X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=misc-utils%2Fuuidd.service.in;h=b4c9c463500c064b0efa58c92b91b6123d0dea13;hb=HEAD;hp=a43b3c3e0787a819caa0b77ded9af48c6b1446ef;hpb=f069b1282452e20711d580027b818e2e09db174a;p=thirdparty%2Futil-linux.git

diff --git a/misc-utils/uuidd.service.in b/misc-utils/uuidd.service.in
index a43b3c3e07..529d723886 100644
--- a/misc-utils/uuidd.service.in
+++ b/misc-utils/uuidd.service.in
@@ -4,10 +4,20 @@ Documentation=man:uuidd(8)
 Requires=uuidd.socket
 
 [Service]
-ExecStart=@usrsbin_execdir@/uuidd --socket-activation
+ExecStart=@usrsbin_execdir@/uuidd --socket-activation --cont-clock
 Restart=no
 User=uuidd
 Group=uuidd
+ProtectSystem=strict
+ProtectHome=yes
+PrivateDevices=yes
+PrivateUsers=yes
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+ProtectControlGroups=yes
+MemoryDenyWriteExecute=yes
+ReadWritePaths=@localstatedir@/lib/libuuid/
+SystemCallFilter=@default @file-system @basic-io @system-service @signal @io-event @network-io
 
 [Install]
 Also=uuidd.socket