diff --git a/harden_ndppd.service.patch b/harden_ndppd.service.patch index dcde400..d55926a 100644 --- a/harden_ndppd.service.patch +++ b/harden_ndppd.service.patch @@ -2,7 +2,7 @@ Index: ndppd-0.2.5.43/ndppd.service =================================================================== --- ndppd-0.2.5.43.orig/ndppd.service +++ ndppd-0.2.5.43/ndppd.service -@@ -3,6 +3,18 @@ Description=NDP Proxy Daemon +@@ -3,6 +3,17 @@ Description=NDP Proxy Daemon After=network.target [Service] @@ -11,7 +11,6 @@ Index: ndppd-0.2.5.43/ndppd.service +ProtectSystem=full +ProtectHome=true +ProtectHostname=true -+ProtectClock=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true diff --git a/ndppd.changes b/ndppd.changes index ca6f777..6613cfb 100644 --- a/ndppd.changes +++ b/ndppd.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Fri Oct 15 12:12:41 UTC 2021 - Johannes Segitz <jsegitz@suse.com> + +- Drop ProtectClock hardening, can cause issues if other device acceess is needed + ------------------------------------------------------------------- Mon Oct 11 07:23:40 UTC 2021 - Johannes Segitz <jsegitz@suse.com>