Commit 7a8d5f33 authored by Matti Lehtimäki's avatar Matti Lehtimäki

[systemd] Sandbox the udhcpd service. JB#37897 JB#44449

parent 2ddf2a92
......@@ -6,3 +6,8 @@ Conflicts=shutdown.target
[Service]
ExecStart=/usr/sbin/udhcpd -f
CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_NET_BIND_SERVICE CAP_NET_RAW
PrivateDevices=yes
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment