blob: 8821f43e5a2783f0a0e0032ce25252390b10a875 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
[Unit]
Description=netconsd - The Netconsole Daemon
Documentation=https://facebookmicrosites.github.io/netconsd
Requires=network-online.target
After=network-online.target nss-lookup.target basic.target
Wants=network-online.target nss-lookup.target
[Service]
User=netconsd
Group=netconsd
WorkingDirectory=/var/log/netconsd
EnvironmentFile=-/etc/conf.d/netconsd
ExecStart=/usr/bin/netconsd $NETCONSD_ARGS
ExecStop=/bin/kill -s SIGTERM $MAINPID
ExecReload=/bin/kill -HUP $MAINPID
SyslogIdentifier=netconsd
NoNewPrivileges=true
PrivateTmp=true
ProtectHome=true
ProtectSystem=full
ProtectHostname=true
ProtectControlGroups=true
ProtectKernelModules=true
ProtectKernelTunables=true
LockPersonality=true
RestrictRealtime=true
RestrictNamespaces=true
MemoryDenyWriteExecute=true
PrivateDevices=true
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
|