Dirk Mueller
1af6c67c09
- update to 3.1.9: util/isensor.c - fix -i get_idx_range to show last idx in range util/igetevent.c - fix printf extra arg util/memif.c - SR56: try UEFI address 6d5a7000 if F0000 error lib/lanplus/lanplus.h - resolve implicit os_assert declaration (Sam James) util/ireset.c - SR58: remove is_romley case for ireset -D scripts/ipmiutil_wdt - SR43: changed $prog to $progn for Debian util/ipmidir.c - ipmi_open_direct(char) util/mem_if.c - UCHAR/int doc/ipmiutil.spec - enumerate ipmiutil.env, ipmiutil.env.template OBS-URL: https://build.opensuse.org/request/show/1110655 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ipmiutil?expand=0&rev=48
23 lines
810 B
Diff
23 lines
810 B
Diff
Index: ipmiutil-3.1.9/scripts/ipmiutil_wdt.service
|
|
===================================================================
|
|
--- ipmiutil-3.1.9.orig/scripts/ipmiutil_wdt.service
|
|
+++ ipmiutil-3.1.9/scripts/ipmiutil_wdt.service
|
|
@@ -3,6 +3,17 @@ Description=ipmiutil Watchdog Timer Serv
|
|
After=network.target
|
|
|
|
[Service]
|
|
+# added automatically, for details please see
|
|
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
|
|
+ProtectSystem=full
|
|
+ProtectHome=true
|
|
+ProtectHostname=true
|
|
+ProtectKernelTunables=true
|
|
+ProtectKernelModules=true
|
|
+ProtectKernelLogs=true
|
|
+ProtectControlGroups=true
|
|
+RestrictRealtime=true
|
|
+# end of automatic additions
|
|
ExecStart=/usr/share/ipmiutil/ipmiutil_wdt start
|
|
ExecStop=/usr/share/ipmiutil/ipmiutil_wdt stop
|
|
ExecReload=/usr/share/ipmiutil/ipmiutil_wdt restart
|