summarylogtreecommitdiffstats
path: root/falco-dkms.service
blob: a7b0385b67d8b9ab6a4388e869051a7f1a48ca43 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
[Unit]
Description=Falco: Cloud Native Runtime Security with kmod
Documentation=https://falco.org/docs/

[Service]
Type=simple
User=root
ExecStart=/usr/bin/falco -o engine.kind=kmod
ExecReload=kill -1 $MAINPID
UMask=0077
TimeoutSec=30
RestartSec=15s
Restart=on-failure
PrivateTmp=true
NoNewPrivileges=yes
ProtectHome=read-only
ProtectSystem=full
ProtectKernelTunables=true
ReadWriteDirectories=/sys/module/falco
RestrictRealtime=true
RestrictAddressFamilies=~AF_PACKET
StandardOutput=null

[Install]
WantedBy=multi-user.target