commit low-memory-monitor for openSUSE:Factory

Thu, 07 Oct 2021 15:07:25 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package low-memory-monitor for 
openSUSE:Factory checked in at 2021-10-08 00:06:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/low-memory-monitor (Old)
 and      /work/SRC/openSUSE:Factory/.low-memory-monitor.new.2443 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "low-memory-monitor"

Fri Oct  8 00:06:14 2021 rev:2 rq:923719 version:2.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/low-memory-monitor/low-memory-monitor.changes    
2021-09-27 20:09:24.558495220 +0200
+++ 
/work/SRC/openSUSE:Factory/.low-memory-monitor.new.2443/low-memory-monitor.changes
  2021-10-08 00:07:10.417867561 +0200
@@ -1,0 +2,6 @@
+Wed Oct  6 06:12:57 UTC 2021 - Johannes Segitz <jseg...@suse.com>
+
+- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
+  * harden_low-memory-monitor.service.patch
+
+-------------------------------------------------------------------

New:
----
  harden_low-memory-monitor.service.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ low-memory-monitor.spec ++++++
--- /var/tmp/diff_new_pack.uMPtpT/_old  2021-10-08 00:07:10.889868361 +0200
+++ /var/tmp/diff_new_pack.uMPtpT/_new  2021-10-08 00:07:10.889868361 +0200
@@ -23,6 +23,7 @@
 License:        GPL-3.0-only
 URL:            https://gitlab.freedesktop.org/hadess/low-memory-monitor
 Source:         %{url}/-/archive/%{version}/%{name}-%{version}.tar.bz2
+Patch0:        harden_low-memory-monitor.service.patch
 BuildRequires:  gtk-doc
 BuildRequires:  meson >= 0.45.0
 BuildRequires:  pkgconfig

++++++ harden_low-memory-monitor.service.patch ++++++
Index: low-memory-monitor-2.1/data/low-memory-monitor.service.in
===================================================================
--- low-memory-monitor-2.1.orig/data/low-memory-monitor.service.in
+++ low-memory-monitor-2.1/data/low-memory-monitor.service.in
@@ -31,6 +31,13 @@ ProtectKernelModules=true
 
 # Real-time
 RestrictRealtime=true
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectHostname=true
+ProtectClock=true
+ProtectKernelTunables=true
+ProtectKernelLogs=true
+# end of automatic additions 
 
 # Privilege escalation
 NoNewPrivileges=true

Reply via email to