You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22 lines
488 B
INI
22 lines
488 B
INI
2 years ago
|
[Unit]
|
||
|
|
Description=systemd-vault daemon
|
||
|
|
Requires=systemd-vaultd.socket
|
||
|
|
|
||
|
|
[Service]
|
||
|
|
ExecStart=/usr/bin/systemd-vaultd
|
||
|
|
Restart=yes
|
||
|
|
ProtectSystem=strict
|
||
|
|
ProtectHome=yes
|
||
|
|
PrivateDevices=yes
|
||
|
|
PrivateNetwork=yes
|
||
|
|
PrivateUsers=yes
|
||
|
|
ProtectKernelTunables=yes
|
||
|
|
ProtectKernelModules=yes
|
||
|
|
ProtectControlGroups=yes
|
||
|
|
RestrictAddressFamilies=AF_UNIX
|
||
|
|
MemoryDenyWriteExecute=yes
|
||
|
|
SystemCallFilter=@default @file-system @basic-io @system-service @signal @io-event @network-io
|
||
|
|
|
||
|
|
[Install]
|
||
|
|
Also=systemd-vaultd.socket
|