Initial commit

author: Matthewacon 2019-05-24 12:48:04 -0400
committer: Matthewacon 2019-05-24 12:48:04 -0400
commit: f3214131d7b84ed5304d1cf11a2dabc817de6dba (patch)
tree: b4dc933e446c5a1a5c38197544961ba5d928cc6a /sslh-select@.service
download: aur-f3214131d7b84ed5304d1cf11a2dabc817de6dba.tar.gz
1 files changed, 30 insertions, 0 deletions
diff --git a/sslh-select@.service b/sslh-select@.service
new file mode 100644
index 000000000000..452e8c363d17
--- /dev/null
+++ b/sslh-select@.service
@@ -0,0 +1,30 @@
+[Unit]
+Description=SSL/SSH multiplexer (select mode) for %I
+Conflicts=sslh@%I.service
+Requires=sslh@%I.socket
+PartOf=sslh@%I.socket
+After=network.target
+
+[Service]
+EnvironmentFile=/etc/conf.d/sslh
+ExecStart=/usr/bin/sslh-select -F/etc/sslh/%I.cfg -f -v 
+KillMode=process
+ProtectSystem=strict
+ProtectHome=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectControlGroups=true
+PrivateTmp=true
+PrivateDevices=true
+SecureBits=noroot-locked
+MountFlags=private
+NoNewPrivileges=true
+CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
+MemoryDenyWriteExecute=true
+User=sslh
+DynamicUser=true
+
+[Install]
+WantedBy=multi-user.target
author	Matthewacon	2019-05-24 12:48:04 -0400
committer	Matthewacon	2019-05-24 12:48:04 -0400
commit	f3214131d7b84ed5304d1cf11a2dabc817de6dba (patch)
tree	b4dc933e446c5a1a5c38197544961ba5d928cc6a /sslh-select@.service
download	aur-f3214131d7b84ed5304d1cf11a2dabc817de6dba.tar.gz