---
 nvmf-autoconnect/systemd/nvmf-connect@.service |   11 +++++++++++
 1 file changed, 11 insertions(+)

--- a/nvmf-autoconnect/systemd/nvmf-connect@.service
+++ b/nvmf-autoconnect/systemd/nvmf-connect@.service
@@ -9,6 +9,17 @@ PartOf=nvmf-connect.target
 Requires=nvmf-connect.target
 
 [Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions
 Type=simple
 Environment="CONNECT_ARGS=%i"
 ExecStart=/bin/sh -c "nvme connect-all --quiet `/bin/echo -e '${CONNECT_ARGS}'`"