factory-packages-mirror

Clone
Source Code
GIT

Blame packages/f/firehol/harden_firehol.service.patch

master
  1.   f155be6373602751b91d0a1b3c4f59f687e60cfb
  2.   packages
  3.   f
  4.   firehol
  5.   harden_firehol.service.patch
Blob History Raw
Bernhard M. Wiedemann f155be 
Index: firehol-3.1.7/contrib/firehol.service
Bernhard M. Wiedemann f155be 
===================================================================
Bernhard M. Wiedemann f155be 
--- firehol-3.1.7.orig/contrib/firehol.service
Bernhard M. Wiedemann f155be 
+++ firehol-3.1.7/contrib/firehol.service
Bernhard M. Wiedemann f155be 
@@ -14,6 +14,17 @@ Conflicts=shutdown.target
Bernhard M. Wiedemann f155be 
 Before=shutdown.target
Bernhard M. Wiedemann f155be
Bernhard M. Wiedemann f155be 
 [Service]
Bernhard M. Wiedemann f155be 
+# added automatically, for details please see
Bernhard M. Wiedemann f155be 
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
Bernhard M. Wiedemann f155be 
+ProtectSystem=full
Bernhard M. Wiedemann f155be 
+ProtectHome=true
Bernhard M. Wiedemann f155be 
+PrivateDevices=true
Bernhard M. Wiedemann f155be 
+ProtectHostname=true
Bernhard M. Wiedemann f155be 
+ProtectClock=true
Bernhard M. Wiedemann f155be 
+ProtectKernelLogs=true
Bernhard M. Wiedemann f155be 
+ProtectControlGroups=true
Bernhard M. Wiedemann f155be 
+RestrictRealtime=true
Bernhard M. Wiedemann f155be 
+# end of automatic additions
Bernhard M. Wiedemann f155be 
 Type=oneshot
Bernhard M. Wiedemann f155be 
 RemainAfterExit=yes
Bernhard M. Wiedemann f155be 
 ExecStart=/usr/sbin/firehol start
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.