Tree - rpms/systemd-extras - src.fedoraproject.org

rpms / systemd-extras

Overview Files Commits Branches Forks Releases
Monitoring status:

Bugzilla Assignee:

Fedora:: robert
EPEL:: robert
Files

Blob Blame History Raw
From 28a99b8b66ed8874502f528bb44289254c05267c Mon Sep 17 00:00:00 2001
From: Robert Scheck <robert@fedoraproject.org>
Date: Mon, 15 May 2023 21:54:37 +0200
Subject: [PATCH] Drop systemd.unit options unsupported in systemd-239-68.el8_7.4

---
 units/systemd-networkd.service.in  | 8 ++------
 units/systemd-timesyncd.service.in | 4 ----
 2 files changed, 2 insertions(+), 10 deletions(-)

diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in
index d8b935a..a123f98 100644
--- a/units/systemd-networkd.service.in
+++ b/units/systemd-networkd.service.in
@@ -20,23 +20,19 @@ Wants=systemd-networkd.socket network.target
 
 [Service]
 AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
-BusName=org.freedesktop.network1
 CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
 DeviceAllow=char-* rw
 ExecStart=!!{{ROOTLIBEXECDIR}}/systemd-networkd
+ExecReload=networkctl reload
 FileDescriptorStoreMax=512
 LockPersonality=yes
 MemoryDenyWriteExecute=yes
 NoNewPrivileges=yes
-ProtectProc=invisible
-ProtectClock=yes
 ProtectControlGroups=yes
 ProtectHome=yes
-ProtectKernelLogs=yes
 ProtectKernelModules=yes
 ProtectSystem=strict
 Restart=on-failure
-RestartKillSignal=SIGUSR2
 RestartSec=0
 RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 AF_PACKET
 RestrictNamespaces=yes
@@ -47,7 +43,7 @@ RuntimeDirectoryPreserve=yes
 SystemCallArchitectures=native
 SystemCallErrorNumber=EPERM
 SystemCallFilter=@system-service
-Type=notify-reload
+Type=notify
 User=systemd-network
 {{SERVICE_WATCHDOG}}
 
diff --git a/units/systemd-timesyncd.service.in b/units/systemd-timesyncd.service.in
index c606461..5ae8dc5 100644
--- a/units/systemd-timesyncd.service.in
+++ b/units/systemd-timesyncd.service.in
@@ -20,7 +20,6 @@ Wants=time-set.target
 
 [Service]
 AmbientCapabilities=CAP_SYS_TIME
-BusName=org.freedesktop.timesync1
 CapabilityBoundingSet=CAP_SYS_TIME
 # Turn off DNSSEC validation for hostname look-ups, since those need the
 # correct time to work, but we likely won't acquire that without NTP. Let's
@@ -32,11 +31,8 @@ MemoryDenyWriteExecute=yes
 NoNewPrivileges=yes
 PrivateDevices=yes
 PrivateTmp=yes
-ProtectProc=invisible
 ProtectControlGroups=yes
 ProtectHome=yes
-ProtectHostname=yes
-ProtectKernelLogs=yes
 ProtectKernelModules=yes
 ProtectKernelTunables=yes
 ProtectSystem=strict
-- 
2.31.1
rpms / systemd-extras

Source Code

Files
