this post was submitted on 12 Aug 2025
29 points (96.8% liked)

Linux

12596 readers
5 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
 

cross-posted from: https://infosec.pub/post/32937284

This one is a little self-hosting specific, and more casual Linux best practices, but I've got a new blog post down for general security! Harden your systemd units (especially custom ones) for better peace of mind on the internet!

top 4 comments
sorted by: hot top controversial new old
[–] MysteriousSophon21@lemmy.world 2 points 2 days ago (1 children)

Adding PrivateNetwork=yes to your systemd units is a game changer for services that don't need network access - it completly isolates the service from the network and prevents any outbound connections.

[–] starkzarn 1 points 2 days ago

Good callout! You're absolutely right, and here I was primarily focused on publicly accessible services. Thanks for the addition.

[–] airgapped@piefed.social 2 points 5 days ago (1 children)

I definitely learnt (more than) a few things from your write up, thank you sir!

[–] starkzarn 1 points 4 days ago

Very glad to gear it! Learning new stuff with Linux is the fun part of the journey.