initctl: move /dev/initctl fifo into /run, replace it by symlink

[elogind.git] / units / systemd-hostnamed.service.in

diff --git a/units/systemd-hostnamed.service.in b/units/systemd-hostnamed.service.in
index 874f6c274b423e0e92ee58032e3ef19a963db4ca..497b8d99744941148edca052bc979c477108c4bd 100644 (file)
--- a/units/systemd-hostnamed.service.in
+++ b/units/systemd-hostnamed.service.in
@@ -13,4 +13,10 @@ Documentation=http://www.freedesktop.org/wiki/Software/systemd/hostnamed
 [Service]
 ExecStart=@rootlibexecdir@/systemd-hostnamed
 BusName=org.freedesktop.hostname1
-CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE
+CapabilityBoundingSet=CAP_SYS_ADMIN
+WatchdogSec=1min
+PrivateTmp=yes
+PrivateDevices=yes
+PrivateNetwork=yes
+ReadOnlySystem=yes
+ProtectedHome=yes