factory-packages-mirror

Clone
Source Code
GIT

Files

  1.   df43f1b223bb3d1732e9a8227a9dd9b17cdf0002
  2.   packages
  3.   k
  4.   kismet
  5.   harden_kismet.service.patch
Blob Blame History Raw 
Index: kismet-kismet-2022-08-R1/packaging/systemd/kismet.service.in
===================================================================
--- kismet-kismet-2022-08-R1.orig/packaging/systemd/kismet.service.in
+++ kismet-kismet-2022-08-R1/packaging/systemd/kismet.service.in
@@ -4,8 +4,20 @@ ConditionPathExists=@prefix@/bin/kismet
 After=network.target auditd.service
 
 [Service]
-User=root
-Group=root
+ProtectSystem=full
+ProtectHome=true
+ProtectControlGroups=true
+
+# The following hardenings break capture plug-ins
+# with elevated filesystem capabilities.
+# ProtectHostname=true
+# ProtectKernelModules=true
+# ProtectKernelLogs=true
+# RestrictRealtime=true
+
+User=kismet
+Group=kismet
+WorkingDirectory=/var/lib/kismet
 Type=simple
 ExecStart=@prefix@/bin/kismet --no-ncurses-wrapper
 KillMode=process
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.