blob: e963d6dc8ad65f6dea6d70d666f0f9e0b781d1c4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
[Unit]
Description=yadifa nameserver
[Service]
ExecStart=/usr/bin/yadifad
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
[Install]
WantedBy=multi-user.target
[Unit]
Description=YADIFA Domain Name Server
Documentation=man:yadifad(8)
After=network.target
[Service]
Type=simple
ExecStart=/usr/sbin/yadifad --nodaemon
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
CapabilityBoundingSet=CAP_CHOWN CAP_DAC_OVERRIDE CAP_IPC_LOCK CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
ProtectHome=true
ProtectControlGroups=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectSystem=strict
ReadOnlyPaths=/etc/yadifa
ReadWritePaths=/run /var/lib/yadifa /var/log/yadifa
RestrictRealtime=true
[Install]
WantedBy=multi-user.target
|