diff options
author | Lennart Poettering <lennart@poettering.net> | 2018-11-13 10:38:47 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-11-13 10:38:47 +0100 |
commit | 53a3e8fc7a2db3654380f2c32fe16653227fcf0f (patch) | |
tree | 498a98fd2b9218d25a97f55090b2641acd3c3358 /units | |
parent | 99cd001d4c27c90cd9c0c66f88dc3673bb39ce73 (diff) | |
parent | 45ae3f6117266648a1d82405d48594ec188e4b9d (diff) | |
download | systemd-53a3e8fc7a2db3654380f2c32fe16653227fcf0f.tar.gz systemd-53a3e8fc7a2db3654380f2c32fe16653227fcf0f.tar.bz2 systemd-53a3e8fc7a2db3654380f2c32fe16653227fcf0f.zip |
Merge pull request #10744 from poettering/logind-lock-down
units: lock down logind with fs namespacing options
Diffstat (limited to 'units')
-rw-r--r-- | units/systemd-logind.service.in | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in index 38a7f269ac..6886fa9bfe 100644 --- a/units/systemd-logind.service.in +++ b/units/systemd-logind.service.in @@ -21,18 +21,26 @@ After=dbus.socket [Service] BusName=org.freedesktop.login1 -CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG +CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG ExecStart=@rootlibexecdir@/systemd-logind FileDescriptorStoreMax=512 IPAddressDeny=any LockPersonality=yes MemoryDenyWriteExecute=yes NoNewPrivileges=yes +PrivateTmp=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectKernelModules=yes +ProtectSystem=strict +ReadWritePaths=/etc Restart=always RestartSec=0 RestrictAddressFamilies=AF_UNIX AF_NETLINK RestrictNamespaces=yes RestrictRealtime=yes +RuntimeDirectory=systemd/sessions systemd/seats systemd/users +RuntimeDirectoryPreserve=yes SystemCallArchitectures=native SystemCallErrorNumber=EPERM SystemCallFilter=@system-service |