Overview

File harden_xrootd@.service.patch of Package xrootd

Index: xrootd-5.6.1/packaging/common/xrootd@.service
===================================================================
--- xrootd-5.6.1.orig/packaging/common/xrootd@.service
+++ xrootd-5.6.1/packaging/common/xrootd@.service
@@ -6,14 +6,14 @@ Requires=network-online.target
 After=network-online.target
 
 [Service]
-#PrivateDevices=true
-#ProtectHostname=true
-#ProtectClock=true
-#ProtectKernelTunables=true
-#ProtectKernelModules=true
-#ProtectKernelLogs=true
-#ProtectControlGroups=true
-#RestrictRealtime=true
+PrivateDevices=true
+ProtectHostname=true
+ProtectClock=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
 ExecStart=/usr/bin/xrootd -l /var/log/xrootd/xrootd.log -c /etc/xrootd/xrootd-%i.cfg -k fifo -s /run/xrootd/xrootd-%i.pid -n %i
 User=xrootd
 Group=xrootd
openSUSE Build Service is sponsored by
Places