Dirk Mueller
e57e6f060f
Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort OBS-URL: https://build.opensuse.org/request/show/933785 OBS-URL: https://build.opensuse.org/package/show/Base:System/tgt?expand=0&rev=50
21 lines
633 B
Diff
21 lines
633 B
Diff
Index: tgt-1.0.74/scripts/tgtd.service
|
|
===================================================================
|
|
--- tgt-1.0.74.orig/scripts/tgtd.service
|
|
+++ tgt-1.0.74/scripts/tgtd.service
|
|
@@ -9,6 +9,15 @@ After=network.target
|
|
ConditionPathExists=/etc/tgt/targets.conf
|
|
|
|
[Service]
|
|
+# added automatically, for details please see
|
|
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
|
|
+ProtectSystem=full
|
|
+ProtectHome=true
|
|
+ProtectHostname=true
|
|
+ProtectKernelTunables=true
|
|
+ProtectKernelLogs=true
|
|
+RestrictRealtime=true
|
|
+# end of automatic additions
|
|
Type=forking
|
|
Environment=TGTD_CONFIG=/etc/tgt/targets.conf
|
|
|