You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
28 lines
861 B
28 lines
861 B
11 months ago
|
diff -up opencryptoki-3.21.0/misc/pkcsslotd.service.in.me opencryptoki-3.21.0/misc/pkcsslotd.service.in
|
||
|
--- opencryptoki-3.21.0/misc/pkcsslotd.service.in.me 2023-05-16 20:50:08.128841932 +0200
|
||
|
+++ opencryptoki-3.21.0/misc/pkcsslotd.service.in 2023-05-16 21:19:35.208570589 +0200
|
||
|
@@ -22,17 +22,17 @@ PrivateUsers=no
|
||
|
PrivateNetwork=no
|
||
|
RestrictAddressFamilies=AF_UNIX AF_NETLINK
|
||
|
IPAddressDeny=any
|
||
|
-ProtectClock=yes
|
||
|
+#ProtectClock=yes
|
||
|
ProtectKernelTunables=yes
|
||
|
ProtectKernelModules=yes
|
||
|
-ProtectKernelLogs=yes
|
||
|
+#ProtectKernelLogs=yes
|
||
|
ProtectControlGroups=yes
|
||
|
ProtectHome=yes
|
||
|
-ProtectHostname=yes
|
||
|
-ProtectProc=default
|
||
|
+#ProtectHostname=yes
|
||
|
+#ProtectProc=default
|
||
|
ProtectSystem=strict
|
||
|
-ReadWritePaths=@localstatedir@
|
||
|
-ProcSubset=all
|
||
|
+ReadWritePaths=@localstatedir@ /run
|
||
|
+#ProcSubset=all
|
||
|
MemoryDenyWriteExecute=yes
|
||
|
RestrictRealtime=yes
|
||
|
RestrictNamespaces=yes
|