summarylogtreecommitdiffstats
path: root/aria2-tracker-update-system.service
diff options
context:
space:
mode:
Diffstat (limited to 'aria2-tracker-update-system.service')
-rw-r--r--aria2-tracker-update-system.service10
1 files changed, 6 insertions, 4 deletions
diff --git a/aria2-tracker-update-system.service b/aria2-tracker-update-system.service
index da539ff4a865..9ea59e38e3f2 100644
--- a/aria2-tracker-update-system.service
+++ b/aria2-tracker-update-system.service
@@ -5,13 +5,15 @@ Wants=network-online.target
[Service]
Type=oneshot
+DynamicUser=yes
+User=aria2cd
ExecStart=/usr/bin/update-aria2-tracker --systemd
-RestartSec=60s
-Restart=on-failure
# Sandboxing
ProtectSystem=strict
+ReadOnlyPaths=/
ReadWritePaths=/etc/aria2cd
-NoExecPaths=/
-ExecPaths=/usr/bin /usr/lib
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
ProtectHome=yes
+ProtectControlGroups=yes
NoNewPrivileges=yes