pool/udisks2
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 978242 from home:jsegitz:branches:systemdhardening:Base:System

Browse Source 
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
  * harden_udisks2-zram-setup@.service.patch
  * harden_udisks2.service.patch

OBS-URL: https://build.opensuse.org/request/show/978242
OBS-URL: https://build.opensuse.org/package/show/Base:System/udisks2?expand=0&rev=94
This commit is contained in:
Dominique Leuenberger 2022-06-09 07:36:20 +00:00 committed by Git OBS Bridge
parent 57464eaa99
commit 1e15db466a
4 changed files with 41 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
harden_udisks2-zram-setup@.service.patch Normal file
View File

@ -0,0 +1,16 @@
Index: udisks-2.9.4/modules/zram/data/udisks2-zram-setup@.service.in
===================================================================
--- udisks-2.9.4.orig/modules/zram/data/udisks2-zram-setup@.service.in
+++ udisks-2.9.4/modules/zram/data/udisks2-zram-setup@.service.in
@@ -5,6 +5,11 @@ After=dev-%i.device
Requires=dev-%i.device
[Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectHostname=true
+RestrictRealtime=true
+# end of automatic additions
Type=oneshot
RemainAfterExit=no
EnvironmentFile=-@zramconfdir@/%i

16
harden_udisks2.service.patch Normal file
View File

@ -0,0 +1,16 @@
Index: udisks-2.9.4/data/udisks2.service.in
===================================================================
--- udisks-2.9.4.orig/data/udisks2.service.in
+++ udisks-2.9.4/data/udisks2.service.in
@@ -3,6 +3,11 @@ Description=Disk Manager
Documentation=man:udisks(8)
[Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectHostname=true
+RestrictRealtime=true
+# end of automatic additions
Type=dbus
BusName=org.freedesktop.UDisks2
ExecStart=@udisksdprivdir@/udisksd

7
udisks2.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Fri May 20 07:45:36 UTC 2022 - Johannes Segitz <jsegitz@suse.com>
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_udisks2-zram-setup@.service.patch
* harden_udisks2.service.patch
-------------------------------------------------------------------
Mon Jan 31 15:28:11 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>

2
udisks2.spec
View File

@ -30,6 +30,8 @@ License: GPL-2.0-or-later AND LGPL-2.0-or-later
Group: System/Daemons
URL: https://github.com/storaged-project/udisks
Source0: %{url}/releases/download/udisks-%{version}/udisks-%{version}.tar.bz2
Patch0: harden_udisks2-zram-setup@.service.patch
Patch1: harden_udisks2.service.patch
BuildRequires: chrpath
BuildRequires: docbook-xsl-stylesheets
BuildRequires: gobject-introspection-devel >= 0.6.2