Overview

File harden_smartd.service.patch of Package smartmontools

diff -Pdpru smartmontools-7.5.orig/smartd.service.in smartmontools-7.5/smartd.service.in
--- smartmontools-7.5.orig/smartd.service.in	2025-01-24 15:28:39.000000000 +0100
+++ smartmontools-7.5/smartd.service.in	2025-05-01 12:28:15.062462785 +0200
@@ -7,6 +7,16 @@ Documentation=man:smartd(8) man:smartd.c
 ConditionVirtualization=no
 
 [Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions
 Type=notify
 Environment=smartd_opts=''
 EnvironmentFile=-/usr/local/etc/sysconfig/smartmontools
openSUSE Build Service is sponsored by
Places