File harden_qbittorrent-nox@.service.patch of Package qbittorrent
Index: qbittorrent-4.4.0/dist/unix/systemd/qbittorrent-nox@.service.in
===================================================================
--- qbittorrent-4.4.0.orig/dist/unix/systemd/qbittorrent-nox@.service.in
+++ qbittorrent-4.4.0/dist/unix/systemd/qbittorrent-nox@.service.in
@@ -7,6 +7,18 @@ After=local-fs.target network-online.tar
[Service]
Type=simple
PrivateTmp=false
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+PrivateDevices=true
+ProtectHostname=true
+ProtectClock=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions
User=%i
ExecStart=@EXPAND_BINDIR@/qbittorrent-nox
TimeoutStopSec=1800