]> git.ipfire.org Git - thirdparty/systemd.git/blobdiff - units/systemd-coredump@.service.in
projects / thirdparty / systemd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
test: Disable LUKS devices from initramfs in QEMU tests
[thirdparty/systemd.git] / units / systemd-coredump@.service.in
diff --git a/units/systemd-coredump@.service.in b/units/systemd-coredump@.service.in
index ffcb5f36ca6c551ab74c7c7a79161d8dc97fafa4..afb2ab9d17352e453186ebca8a61d888c24ec7fa 100644 (file)
--- a/units/systemd-coredump@.service.in
+++ b/units/systemd-coredump@.service.in
@@ -29,12 +29,14 @@ PrivateNetwork=yes
 PrivateTmp=yes
 ProtectControlGroups=yes
 ProtectHome=yes
+ProtectHostname=yes
 ProtectKernelModules=yes
 ProtectKernelTunables=yes
 ProtectSystem=strict
 RestrictAddressFamilies=AF_UNIX
 RestrictNamespaces=yes
 RestrictRealtime=yes
+RestrictSUIDSGID=yes
 RuntimeMaxSec=5min
 StateDirectory=systemd/coredump
 SystemCallArchitectures=native
Unnamed repository; edit this file 'description' to name the repository.