From 9aafbd64d3835b39202c3fb05a4ebb9f6f31fe8b Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Dec 09 2020 08:46:57 +0000
Subject: 0004-systemd-More-lockdown.patch


patch_name: 0004-systemd-More-lockdown.patch
present_in_specfile: true
location_in_specfile: 6

---

diff --git a/src/bluetooth.service.in b/src/bluetooth.service.in
index 4daedef..f188018 100644
--- a/src/bluetooth.service.in
+++ b/src/bluetooth.service.in
@@ -22,9 +22,15 @@ ProtectControlGroups=true
 ReadWritePaths=@statedir@
 ReadOnlyPaths=@confdir@
 
+# Execute Mappings
+MemoryDenyWriteExecute=true
+
 # Privilege escalation
 NoNewPrivileges=true
 
+# Real-time
+RestrictRealtime=true
+
 [Install]
 WantedBy=bluetooth.target
 Alias=dbus-org.bluez.service