Overview

File harden_ntp-wait.service.patch of Package ntpsec

Index: ntpsec-1.2.1/etc/ntp-wait.service
===================================================================
--- ntpsec-1.2.1.orig/etc/ntp-wait.service
+++ ntpsec-1.2.1/etc/ntp-wait.service
@@ -7,6 +7,16 @@ Conflicts=systemd-timesyncd.service
 ConditionCapability=CAP_SYS_TIME
 
 [Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+# end of automatic additions 
 Type=oneshot
 ExecStart=@BINDIR@/ntpwait -s 1 -n 30000
 RemainAfterExit=yes
openSUSE Build Service is sponsored by
Places