Adding upstream version 2.9.1.upstream/2.9.1 upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-05-05 11:08:54 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-05-05 11:08:54 +0000
commit: a45fb29c9f34bc175ac7b69723de175d62e838eb (patch)
tree: 364371981040c3dc6e97bb289bda0d33933ebfac /nvmf-autoconnect/systemd/nvmf-connect@.service.in
parent: Adding upstream version 2.8. (diff)
download: nvme-cli-upstream.tar.xz
nvme-cli-upstream.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/nvmf-autoconnect/systemd/nvmf-connect@.service.in b/nvmf-autoconnect/systemd/nvmf-connect@.service.in
index 5ba7086..3cec347 100644
--- a/nvmf-autoconnect/systemd/nvmf-connect@.service.in
+++ b/nvmf-autoconnect/systemd/nvmf-connect@.service.in
@@ -11,6 +11,18 @@ PartOf=nvmf-connect.target
 Requires=nvmf-connect.target
 
 [Service]
+ProtectSystem=full
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+ProtectProc=invisible
+RestrictRealtime=true
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+RemoveIPC=yes
+RestrictAddressFamilies=AF_INET AF_INET6
 Type=simple
 Environment="CONNECT_ARGS=%i"
 ExecStart=/bin/sh -c "@SBINDIR@/nvme connect-all --context=autoconnect --quiet `/bin/echo -e '${CONNECT_ARGS}'`"
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-05-05 11:08:54 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-05-05 11:08:54 +0000
commit	a45fb29c9f34bc175ac7b69723de175d62e838eb (patch)
tree	364371981040c3dc6e97bb289bda0d33933ebfac /nvmf-autoconnect/systemd/nvmf-connect@.service.in
parent	Adding upstream version 2.8. (diff)
download	nvme-cli-upstream.tar.xz nvme-cli-upstream.zip