[Unit]
Description=Random seed save
RequiresMountsFor=@default_seed_dir@
After=systemd-remount-fs.service

[Service]
ExecStart=@sbindir@/random-seed save
#CapabilityBoundingSet=
#NoNewPrivileges=yes
#PrivateDevices=yes
#PrivateNetwork=yes
#ProtectKernelTunables=yes
#ProtectKernelModules=yes
#LockPersonality=yes
#TemporaryFileSystem=/:ro
#BindPaths=@default_seed_dir@