diff options
Diffstat (limited to 'units/systemd-udevd.service.in')
| -rw-r--r-- | units/systemd-udevd.service.in | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in index 8557522e7b..6a3814e5d9 100644 --- a/units/systemd-udevd.service.in +++ b/units/systemd-udevd.service.in @@ -25,10 +25,12 @@ ExecStart=@rootlibexecdir@/systemd-udevd KillMode=mixed WatchdogSec=3min TasksMax=infinity -MountFlags=slave +PrivateMounts=yes MemoryDenyWriteExecute=yes RestrictRealtime=yes RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 +SystemCallFilter=@system-service @module @raw-io +SystemCallErrorNumber=EPERM SystemCallArchitectures=native LockPersonality=yes IPAddressDeny=any |