diff --git a/systemd/system/nginx.service.d/local.conf b/systemd/system/nginx.service.d/local.conf index c6b4dd2..cb95935 100644 --- a/systemd/system/nginx.service.d/local.conf +++ b/systemd/system/nginx.service.d/local.conf @@ -1,5 +1,7 @@ [Service] CapabilityBoundingSet=CAP_DAC_OVERRIDE CAP_NET_BIND_SERVICE CAP_SETUID CAP_SETGID +ExecStart= +ExecStart=/usr/bin/nginx -g 'pid /run/nginx.pid;' LockPersonality=true NoNewPrivileges=true MemoryDenyWriteExecute=true