Página inicial Explorar Ajuda
Entrar
mark22k
/
crazytrace
mirror de https://codeberg.org/mark22k/crazytrace.git
Observar 1
Favorito 0
Fork 0
Arquivos Issues 0
Branch: main
Branches Tags
crazytrace
/
systemd
/
crazytrace@.service

crazytrace@.service 910 B
Link permanente Histórico Raw

1234567891011121314151617181920212223242526272829303132333435363738 
  1. [Unit]
    2. 

  2. Description=crazytrace %I
    3. 

  3. Documentation=https://codeberg.org/mark22k/crazytrace
    4. 

  4. 

  5. [Service]
    6. 

  6. RemoveIPC=true
    7. 

  7. DynamicUser=true
    8. 

  8. NoNewPrivileges=true
    9. 

  9. SystemCallArchitectures=native
    10. 

  10. MemoryDenyWriteExecute=true
    11. 

  11. LockPersonality=true
    12. 

  12. RestrictNamespaces=true
    13. 

  13. RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK
    14. 

  14. RestrictRealtime=true
    15. 

  15. ProtectKernelTunables=true
    16. 

  16. ProtectHostname=true
    17. 

  17. ProtectHome=true
    18. 

  18. ProtectProc=ptraceable
    19. 

  19. ProtectSystem=strict
    20. 

  20. ProtectClock=true
    21. 

  21. ProtectKernelLogs=true
    22. 

  22. ProtectControlGroups=true
    23. 

  23. ProtectKernelModules=true
    24. 

  24. PrivateTmp=true
    25. 

  25. ProcSubset=pid
    26. 

  26. SystemCallFilter=~@clock @cpu-emulation @debug @module @mount @obsolete @privileged @raw-io @reboot @resources @swap
    27. 

  27. 

  28. CapabilityBoundingSet=CAP_NET_ADMIN
    29. 

  29. AmbientCapabilities=CAP_NET_ADMIN
    30. 

  30. ConfigurationDirectory=crazytrace
    31. 

  31. 

  32. ExecStart=/usr/bin/crazytrace %E/crazytrace/%i.yaml
    33. 

  33. Restart=on-failue
    34. 

  34. TimeoutStopSec=5
    35. 

  35. 

  36. [Install]
    37. 

  37. WantedBy=multi-user.target
    38. 

  38.