diff options
Diffstat (limited to 'units/systemd-importd.service.in')
| -rw-r--r-- | units/systemd-importd.service.in | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/units/systemd-importd.service.in b/units/systemd-importd.service.in index 20704a8232..38b7d7e94b 100644 --- a/units/systemd-importd.service.in +++ b/units/systemd-importd.service.in @@ -20,6 +20,7 @@ KillMode=mixed CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD CAP_SETFCAP CAP_SYS_ADMIN CAP_SETPCAP CAP_DAC_OVERRIDE NoNewPrivileges=yes MemoryDenyWriteExecute=yes +ProtectHostname=yes RestrictRealtime=yes RestrictNamespaces=net RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 |