pool/bitcoin
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bitcoin/harden_bitcoind.service.patch
Martin Pluskal d8fbd87e1e - Update to version 28.0: 
* doc: 28.0 Release Notes
  * doc: generate manpages
  * build: Bump to 28.0
  * validation: Disable CheckForkWarningConditions for background chainstate
  * test: Use shell builtins in run_command test case
  * doc: Generate manpages
  * build: Bump to 28.0rc2
  * streams: remove AutoFile::Get() entirely
  * streams: cache file position within AutoFile
  * qt: Translations update
  * gui: fix crash when closing wallet
  * test: Wait for local services to update in feature_assumeutxo
  * test: add coverage for assumeUTXO honest peers disconnection
  * assumeUTXO: fix peers disconnection during sync
  * test: Work around boost compilation error
  * depends: build libevent with -D_GNU_SOURCE
  * test: fixing failing system_tests/run_command under some Locales
  * test: Avoid intermittent timeout in p2p_headers_sync_with_minchainwork.py
  * test: fix `TestShell` initialization (late follow-up for #30463)
  * doc: Point release notes to wiki draft
  * examples: Generate example bitcoin.conf
  * doc: Generate manpages
  * build: Bump to 28.0rc1
  * docs: Add 379 and 387 to bips.md
  * docs: Remove release 28.0 release notes fragments
  * seeds: Regenerate mainnet seeds
  * seeds: Pull nodes from Luke's seeder
  * seeds: Pull nodes from virtu's crawler
  * chainparams: Remove seed.bitcoinstats.com

OBS-URL: https://build.opensuse.org/package/show/network:cryptocurrencies/bitcoin?expand=0&rev=72
2025-01-15 09:37:39 +00:00

22 lines
823 B
Diff
Raw Blame History

Index: bitcoin-24.0.1/contrib/init/bitcoind.service
===================================================================
--- bitcoin-24.0.1.orig/contrib/init/bitcoind.service
+++ bitcoin-24.0.1/contrib/init/bitcoind.service
@@ -74,6 +74,16 @@ NoNewPrivileges=true
# Use a new /dev namespace only populated with API pseudo devices
# such as /dev/null, /dev/zero and /dev/random.
PrivateDevices=true
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectHostname=true
+ProtectClock=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions
# Deny the creation of writable and executable memory mappings.
MemoryDenyWriteExecute=true
Reference in New Issue View Git Blame Copy Permalink