forked from pool/chrony
902146d99c
access the rtc and ptp devices. - Add back support to build chrony on SLE12. - Drop dependency on asciidoctor. It is only needed for building the HTML documentation which we don't package anyway. OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=105
19 lines
518 B
Diff
19 lines
518 B
Diff
--- examples/chronyd.service.orig
|
|
+++ examples/chronyd.service
|
|
@@ -18,6 +18,15 @@ ExecStartPost=@CHRONY_HELPER@ update-dae
|
|
PrivateTmp=yes
|
|
ProtectHome=yes
|
|
ProtectSystem=full
|
|
+# added automatically, for details please see
|
|
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
|
|
+ProtectHostname=true
|
|
+ProtectKernelModules=true
|
|
+ProtectKernelLogs=true
|
|
+ProtectControlGroups=true
|
|
+DeviceAllow=char-rtc
|
|
+DeviceAllow=char-ptp
|
|
+# end of automatic additions
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|