diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes
index 4b1a376..c69e074 100644
--- a/wpa_supplicant.changes
+++ b/wpa_supplicant.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Jan 10 08:27:51 UTC 2022 - Johannes Segitz <jsegitz@suse.com>
+
+- Added hardening to systemd service(s) (bsc#1181400). Modified:
+  * wpa_supplicant.service
+
 -------------------------------------------------------------------
 Tue Apr  6 14:51:18 UTC 2021 - Clemens Famulla-Conrad <cfamullaconrad@suse.com>
 
diff --git a/wpa_supplicant.service b/wpa_supplicant.service
index 34d42d1..f7455b1 100644
--- a/wpa_supplicant.service
+++ b/wpa_supplicant.service
@@ -5,6 +5,17 @@ Before=network-pre.target
 Wants=network-pre.target
 
 [Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=read-only
+ProtectHostname=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions 
 Type=dbus
 BusName=fi.w1.wpa_supplicant1
 ExecStart=/usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -u -t -f /var/log/wpa_supplicant.log