From 238f40096f163e69d7c44a100ba891c0de62a4044deef5cb006c44792d4c0fac Mon Sep 17 00:00:00 2001 From: Martin Hauke Date: Fri, 22 Oct 2021 15:31:16 +0000 Subject: [PATCH] Accepting request 926703 from home:jsegitz:branches:systemdhardening:devel:languages:python Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort OBS-URL: https://build.opensuse.org/request/show/926703 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Glances?expand=0&rev=32 --- glances.service | 13 +++++++++++++ python-Glances.changes | 6 ++++++ 2 files changed, 19 insertions(+) diff --git a/glances.service b/glances.service index 235a2a7..48974a4 100644 --- a/glances.service +++ b/glances.service @@ -3,6 +3,19 @@ Description=Glances After=network.target [Service] +# added automatically, for details please see +# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort +ProtectSystem=full +ProtectHome=true +PrivateDevices=true +ProtectHostname=true +ProtectClock=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +RestrictRealtime=true +# end of automatic additions ExecStart=/usr/bin/glances -w Restart=on-abort RemainAfterExit=yes diff --git a/python-Glances.changes b/python-Glances.changes index 55be1cd..1700352 100644 --- a/python-Glances.changes +++ b/python-Glances.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Oct 20 14:58:23 UTC 2021 - Johannes Segitz + +- Added hardening to systemd service(s) (bsc#1181400). Modified: + * glances.service + ------------------------------------------------------------------- Fri Sep 03 07:20:11 UTC 2021 - Enrico Belleri