summaryrefslogtreecommitdiff
path: root/src/grp-login/systemd-logind/systemd-logind.service.in
diff options
context:
space:
mode:
Diffstat (limited to 'src/grp-login/systemd-logind/systemd-logind.service.in')
-rw-r--r--src/grp-login/systemd-logind/systemd-logind.service.in2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/grp-login/systemd-logind/systemd-logind.service.in b/src/grp-login/systemd-logind/systemd-logind.service.in
index ff049134ee..bee08d011f 100644
--- a/src/grp-login/systemd-logind/systemd-logind.service.in
+++ b/src/grp-login/systemd-logind/systemd-logind.service.in
@@ -25,6 +25,8 @@ RestartSec=0
BusName=org.freedesktop.login1
CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG
WatchdogSec=3min
+MemoryDenyWriteExecute=yes
+SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io
# Increase the default a bit in order to allow many simultaneous
# logins since we keep one fd open per session.
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-25 17:09:41 +0000