diff options
Diffstat (limited to 'units/systemd-logind.service.in')
| -rw-r--r-- | units/systemd-logind.service.in | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in index 961263f60..6b362ccdc 100644 --- a/units/systemd-logind.service.in +++ b/units/systemd-logind.service.in @@ -20,22 +20,22 @@ Wants=dbus.socket After=dbus.socket [Service] -ExecStart=@rootlibexecdir@/systemd-logind -Restart=always -RestartSec=0 BusName=org.freedesktop.login1 -WatchdogSec=3min CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG +ExecStart=@rootlibexecdir@/systemd-logind +FileDescriptorStoreMax=512 +IPAddressDeny=any +LockPersonality=yes MemoryDenyWriteExecute=yes -RestrictRealtime=yes -RestrictNamespaces=yes +Restart=always +RestartSec=0 RestrictAddressFamilies=AF_UNIX AF_NETLINK -SystemCallFilter=@system-service -SystemCallErrorNumber=EPERM +RestrictNamespaces=yes +RestrictRealtime=yes SystemCallArchitectures=native -LockPersonality=yes -IPAddressDeny=any -FileDescriptorStoreMax=512 +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service +WatchdogSec=3min # Increase the default a bit in order to allow many simultaneous logins since # we keep one fd open per session. |