diff options
| author | Vincent Blut <vincent.debian@free.fr> | 2021-02-04 19:47:26 +0100 |
|---|---|---|
| committer | Vincent Blut <vincent.debian@free.fr> | 2021-02-04 19:47:26 +0100 |
| commit | bc50fa60131c4a849f9f9c7bf353a1b567fb9853 (patch) | |
| tree | a01438967edbea78e63f5dcc8c7cb613af2ab12b | |
| parent | fe93e7907338b58e18a6c87077d5de28dfa6dbac (diff) | |
d/chrony.service: Enable some hardening settings
| -rw-r--r-- | debian/chrony.service | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/debian/chrony.service b/debian/chrony.service index 29288c3..29e6382 100644 --- a/debian/chrony.service +++ b/debian/chrony.service @@ -15,6 +15,9 @@ ExecStart=/usr/sbin/chronyd $DAEMON_OPTS PrivateTmp=yes ProtectHome=yes ProtectSystem=full +ProtectControlGroups=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes [Install] Alias=chronyd.service |