summaryrefslogtreecommitdiff
path: root/units/systemd-journal-gatewayd.service.in
diff options
context:
space:
mode:
Diffstat (limited to 'units/systemd-journal-gatewayd.service.in')
-rw-r--r--units/systemd-journal-gatewayd.service.in5
1 files changed, 5 insertions, 0 deletions
diff --git a/units/systemd-journal-gatewayd.service.in b/units/systemd-journal-gatewayd.service.in
index f4f845841d..efefaa4244 100644
--- a/units/systemd-journal-gatewayd.service.in
+++ b/units/systemd-journal-gatewayd.service.in
@@ -20,6 +20,11 @@ PrivateDevices=yes
PrivateNetwork=yes
ProtectSystem=full
ProtectHome=yes
+ProtectControlGroups=yes
+ProtectKernelTunables=yes
+MemoryDenyWriteExecute=yes
+RestrictRealtime=yes
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
# If there are many split upjournal files we need a lot of fds to
# access them all and combine
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-04 14:18:48 +0000