diff --git a/atftp.changes b/atftp.changes
index ba5c83a..444c0b4 100644
--- a/atftp.changes
+++ b/atftp.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Sep 14 09:57:25 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
+
+- Added hardening to systemd service(s) (bsc#1181400). Modified:
+  * atftpd.service
+
 -------------------------------------------------------------------
 Tue May 25 23:26:52 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>
 
diff --git a/atftpd.service b/atftpd.service
index 518ca3b..ed0188a 100644
--- a/atftpd.service
+++ b/atftpd.service
@@ -2,6 +2,19 @@
 Description=Advanced TFTP Server
 
 [Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+PrivateDevices=true
+ProtectHostname=true
+ProtectClock=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions 
 EnvironmentFile=/etc/sysconfig/atftpd
 # atftpd does not create logfile when there is none
 ExecStartPre=-/usr/bin/su -c "/usr/bin/touch $ATFTPD_LOGFILE" -s /bin/bash $ATFTPD_USER