diff options
Diffstat (limited to 'ffsync.service')
| -rw-r--r-- | ffsync.service | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/ffsync.service b/ffsync.service index e81326378e20..39d2acc0c97e 100644 --- a/ffsync.service +++ b/ffsync.service @@ -4,11 +4,26 @@ After=network.target [Service] Type=simple +ExecStart=/opt/mozilla-firefox-sync-server/local/bin/gunicorn --paste /opt/mozilla-firefox-sync-server/syncserver.ini +Restart=on-abort + User=ffsync Group=http UMask=007 -Restart=on-abort -ExecStart=/opt/mozilla-firefox-sync-server/local/bin/gunicorn --paste /opt/mozilla-firefox-sync-server/syncserver.ini + +NoNewPrivileges=yes + +PrivateTmp=yes +PrivateDevices=yes + +ProtectSystem=full +ProtectHome=yes + +SystemCallArchitectures=native +SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io + +CapabilityBoundingSet= +AmbientCapabilities= [Install] WantedBy=multi-user.target |