331aa19f86
* sanlock: change log level for resource names * sanlock: include worker thread info in status * sanlock: reuse io buffer with hugepages * sanlock: use hugepages to avoid splitting read io * sanlock: don't reduce max_sectors_kb * sanlock: fix is dead log message for unused host id * sanlock: repeat helper_msg string termination * sanlock: fix invalid strcpy in direct dump OBS-URL: https://build.opensuse.org/package/show/Virtualization/sanlock?expand=0&rev=79
23 lines
788 B
Diff
23 lines
788 B
Diff
Index: sanlock-3.9.5/init.d/fence_sanlockd.service
|
|
===================================================================
|
|
--- sanlock-3.9.5.orig/init.d/fence_sanlockd.service
|
|
+++ sanlock-3.9.5/init.d/fence_sanlockd.service
|
|
@@ -4,6 +4,17 @@ After=syslog.target wdmd.service sanlock
|
|
Before=corosync.service
|
|
|
|
[Service]
|
|
+# added automatically, for details please see
|
|
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
|
|
+ProtectSystem=full
|
|
+ProtectHome=true
|
|
+ProtectHostname=true
|
|
+ProtectKernelTunables=true
|
|
+ProtectKernelModules=true
|
|
+ProtectKernelLogs=true
|
|
+ProtectControlGroups=true
|
|
+RestrictRealtime=true
|
|
+# end of automatic additions
|
|
Type=forking
|
|
ExecStart=/usr/lib/systemd/systemd-fence_sanlockd start
|
|
ExecStop=/usr/lib/systemd/systemd-fence_sanlockd stop
|