From 47d420a8db254ee2381f491e2b67b5290d093d93 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Sat, 1 Jan 2022 17:13:57 +0100
Subject: ...

---
 hosts/vidhar/prometheus/default.nix | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'hosts')

diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix
index 51ead7e2..780d30ce 100644
--- a/hosts/vidhar/prometheus/default.nix
+++ b/hosts/vidhar/prometheus/default.nix
@@ -214,12 +214,12 @@ in {
         # DynamicUser = true;
         # DeviceAllow = [""];
         # LockPersonality = true;
-        # MemoryDenyWriteExecute = true;
-        # NoNewPrivileges = true;
-        # PrivateDevices = true;
-        # ProtectClock = true;
-        # ProtectControlGroups = true;
-        # ProtectHome = true;
+        MemoryDenyWriteExecute = true;
+        NoNewPrivileges = true;
+        PrivateDevices = true;
+        ProtectClock = true;
+        ProtectControlGroups = true;
+        ProtectHome = true;
         ProtectHostname = true;
         ProtectKernelLogs = true;
         ProtectKernelModules = true;
-- 
cgit v1.2.3