28 lines
554 B
Desktop File
28 lines
554 B
Desktop File
[Unit]
|
|
Description=Bleh MXW01 helper daemon (root)
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
ExecStart=/usr/local/bin/blehd --socket /run/bleh/blehd.sock --group bleh
|
|
Restart=on-failure
|
|
RestartSec=1
|
|
|
|
RuntimeDirectory=bleh
|
|
RuntimeDirectoryMode=0755
|
|
|
|
# Hardening (still useful even as root)
|
|
NoNewPrivileges=true
|
|
PrivateTmp=true
|
|
ProtectSystem=strict
|
|
ProtectHome=true
|
|
ProtectKernelTunables=true
|
|
ProtectKernelModules=true
|
|
ProtectControlGroups=true
|
|
RestrictSUIDSGID=true
|
|
LockPersonality=true
|
|
MemoryDenyWriteExecute=true
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|