initial package version

author: Boris-Barboris 2023-08-30 22:25:54 +0300
committer: Boris-Barboris 2023-08-30 22:25:54 +0300
commit: 501c47f0c01e6f6e6d42d3c552d71038ac02d6ff (patch)
tree: a2973522ea90a923f4a38e533cfffb9a539d8182 /evdev-proxy.service
download: aur-501c47f0c01e6f6e6d42d3c552d71038ac02d6ff.tar.gz
1 files changed, 32 insertions, 0 deletions
diff --git a/evdev-proxy.service b/evdev-proxy.service
new file mode 100644
index 000000000000..bb4160377925
--- /dev/null
+++ b/evdev-proxy.service
@@ -0,0 +1,32 @@
+[Unit]
+Description=Evdev proxy device daemon
+After=systemd-udevd.service
+Wants=multi-user.target
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/evdev-proxy
+Restart=always
+RestartSec=2
+Environment=RUST_BACKTRACE=1
+
+MemoryDenyWriteExecute=yes
+NoNewPrivileges=yes
+# Breaks AF_NETLINK connectivity to udev
+# PrivateNetwork=yes
+
+ProtectControlGroups=yes
+ProtectHome=yes
+ProtectHostname=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+ProtectKernelLogs=yes
+ProtectSystem=strict
+
+RestrictAddressFamilies=AF_NETLINK
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+
+[Install]
+WantedBy=multi-user.target
+\ No newline at end of file
author	Boris-Barboris	2023-08-30 22:25:54 +0300
committer	Boris-Barboris	2023-08-30 22:25:54 +0300
commit	501c47f0c01e6f6e6d42d3c552d71038ac02d6ff (patch)
tree	a2973522ea90a923f4a38e533cfffb9a539d8182 /evdev-proxy.service
download	aur-501c47f0c01e6f6e6d42d3c552d71038ac02d6ff.tar.gz