From 8fba5f8ecb243239812f653903b8ffa3a1679be6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ga=C3=ABtan=20L=2E=20H=2E-F?=
 <gaetanlhf@noreply.forge.collabore.fr>
Date: Wed, 24 May 2023 14:51:37 +0200
Subject: [PATCH] Update collabore-tunnel.service

---
 collabore-tunnel.service | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/collabore-tunnel.service b/collabore-tunnel.service
index 0c28037..ce41eba 100644
--- a/collabore-tunnel.service
+++ b/collabore-tunnel.service
@@ -34,6 +34,7 @@ PrivateDevices=true
 ProtectControlGroups=true
 ProtectKernelModules=true
 ProtectKernelTunables=true
+ProtectKernelLogs=true
 ReadWritePaths=
 
 # network
@@ -54,7 +55,7 @@ ProtectClock=true
 ProtectProc=invisible
 
 # capabilities
-RestrictNamespaces=uts ipc pid cgroup
+RestrictNamespaces=yes
 CapabilityBoundingSet=CAP_NET_BIND_SERVICE
 AmbientCapabilities=