ryan
/
systemd-openbao
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
systemd-openbao/etc/systemd-vaultd.service

22 lines
488 B
INI
Raw Blame History

[Unit]
Description=systemd-vault daemon
Requires=systemd-vaultd.socket
[Service]
ExecStart=/usr/bin/systemd-vaultd
Restart=yes
ProtectSystem=strict
ProtectHome=yes
PrivateDevices=yes
PrivateNetwork=yes
PrivateUsers=yes
ProtectKernelTunables=yes
ProtectKernelModules=yes
ProtectControlGroups=yes
RestrictAddressFamilies=AF_UNIX
MemoryDenyWriteExecute=yes
SystemCallFilter=@default @file-system @basic-io @system-service @signal @io-event @network-io
[Install]
Also=systemd-vaultd.socket
Reference in New Issue View Git Blame Copy Permalink