From c5167c8f0d398946fdfae56fa78b32fade4cb451 Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@whonix.org>
Date: Sun, 5 Nov 2023 20:12:03 -0500
Subject: [PATCH] fix systemd unit

https://github.com/Kicksecure/security-misc/issues/159
---
 lib/systemd/system/harden-module-loading.service | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/systemd/system/harden-module-loading.service b/lib/systemd/system/harden-module-loading.service
index 764207a..ed2392c 100644
--- a/lib/systemd/system/harden-module-loading.service
+++ b/lib/systemd/system/harden-module-loading.service
@@ -1,7 +1,14 @@
 [Unit]
 Description=Disable the loading of additional modules after systemd-modules-load.service
-After=systemd-modules-load.service
+Documentation=https://github.com/Kicksecure/security-misc
+
+DefaultDependencies=no
 Before=sysinit.target
+Requires=local-fs.target
+Requires=systemd-modules-load.service
+After=local-fs.target
+After=systemd-modules-load.service
+
 # This functionality is implemented with this and not directly in the sysctl config is
 # to allow systemd-modules-load.service to load the modules with no problem but
 # to disallow anyone else do the same after the system boots up.