From 7c045b99e73c70fa90a09300ff41a398c047ba6edcaeba3b19179148a53f5d08 Mon Sep 17 00:00:00 2001
From: Wolfgang Frisch <wolfgang.frisch@suse.com>
Date: Tue, 9 Dec 2025 12:46:06 +0100
Subject: [PATCH] Remove `PrivateDevices` systemd hardening

from quotad.service because quotad needs access to block devices in /dev
(bsc#1254310).
---
 quota.changes  | 6 ++++++
 quotad.service | 1 -
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/quota.changes b/quota.changes
index 6f99011..073f479 100644
--- a/quota.changes
+++ b/quota.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Dec  9 11:10:18 UTC 2025 - Wolfgang Frisch <wolfgang.frisch@suse.com>
+
+- Remove `PrivateDevices` systemd hardening from quotad.service because it
+  needs access to block devices in /dev (bsc#1254310).
+
 -------------------------------------------------------------------
 Fri Dec  9 08:30:21 UTC 2022 - Thorsten Kukuk <kukuk@suse.com>
 
diff --git a/quotad.service b/quotad.service
index 2b329cf..999ff1f 100644
--- a/quotad.service
+++ b/quotad.service
@@ -7,7 +7,6 @@ After=network.target
 # https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
 ProtectSystem=full
 ProtectHome=true
-PrivateDevices=true
 ProtectHostname=true
 ProtectClock=true
 ProtectKernelTunables=true
-- 
2.51.1