23890538db
Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort OBS-URL: https://build.opensuse.org/request/show/915053 OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=19
24 lines
744 B
Diff
24 lines
744 B
Diff
Index: coturn-4.5.2/examples/etc/coturn.service
|
|
===================================================================
|
|
--- coturn-4.5.2.orig/examples/etc/coturn.service
|
|
+++ coturn-4.5.2/examples/etc/coturn.service
|
|
@@ -15,6 +15,18 @@ ExecStart=/usr/bin/turnserver -c /etc/tu
|
|
Restart=on-failure
|
|
InaccessibleDirectories=/home
|
|
PrivateTmp=yes
|
|
+# added automatically, for details please see
|
|
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
|
|
+ProtectSystem=full
|
|
+ProtectHome=true
|
|
+ProtectHostname=true
|
|
+ProtectClock=true
|
|
+ProtectKernelTunables=true
|
|
+ProtectKernelModules=true
|
|
+ProtectKernelLogs=true
|
|
+ProtectControlGroups=true
|
|
+RestrictRealtime=true
|
|
+# end of automatic additions
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|