2023-11-02 06:24:35 -04:00
|
|
|
[Unit]
|
2023-11-05 17:56:35 -05:00
|
|
|
Description=Disable the loading of additional modules after systemd-modules-load.service
|
2023-11-02 06:24:35 -04:00
|
|
|
After=systemd-modules-load.service
|
2023-11-04 16:56:08 -04:00
|
|
|
Before=sysinit.target
|
2023-11-02 06:24:35 -04:00
|
|
|
# This functionality is implemented with this and not directly in the sysctl config is
|
|
|
|
# to allow systemd-modules-load.service to load the modules with no problem but
|
|
|
|
# to disallow anyone else do the same after the system boots up.
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
Type=oneshot
|
|
|
|
ExecStart=/usr/libexec/security-misc/disable-kernel-module-loading
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy=sysinit.target
|