chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
debug-shell: add condition for tty device to run on
[elogind.git]
/
units
/
systemd-machined.service.in
diff --git
a/units/systemd-machined.service.in
b/units/systemd-machined.service.in
index 2679dced882f263c7de7e3d96de4c5b180489fc4..3ae0847b7906b30421518f288195e973a6ae1f68 100644
(file)
--- a/
units/systemd-machined.service.in
+++ b/
units/systemd-machined.service.in
@@
-17,3
+17,8
@@
ExecStart=@rootlibexecdir@/systemd-machined
BusName=org.freedesktop.machine1
CapabilityBoundingSet=CAP_KILL
WatchdogSec=1min
+PrivateTmp=yes
+PrivateDevices=yes
+PrivateNetwork=yes
+ProtectSystem=full
+ProtectHome=yes
~ianmdlvl / elogind.git / blobdiff