summaryrefslogtreecommitdiffstats
path: root/units/systemd-udevd.service.in
diff options
context:
space:
mode:
Diffstat (limited to 'units/systemd-udevd.service.in')
-rw-r--r--units/systemd-udevd.service.in3
1 files changed, 2 insertions, 1 deletions
diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in
index fb98ca4d43..e8a76cc018 100644
--- a/units/systemd-udevd.service.in
+++ b/units/systemd-udevd.service.in
@@ -28,8 +28,9 @@ TasksMax=infinity
PrivateMounts=yes
ProtectHostname=yes
MemoryDenyWriteExecute=yes
-RestrictRealtime=yes
RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
SystemCallFilter=@system-service @module @raw-io
SystemCallErrorNumber=EPERM
SystemCallArchitectures=native
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-04 14:17:28 +0100