Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package ntp for openSUSE:Factory checked in 
at 2021-10-12 21:49:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ntp (Old)
 and      /work/SRC/openSUSE:Factory/.ntp.new.2443 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "ntp"

Tue Oct 12 21:49:57 2021 rev:131 rq:924903 version:4.2.8p15

Changes:
--------
--- /work/SRC/openSUSE:Factory/ntp/ntp.changes  2021-06-16 20:36:31.155292022 
+0200
+++ /work/SRC/openSUSE:Factory/.ntp.new.2443/ntp.changes        2021-10-12 
21:51:25.716049973 +0200
@@ -1,0 +2,7 @@
+Tue Oct 12 06:09:33 UTC 2021 - Johannes Segitz <jseg...@suse.com>
+
+- Added hardening to systemd service(s) (bsc#1181400). Modified:
+  * conf.ntp-wait.service
+  * conf.ntpd.service
+
+-------------------------------------------------------------------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ conf.ntp-wait.service ++++++
--- /var/tmp/diff_new_pack.11SoSg/_old  2021-10-12 21:51:26.660051324 +0200
+++ /var/tmp/diff_new_pack.11SoSg/_new  2021-10-12 21:51:26.660051324 +0200
@@ -9,6 +9,16 @@
 ConditionCapability=CAP_SYS_TIME
 
 [Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+# end of automatic additions 
 Type=oneshot
 ExecStart=/usr/sbin/ntp-wait -s 1 -n 30000
 RemainAfterExit=yes

++++++ conf.ntpd.service ++++++
--- /var/tmp/diff_new_pack.11SoSg/_old  2021-10-12 21:51:26.700051381 +0200
+++ /var/tmp/diff_new_pack.11SoSg/_new  2021-10-12 21:51:26.704051387 +0200
@@ -17,6 +17,16 @@
 RestartSec=11min
 Restart=always
 PrivateTmp=true
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+# end of automatic additions 
 
 [Install]
 WantedBy=multi-user.target

Reply via email to