File harden_netlabel.service.patch of Package netlabel

Index: netlabel_tools-0.21/netlabelctl/netlabel.service
===================================================================
--- netlabel_tools-0.21.orig/netlabelctl/netlabel.service
+++ netlabel_tools-0.21/netlabelctl/netlabel.service
@@ -6,6 +6,17 @@ Before=libvirtd.service
 Before=network.service
 
 [Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions 
 Type=oneshot
 RemainAfterExit=yes
 ExecStart=/usr/sbin/netlabel-config load

Places

File harden_netlabel.service.patch of Package netlabel

Places