Source cleanups.

author: Alex Xu (Hello71) <alex_y_xu@yahoo.ca> 2018-08-15 13:18:17 -0400
committer: Alex Xu (Hello71) <alex_y_xu@yahoo.ca> 2018-08-15 13:18:17 -0400
commit: 39e07e62f471cbf40503cdc1926da6fef0cc0a3e (patch)
tree: c45259dd22402921f80067864b34d3ab9b258d58 /systemd/random-seed-save.service.in
parent: 8d90ffb43214c390f6921e058a3cb164075ff1c5 (diff)
download: random-seed-39e07e62f471cbf40503cdc1926da6fef0cc0a3e.tar.xz
random-seed-39e07e62f471cbf40503cdc1926da6fef0cc0a3e.zip
1 files changed, 16 insertions, 0 deletions
diff --git a/systemd/random-seed-save.service.in b/systemd/random-seed-save.service.in
new file mode 100644
index 0000000..e70192b
--- /dev/null
+++ b/systemd/random-seed-save.service.in
@@ -0,0 +1,16 @@
+[Unit]
+Description=Random seed save
+RequiresMountsFor=@default_seed_path_dir@
+After=systemd-remount-fs.service
+
+[Service]
+ExecStart=@sbindir@/random-seed save
+CapabilityBoundingSet=
+NoNewPrivileges=yes
+PrivateDevices=yes
+PrivateNetwork=yes
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+LockPersonality=yes
+TemporaryFileSystem=/:ro
+BindPaths=@default_seed_path_dir@
author	Alex Xu (Hello71) <alex_y_xu@yahoo.ca>	2018-08-15 13:18:17 -0400
committer	Alex Xu (Hello71) <alex_y_xu@yahoo.ca>	2018-08-15 13:18:17 -0400
commit	39e07e62f471cbf40503cdc1926da6fef0cc0a3e (patch)
tree	c45259dd22402921f80067864b34d3ab9b258d58 /systemd/random-seed-save.service.in
parent	8d90ffb43214c390f6921e058a3cb164075ff1c5 (diff)
download	random-seed-39e07e62f471cbf40503cdc1926da6fef0cc0a3e.tar.xz random-seed-39e07e62f471cbf40503cdc1926da6fef0cc0a3e.zip