summaryrefslogtreecommitdiff
path: root/random-seed-save.service
diff options
context:
space:
mode:
Diffstat (limited to 'random-seed-save.service')
-rw-r--r--random-seed-save.service16
1 files changed, 16 insertions, 0 deletions
diff --git a/random-seed-save.service b/random-seed-save.service
new file mode 100644
index 0000000..a9858bc
--- /dev/null
+++ b/random-seed-save.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Random seed save
+RequiresMountsFor=@default_seed_path_dir@
+After=systemd-remount-fs.service
+
+[Service]
+ExecStart=@sbindir@/random-seed save
+CapabilityBoundingSet=CAP_SYS_ADMIN
+NoNewPrivileges=yes
+PrivateDevices=yes
+PrivateNetwork=yes
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+LockPersonality=yes
+TemporaryFileSystem=/:ro
+BindPaths=@default_seed_path_dir@
generated by cgit v1.2.3-70-g09d2 (git 2.47.0) at 2024-11-21 16:23:57 +0000