From 159dcde28fa2deb3c6d5722dce9fe384f08202b7 Mon Sep 17 00:00:00 2001 From: Jirka Hladky Date: Sun, 28 Jun 2020 04:07:35 +0200 Subject: Updated systemd service file - SystemCallFilter section --- ChangeLog | 4 ++++ contrib/build/fedora.spec | 5 ++++- init.d/service.fedora | 5 +++-- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 387dba2..5d8f627 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +v1.9.13 (Jun 28, 2020) +* added support for --version [Jirka Hladky] +* updated systemd service file [Jirka Hladky] + v1.9.12 (Jun 18, 2020) * fix a memory leak in havege_destroy [Anakin Zhang] diff --git a/contrib/build/fedora.spec b/contrib/build/fedora.spec index efacb34..1e9d536 100644 --- a/contrib/build/fedora.spec +++ b/contrib/build/fedora.spec @@ -1,6 +1,6 @@ Summary: A Linux entropy source using the HAVEGE algorithm Name: haveged -Version: 1.9.12 +Version: 1.9.13 Release: 1%{?dist} License: GPLv3+ URL: https://github.com/jirka-h/haveged @@ -117,6 +117,9 @@ fi %changelog +* Sun Jun 28 2020 Jirka Hladky - 1.9.13-1 + - Update to 1.9.13 + * Thu Jun 18 2020 Jirka Hladky - 1.9.12-1 - Update to 1.9.12 diff --git a/init.d/service.fedora b/init.d/service.fedora index 8de8828..6217765 100644 --- a/init.d/service.fedora +++ b/init.d/service.fedora @@ -27,8 +27,9 @@ RestrictRealtime=true LockPersonality=true MemoryDenyWriteExecute=true SystemCallArchitectures=native -SystemCallFilter=@basic-io @file-system @io-event @network-io @signal -SystemCallFilter=arch_prctl brk ioctl mprotect sysinfo +SystemCallFilter=@system-service +SystemCallFilter=~@mount +SystemCallErrorNumber=EPERM [Install] WantedBy=sysinit.target -- cgit v1.2.3