diff --git a/frr.changes b/frr.changes
index c2bb64b..5b9ef65 100644
--- a/frr.changes
+++ b/frr.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Sep 16 07:12:55 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
+
+- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
+  * harden_frr.service.patch
+
 -------------------------------------------------------------------
 Fri Apr 23 03:05:06 UTC 2021 - Marius Tomaschewski <mt@suse.com>
 
diff --git a/frr.spec b/frr.spec
index 037b401..438415c 100644
--- a/frr.spec
+++ b/frr.spec
@@ -42,6 +42,7 @@ URL:            https://www.frrouting.org
 Source:         https://github.com/FRRouting/frr/archive/%{name}-%{version}.tar.gz
 Source1:        %{name}-tmpfiles.d
 Patch1:         0001-disable-zmq-test.patch
+Patch2:	harden_frr.service.patch
 BuildRequires:  %{python_module Sphinx}
 BuildRequires:  %{python_module devel}
 BuildRequires:  %{python_module pytest}
@@ -182,6 +183,7 @@ developing OSPF-API and frr applications.
 %prep
 %setup -q -n %{name}-%{name}-%{version}
 %patch1 -p1
+%patch2 -p1
 
 %build
 # GCC LTO objects must be "fat" to avoid assembly errors
diff --git a/harden_frr.service.patch b/harden_frr.service.patch
new file mode 100644
index 0000000..05bbc94
--- /dev/null
+++ b/harden_frr.service.patch
@@ -0,0 +1,21 @@
+Index: frr-frr-7.5.1/tools/frr.service
+===================================================================
+--- frr-frr-7.5.1.orig/tools/frr.service
++++ frr-frr-7.5.1/tools/frr.service
+@@ -7,6 +7,16 @@ Before=network.target
+ OnFailure=heartbeat-failed@%n.service
+ 
+ [Service]
++# added automatically, for details please see
++# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
++ProtectSystem=full
++ProtectHome=true
++ProtectClock=true
++ProtectKernelModules=true
++ProtectKernelLogs=true
++ProtectControlGroups=true
++RestrictRealtime=true
++# end of automatic additions 
+ Nice=-5
+ Type=forking
+ NotifyAccess=all