted read-only"
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target