diff options
author | Boris-Barboris | 2023-08-30 22:25:54 +0300 |
---|---|---|
committer | Boris-Barboris | 2023-08-30 22:25:54 +0300 |
commit | 501c47f0c01e6f6e6d42d3c552d71038ac02d6ff (patch) | |
tree | a2973522ea90a923f4a38e533cfffb9a539d8182 /evdev-proxy.service | |
download | aur-501c47f0c01e6f6e6d42d3c552d71038ac02d6ff.tar.gz |
initial package version
Diffstat (limited to 'evdev-proxy.service')
-rw-r--r-- | evdev-proxy.service | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/evdev-proxy.service b/evdev-proxy.service new file mode 100644 index 000000000000..bb4160377925 --- /dev/null +++ b/evdev-proxy.service @@ -0,0 +1,32 @@ +[Unit] +Description=Evdev proxy device daemon +After=systemd-udevd.service +Wants=multi-user.target + +[Service] +Type=simple +ExecStart=/usr/bin/evdev-proxy +Restart=always +RestartSec=2 +Environment=RUST_BACKTRACE=1 + +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +# Breaks AF_NETLINK connectivity to udev +# PrivateNetwork=yes + +ProtectControlGroups=yes +ProtectHome=yes +ProtectHostname=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectKernelLogs=yes +ProtectSystem=strict + +RestrictAddressFamilies=AF_NETLINK +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes + +[Install] +WantedBy=multi-user.target
\ No newline at end of file |