]> git.ipfire.org Git - thirdparty/systemd.git/blobdiff - units/systemd-networkd.service.in
projects / thirdparty / systemd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
network, resolve: use bus_message_read_ifindex() or friends
[thirdparty/systemd.git] / units / systemd-networkd.service.in
diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in
index ed985f64fa56729d30bc59e0593e645a3042395d..26731468413d7614d4ed1ed64d16367db591dec8 100644 (file)
--- a/units/systemd-networkd.service.in
+++ b/units/systemd-networkd.service.in
@@ -26,13 +26,15 @@ ExecStart=!!@rootlibexecdir@/systemd-networkd
 LockPersonality=yes
 MemoryDenyWriteExecute=yes
 NoNewPrivileges=yes
+ProtectClock=yes
 ProtectControlGroups=yes
 ProtectHome=yes
 ProtectKernelModules=yes
+ProtectKernelLogs=yes
 ProtectSystem=strict
 Restart=on-failure
 RestartSec=0
-RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 AF_PACKET
+RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 AF_PACKET AF_ALG
 RestrictNamespaces=yes
 RestrictRealtime=yes
 RestrictSUIDSGID=yes
Unnamed repository; edit this file 'description' to name the repository.