mirror of
https://github.com/archlinux/aur.git
synced 2026-03-14 23:16:48 +01:00
41 lines
910 B
Desktop File
41 lines
910 B
Desktop File
[Unit]
|
|
Description=Tori Agent
|
|
After=network.target
|
|
Wants=network.target
|
|
|
|
[Service]
|
|
User=tori
|
|
Group=tori
|
|
Type=simple
|
|
WorkingDirectory=/var/lib/tori
|
|
ConfigurationDirectory=tori
|
|
RuntimeDirectory=tori
|
|
LogsDirectory=tori
|
|
StateDirectory=tori
|
|
Environment=USER=tori HOME=/var/lib/tori
|
|
ExecStart=/usr/bin/tori agent -config /etc/tori/config.toml
|
|
Restart=on-failure
|
|
RestartSec=2s
|
|
ReadWritePaths=/var/lib/tori
|
|
LockPersonality=true
|
|
NoNewPrivileges=true
|
|
PrivateDevices=true
|
|
PrivateTmp=true
|
|
PrivateUsers=true
|
|
ProtectClock=true
|
|
ProtectControlGroups=true
|
|
ProtectHome=true
|
|
ProtectKernelModules=true
|
|
ProtectKernelTunables=true
|
|
ProtectProc=invisible
|
|
ProtectSystem=strict
|
|
RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX
|
|
RestrictNamespaces=true
|
|
RestrictRealtime=true
|
|
RestrictSUIDSGID=true
|
|
SystemCallArchitectures=native
|
|
SystemCallFilter=@system-service
|
|
SystemCallErrorNumber=EPERM
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|