]> granicus.if.org Git - haveged/commitdiff
projects / haveged / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d011e27)
use systemd security features
authorChristian Hesse <mail@eworm.de>
Wed, 4 Sep 2019 11:32:19 +0000 (13:32 +0200)
committerChristian Hesse <mail@eworm.de>
Wed, 4 Sep 2019 14:04:40 +0000 (16:04 +0200)
init.d/service.fedora patch | blob | history

diff --git a/init.d/service.fedora b/init.d/service.fedora
index 0fe6ef6a4fede7c38f6dd5da51289fd0c390dcf9..fdc7bae9617feff8a92cd8c9c66cef7a6e52fca3 100644 (file)
--- a/init.d/service.fedora
+++ b/init.d/service.fedora
@@ -9,6 +9,11 @@ Before=sysinit.target shutdown.target systemd-journald.service
 ExecStart=/usr/sbin/haveged -w 1024 -v 1 --Foreground
 Restart=always
 SuccessExitStatus=137 143
+CapabilityBoundingSet=CAP_SYS_ADMIN
+NoNewPrivileges=on
+PrivateDevices=on
+PrivateNetwork=on
+ProtectSystem=full
 
 [Install]
 WantedBy=sysinit.target
Unnamed repository; edit this file 'description' to name the repository.