certbot service file is incomplete and has bad defaults
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-certbot (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
For some reason, the certbot.service hasn't been marked with `After=
If people use things `nginx` as their web server and proxy certbot, it also doesn't respect that dependency, it would be a good idea to leave a comment highlighting that.
Second issue is that it has `PrivateTmp=true`, it breaks such setups where certbot's webroot is in `/tmp`, this is not a good default. It is a very common setup.
Third issue is that the service lacks things like `NoNewPrivilege
This exists on Ubuntu 20.04 LTS and Ubuntu 18.04 LTS.
description: | updated |
description: | updated |
description: | updated |
description: | updated |