Accepting request 1108710 from home:malcolmlewis:branches:network:utilities

- Comment out ProtectClock in hardening, (boo#1206835). Modified:
  * iodine.service.
  * iodined.service.

OBS-URL: https://build.opensuse.org/request/show/1108710
OBS-URL: https://build.opensuse.org/package/show/network:utilities/iodine?expand=0&rev=22

iodine.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Sun Sep  3 14:31:36 UTC 2023 - malcolmlewis@opensuse.org
+
+- Comment out ProtectClock in hardening, (boo#1206835). Modified:
+  * iodine.service.
+  * iodined.service.
+
 -------------------------------------------------------------------
 Wed Sep 22 14:45:53 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
 

iodine.service

@@ -1,6 +1,6 @@
 # /lib/systemd/system/iodine.service
 #
-# Copyright (c) 2012 Malcolm J Lewis <malcolmlewis@opensuse.org>
+# Copyright (c) 2012-2023 Malcolm J Lewis <malcolmlewis@opensuse.org>
 #
 
 [Unit]
@@ -14,7 +14,7 @@ ProtectSystem=full
 ProtectHome=true
 PrivateDevices=true
 ProtectHostname=true
-ProtectClock=true
+# ProtectClock=true see boo#1206835
 ProtectKernelTunables=true
 ProtectKernelModules=true
 ProtectKernelLogs=true
@@ -31,4 +31,4 @@ RestartSec=0
 KillSignal=SIGHUP
 
 [Install]
-WantedBy=multi-user.target
+WantedBy=multi-user.target

iodine.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package iodine
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 # Copyright (c) 2012 Malcolm J Lewis <malcolmlewis@opensuse.org>
 #
 # All modifications and additions to the file contributed by third parties

iodined.service

@@ -1,6 +1,6 @@
 # /lib/systemd/system/iodined.service
 #
-# Copyright (c) 2012 Malcolm J Lewis <malcolmlewis@opensuse.org>
+# Copyright (c) 2012-2023 Malcolm J Lewis <malcolmlewis@opensuse.org>
 #
 
 [Unit]
@@ -14,7 +14,7 @@ ProtectSystem=full
 ProtectHome=true
 PrivateDevices=true
 ProtectHostname=true
-ProtectClock=true
+# ProtectClock=true see boo#1206835
 ProtectKernelTunables=true
 ProtectKernelModules=true
 ProtectKernelLogs=true