From 81d6a5ded50a26338e1b36462b3e0a6e45beb9a6 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 5 May 2024 13:11:05 +0200
Subject: Adding upstream version 2.9.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 nvmf-autoconnect/systemd/nvmefc-boot-connections.service.in | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'nvmf-autoconnect/systemd/nvmefc-boot-connections.service.in')

diff --git a/nvmf-autoconnect/systemd/nvmefc-boot-connections.service.in b/nvmf-autoconnect/systemd/nvmefc-boot-connections.service.in
index 7036625..783feb0 100644
--- a/nvmf-autoconnect/systemd/nvmefc-boot-connections.service.in
+++ b/nvmf-autoconnect/systemd/nvmefc-boot-connections.service.in
@@ -6,6 +6,18 @@ After=systemd-udevd.service
 Before=local-fs-pre.target
 
 [Service]
+ProtectSystem=full
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+ProtectProc=invisible
+RestrictRealtime=true
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+RemoveIPC=yes
+RestrictAddressFamilies=none
 Type=oneshot
 ExecStart=/bin/sh -c "echo add > /sys/class/fc/fc_udev_device/nvme_discovery"
 
-- 
cgit v1.2.3