4800de73e5
- Remove ProtectKernelTunables hardening, causes the service to fail (boo#1192921) OBS-URL: https://build.opensuse.org/request/show/932917 OBS-URL: https://build.opensuse.org/package/show/security/haveged?expand=0&rev=143
17 lines
599 B
Diff
17 lines
599 B
Diff
Index: haveged-1.9.14/contrib/Fedora/haveged.service
|
|
===================================================================
|
|
--- haveged-1.9.14.orig/contrib/Fedora/haveged.service
|
|
+++ haveged-1.9.14/contrib/Fedora/haveged.service
|
|
@@ -24,6 +24,11 @@ ProtectKernelLogs=true
|
|
ProtectKernelModules=true
|
|
RestrictNamespaces=true
|
|
RestrictRealtime=true
|
|
+# added automatically, for details please see
|
|
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
|
|
+ProtectClock=true
|
|
+ProtectControlGroups=true
|
|
+# end of automatic additions
|
|
|
|
LockPersonality=true
|
|
MemoryDenyWriteExecute=true
|